-
Ubuntu24.04
-
k3s v1.33.5+k3s1 (fab4a5c3)
-
helm v3.19.0
My traefik-values.yaml
# Configure Network Ports and EntryPoints
# EntryPoints are the network listeners for incoming traffic.
image:
tag: "v3.5.4"
ports:
web:
port: 80
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
websecure:
port: 443
tcp:
port: 30000
exposedPort: 30000
protocol: TCP
udp:
port: 40000
exposedPort: 40000
protocol: UDP
api:
dashboard: true
insecure: false
providers:
kubernetesIngress:
enabled: false
kubernetesGateway:
enabled: false
kubernetesCRD:
enabled: true
ingressClass:
enabled: false
gatewayClass:
enabled: false
logs:
general:
level: INFO
access:
enabled: true
metrics:
prometheus:
enabled: true
additionalArguments:
- "--certificatesresolvers.httpresolver.acme.email=admin@example.com"
- "--certificatesresolvers.httpresolver.acme.storage=/data/acme.json"
- "--certificatesresolvers.httpresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.httpresolver.acme.httpchallenge=true"
- "--experimental.plugins.bandwidthlimiter.modulename=github.com/hhftechnology/bandwidthlimiter"
- "--experimental.plugins.bandwidthlimiter.version=v1.0.1"
persistence:
enabled: true
name: data
path: /data
size: 2Gi
#accessMode: ReadWriteMany
storageClass: ""
deployment:
initContainers:
- name: volume-permissions
image: busybox:latest
command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json;"]
volumeMounts:
- mountPath: /data
name: data
podSecurityContext:
fsGroup: 65532
fsGroupChangePolicy: "OnRootMismatch"
And helm install
helm install traefik traefik/traefik --namespace traefik --values traefik-values.yaml
My whoami yaml
---
apiVersion: v1
kind: Namespace
metadata:
name: whoami
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: whoami
namespace: whoami
spec:
replicas: 2
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: traefik/whoami
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: whoami-service
namespace: whoami
spec:
selector:
app: whoami
ports:
- port: 80
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: whoami
namespace: whoami
spec:
entryPoints:
- websecure
routes:
- match: Host(`whoami.example.com`)
kind: Rule
services:
- name: whoami-service
port: 80
tls:
certResolver: httpresolver
And curl whoami.example.com got
Hostname: whoami-64f6cf779d-jnnh9
IP: 127.0.0.1
IP: ::1
IP: 10.0.0.23
IP: fe80::e4a8:c8ff:fe8c:1db3
RemoteAddr: 10.0.0.35:33968
GET / HTTP/1.1
...
X-Forwarded-For: 10.0.0.1
X-Forwarded-Host: whoami.example.com
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Forwarded-Server: traefik-776fc76bd4-lh5l7
X-Real-Ip: 10.0.0.1