Created
January 5, 2020 03:25
-
-
Save adamveld12/4afd5f78a51ef5c2117f1b3bc0efcd76 to your computer and use it in GitHub Desktop.
traefik setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apiextensions.k8s.io/v1beta1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: ingressroutes.traefik.containo.us | |
spec: | |
group: traefik.containo.us | |
version: v1alpha1 | |
names: | |
kind: IngressRoute | |
plural: ingressroutes | |
singular: ingressroute | |
scope: Namespaced | |
--- | |
apiVersion: apiextensions.k8s.io/v1beta1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: ingressroutetcps.traefik.containo.us | |
spec: | |
group: traefik.containo.us | |
version: v1alpha1 | |
names: | |
kind: IngressRouteTCP | |
plural: ingressroutetcps | |
singular: ingressroutetcp | |
scope: Namespaced | |
--- | |
apiVersion: apiextensions.k8s.io/v1beta1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: middlewares.traefik.containo.us | |
spec: | |
group: traefik.containo.us | |
version: v1alpha1 | |
names: | |
kind: Middleware | |
plural: middlewares | |
singular: middleware | |
scope: Namespaced | |
--- | |
apiVersion: apiextensions.k8s.io/v1beta1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: tlsoptions.traefik.containo.us | |
spec: | |
group: traefik.containo.us | |
version: v1alpha1 | |
names: | |
kind: TLSOption | |
plural: tlsoptions | |
singular: tlsoption | |
scope: Namespaced | |
--- | |
kind: Deployment | |
apiVersion: apps/v1 | |
metadata: | |
namespace: default | |
name: traefik | |
labels: | |
app: traefik | |
spec: | |
replicas: 1 | |
strategy: | |
type: Recreate | |
selector: | |
matchLabels: | |
app: traefik | |
template: | |
metadata: | |
labels: | |
app: traefik | |
spec: | |
serviceAccountName: traefik-ingress-controller | |
hostNetwork: true | |
containers: | |
- name: traefik | |
image: traefik:v2.0 | |
resources: | |
limits: | |
cpu: "128m" | |
memory: "512M" | |
requests: | |
cpu: "128m" | |
memory: "512M" | |
args: | |
- --api.insecure | |
- --accesslog | |
- --accesslog.format=json | |
- --entrypoints.web.Address=:80 | |
- --entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32,10.32.0.0/24,192.168.0.0/24 | |
- --entryPoints.web.proxyProtocol.trustedIPs=127.0.0.1/32,10.32.0.0/24,192.168.0.0/24 | |
- --entrypoints.websecure.Address=:443 | |
- --entryPoints.websecure.forwardedHeaders.trustedIPs=127.0.0.1/32,10.32.0.0/24,192.168.0.0/24 | |
- --entryPoints.websecure.proxyProtocol.trustedIPs=127.0.0.1/32,10.32.0.0/24,192.168.0.0/24 | |
- --entryPoints.websecure.transport.respondingTimeouts.readTimeout=5s | |
- --entryPoints.websecure.transport.respondingTimeouts.writeTimeout=1m | |
- --entryPoints.websecure.transport.respondingTimeouts.idleTimeout=2m | |
- --entryPoints.web.transport.respondingTimeouts.readTimeout=5s | |
- --entryPoints.web.transport.respondingTimeouts.writeTimeout=5s | |
- --entryPoints.web.transport.respondingTimeouts.idleTimeout=5s | |
- --providers.kubernetesingress=true | |
- --providers.kubernetescrd | |
- --certificatesresolvers.default.acme.tlschallenge | |
- --certificatesresolvers.default.acme.email=your@email.com | |
- --certificatesresolvers.default.acme.storage=/storage/acme.json | |
# this is the staging Let's Encrypt server. | |
# Once you get things working, you should remove that whole line altogether. | |
#- --certificatesresolvers.default.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory | |
ports: | |
- name: web | |
containerPort: 80 | |
- name: websecure | |
containerPort: 443 | |
- name: admin | |
containerPort: 8080 | |
volumeMounts: | |
- name: traefik-state-volume | |
mountPath: /storage/ | |
securityContext: | |
allowPrivilegeEscalation: false | |
volumes: | |
- name: traefik-state-volume | |
persistentVolumeClaim: | |
claimName: traefik-state-claim | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: traefik | |
spec: | |
type: LoadBalancer | |
externalTrafficPolicy: Local | |
externalIPs: | |
- 192.168.0.131 | |
ports: | |
- protocol: TCP | |
name: web | |
port: 80 | |
targetPort: 80 | |
- protocol: TCP | |
name: websecure | |
port: 443 | |
targetPort: 443 | |
selector: | |
app: traefik | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: traefik-dashboard | |
spec: | |
externalIPs: | |
- 192.168.0.131 | |
ports: | |
- protocol: TCP | |
name: admin | |
port: 8080 | |
targetPort: 8080 | |
selector: | |
app: traefik |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment