move toml to configmap

Dockerfile

@@ -1,3 +0,0 @@
-FROM traefik:v1.7
-
-COPY traefik.toml /etc/traefik/traefik.toml

docker-compose.yaml

@@ -1,6 +0,0 @@
-version: '3'
-
-services:
-  traefik:
-    build: .
-    image: hub.ducoterra.net/ducoterra/traefik:v1.7_2

k8s/configmap.yaml

@@ -0,0 +1,20 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: traefik-external
+  namespace: kube-system
+data:
+  traefik.toml: |
+    # traefik.toml
+    [kubernetes]
+      labelselector = "external"
+      ingressClass = "traefik-external"
+    defaultEntryPoints = ["http","https"]
+    [entryPoints]
+      [entryPoints.http]
+      address = ":9080"
+      [entryPoints.http.redirect]
+      entryPoint = "https"
+      [entryPoints.https]
+      address = ":9443"
+      [entryPoints.https.tls]

k8s/deploy.yaml

@@ -19,13 +19,16 @@ spec:
       serviceAccountName: traefik-external
       terminationGracePeriodSeconds: 60
       containers:
-      - image: hub.ducoterra.net/ducoterra/traefik:v1.7_2
+      - image: traefik:v1.7
         name: traefik-external
         ports:
         - name: http
           containerPort: 9080
         - name: https
           containerPort: 9443
+        volumeMounts:
+        - mountPath: /config-files
+          name: traefik-config
         resources:
           limits:
             memory: "2Gi"
@@ -37,6 +40,8 @@ spec:
         - --api
         - --kubernetes
         - --logLevel=INFO
-        - --defaultentrypoints=http,https
+        - --configFile=/config-files/traefik.toml
-        - --entrypoints=Name:https Address::9443 TLS
+      volumes:
-        - --entrypoints=Name:http Address::9080
+      - name: traefik-config
+        configMap:
+          name: traefik-external

traefik.toml

@@ -1,94 +0,0 @@
-################################################################
-# Kubernetes Ingress Provider
-################################################################
-
-# Enable Kubernetes Ingress Provider.
-[kubernetes]
-
-# Kubernetes server endpoint.
-#
-# Optional for in-cluster configuration, required otherwise.
-# Default: empty
-#
-# endpoint = "http://localhost:8080"
-
-# Bearer token used for the Kubernetes client configuration.
-#
-# Optional
-# Default: empty
-#
-# token = "my token"
-
-# Path to the certificate authority file.
-# Used for the Kubernetes client configuration.
-#
-# Optional
-# Default: empty
-#
-# certAuthFilePath = "/my/ca.crt"
-
-# Array of namespaces to watch.
-#
-# Optional
-# Default: all namespaces (empty array).
-#
-# namespaces = ["default", "production"]
-
-# Ingress label selector to filter Ingress objects that should be processed.
-#
-# Optional
-# Default: empty (process all Ingresses)
-#
-labelselector = "external"
-
-# Value of `kubernetes.io/ingress.class` annotation that identifies Ingress objects to be processed.
-# If the parameter is non-empty, only Ingresses containing an annotation with the same value are processed.
-# Otherwise, Ingresses missing the annotation, having an empty value, or the value `traefik` are processed.
-#
-# Optional
-# Default: empty
-#
-ingressClass = "traefik-external"
-
-# Disable PassHost Headers.
-#
-# Optional
-# Default: false
-#
-# disablePassHostHeaders = true
-
-# Enable PassTLSCert Headers.
-#
-# Optional
-# Default: false
-#
-# enablePassTLSCert = true
-
-# Throttle how frequently we refresh our configuration from Ingresses when there
-# are frequent changes.
-#
-# Optional
-# Default: 0 (no throttling)
-#
-# throttleDuration = 10s
-
-# Override default configuration template.
-#
-# Optional
-# Default: <built-in template>
-#
-# filename = "kubernetes.tmpl"
-
-# Enable IngressEndpoint configuration.
-# This will allow Traefik to update the status section of ingress objects, if desired.
-#
-# Optional
-#
-# [kubernetes.ingressEndpoint]
-#
-# At least one must be configured.
-# `publishedservice` will override the `hostname` and `ip` settings if configured.
-#
-# hostname = "localhost"
-# ip = "127.0.0.1"
-# publishedService = "namespace/servicename"