Last active
October 2, 2020 06:44
-
-
Save zeusbaba/6ed5a91274b8b1c41088fddc0923b4ac to your computer and use it in GitHub Desktop.
Helm config for Traefik in DO-k8s
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| image: traefik | |
| imageTag: 1.7.12 | |
| # NB! this creates DO's auto-assigned load balancer | |
| serviceType: LoadBalancer | |
| ## NB! if you don't use LoadBalancer, uncomment this other alternative | |
| #serviceType: NodePort | |
| # floating-ip from DO which you assigned to k8s cluster | |
| #externalIP: 123.123.123.123 | |
| kubernetes: | |
| namespaces: | |
| - default | |
| - kube-system | |
| dashboard: | |
| enabled: true | |
| # NB! use your own domain | |
| domain: k8s.fixme-yourdomain.com | |
| deployment: | |
| podLabels: | |
| appName: catpet-traefik | |
| hostPort: | |
| httpEnabled: true | |
| httpsEnabled: true | |
| dashboardEnabled: true | |
| httpPort: 80 | |
| httpsPort: 443 | |
| dashboardPort: 8080 | |
| metrics: | |
| prometheus: | |
| enabled: true | |
| rbac: | |
| enabled: true | |
| sendAnonymousUsage: true | |
| ssl: | |
| enabled: true | |
| enforced: true | |
| permanentRedirect: true | |
| insecureSkipVerify: true | |
| acme: | |
| enabled: true | |
| email: yg@beerstorm.net | |
| # for testing and validation, you can use staging:true | |
| staging: false | |
| logging: true | |
| domains: | |
| enabled: true | |
| domainList: | |
| # Main domain name of the generated certificate | |
| - main: "*.ulink.no" | |
| # optional list of alternative subject names to give to the certificate | |
| - sans: | |
| - "ulink.no" | |
| # Whether to generate a certificate for each frontend with Host rule | |
| onHostRule: true | |
| challengeType: dns-01 | |
| dnsProvider: | |
| name: digitalocean | |
| existingSecretName: acme-dnsprovider-config | |
| ## Save ACME certs to a persistent volume. | |
| ## WARNING: If you do not do this and you did not have configured | |
| ## a kvprovider, you will re-request certs every time a pod (re-)starts | |
| ## and you WILL be rate limited! | |
| persistence: | |
| enabled: true | |
| #annotations: {} | |
| ## acme data Persistent Volume Storage Class | |
| ## If defined, storageClassName: <storageClass> | |
| ## If set to "-", storageClassName: "", which disables dynamic provisioning | |
| ## If undefined (the default) or set to null, no storageClassName spec is | |
| ## set, choosing the default provisioner. (gp2 on AWS, standard on | |
| ## GKE, AWS & OpenStack) | |
| ## | |
| # storageClass: "-" | |
| accessMode: ReadWriteOnce | |
| size: 1Gi | |
| ## A manually managed Persistent Volume Claim | |
| ## Requires persistence.enabled: true | |
| ## If defined, PVC must be created manually before volume will be bound | |
| ## | |
| # existingClaim: | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment