After 2 days to tried to switch from v1.7 to v2.x, read all the documentations of traefik website, search a lots on forums and issues, I've finally make it working with my limited knownledges in kubernetes. So I could may be help by posting here my configuration files.
Before continue, I precise it's may be not the perfect way to do it, and I still have some strange errors in traefik logs, but all seems to works. Any suggestions are welcome !
I've done a little fork of https://github.com/containous/traefik-helm-chart with some improvements ( PVC, ForwaredHeaders / ProxyProtocol options, ACME configuration ... )
Remove old traefik configuration.
$ git clone https://github.com/nox-digital/traefik-helm-chart.git
$ cp traefik-helm-chart/values.yaml my.values.yaml
Update your my.values.yaml file ( at least ACME email address, default CAServer is staging )
$ helm install --name traefik --namespace kube-system --values my.values.yaml traefik-helm-chart
Wait until the IP LoadBalancer address have been created (5 minutes for me):
$ watch kubectl -n kube-system get all
Then, for your applications, here is a sample example for ingress-routes.yaml file:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: {{ template "my-app.fullname" . }}-route-http
labels:
app: {{ template "my-app.fullname" . }}-{{ .Values.http.name }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
entrypoints:
- web
routes:
- match: Host(`{{ .Values.http.subdomain }}hostname.com`, `{{ .Values.http.subdomain }}hostname2.com`, `{{ .Values.http.subdomain }}hostname3.com`, `{{ .Values.http.subdomain }}hostname4.com`)
kind: Rule
services:
- name: {{ template "my-app.fullname" . }}-{{ .Values.http.name }}
port: 80
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: {{ template "my-app.fullname" . }}-route-https
labels:
app: {{ template "my-app.fullname" . }}-{{ .Values.http.name }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
entrypoints:
- websecure
routes:
- match: Host(`{{ .Values.http.subdomain }}hostname.com`, `{{ .Values.http.subdomain }}hostname2.com`, `{{ .Values.http.subdomain }}hostname3.com`, `{{ .Values.http.subdomain }}hostname4.com`)
kind: Rule
services:
- name: {{ template "my-app.fullname" . }}-{{ .Values.http.name }}
port: 80
tls:
options:
name: ""
certResolver: default
On your service, I've set port: 80, targetPort: 8080 (because my application/nginx listen on port 8080)
Hope this could help.