jochum
/
homepage
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.15
v1.0.16
v1.0.17
v1.0.18
v1.0.19
v1.0.2
v1.0.20
v1.0.21
v1.0.22
v1.0.23
v1.0.24
v1.0.25
v1.0.26
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.1.10
v1.1.11
v1.1.12
v1.1.13
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v1.2.0
v1.2.1
v1.2.10
v1.2.11
v1.2.12
v1.2.13
v1.2.14
v1.2.15
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.2.8
v1.2.9
v1.3.0
v1.3.1
v1.4.0
v1.4.1
v1.4.10
v1.4.11
v1.4.12
v1.4.13
v1.4.14
v1.4.15
v1.4.16
v1.4.17
v1.4.18
v1.4.19
v1.4.2
v1.4.20
v1.4.21
v1.4.22
v1.4.23
v1.4.24
v1.4.25
v1.4.26
v1.4.27
v1.4.28
v1.4.29
v1.4.3
v1.4.30
v1.4.31
v1.4.32
v1.4.33
v1.4.34
v1.4.35
v1.4.36
v1.4.37
v1.4.38
v1.4.39
v1.4.4
v1.4.40
v1.4.41
v1.4.42
v1.4.43
v1.4.5
v1.4.6
v1.4.7
v1.4.8
v1.4.9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fd0b24e30d'
${ noResults }
homepage/content/post/20230709-traefik.md

4.7 KiB
Raw Blame History

date title author tags
2023-07-09T01:53:00+02:00 Kubernetes/k3s Rancher with Traefik for HTTP/3 - v20230709 jochum
kubernetes
rancher
traefik

A little update to rancher-traefik, this contains the values in it's newest format.

Install with helm

Save this as 2023-traefik-values.yaml and adjust it for your needs:

additionalArguments: []
additionalVolumeMounts: []
affinity: {}
autoscaling:
  enabled: false
certResolvers:
   letsencrypt-prod:
     email: support@jochum.dev
     tlsChallenge: true
     httpChallenge:
       entryPoint: "web"
       # It has to match the path with a persistent volume
     storage: /data/acme.json
commonLabels: {}
deployment:
  additionalContainers: []
  additionalVolumes: []
  annotations: {}
  dnsConfig: {}
  enabled: true
  imagePullSecrets: []
  initContainers: []
  kind: Deployment
  labels: {}
  lifecycle: {}
  minReadySeconds: 0
  podAnnotations: {}
  podLabels: {}
  replicas: 1
  shareProcessNamespace: false
  terminationGracePeriodSeconds: 60
env: []
envFrom: []
experimental:
  kubernetesGateway:
    enabled: false
    gateway:
      enabled: true
  plugins:
    enabled: false
  v3:
    enabled: false
  http3:
    enabled: true
extraObjects: []
globalArguments: []
hostNetwork: false
image:
  pullPolicy: IfNotPresent
  registry: docker.io
  repository: traefik
  tag: v2.10.3
  name: traefik
ingressClass:
  enabled: true
  isDefaultClass: true
ingressRoute:
  dashboard:
    annotations: {}
    enabled: false
    entryPoints:
      - traefik
    labels: {}
    matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
    middlewares: []
    tls: {}
livenessProbe:
  failureThreshold: 3
  initialDelaySeconds: 2
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 2
logs:
  access:
    enabled: true
    fields:
      general:
        defaultmode: keep
        names: {}
      headers:
        defaultmode: drop
        names:
          Content-Type: keep
          RequestLine: keep
          User-Agent: keep
    filters: {}
  general:
    level: ERROR
metrics:
  prometheus:
    entryPoint: metrics
nodeSelector: {}
persistence:
  accessMode: ReadWriteOnce
  annotations: {}
  enabled: true
  name: data
  path: /data
  size: 128Mi
podDisruptionBudget:
  enabled: false
podSecurityContext:
  fsGroupChangePolicy: OnRootMismatch
  runAsGroup: 65532
  runAsNonRoot: true
  runAsUser: 65532
podSecurityPolicy:
  enabled: false
ports:
  metrics:
    expose: false
    exposedPort: 9100
    port: 9100
    protocol: TCP
  traefik:
    expose: false
    exposedPort: 9000
    port: 9000
    protocol: TCP
  web:
    expose: true
    exposedPort: 80
    port: 80
    protocol: TCP
    nodePort: 80
  websecure:
    expose: true
    exposedPort: 443
    nodePort: 443
    http3:
      enabled: true
      advertisedPort: 443
    middlewares: []
    port: 443
    protocol: TCP
    tls:
      certResolver: 'letsencrypt-prod'
      domains: []
      enabled: true
      options: ''
priorityClassName: system-cluster-critical
providers:
  kubernetesCRD:
    allowCrossNamespace: false
    allowEmptyServices: false
    allowExternalNameServices: true
    enabled: true
    namespaces: []
  kubernetesIngress:
    allowEmptyServices: false
    allowExternalNameServices: true
    enabled: true
    namespaces: []
    publishedService:
      enabled: true
rbac:
  enabled: true
  namespaced: false
readinessProbe:
  failureThreshold: 1
  initialDelaySeconds: 2
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 2
resources: {}
securityContext:
  capabilities:
    drop:
      - ALL
  readOnlyRootFilesystem: true
service:
  annotations: {}
  annotationsTCP: {}
  annotationsUDP: {}
  enabled: true
  externalIPs: []
  labels: {}
  loadBalancerSourceRanges: []
  single: true
  spec: {}
  type: NodePort
serviceAccount:
  name: ''
serviceAccountAnnotations: {}
tlsOptions: {}
tlsStore: {}
tolerations:
  - key: CriticalAddonsOnly
    operator: Exists
  - effect: NoSchedule
    key: node-role.kubernetes.io/control-plane
    operator: Exists
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
    operator: Exists
topologySpreadConstraints: []
tracing: {}
updateStrategy:
  rollingUpdate:
    maxSurge: 1
    maxUnavailable: 0
  type: RollingUpdate
volumes: []
forwardedHeaders:
  enabled: true
  trustedIPs:
    - 10.0.0.0/8
global:
  cattle:
    systemDefaultRegistry: ''
    systemProjectId: p-g2j9j
  systemDefaultRegistry: ''
proxyProtocol:
  enabled: true
  trustedIPs:
    - 10.0.0.0/8
ssl:
  enabled: true
  permanentRedirect: true

Then run:

helm uninstall -n kube-system traefik
helm repo update
helm install traefik traefik/traefik -n kube-system -f 2023-traefik-values.yaml