Hello,
Is it possible to group the traefik ingress route by namespaces. I have a kubernetes cluster which three namespaces de,qa,staging and have ingressRoutes in each namespace.
I'd like to see the ingressRoutes grouped by namespaces
Hi @ekjuanrejon , this is not easily possible, as it would be against Kubernetes security model. Please check this reference for explanation from some Kubernetes maintainers: https://github.com/kubernetes/kubernetes/issues/17088 (it speaks about "ingress" / "service", but "IngressRoute" follows the same concepts).
Technically, you could define in your "namespace for ingresses" a set of Kubernetes services of type "externalName", which would reference the services from your namespaces by following the DNS convention. Such cross-namespace traffic is working if you allows it at Kubernetes level, depending on your security rules (or if you have no security at all 
)
It would look like this:
- Namespace
stagingwhich contains your application deployment with a Kubernetes Service of typeClusterIPnamedwebapp, which selectors points to the deployment. - Namespaces
qaanddewith exactly the same setup (same deployment and service name). - Namespace
ingresswhich contains the "IngressRoute" objects, AND the "externalName" Kubernetes Services. The 3 "externalName" services should point respectively towebapp.staging.svc.cluster.local(adapt the naming to your cluster of course),webapp.qa.svc.cluster.localandwebapp.de.svc.cluster.local
+------------------------------------+ +----------------------------------+
| ingress (namespace) | | traefik (namespace) |
| | | |
+-----------------------------------------+ | +----------------------------+ | | |
| staging (namespace) | | | | | | +-----------------------+ |
| | | | IngressRoute | | | | | |
| +---------------+ +-----------+ | | | "staging" | | | | Deployment | |
| | | | Service | | | | +---------------<-----------------+ "traefik" | |
| | Deployment <------+ "webapp" | | | | | | | | | | |
| | "webapp" | | | | | | | | | | | | |
| +---------------+ +-----+-----+ | | | | | | | | | |
| ^ | | +----------------------------+ | | | | |
| | | | | | | +----------^------------+ |
+-----------------------------------------+ | +-------------v--------------+ | | | |
| | | | | | | |
| | | Service "externalName" | | | | |
| | | "staging" | | | | |
| | | | | | +---------+------------+ |
| | | | | | | | |
+--------------------------+ | | | | Service "traefik" | |
| | | | | | (LoadBalancer | |
webapp.staging.svc.cluser.local | | | | or NodePort) | |
| +----------------------------+ | | | | |
| | | +---------+------------+ |
| | | ^ |
| | | | |
| | +----------------------------------+
| | |
| | |
| | |
| | |
| | +-------+-----------+
| | | |
| | | External User |
| | | |
| | | |
| | +-------------------+
+------------------------------------+