imfreedom/k8s-cluster
Clone
Summary
Browse
Changes
Graph
Add the new traefik ingress controller
2020-02-11, Gary Kramlich
6579a55ddcba
Parents
0cbdee570c16
Children
708511a129a4
Add the new traefik ingress controller
1 files changed, 240 insertions(+), 0 deletions(-)
+240
-0
20-ingress.yaml
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/20-ingress.yaml Tue Feb 11 02:42:49 2020 -0600
@@ -0,0 +1,240 @@
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: ingressroutes.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ version: v1alpha1
+ names:
+ kind: IngressRoute
+ plural: ingressroutes
+ singular: ingressroute
+ scope: Namespaced
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: ingressroutetcps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ version: v1alpha1
+ names:
+ kind: IngressRouteTCP
+ plural: ingressroutetcps
+ singular: ingressroutetcp
+ scope: Namespaced
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: middlewares.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ version: v1alpha1
+ names:
+ kind: Middleware
+ plural: middlewares
+ singular: middleware
+ scope: Namespaced
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: tlsoptions.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ version: v1alpha1
+ names:
+ kind: TLSOption
+ plural: tlsoptions
+ singular: tlsoption
+ scope: Namespaced
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: traefikservices.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ version: v1alpha1
+ names:
+ kind: TraefikService
+ plural: traefikservices
+ singular: traefikservice
+ scope: Namespaced
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: traefik-service-account
+ namespace: kube-public
+ labels:
+ app: traefik
+ role: controller
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: traefik-cluster-role
+ labels:
+ app: traefik
+ role: controller
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - pods
+ - services
+ - endpoints
+ - secrets
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - extensions
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - extensions
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+ - apiGroups:
+ - traefik.containo.us
+ resources:
+ - ingressroutes
+ - ingressroutetcps
+ - middlewares
+ - tlsoptions
+ - traefikservices
+ verbs:
+ - get
+ - list
+ - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: traefik-cluster-role-binding
+ labels:
+ app: traefik
+ role: controller
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: traefik-cluster-role
+subjects:
+ - kind: ServiceAccount
+ name: traefik-service-account
+ namespace: kube-public
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: traefik
+ namespace: kube-public
+ labels:
+ app: traefik
+ role: controller
+spec:
+ replicas: 2
+ selector:
+ matchLabels:
+ app: traefik
+ role: controller
+ template:
+ metadata:
+ labels:
+ app: traefik
+ role: controller
+ spec:
+ affinity:
+ podAntiAffinity:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ - podAffinityTerm:
+ labelSelector:
+ matchExpressions:
+ - key: app
+ operator: In
+ values:
+ - traefik
+ - key: role
+ operator: In
+ values:
+ - controller
+ topologyKey: failure-domain.beta.kubernetes.io/region
+ weight: 100
+ serviceAccountName: traefik-service-account
+ containers:
+ - name: traefik-ingress-controller
+ image: docker.io/traefik:v2.1.4
+ args:
+ - "--global.checknewversion=false"
+ - "--global.sendanonymoususage=false"
+ - "--api.dashboard=true"
+ - "--api.insecure=true"
+ - "--ping=true"
+ - "--providers.kubernetescrd=true"
+ - "--providers.kubernetesingress=true"
+ - "--metrics.prometheus=true"
+ - "--log.level=error"
+ - "--entryPoints.traefik.address=:9000"
+ - "--entryPoints.https.address=:8443"
+ - "--entryPoints.http.address=:8080"
+ - "--entryPoints.keep-ssh.address=:22222"
+ - "--entryPoints.xmpp-c2s.address=:5222"
+ - "--entryPoints.xmpp-s2s.address=:5269"
+ readinessProbe:
+ httpGet:
+ path: /ping
+ port: 9000
+ failureThreshold: 1
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 2
+ livenessProbe:
+ httpGet:
+ path: /ping
+ port: 9000
+ failureThreshold: 3
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 2
+ ports:
+ - name: traefik
+ containerPort: 9000
+ - name: keep-ssh
+ containerPort: 22222
+ - name: http
+ containerPort: 8080
+ - name: https
+ containerPort: 8443
+ - name: xmpp-c2s
+ containerPort: 5222
+ - name: xmpp-s2s
+ containerPort: 5269
+ resources:
+ limits:
+ cpu: 300m
+ memory: 150Mi
+ requests:
+ cpu: 100m
+ memory: 50Mi
+---