services/traefik
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

single traefik entrypoint

Browse Source
This commit is contained in:
ducoterra
2020-12-12 22:11:49 -05:00
parent 2852083fef
commit 09c05c356e
8 changed files with 141 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
helm/templates/deploy.yaml
View File

@@ -20,6 +20,7 @@ spec:
- name: traefik
image: {{ .Values.image }}
args:
- --providers.kubernetescrd
- --providers.kubernetescrd.ingressclass={{ .Values.config.ingressclass }}
- --log.level=ERROR
- --accesslog=true
@@ -28,7 +29,6 @@ spec:
- --entrypoints.web.address=:{{ .Values.config.http_port }}
- --entrypoints.websecure.address=:{{ .Values.config.https_port }}
- --entrypoints.websecure.http.tls=true
- --providers.kubernetescrd
{{ if .Values.enable.statsd }}
- --metrics.statsd=true
- --metrics.statsd.address={{ .Values.config.statsd_endpoint }}
@@ -37,16 +37,16 @@ spec:
- --metrics.statsd.prefix={{ .Release.Name }}
{{ end }}
{{ if .Values.enable.dnschallenge }}
- --certificatesresolvers.myresolver.acme.dnschallenge=true
- --certificatesresolvers.myresolver.acme.dnschallenge.provider={{ .Values.config.dnschallenge_provider }}
- --certificatesresolvers.myresolver.acme.email={{ .Values.config.acme_email }}
- --certificatesresolvers.myresolver.acme.storage=/acme/acme.json
- --certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1
- --certificatesresolvers.duconet.acme.dnschallenge=true
- --certificatesresolvers.duconet.acme.dnschallenge.provider={{ .Values.config.dnschallenge_provider }}
- --certificatesresolvers.duconet.acme.email={{ .Values.config.acme_email }}
- --certificatesresolvers.duconet.acme.storage=/acme/acme.json
- --certificatesresolvers.duconet.acme.dnschallenge.resolvers=1.1.1.1
{{ end }}
{{ if .Values.enable.tlschallenge }}
- --certificatesresolvers.myresolver.acme.tlschallenge
- --certificatesresolvers.myresolver.acme.email={{ .Values.config.acme_email }}
- --certificatesresolvers.myresolver.acme.storage=/acme/acme.json
- --certificatesresolvers.duconet.acme.tlschallenge
- --certificatesresolvers.duconet.acme.email={{ .Values.config.acme_email }}
- --certificatesresolvers.duconet.acme.storage=/acme/acme.json
{{ end }}
{{ if .Values.enable.tracing }}
- --tracing=true

28
helm/templates/ingress.yaml
View File

@@ -4,40 +4,18 @@ metadata:
name: {{ .Release.Name }}-tls
namespace: kube-system
annotations:
kubernetes.io/ingress.class: traefik-internal
kubernetes.io/ingress.class: traefik
spec:
entryPoints:
- websecure
tls:
certResolver: myresolver
domains:
- main: "*.ducoterra.net"
certResolver: duconet
routes:
- match: Host(`{{ .Release.Name }}.ducoterra.net`)
kind: Rule
services:
- name: {{ .Release.Name }}-admin
port: 8080
port: {{ .Values.config.admin_port }}
middlewares:
- name: basic-auth
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: {{ .Release.Name }}-web
namespace: kube-system
annotations:
kubernetes.io/ingress.class: traefik-internal
spec:
entryPoints:
- web
routes:
- match: Host(`{{ .Release.Name }}.ducoterra.net`)
kind: Rule
services:
- name: {{ .Release.Name }}-admin
port: 8080
middlewares:
- name: httpsredirect

8
helm/templates/rbac.yaml
View File

@@ -34,6 +34,14 @@ rules:
- ingresses/status
verbs:
- update
- apiGroups:
- networking.k8s.io
resources:
- ingressclasses
verbs:
- get
- list
- watch
- apiGroups:
- traefik.containo.us
resources:

106
helm/templates/resourcedefinition.yaml
View File

@@ -1,106 +0,0 @@
{{ if .Values.install.resourcedefinition }}
# All resources definition must be declared
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressroutes.traefik.containo.us
namespace: kube-system
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRoute
plural: ingressroutes
singular: ingressroute
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: middlewares.traefik.containo.us
namespace: kube-system
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: Middleware
plural: middlewares
singular: middleware
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressroutetcps.traefik.containo.us
namespace: kube-system
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRouteTCP
plural: ingressroutetcps
singular: ingressroutetcp
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressrouteudps.traefik.containo.us
namespace: kube-system
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRouteUDP
plural: ingressrouteudps
singular: ingressrouteudp
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tlsoptions.traefik.containo.us
namespace: kube-system
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TLSOption
plural: tlsoptions
singular: tlsoption
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tlsstores.traefik.containo.us
namespace: kube-system
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TLSStore
plural: tlsstores
singular: tlsstore
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: traefikservices.traefik.containo.us
namespace: kube-system
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TraefikService
plural: traefikservices
singular: traefikservice
scope: Namespaced
{{ end }}