# https://github.com/traefik/traefik-helm-chart/blob/master/traefik/values.yaml {% if traefik_version is defined %} image: tag: "{{ traefik_version }}" {% endif %} #fullnameOverride: "{{ my_context }}" additionalArguments: - --configFile=/etc/traefik/traefik.yaml #podSecurityPolicy: # enabled: true service: type: {{ traefik_service_type }} {% if traefik_external_ips is defined %} externalIPs: {% for external_ip in traefik_external_ips %} - {{ external_ip }} {% endfor %} {% endif %} ingressRoute: dashboard: enabled: false podDisruptionBudget: enabled: true minAvailable: 1 ingressClass: enabled: true isDefaultClass: true {% if false %} autoscaling: enabled: true minReplicas: 1 maxReplicas: 10 metrics: - type: Resource resource: name: cpu targetAverageUtilization: 60 - type: Resource resource: name: memory targetAverageUtilization: 60 {% endif %} {% if traefik_service_type == "NodePort" or (traefik_hostport is defined and traefik_hostport == true) or traefik_hub_token is defined %} ports: {% if traefik_service_type == "NodePort" or (traefik_hostport is defined and traefik_hostport == true) %} web: # redirectTo: websecure {% if traefik_hostport is defined and traefik_hostport == true %} hostPort: 80 {% endif %} {% if traefik_service_type == "NodePort" %} nodePort: 80 {% endif %} websecure: {% if traefik_hostport is defined and traefik_hostport == true %} hostPort: 443 {% endif %} {% if traefik_service_type == "NodePort" %} nodePort: 443 {% endif %} http3: enabled: true advertisedPort: 443 # tls: # enabled: true # options: default {% endif %} {% if traefik_hub_token is defined %} traefikhub-tunl: port: 9901 expose: true exposedPort: 9901 protocol: "TCP" {% endif %} {% endif %} volumes: - mountPath: /etc/traefik name: traefik-conf type: configMap - mountPath: /etc/traefik/file name: traefik-files type: configMap - mountPath: /etc/traefik/basic-auth name: basic-auth type: secret deployment: {% if traefik_hostport is defined and traefik_hostport == true %} kind: DaemonSet {% else %} replicas: 1 {% endif %} revisionHistoryLimit: 3 # podAnnotations: # prometheus.io/port: '9100' # prometheus.io/scrape: 'true' # prometheus.io/path: "/metrics" {% if traefik_hostport is defined and traefik_hostport == true %} updateStrategy: type: OnDelete {% endif %} metrics: prometheus: service: enabled: true serviceMonitor: metricRelabelings: [] # # - sourceLabels: [__name__] # # separator: ; # # regex: ^fluentd_output_status_buffer_(oldest|newest)_.+ # # replacement: $1 # # action: drop relabelings: [] # # - sourceLabels: [__meta_kubernetes_pod_node_name] # # separator: ; # # regex: ^(.*)$ # # targetLabel: nodename # # replacement: $1 # # action: replace # jobLabel: traefik # interval: 30s # honorLabels: true # # (Optional) # # scrapeTimeout: 5s # # honorTimestamps: true # # enableHttp2: true # # followRedirects: true # # additionalLabels: # # foo: bar # # namespace: "another-namespace" # # namespaceSelector: {} # prometheusRule: # additionalLabels: {} # namespace: "{{ traefik_namespace }}" # rules: # - alert: TraefikDown # expr: up{job="traefik"} == 0 # for: 5m # labels: # context: traefik # severity: warning # annotations: # summary: "Traefik Down" # description: "{% raw %}{{ $labels.pod }} on {{ $labels.nodename }} is down{% endraw %}" experimental: {% if traefik_ondemand is defined %} plugins: sablier: moduleName: "github.com/sablierapp/sablier" version: "v1.8.1" {% endif %} {% if traefik_hub_token is defined %} hub: enabled: true {% endif %} securityContext: allowPrivilegeEscalation: false capabilities: drop: [ALL] readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault {% if false %} {% raw %} extraObjects: - apiVersion: v1 kind: ConfigMap metadata: name: "extra" data: something: "extra" - | apiVersion: v1 kind: ConfigMap metadata: name: "templated" data: something: {{ printf "templated" }} {% endraw %} {% endif %}