maxneuvians/yaml

## yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    k8s-app: traefik-ingress-lb
  name: traefik-ingress-controller
  annotations:
    flux.weave.works/automated: "true"
  namespace: kube-system
spec:
  template:
    metadata:
      labels:
        k8s-app: traefik-ingress-lb
    spec:
      containers:
        - args:
            - --kubernetes
            - --logLevel=DEBUG
            - --debug
            - --defaultentrypoints=http,https
            - --entrypoints=Name:http Address::80 Redirect.EntryPoint:https Compress:true
            - --entrypoints=Name:https Address::443 TLS Compress:true TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS.SniStrict:true
            - --acme
            - --acme.onhostrule
            - --acme.entrypoint=https
            - --acme.domains=racontez-nous.cds-snc.ca,tell-us.cds-snc.ca
            - --acme.email=mike.williamson@cds-snc.ca
            - --acme.storage=/certs/acme.json
            - --acme.httpchallenge
            - --acme.httpchallenge.entrypoint=http
            - --tracing=true
          image: traefik:1.7
          name: traefik-ingress-lb
          ports:
            - containerPort: 80
              hostPort: 80
              name: http
            - containerPort: 443
              hostPort: 443
              name: https
          securityContext:
            capabilities:
              add:
                - NET_BIND_SERVICE
              drop:
                - ALL
          volumeMounts:
            - mountPath: /certs
              name: certs-claim
      serviceAccountName: traefik-ingress-controller
      terminationGracePeriodSeconds: 60
      volumes:
        - name: certs-claim
          persistentVolumeClaim:
            claimName: certs-claim
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	labels:
	k8s-app: traefik-ingress-lb
	name: traefik-ingress-controller
	annotations:
	flux.weave.works/automated: "true"
	namespace: kube-system
	spec:
	template:
	metadata:
	labels:
	k8s-app: traefik-ingress-lb
	spec:
	containers:
	- args:
	- --kubernetes
	- --logLevel=DEBUG
	- --debug
	- --defaultentrypoints=http,https
	- --entrypoints=Name:http Address::80 Redirect.EntryPoint:https Compress:true
	- --entrypoints=Name:https Address::443 TLS Compress:true TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS.SniStrict:true
	- --acme
	- --acme.onhostrule
	- --acme.entrypoint=https
	- --acme.domains=racontez-nous.cds-snc.ca,tell-us.cds-snc.ca
	- --acme.email=mike.williamson@cds-snc.ca
	- --acme.storage=/certs/acme.json
	- --acme.httpchallenge
	- --acme.httpchallenge.entrypoint=http
	- --tracing=true
	image: traefik:1.7
	name: traefik-ingress-lb
	ports:
	- containerPort: 80
	hostPort: 80
	name: http
	- containerPort: 443
	hostPort: 443
	name: https
	securityContext:
	capabilities:
	add:
	- NET_BIND_SERVICE
	drop:
	- ALL
	volumeMounts:
	- mountPath: /certs
	name: certs-claim
	serviceAccountName: traefik-ingress-controller
	terminationGracePeriodSeconds: 60
	volumes:
	- name: certs-claim
	persistentVolumeClaim:
	claimName: certs-claim