Traefik2 Kubernetes example config
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
labels: | |
app: traefik | |
name: traefik | |
namespace: default | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: traefik | |
strategy: | |
rollingUpdate: | |
maxSurge: 1 | |
maxUnavailable: 1 | |
type: RollingUpdate | |
template: | |
metadata: | |
annotations: | |
prometheus.io/port: "8888" | |
prometheus.io/scrape: "true" | |
labels: | |
app: traefik | |
spec: | |
containers: | |
- args: | |
- --accesslog | |
- --entrypoints.web.address=:8000 | |
- --entrypoints.websecure.address=:4443 | |
- --entrypoints.metrics.address=:8888 | |
- --api.dashboard=true | |
- --providers.kubernetescrd | |
- --certificatesresolvers.default.acme.email=root@mydomain.tld | |
- --certificatesresolvers.default.acme.storage=/data/acme.json | |
- --certificatesResolvers.default.acme.dnsChallenge.provider=gandiv5 | |
- --certificatesResolvers.default.acme.dnsChallenge.delayBeforeCheck=5 | |
- --metrics.prometheus=true | |
- --metrics.prometheus.entryPoint=metrics | |
- --tracing=true | |
- --tracing.jaeger=true | |
- --tracing.jaeger.localAgentHostPort=jaeger-agent:6831 | |
- --tracing.jaeger.samplingParam=1 | |
- --tracing.jaeger.samplingType=const | |
- --tracing.jaeger.propagation=b3 | |
env: | |
- name: GANDIV5_API_KEY | |
valueFrom: | |
secretKeyRef: | |
key: secret | |
name: gandi-secret | |
image: traefik:v2.0.1 | |
imagePullPolicy: IfNotPresent | |
name: traefik | |
ports: | |
- containerPort: 8000 | |
name: web | |
protocol: TCP | |
- containerPort: 4443 | |
name: websecure | |
protocol: TCP | |
- containerPort: 8080 | |
name: admin | |
protocol: TCP | |
- containerPort: 8888 | |
name: metrics | |
protocol: TCP | |
volumeMounts: | |
- mountPath: /data | |
name: storage-volume | |
restartPolicy: Always | |
volumes: | |
- name: storage-volume | |
persistentVolumeClaim: | |
claimName: traefik-acme-storage | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: traefik-admin | |
spec: | |
ports: | |
- port: 8080 | |
name: admin | |
targetPort: admin | |
selector: | |
app: traefik | |
--- | |
apiVersion: traefik.containo.us/v1alpha1 | |
kind: Middleware | |
metadata: | |
name: admin-auth | |
spec: | |
basicAuth: | |
secret: admin-authsecret | |
--- | |
apiVersion: traefik.containo.us/v1alpha1 | |
kind: IngressRoute | |
metadata: | |
name: traefik-ingress | |
namespace: default | |
spec: | |
entryPoints: | |
- websecure | |
routes: | |
- match: Host(`traefik.mydomain.tld`) | |
middlewares: | |
- name: admin-auth | |
kind: Rule | |
services: | |
- name: traefik-admin | |
port: 8080 | |
tls: | |
certResolver: default | |
--- | |
apiVersion: traefik.containo.us/v1alpha1 | |
kind: IngressRoute | |
metadata: | |
name: grafana-ingress | |
namespace: default | |
spec: | |
entryPoints: | |
- web | |
routes: | |
- match: Host(`grafana.mydomain.tld`) | |
kind: Rule | |
middlewares: | |
- name: admin-auth | |
services: | |
- name: grafana | |
port: 80 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment