imfreedom/k8s-cluster

Add the new traefik ingress controller

2020-02-11, Gary Kramlich
6579a55ddcba
Parents 0cbdee570c16
Children 708511a129a4
Add the new traefik ingress controller
1 files changed, 240 insertions(+), 0 deletions(-)
  • +240 -0
    20-ingress.yaml
    • --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/20-ingress.yaml Tue Feb 11 02:42:49 2020 -0600
    @@ -0,0 +1,240 @@
    +---
    +apiVersion: apiextensions.k8s.io/v1beta1
    +kind: CustomResourceDefinition
    +metadata:
    + name: ingressroutes.traefik.containo.us
    +spec:
    + group: traefik.containo.us
    + version: v1alpha1
    + names:
    + kind: IngressRoute
    + plural: ingressroutes
    + singular: ingressroute
    + scope: Namespaced
    +---
    +apiVersion: apiextensions.k8s.io/v1beta1
    +kind: CustomResourceDefinition
    +metadata:
    + name: ingressroutetcps.traefik.containo.us
    +spec:
    + group: traefik.containo.us
    + version: v1alpha1
    + names:
    + kind: IngressRouteTCP
    + plural: ingressroutetcps
    + singular: ingressroutetcp
    + scope: Namespaced
    +---
    +apiVersion: apiextensions.k8s.io/v1beta1
    +kind: CustomResourceDefinition
    +metadata:
    + name: middlewares.traefik.containo.us
    +spec:
    + group: traefik.containo.us
    + version: v1alpha1
    + names:
    + kind: Middleware
    + plural: middlewares
    + singular: middleware
    + scope: Namespaced
    +---
    +apiVersion: apiextensions.k8s.io/v1beta1
    +kind: CustomResourceDefinition
    +metadata:
    + name: tlsoptions.traefik.containo.us
    +spec:
    + group: traefik.containo.us
    + version: v1alpha1
    + names:
    + kind: TLSOption
    + plural: tlsoptions
    + singular: tlsoption
    + scope: Namespaced
    +---
    +apiVersion: apiextensions.k8s.io/v1beta1
    +kind: CustomResourceDefinition
    +metadata:
    + name: traefikservices.traefik.containo.us
    +spec:
    + group: traefik.containo.us
    + version: v1alpha1
    + names:
    + kind: TraefikService
    + plural: traefikservices
    + singular: traefikservice
    + scope: Namespaced
    +---
    +apiVersion: v1
    +kind: ServiceAccount
    +metadata:
    + name: traefik-service-account
    + namespace: kube-public
    + labels:
    + app: traefik
    + role: controller
    +---
    +kind: ClusterRole
    +apiVersion: rbac.authorization.k8s.io/v1
    +metadata:
    + name: traefik-cluster-role
    + labels:
    + app: traefik
    + role: controller
    +rules:
    + - apiGroups:
    + - ""
    + resources:
    + - pods
    + - services
    + - endpoints
    + - secrets
    + verbs:
    + - get
    + - list
    + - watch
    + - apiGroups:
    + - extensions
    + resources:
    + - ingresses
    + verbs:
    + - get
    + - list
    + - watch
    + - apiGroups:
    + - networking.k8s.io
    + resources:
    + - ingresses
    + verbs:
    + - get
    + - list
    + - watch
    + - apiGroups:
    + - extensions
    + resources:
    + - ingresses/status
    + verbs:
    + - update
    + - apiGroups:
    + - traefik.containo.us
    + resources:
    + - ingressroutes
    + - ingressroutetcps
    + - middlewares
    + - tlsoptions
    + - traefikservices
    + verbs:
    + - get
    + - list
    + - watch
    +---
    +apiVersion: rbac.authorization.k8s.io/v1
    +kind: ClusterRoleBinding
    +metadata:
    + name: traefik-cluster-role-binding
    + labels:
    + app: traefik
    + role: controller
    +roleRef:
    + apiGroup: rbac.authorization.k8s.io
    + kind: ClusterRole
    + name: traefik-cluster-role
    +subjects:
    + - kind: ServiceAccount
    + name: traefik-service-account
    + namespace: kube-public
    +---
    +apiVersion: apps/v1
    +kind: Deployment
    +metadata:
    + name: traefik
    + namespace: kube-public
    + labels:
    + app: traefik
    + role: controller
    +spec:
    + replicas: 2
    + selector:
    + matchLabels:
    + app: traefik
    + role: controller
    + template:
    + metadata:
    + labels:
    + app: traefik
    + role: controller
    + spec:
    + affinity:
    + podAntiAffinity:
    + preferredDuringSchedulingIgnoredDuringExecution:
    + - podAffinityTerm:
    + labelSelector:
    + matchExpressions:
    + - key: app
    + operator: In
    + values:
    + - traefik
    + - key: role
    + operator: In
    + values:
    + - controller
    + topologyKey: failure-domain.beta.kubernetes.io/region
    + weight: 100
    + serviceAccountName: traefik-service-account
    + containers:
    + - name: traefik-ingress-controller
    + image: docker.io/traefik:v2.1.4
    + args:
    + - "--global.checknewversion=false"
    + - "--global.sendanonymoususage=false"
    + - "--api.dashboard=true"
    + - "--api.insecure=true"
    + - "--ping=true"
    + - "--providers.kubernetescrd=true"
    + - "--providers.kubernetesingress=true"
    + - "--metrics.prometheus=true"
    + - "--log.level=error"
    + - "--entryPoints.traefik.address=:9000"
    + - "--entryPoints.https.address=:8443"
    + - "--entryPoints.http.address=:8080"
    + - "--entryPoints.keep-ssh.address=:22222"
    + - "--entryPoints.xmpp-c2s.address=:5222"
    + - "--entryPoints.xmpp-s2s.address=:5269"
    + readinessProbe:
    + httpGet:
    + path: /ping
    + port: 9000
    + failureThreshold: 1
    + initialDelaySeconds: 10
    + periodSeconds: 10
    + successThreshold: 1
    + timeoutSeconds: 2
    + livenessProbe:
    + httpGet:
    + path: /ping
    + port: 9000
    + failureThreshold: 3
    + initialDelaySeconds: 10
    + periodSeconds: 10
    + successThreshold: 1
    + timeoutSeconds: 2
    + ports:
    + - name: traefik
    + containerPort: 9000
    + - name: keep-ssh
    + containerPort: 22222
    + - name: http
    + containerPort: 8080
    + - name: https
    + containerPort: 8443
    + - name: xmpp-c2s
    + containerPort: 5222
    + - name: xmpp-s2s
    + containerPort: 5269
    + resources:
    + limits:
    + cpu: 300m
    + memory: 150Mi
    + requests:
    + cpu: 100m
    + memory: 50Mi
    +---