kind: Deployment apiVersion: apps/v1 metadata: namespace: {{ traefik_namespace }} name: traefik labels: app: traefik spec: replicas: {% if traefik_node_selector is defined %}{{ traefik_node_selector|length }}{% else %}1{% endif %} strategy: type: Recreate selector: matchLabels: app: traefik template: metadata: labels: app: traefik spec: serviceAccountName: traefik-ingress-controller containers: - name: traefik image: traefik:{{ traefik_version_2_1 }} args: - --configfile=/config/traefik.yaml # imagePullPolicy: IfNotPresent ports: - name: http containerPort: 80 protocol: TCP hostPort: 80 - name: https containerPort: 443 protocol: TCP hostPort: 443 - name: traefik containerPort: 8080 protocol: TCP hostPort: 8080 readinessProbe: httpGet: path: /ping port: traefik failureThreshold: 1 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 2 livenessProbe: httpGet: path: /ping port: traefik failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 2 securityContext: capabilities: drop: - ALL add: - NET_BIND_SERVICE resources: limits: cpu: {{ traefik_cpu_limit }} memory: {{ traefik_memory_limit }} requests: cpu: 100m memory: 20Mi volumeMounts: - mountPath: /config name: config {% if traefik_node_selector is defined %} nodeSelector: flaminem.com/entrypoint: traefik {% endif %} dnsPolicy: ClusterFirst {% if my_context == "flamykube" %} hostNetwork: true {% else %} hostNetwork: false {% endif %} restartPolicy: Always terminationGracePeriodSeconds: 1 tolerations: - effect: NoSchedule operator: Exists volumes: - configMap: defaultMode: 420 name: traefik name: config