From 18e8eaf11f4b9b9c3f95ae2def9560fb9d532960 Mon Sep 17 00:00:00 2001 From: Mans Ziesel Date: Sun, 22 Sep 2024 11:52:27 +0200 Subject: [PATCH] initial traefik setup --- .../metallb-application.yaml | 20 +++++++ .../traefik-application.yaml | 20 +++++++ application-manifests/whoami-application.yaml | 20 +++++++ guestbook/guestbook-ui-deployment.yaml | 20 ------- guestbook/guestbook-ui-svc.yaml | 12 ---- traefik/base/000-namespace.yaml | 4 ++ traefik/base/001-cluster-role.yaml | 57 +++++++++++++++++++ traefik/base/001-role-binding.yaml | 13 +++++ traefik/base/002-service-account.yaml | 4 ++ traefik/base/003-traefik-services.yaml | 27 +++++++++ traefik/base/003-traefik.yaml | 29 ++++++++++ traefik/kustomization.yaml | 12 ++++ traefik/traefik.yaml | 0 whoami/whoami-ingress.yaml | 16 ++++++ whoami/whoami-svc.yaml | 13 +++++ 15 files changed, 235 insertions(+), 32 deletions(-) create mode 100644 application-manifests/metallb-application.yaml create mode 100644 application-manifests/traefik-application.yaml create mode 100644 application-manifests/whoami-application.yaml delete mode 100644 guestbook/guestbook-ui-deployment.yaml delete mode 100644 guestbook/guestbook-ui-svc.yaml create mode 100644 traefik/base/000-namespace.yaml create mode 100644 traefik/base/001-cluster-role.yaml create mode 100644 traefik/base/001-role-binding.yaml create mode 100644 traefik/base/002-service-account.yaml create mode 100644 traefik/base/003-traefik-services.yaml create mode 100644 traefik/base/003-traefik.yaml create mode 100644 traefik/kustomization.yaml delete mode 100644 traefik/traefik.yaml create mode 100644 whoami/whoami-ingress.yaml diff --git a/application-manifests/metallb-application.yaml b/application-manifests/metallb-application.yaml new file mode 100644 index 0000000..d456f64 --- /dev/null +++ b/application-manifests/metallb-application.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argo-app-metallb + namespace: argocd +spec: + destination: + name: '' + namespace: default + server: https://kubernetes.default.svc + source: + path: metallb + repoURL: https://git.mziesel.nl/mans/argocd-test + targetRevision: HEAD + sources: [] + project: default + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/application-manifests/traefik-application.yaml b/application-manifests/traefik-application.yaml new file mode 100644 index 0000000..281594e --- /dev/null +++ b/application-manifests/traefik-application.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argo-app-traefik + namespace: argocd +spec: + destination: + name: '' + namespace: default + server: https://kubernetes.default.svc + source: + path: traefik + repoURL: https://git.mziesel.nl/mans/argocd-test + targetRevision: HEAD + sources: [] + project: default + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/application-manifests/whoami-application.yaml b/application-manifests/whoami-application.yaml new file mode 100644 index 0000000..699b10c --- /dev/null +++ b/application-manifests/whoami-application.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argo-app-whoami + namespace: argocd +spec: + destination: + name: '' + namespace: default + server: https://kubernetes.default.svc + source: + path: whoami + repoURL: https://git.mziesel.nl/mans/argocd-test + targetRevision: HEAD + sources: [] + project: default + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/guestbook/guestbook-ui-deployment.yaml b/guestbook/guestbook-ui-deployment.yaml deleted file mode 100644 index 4469000..0000000 --- a/guestbook/guestbook-ui-deployment.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: guestbook-ui -spec: - replicas: 3 - revisionHistoryLimit: 3 - selector: - matchLabels: - app: guestbook-ui - template: - metadata: - labels: - app: guestbook-ui - spec: - containers: - - image: gcr.io/heptio-images/ks-guestbook-demo:0.2 - name: guestbook-ui - ports: - - containerPort: 80 diff --git a/guestbook/guestbook-ui-svc.yaml b/guestbook/guestbook-ui-svc.yaml deleted file mode 100644 index 736eb73..0000000 --- a/guestbook/guestbook-ui-svc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: guestbook-ui -spec: - type: NodePort - ports: - - port: 80 - targetPort: 80 - nodePort: 31337 - selector: - app: guestbook-ui diff --git a/traefik/base/000-namespace.yaml b/traefik/base/000-namespace.yaml new file mode 100644 index 0000000..c088a91 --- /dev/null +++ b/traefik/base/000-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: traefik diff --git a/traefik/base/001-cluster-role.yaml b/traefik/base/001-cluster-role.yaml new file mode 100644 index 0000000..2794687 --- /dev/null +++ b/traefik/base/001-cluster-role.yaml @@ -0,0 +1,57 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: traefik-role + +rules: + - apiGroups: + - "" + resources: + - services + - secrets + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - traefik.io + resources: + - middlewares + - middlewaretcps + - ingressroutes + - traefikservices + - ingressroutetcps + - ingressrouteudps + - tlsoptions + - tlsstores + - serverstransports + - serverstransporttcps + verbs: + - get + - list + - watch diff --git a/traefik/base/001-role-binding.yaml b/traefik/base/001-role-binding.yaml new file mode 100644 index 0000000..ea193bb --- /dev/null +++ b/traefik/base/001-role-binding.yaml @@ -0,0 +1,13 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: traefik-role-binding + +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: traefik-role +subjects: + - kind: ServiceAccount + name: traefik-account + namespace: traefik diff --git a/traefik/base/002-service-account.yaml b/traefik/base/002-service-account.yaml new file mode 100644 index 0000000..566d892 --- /dev/null +++ b/traefik/base/002-service-account.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: traefik-account diff --git a/traefik/base/003-traefik-services.yaml b/traefik/base/003-traefik-services.yaml new file mode 100644 index 0000000..f4b644f --- /dev/null +++ b/traefik/base/003-traefik-services.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Service +metadata: + name: traefik-dashboard-service + namespace: traefik + +spec: + type: LoadBalancer + ports: + - port: 8080 + targetPort: dashboard + selector: + app: traefik +--- +apiVersion: v1 +kind: Service +metadata: + name: traefik-web-service + namespace: traefik + +spec: + type: LoadBalancer + ports: + - targetPort: web + port: 80 + selector: + app: traefik diff --git a/traefik/base/003-traefik.yaml b/traefik/base/003-traefik.yaml new file mode 100644 index 0000000..5d63099 --- /dev/null +++ b/traefik/base/003-traefik.yaml @@ -0,0 +1,29 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: traefik-deployment + labels: + app: traefik + +spec: + replicas: 3 + selector: + matchLabels: + app: traefik + template: + metadata: + labels: + app: traefik + spec: + serviceAccountName: traefik-account + containers: + - name: traefik + image: traefik:v3.1 + args: + - --api.insecure + - --providers.kubernetesingress + ports: + - name: web + containerPort: 80 + - name: dashboard + containerPort: 8080 diff --git a/traefik/kustomization.yaml b/traefik/kustomization.yaml new file mode 100644 index 0000000..772fa8d --- /dev/null +++ b/traefik/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: kube-system + +resources: +- ./base/000-namespace.yaml +- ./base/001-role-binding.yaml +- ./base/001-cluster-role.yaml +- ./base/002-service-account.yaml +- ./base/003-traefik.yaml +- ./base/003-traefik-services.yaml diff --git a/traefik/traefik.yaml b/traefik/traefik.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/whoami/whoami-ingress.yaml b/whoami/whoami-ingress.yaml new file mode 100644 index 0000000..2ddd2ea --- /dev/null +++ b/whoami/whoami-ingress.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: whoami-ingress + namespace: traefik +spec: + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: whoami + port: + name: web diff --git a/whoami/whoami-svc.yaml b/whoami/whoami-svc.yaml index 0fadce0..82f1a64 100644 --- a/whoami/whoami-svc.yaml +++ b/whoami/whoami-svc.yaml @@ -24,3 +24,16 @@ spec: targetPort: 80 selector: app: whoami +--- +apiVersion: v1 +kind: Service +metadata: + name: whoami-traefik + namespace: whoami +spec: + ports: + - name: web + port: 80 + targetPort: 80 + selector: + app: whoami