Last active
July 17, 2019 07:48
-
-
Save fhuitelec/3d812557fde44f7e1a70a25317a05d0a to your computer and use it in GitHub Desktop.
Medium - Traefik as an ingress controller on minikube with kustomize & helm
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Cf. https://github.com/helm/charts/blob/master/stable/traefik/values.yaml | |
| rbac: | |
| enabled: true | |
| dashboard: | |
| enabled: true | |
| domain: traefik.local.minikube.com | |
| serviceType: NodePort | |
| serviceType: NodePort |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pre-requisite: | |
| # - You have minikube with kubernetes > 1.14 up & running | |
| # - You have setup tiller on minikube | |
| # - You **don't** have enabled the minikube ingress addon | |
| # - You have kubectl > 1.14 | |
| # We need to have a copy of the helm chart locally | |
| helm fetch --untar --untardir chart 'stable/traefik' | |
| # We then export the template as native Kurbenetes resources | |
| helm template \ | |
| --namespace kube-system \ | |
| --values 0--values.yaml \ | |
| --name traefik-ingress-controller \ | |
| helm/traefik/chart/traefik > traefik-helm-template.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is where the magic happens ✨ | |
| apiVersion: kustomize.config.k8s.io/v1beta1 | |
| kind: Kustomization | |
| resources: | |
| - traefik-helm-template.yaml | |
| patches: | |
| - minikube-ingress-controller-patch.yaml | |
| patchesJson6902: | |
| - target: | |
| group: apps | |
| version: v1 | |
| kind: Deployment | |
| name: traefik-ingress-controller | |
| path: delete-useless-fields.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This file will add hostPorts and NET_BIND_SERVICE Security Context Capability | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: traefik-ingress-controller | |
| spec: | |
| template: | |
| spec: | |
| containers: | |
| - name: traefik-ingress-controller | |
| ports: | |
| - containerPort: 80 | |
| hostPort: 80 | |
| - containerPort: 8880 | |
| hostPort: 8880 | |
| - containerPort: 443 | |
| hostPort: 443 | |
| - containerPort: 8080 | |
| hostPort: 8080 | |
| securityContext: | |
| capabilities: | |
| drop: | |
| - ALL | |
| add: | |
| - NET_BIND_SERVICE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Cf. https://kubectl.docs.kubernetes.io/pages/app_customization/customizing_arbitrary_fields.html | |
| # This path deletes fields that we don't need using "patchesJson6902" | |
| # The syntax is not intuitive but the proposed standard (https://tools.ietf.org/html/rfc6902) is enough to get things done | |
| # This operation removes the port 8880 (index 1) | |
| - op: remove | |
| path: /spec/template/spec/containers/0/ports/1 | |
| # Careful: each operation is done sequentially so you have | |
| # to take into account the operations before to determine | |
| # how to manipulate paths | |
| # In our example we wanted to delete the port 8080 below (index 3) | |
| # but its the index has changed since the index 1 has been deleted above | |
| - op: remove | |
| path: /spec/template/spec/containers/0/ports/2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Everything is setup, we will now apply the base helm chart | |
| # and the patches we declare in our kustomization.yaml | |
| kubectl apply --kustomize . |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment