configure traefik annotations
ci / build (push) Waiting to run Details

This commit is contained in:
CJ_Clippy 2024-06-20 22:19:55 -08:00
parent cfd91bdb9d
commit e9f0171f2c
3 changed files with 3 additions and 129 deletions

View File

@ -30,7 +30,7 @@ spec:
kubernetes.io/ingress.class: "traefik" kubernetes.io/ingress.class: "traefik"
traefik.ingress.kubernetes.io/router.priority: "4" traefik.ingress.kubernetes.io/router.priority: "4"
traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.tls: "true"
traefik.ingress.kubernetes.io/router.tls.domains.0.main: podyinfo.sbtp.xyz traefik.ingress.kubernetes.io/router.tls.domains.0.main: podinfo.sbtp.xyz
traefik.ingress.kubernetes.io/router.entrypoints: http traefik.ingress.kubernetes.io/router.entrypoints: http
traefik.ingress.kubernetes.io/service.nativelb: podinfo traefik.ingress.kubernetes.io/service.nativelb: podinfo
cert-manager.io/cluster-issuer: "letsencrypt" cert-manager.io/cluster-issuer: "letsencrypt"
@ -40,7 +40,6 @@ spec:
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
tls: tls:
- secretName: podinfo-tls - secretName: podinfo-tls
hosts: hosts:

View File

@ -64,6 +64,8 @@ metadata:
name: next name: next
namespace: futureporn namespace: futureporn
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: http
traefik.ingress.kubernetes.io/router.tls: true
kubernetes.io/ingress.class: traefik kubernetes.io/ingress.class: traefik
cert-manager.io/cluster-issuer: "{{ .Values.next.certIssuer }}" cert-manager.io/cluster-issuer: "{{ .Values.next.certIssuer }}"
spec: spec:

View File

@ -1,127 +0,0 @@
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
namespace: kube-system
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: traefik-ingress-controller
namespace: kube-system
labels:
k8s-app: traefik-ingress-lb
spec:
selector:
matchLabels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 60
containers:
- image: traefik:v1.7
name: traefik-ingress-lb
ports:
- name: http
containerPort: 80
hostPort: 80
- name: admin
containerPort: 8080
hostPort: 8080
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
args:
- --api
- --kubernetes
- --logLevel=INFO
---
kind: Service
apiVersion: v1
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- protocol: TCP
port: 80
name: web
- protocol: TCP
port: 8080
name: admin
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
rules:
- host: traefik-ui.minikube
http:
paths:
- path: /
backend:
serviceName: traefik-web-ui
servicePort: web