| {{- $ingress := .Values.ingress -}} |
| {{- if $ingress.enabled }} |
| apiVersion: {{ template "apiVersion" . }} |
| kind: Deployment |
| metadata: |
| name: {{ template "traefik.name" . }} |
| namespace: {{ template "ingress.namespace" . }} |
| spec: |
| replicas: {{ .Values.ingress.replicas }} |
| selector: |
| matchLabels: |
| {{- include "traefik.labels" . | nindent 6 }} |
| strategy: |
| {{- toYaml $ingress.strategy | nindent 4 }} |
| template: |
| metadata: |
| labels: |
| {{- include "traefik.labels" . | nindent 8 }} |
| annotations: |
| {{- include "traefik.annotations" . | nindent 8 }} |
| spec: |
| serviceAccountName: {{ template "traefik.name" }} |
| containers: |
| - name: traefik |
| image: {{ $ingress.image.registry }}:{{ $ingress.image.tag }} |
| imagePullPolicy: {{ $ingress.image.pullPolicy }} |
| resources: |
| {{- toYaml $ingress.resources | nindent 10 }} |
| readinessProbe: |
| {{- toYaml $ingress.readinessProbe | nindent 10 }} |
| livenessProbe: |
| {{- toYaml $ingress.livenessProbe | nindent 10 }} |
| ports: |
| - name: metrics |
| containerPort: {{ template "traefik.metrics.containerPort" . }} |
| hostPort: {{ template "traefik.metrics.hostPort" . }} |
| protocol: TCP |
| - name: traefik |
| containerPort: {{ template "traefik.traefik.containerPort" . }} |
| protocol: TCP |
| - name: web |
| containerPort: {{ template "traefik.web.containerPort" . }} |
| hostPort: {{ template "traefik.web.hostPort" . }} |
| protocol: TCP |
| - name: websecure |
| containerPort: {{ template "traefik.websecure.containerPort" . }} |
| hostPort: {{ template "traefik.websecure.hostPort" . }} |
| protocol: TCP |
| securityContext: |
| {{- toYaml $ingress.containersecurityContext | nindent 10 }} |
| volumeMounts: |
| - name: data |
| mountPath: /data |
| - name: tmp |
| mountPath: /tmp |
| args: |
| - "--global.checknewversion" |
| - "--global.sendanonymoususage" |
| - "--entrypoints.metrics.address=:9100/tcp" |
| - "--entrypoints.traefik.address=:9000/tcp" |
| - "--entrypoints.web.address=:8000/tcp" |
| - "--entrypoints.websecure.address=:8443/tcp" |
| - "--api.dashboard=true" |
| - "--ping=true" |
| - "--metrics.prometheus=true" |
| - "--metrics.prometheus.entrypoint=metrics" |
| - "--providers.kubernetescrd" |
| - "--providers.kubernetescrd.allowCrossNamespace=true" |
| - "--providers.kubernetescrd.allowExternalNameServices=true" |
| - "--providers.kubernetesingress" |
| - "--providers.kubernetesingress.allowExternalNameServices=true" |
| - "--entrypoints.websecure.http.tls=true" |
| - "--log.level=DEBUG" |
| - "--accesslog=true" |
| - "--accesslog.fields.defaultmode=keep" |
| - "--accesslog.fields.headers.defaultmode=drop" |
| volumes: |
| - name: data |
| emptyDir: {} |
| - name: tmp |
| emptyDir: {} |
| nodeSelector: |
| {{- toYaml $ingress.nodeSelector | nindent 8 }} |
| securityContext: |
| {{- toYaml $ingress.securityContext | nindent 8 }} |
| {{- end -}} |