Support DaemonSet in Helm

ShakataGaNai · September 9, 2020, 10:29pm

Reposting from GitHub https://github.com/containous/traefik-helm-chart/pull/56#issuecomment-689853926

This is extremely disappointing to see the Traefik team refusing to support a valid deployment strategy that was used previously to great effect. If you're going make the helm chart highly opinionated then it should only be provided along with the standard YAML as part of the install documentation https://docs.traefik.io/getting-started/install-traefik/.

In my use case I ran Traefik 1.x in DaemonSet because, gasp, there are some people who DON'T run in the cloud. I don't have load balancers in front of my servers. Instead I provide load balancing via DNS RR. I need those hosts to all be running Traefik with 100% guarantee. The correct way to assure one and exactly one copy of a pod is running on every host is a DaemonSet. This is not my opinion, it's in the official docs. Anti-Affinity hacks are not the recommended solution, DaemonSet is. Oh and since I'm aware I can't have LetsEncrypt on multiple nodes, I run CertManager. As it was previously recommended. It's not rocket science.

It used to be easier to get all this running in Traefik 1.x, now 2.x has obscured setups behind helm charts and made it a huge effort in order to even figure out what the correct "default" configuration is, let alone customize it.

zespri · September 10, 2020, 4:47am

Hey, running it as daemon set in v2 works exactly the same as it used to in v1. Since this is not going to be supported in helm chart, you can relatively easily set it up manually - I've done that before.

You just need to examine the final manifests that get applied in both cases, and port v1 DaemonSet to v2. It does work. And IMO it's not a biggy.

If you need help, post what's does not seem to work and I'll have a look.

ShakataGaNai · September 10, 2020, 5:17am

I'm working on it, dealing with RBAC issues between v1 and v2 which I may ask about if I can't figure out.

However if it works exactly the same, why reject a PR for someone who did the work to support it in the helm chart? It's clear that people want to use DaemonSet (and are using DaemonSet), enough that someone went through the effort of PR'ing a helm chart.

zespri · September 10, 2020, 7:05am

HA LE won't work obviously, but you are not using it. I mean that from your perspective as a user of CertManager there will be no changes.

Topic		Replies	Views
Traeffik 2 as demonset , is it possible or having any disadvange? Traefik v2 (latest) kubernetes-ingress	1	910	June 3, 2020
Traefik V2 and Helm Traefik v2 (latest) kubernetes-ingress	0	410	July 28, 2021
Prometheus Metrics and Traefik in daemonset mode Traefik v2 (latest) kubernetes-ingress , metrics	0	149	November 23, 2023
Basic helm chart cli usage and ingress example with let's encrypt Traefik v2 (latest) kubernetes-ingress	9	942	February 23, 2022
Adding ReadinessGate & preStop to Traefik Helm Chart Traefik v2 (latest) kubernetes-crd , kubernetes-ingress	1	514	March 21, 2022

Support DaemonSet in Helm

Related Topics