Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Traefik CRD Terraform problem
terraform {
required_providers {
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.7.1"
}
}
required_version = ">= 1.0"
}
provider "kubernetes" {
config_path = "~/.kube/config"
}
resource "kubernetes_manifest" "ingress_route" {
manifest = {
apiVersion = "apiextensions.k8s.io/v1"
kind = "CustomResourceDefinition"
metadata = {
name = "ingressroutes.traefik.containo.us"
}
spec = {
group = "traefik.containo.us"
names = {
kind = "IngressRoute"
plural = "ingressroutes"
singular = "ingressroute"
}
scope = "Namespaced"
versions = [
{
name = "v1alpha1"
served = true
storage = true
schema = {
openAPIV3Schema = {
type = "object"
properties = {
spec = {
type = "object"
properties = {
routes = {
type = "array"
items = {
type = "object"
required = ["match", "kind"]
properties = {
match = {
type = "string"
}
kind = {
type = "string"
enum = ["Rule"]
}
priority = {
type = "integer"
}
services = {
type = "array"
items = {
type = "object"
required = ["name", "port"]
properties = {
name = {
type = "string"
}
kind = {
type = "string"
enum = ["Service", "TraefikService"]
}
namespace = {
type = "string"
}
sticky = {
type = "object"
properties = {
cookie = {
type = "object"
properties = {
name = {
type = "string"
}
secure = {
type = "boolean"
}
httpOnly = {
type = "boolean"
}
sameSite = {
type = "string"
enum = ["None", "Lax", "Strict"]
}
}
}
}
}
port = {
x-kubernetes-int-or-string = true
pattern = "^[1-9]\\d*$"
}
scheme = {
type = "string"
enum = ["http", "https", "h2c"]
}
strategy = {
type = "string"
enum = ["RoundRobin"]
}
passHostHeader = {
type = "boolean"
}
responseForwarding = {
type = "object"
properties = {
flushInterval = {
type = "string"
}
}
}
weight = {
type = "integer"
}
}
}
}
middlewares = {
type = "array"
items = {
type = "object"
required = ["name", "namespace"]
properties = {
name = {
type = "string"
}
namespace = {
type = "string"
}
}
}
}
}
}
}
entryPoints = {
type = "array"
items = {
type = "string"
}
}
tls = {
type = "object"
properties = {
secretName = {
type = "string"
}
options = {
type = "object"
required = ["name", "namespace"]
properties = {
name = {
type = "string"
}
namespace = {
type = "string"
}
}
}
store = {
type = "object"
required = ["name", "namespace"]
properties = {
name = {
type = "string"
}
namespace = {
type = "string"
}
}
}
certResolver = {
type = "string"
}
domains = {
type = "array"
items = {
type = "object"
properties = {
main = {
type = "string"
}
sans = {
type = "array"
items = {
type = "string"
}
}
}
}
}
}
}
}
}
}
}
}
}
]
}
}
}
resource "kubernetes_manifest" "my-http" {
count = 0
manifest = {
apiVersion = "traefik.containo.us/v1alpha1"
kind = "IngressRoute"
metadata = {
name = "my-http"
namespace = "default"
}
spec = {
entryPoints = ["websecure"]
routes = [
{
kind = "Rule"
match = "Host(`localhost`) && PathPrefix(`/auth`) "
services = [
{
name = "my-http-service"
port = 80
namespace = "default"
}
]
}
]
tls = {
certResolver = "default"
}
}
}
depends_on = [
kubernetes_manifest.ingress_route
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment