feat(helm-traefik): Setting up Traefik using Helm-chart

2025-11-01 18:37:52 +00:00 · 2022-10-01 14:36:48 +02:00
parent 482f35c139
commit 107f1fc700
5 changed files with 100 additions and 91 deletions
--- a/QUICKSTART.md
+++ b/QUICKSTART.md
@@ -43,7 +43,7 @@ kubectl apply -f metallb/00-manifest.yml
 ## Configure MetalLB
 ```shell
-kubectl apply -f metallb/02-configration.yml
+kubectl apply -f metallb/01-configuration.yml
 ```
 # Traefik
--- a/main.tf
+++ b/main.tf
@@ -30,22 +30,21 @@ provider "helm" {
 #  version    = "1.11.5"
 #}
-#resource "kubernetes_namespace" "traefik" {
+resource "kubernetes_namespace" "traefik" {
-#  metadata {
+  metadata {
-#    name = "traefik"
+    name = "traefik-system"
-#  }
+  }
-#}
+}
-#
+
-#resource "helm_release" "traefik" {
+resource "helm_release" "traefik" {
-#  name = "traefik"
+  name = "traefik"
-#
+
-#  repository = "https://helm.traefik.io/traefik"
+  repository = "https://helm.traefik.io/traefik"
-#  chart      = "traefik"
+  chart      = "traefik"
-#  namespace  = "traefik"
+  namespace  = "traefik"
-#  version    = "10.20.0"
+  version    = "10.20.0"
-#
+}
-#}
+
 #
 #resource "kubernetes_service" "traefik" {
 #  metadata {
 #    name      = "traefik"
@@ -66,58 +65,59 @@ provider "helm" {
 #  }
 #}
-resource "kubernetes_namespace" "test" {
+//resource "kubernetes_namespace" "test" {
-  metadata {
+//  metadata {
-    name = "nginx"
+//    name = "nginx"
-  }
+//  }
-}
+//}
 //
 //resource "kubernetes_service" "test" {
 //  metadata {
 //    name      = "nginx"
 //    namespace = kubernetes_namespace.test.metadata.0.name
 //  }
 //  spec {
 //    selector = {
 //      app = kubernetes_deployment.test.spec.0.template.0.metadata.0.labels.app
 //    }
 //
 //    type = "LoadBalancer"
 //    port {
 //      protocol    = "TCP"
 //      port        = 80
 //      target_port = 80
 //    }
 //  }
 //}
 //
 //resource "kubernetes_deployment" "test" {
 //  metadata {
 //    name      = "nginx"
 //    namespace = kubernetes_namespace.test.metadata.0.name
 //  }
 //  spec {
 //    replicas = 2
 //    selector {
 //      match_labels = {
 //        app = "MyTestApp"
 //      }
 //    }
 //    template {
 //      metadata {
 //        labels = {
 //          app = "MyTestApp"
 //        }
 //      }
 //      spec {
 //        container {
 //          image = "nginx"
 //          name  = "nginx-container"
 //          port {
 //            container_port = 80
 //          }
 //        }
 //      }
 //    }
 //  }
 //}
 resource "kubernetes_deployment" "test" {
  metadata {
    name      = "nginx"
    namespace = kubernetes_namespace.test.metadata.0.name
  }
  spec {
    replicas = 2
    selector {
      match_labels = {
        app = "MyTestApp"
      }
    }
    template {
      metadata {
        labels = {
          app = "MyTestApp"
        }
      }
      spec {
        container {
          image = "nginx"
          name  = "nginx-container"
          port {
            container_port = 80
          }
        }
      }
    }
  }
 }
 resource "kubernetes_service" "test" {
  metadata {
    name      = "nginx"
    namespace = kubernetes_namespace.test.metadata.0.name
  }
  spec {
    selector = {
      app = kubernetes_deployment.test.spec.0.template.0.metadata.0.labels.app
    }
    type = "LoadBalancer"
    port {
      protocol    = "TCP"
      port        = 80
      target_port = 80
    }
  }
 }
--- a/traefik/03-deployment.yml
+++ b/traefik/03-deployment.yml
@@ -31,7 +31,7 @@ spec:
            - --api.insecure
            - --accesslog
            - --entrypoints.web.Address=:8000
-            - --entrypoints.websecure.Address=:4443
+            - --entrypoints.websecure.Address=:8443
            - --providers.kubernetescrd
            - --certificatesresolvers.myresolver.acme.tlschallenge
            - --certificatesresolvers.myresolver.acme.email=veghag@gmail.com
@@ -43,6 +43,6 @@ spec:
            - name: web
              containerPort: 8000
            - name: websecure
-              containerPort: 4443
+              containerPort: 8443
            - name: admin
              containerPort: 8080
--- a/traefik/custom-values.yaml
+++ b/traefik/custom-values.yaml
@@ -0,0 +1,9 @@
 # File custom-values.yml
 ## Install with "helm install --values=traefik/custom-values.yml traefik traefik/traefik
 additionalArguments:
  - "--log.level=DEBUG"
  - "--api.insecure"
  - "--accesslog"
  - "--certificatesresolvers.myresolver.acme.tlschallenge"
  - "--certificatesresolvers.myresolver.acme.email=veghag@gmail.com"
  - "--certificatesresolvers.myresolver.acme.storage=acme.json"
--- a/whoami/00-whoami.yml
+++ b/whoami/00-whoami.yml
@@ -41,23 +41,6 @@ spec:
            - name: web
              containerPort: 80
 ---
 # IngressRoute for insecure whoami address
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
  name: simpleingressroute
  namespace: default
 spec:
  entryPoints:
    - web
  routes:
    - match: Host(`test.ratatoskr.myddns.rocks`) && PathPrefix(`/notls`)
      kind: Rule
      services:
        - name: whoami
          port: 80
 ---
 # IngressRoute for secure whoami address
 apiVersion: traefik.containo.us/v1alpha1
@@ -69,10 +52,27 @@ spec:
  entryPoints:
    - websecure
  routes:
-    - match: Host(`test.ratatoskr.myddns.rocks`) && PathPrefix(`/tls`)
+    - match: Host(`whoami.ratatoskr.myddns.rocks`)
      kind: Rule
      services:
        - name: whoami
          port: 80
  tls:
    certResolver: myresolver
 ---
 ## IngressRoute for insecure whoami address
 #apiVersion: traefik.containo.us/v1alpha1
 #kind: IngressRoute
 #metadata:
 #  name: simpleingressroute
 #  namespace: default
 #spec:
 #  entryPoints:
 #    - web
 #  routes:
 #    - match: Host(`test.ratatoskr.myddns.rocks`) && PathPrefix(`/notls`)
 #      kind: Rule
 #      services:
 #        - name: whoami
 #          port: 80