Johannestegner/_txt

## _txt
This is a bit simplified, so don't copy this straight of, it's just an example.
The important parts is to show that the LB service exposes port 443 and 80 and selects the `traefik` daemonset.

When a request is sent in through the loadbalancer (LB machine will send request straight to the service), the ingress controller will handle the request
it then looks for a service which an ingress resource points to and forward the request to that one.

So, LB => Ingress => App

Doing it this way will make it so that when you expose a service to the internet, you will always go through the ingress controller
rather than exposing a new service as a LB each time.

Further, the ingress controller can handle things like TLS Termination and certificate serving (via cert-manager and similar) which is very helpful.

## traefik.yml
apiVersion: v1
kind: Service
metadata:
  name: traefik
  namespace: core
spec:
  type: LoadBalancer
  ports:
    - protocol: TCP
      name: web
      targetPort: 30080
      port: 80
    - protocol: TCP
      name: websecure
      targetPort: 30443
      port: 443
  selector:
    app: traefik
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: traefik
  namespace: core
  labels:
    app: traefik
spec:
  selector:
    matchLabels:
      app: traefik
  template:
    metadata:
      labels:
        app: traefik
    spec:
      containers:
        - name: traefik
          image: 'traefik:v2.10'
          args:
            - <ALOT OF ARGUMENTS HERE>
          ports:
            - name: web
              containerPort: 30080
              protocol: TCP
            - name: websecure
              containerPort: 30443
              protocol: TCP
          imagePullPolicy: IfNotPresent
          securityContext:
              drop:
                - ALL
            privileged: true
      restartPolicy: Always
      serviceAccountName: traefik-ingress-controller
	This is a bit simplified, so don't copy this straight of, it's just an example.
	The important parts is to show that the LB service exposes port 443 and 80 and selects the `traefik` daemonset.

	When a request is sent in through the loadbalancer (LB machine will send request straight to the service), the ingress controller will handle the request
	it then looks for a service which an ingress resource points to and forward the request to that one.

	So, LB => Ingress => App

	Doing it this way will make it so that when you expose a service to the internet, you will always go through the ingress controller
	rather than exposing a new service as a LB each time.

	Further, the ingress controller can handle things like TLS Termination and certificate serving (via cert-manager and similar) which is very helpful.
	apiVersion: v1
	kind: Service
	metadata:
	name: traefik
	namespace: core
	spec:
	type: LoadBalancer
	ports:
	- protocol: TCP
	name: web
	targetPort: 30080
	port: 80
	- protocol: TCP
	name: websecure
	targetPort: 30443
	port: 443
	selector:
	app: traefik
	---
	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	name: traefik
	namespace: core
	labels:
	app: traefik
	spec:
	selector:
	matchLabels:
	app: traefik
	template:
	metadata:
	labels:
	app: traefik
	spec:
	containers:
	- name: traefik
	image: 'traefik:v2.10'
	args:
	- <ALOT OF ARGUMENTS HERE>
	ports:
	- name: web
	containerPort: 30080
	protocol: TCP
	- name: websecure
	containerPort: 30443
	protocol: TCP
	imagePullPolicy: IfNotPresent
	securityContext:
	drop:
	- ALL
	privileged: true
	restartPolicy: Always
	serviceAccountName: traefik-ingress-controller