128 lines
2.9 KiB
YAML
128 lines
2.9 KiB
YAML
#
|
|
# Configure the deployment
|
|
#
|
|
deployment:
|
|
enabled: true
|
|
# Can be either Deployment or DaemonSet
|
|
kind: Deployment
|
|
# Number of pods of the deployment (only applies when kind == Deployment)
|
|
replicas: 1
|
|
|
|
# Additional volumes available for use with initContainers and additionalContainers
|
|
additionalVolumes:
|
|
- name: certs
|
|
persistentVolumeClaim:
|
|
claimName: certs
|
|
- name: traefik-config
|
|
configMap:
|
|
name: traefik-config
|
|
|
|
|
|
# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
|
|
ingressClass:
|
|
# true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
|
|
enabled: true
|
|
isDefaultClass: true
|
|
# Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
|
|
fallbackApiVersion: ""
|
|
|
|
# Activate Pilot integration
|
|
pilot:
|
|
enabled: false
|
|
token: ""
|
|
# Toggle Pilot Dashboard
|
|
# dashboard: false
|
|
|
|
# Enable experimental featureskdes+
|
|
experimental:
|
|
http3:
|
|
enabled: false
|
|
# plugins:
|
|
# enabled: false
|
|
|
|
kubernetesGateway:
|
|
enabled: false
|
|
# certificate:
|
|
# group: "core"
|
|
# kind: "Secret"
|
|
# name: "mysecret"
|
|
# By default, Gateway would be created to the Namespace you are deploying Traefik to.
|
|
# You may create that Gateway in another namespace, setting its name below:
|
|
# namespace: default
|
|
|
|
# Create an IngressRoute for the dashboard
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: false
|
|
|
|
|
|
#
|
|
# Configure providers
|
|
#
|
|
providers:
|
|
kubernetesCRD:
|
|
enabled: true
|
|
allowCrossNamespace: false
|
|
allowExternalNameServices: true
|
|
kubernetesIngress:
|
|
enabled: true
|
|
allowExternalNameServices: true
|
|
ingressClass: traefik
|
|
# labelSelector: environment=production,method=traefik
|
|
|
|
|
|
|
|
# Additional volumeMounts to add to the Traefik container
|
|
additionalVolumeMounts:
|
|
- name: certs
|
|
# claimName: traefik-certificate
|
|
mountPath: /certs
|
|
- name: traefik-config
|
|
mountPath: /config
|
|
|
|
|
|
additionalArguments:
|
|
- "--configfile=/config/traefik.toml"
|
|
|
|
|
|
# Environment variables to be passed to Traefik's binary
|
|
env:
|
|
- name: TZ
|
|
value: "Europe/Berlin"
|
|
|
|
|
|
|
|
# Configure ports
|
|
ports:
|
|
# add a new one, the other ones are kept the same.
|
|
dnsovertls:
|
|
port: 8853
|
|
expose:
|
|
default: true
|
|
exposedPort: 853
|
|
protocol: TCP
|
|
|
|
|
|
|
|
tlsOptions: {}
|
|
|
|
# Options for the main traefik service, where the entrypoints traffic comes
|
|
# from.
|
|
service:
|
|
enabled: true
|
|
type: LoadBalancer
|
|
# Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config)
|
|
annotations: {}
|
|
# Additional annotations for TCP service only
|
|
annotationsTCP: {}
|
|
# Additional annotations for UDP service only
|
|
annotationsUDP: {}
|
|
# Additional service labels (e.g. for filtering Service by custom labels)
|
|
labels: {}
|
|
# Additional entries here will be added to the service spec.
|
|
# Cannot contain type, selector or ports entries.
|
|
spec:
|
|
# externalTrafficPolicy: Local
|
|
loadBalancerIP: 192.168.3.1
|
|
|