Best practices regarding namespace to deploy the Traefik V2

Hello there,

I'm currently migrating from Traefik V1.7 to V2.2.0. I use traefik to handle ingress in my GKE cluster, with multiple namespaces all served by the same instance traefik.

I followed mostly the " Traefik & CRD & Let's Encrypt" guide from the official docs. I noticed that the traefik deployment does not happen in the kube-system namespace anymore (the examples use the default namespace). Since I need to server traffic to pods from multiple namespaces, I tweaked the examples to deploy in kube-system (e.g., I had to move the ServiceAccount to kube-system and specify the namespace of the target service in all of my IngressRoutes).

My question are:

  • what were the reason behind moving out of kube-system for V2?
  • is it considered good practice to still deploy to kube-system or should I create a "traefik" namespace? What is the recommended approach here?

Thank you and keep up the great work!

Hi Romain,

I have traefik running in my cluster in the namespace traefik-ingress without any issues to route traffic to my services in several different namespaces. I like to keep service isolated by namespace to make more simple to indetify, search, debug and so forth.

Feel free to deploy traefik in any namespace of your choice, just keep in mind traefik you "discovery" your services via IngressRoute and/or Ingress object.

All the best