diff --git a/templates/traefik-cm.yml.j2 b/templates/traefik-cm.yml.j2 index f68996c..4e4c154 100644 --- a/templates/traefik-cm.yml.j2 +++ b/templates/traefik-cm.yml.j2 @@ -119,6 +119,6 @@ data: plugins: sablier: moduleName: github.com/acouvreur/sablier - version: v1.7.0 + version: v1.8.0 {% endif %} {% endif %} diff --git a/templates/traefik-helm-value.yaml.j2 b/templates/traefik-helm-value.yaml.j2 index c1d6b71..84df520 100644 --- a/templates/traefik-helm-value.yaml.j2 +++ b/templates/traefik-helm-value.yaml.j2 @@ -146,7 +146,7 @@ experimental: plugins: sablier: moduleName: "github.com/acouvreur/sablier" - version: "v1.7.0" + version: "v1.8.0" {% endif %} kubernetesGateway: enabled: false diff --git a/templates/traefik-ondemand-plugin.yml.j2 b/templates/traefik-ondemand-plugin.yml.j2 index 0a0aba5..87ce24b 100644 --- a/templates/traefik-ondemand-plugin.yml.j2 +++ b/templates/traefik-ondemand-plugin.yml.j2 @@ -3,23 +3,27 @@ kind: Deployment metadata: name: sablier labels: - app: sablier + app.kubernetes.io/name: sablier spec: replicas: 1 selector: matchLabels: - app: sablier + app.kubernetes.io/name: sablier template: metadata: labels: - app: sablier + app.kubernetes.io/name: sablier spec: serviceAccountName: sablier serviceAccount: sablier containers: - name: sablier - image: acouvreur/sablier:1.7.0 - args: ["start", "--provider.name=kubernetes", "--storage.file=/dev/shm/state.json"] + image: acouvreur/sablier:1.8.0 + args: + - "start" + - "--provider.name=kubernetes" + - "--server.port=10000" + - "--storage.file=/dev/shm/state.json" ports: - containerPort: 10000 securityContext: @@ -41,7 +45,7 @@ metadata: name: sablier spec: selector: - app: sablier + app.kubernetes.io/name: sablier ports: - protocol: TCP port: 10000 @@ -63,27 +67,15 @@ rules: - "" resources: - deployments -# - deployments/scale + - deployments/scale - statefulsets -# - statefulsets/scale + - statefulsets/scale verbs: - patch # Scale up and down - get # Retrieve info about specific dep - update # Scale up and down - list # Events - watch # Events - - apiGroups: - - apps - - "" - resources: - - deployments/scale - - statefulsets/scale - verbs: - - patch # Scale up and down - - update # Scale up and down - - get # Retrieve info about specific dep - - list # Events - - watch # Events--- --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -97,6 +89,24 @@ subjects: - kind: ServiceAccount name: sablier namespace: {{ traefik_namespace }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-traefik-to-sablier +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: sablier + ingress: + - ports: + - port: 10000 + from: + - podSelector: + matchLabels: + app.kubernetes.io/name: traefik + policyTypes: + - Ingress #--- #apiVersion: traefik.io/v1alpha1 #kind: Middleware @@ -104,11 +114,13 @@ subjects: # name: ondemand #spec: # plugin: -# group: default +# names: toto # Comma separated names of containers/services/deployments etc. +# group: default # Group name to use to filter by label, ignored if names is set # dynamic: -# displayName: My Title -# refreshFrequency: 5s -# showDetails: "true" -# theme: hacker-terminal -# sablierUrl: http://sablier.{{ traefik_namespace }}:10000 -# sessionDuration: 1m +# displayName: My Title # (Optional) Defaults to the middleware name +# refreshFrequency: 5s # (Optional) The loading page refresh frequency +# showDetails: "true" # (Optional) Set to true or false to show details specifcally for this middleware, unset to use Sablier server defaults +# theme: hacker-terminal # (Optional) The theme to use +# sablierUrl: http://sablier.{{ traefik_namespace }}:10000 # The sablier URL service, must be reachable from the Traefik instance +# sessionDuration: 1m # The session duration after which containers/services/deployments instances are shutdown +