adrien/ansible-role-k8s-traefik
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
ansible-role-k8s-traefik/templates/traefik-helm-value.yaml.j2
Adrien Reslinger f83fd94ddf
Fix Sablier
2024-10-16 00:39:51 +02:00

163 lines
4.1 KiB
Django/Jinja
Raw Blame History

# https://github.com/traefik/traefik-helm-chart/blob/master/traefik/values.yaml
{% if traefik_version is defined %}
image:
tag: "{{ traefik_version }}"
{% endif %}
#fullnameOverride: "{{ my_context }}"
additionalArguments:
- --configFile=/etc/traefik/traefik.yaml
#podSecurityPolicy:
# enabled: true
service:
type: {{ traefik_service_type }}
{% if traefik_external_ips is defined %}
externalIPs:
{% for external_ip in traefik_external_ips %}
- {{ external_ip }}
{% endfor %}
{% endif %}
ingressRoute:
dashboard:
enabled: false
podDisruptionBudget:
enabled: true
minAvailable: 1
ingressClass:
enabled: true
isDefaultClass: true
{% if false %}
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
targetAverageUtilization: 60
- type: Resource
resource:
name: memory
targetAverageUtilization: 60
{% endif %}
{% if traefik_service_type == "NodePort" or (traefik_hostport is defined and traefik_hostport == true) or traefik_hub_token is defined %}
ports:
{% if traefik_service_type == "NodePort" or (traefik_hostport is defined and traefik_hostport == true) %}
web:
# redirectTo: websecure
{% if traefik_hostport is defined and traefik_hostport == true %}
hostPort: 80
{% endif %}
{% if traefik_service_type == "NodePort" %}
nodePort: 80
{% endif %}
websecure:
{% if traefik_hostport is defined and traefik_hostport == true %}
hostPort: 443
{% endif %}
{% if traefik_service_type == "NodePort" %}
nodePort: 443
{% endif %}
http3:
enabled: true
advertisedPort: 443
# tls:
# enabled: true
# options: default
{% endif %}
{% if traefik_hub_token is defined %}
traefikhub-tunl:
port: 9901
expose: true
exposedPort: 9901
protocol: "TCP"
{% endif %}
{% endif %}
volumes:
- mountPath: /etc/traefik
name: traefik-conf
type: configMap
- mountPath: /etc/traefik/file
name: traefik-files
type: configMap
- mountPath: /etc/traefik/basic-auth
name: basic-auth
type: secret
deployment:
{% if traefik_hostport is defined and traefik_hostport == true %}
kind: DaemonSet
{% else %}
replicas: 1
{% endif %}
revisionHistoryLimit: 3
# podAnnotations:
# prometheus.io/port: '9100'
# prometheus.io/scrape: 'true'
# prometheus.io/path: "/metrics"
{% if traefik_hostport is defined and traefik_hostport == true %}
updateStrategy:
type: OnDelete
{% endif %}
metrics:
prometheus:
service:
enabled: true
serviceMonitor:
metricRelabelings: []
# # - sourceLabels: [__name__]
# # separator: ;
# # regex: ^fluentd_output_status_buffer_(oldest|newest)_.+
# # replacement: $1
# # action: drop
relabelings: []
# # - sourceLabels: [__meta_kubernetes_pod_node_name]
# # separator: ;
# # regex: ^(.*)$
# # targetLabel: nodename
# # replacement: $1
# # action: replace
# jobLabel: traefik
# interval: 30s
# honorLabels: true
# # (Optional)
# # scrapeTimeout: 5s
# # honorTimestamps: true
# # enableHttp2: true
# # followRedirects: true
# # additionalLabels:
# # foo: bar
# # namespace: "another-namespace"
# # namespaceSelector: {}
# prometheusRule:
# additionalLabels: {}
# namespace: "{{ traefik_namespace }}"
# rules:
# - alert: TraefikDown
# expr: up{job="traefik"} == 0
# for: 5m
# labels:
# context: traefik
# severity: warning
# annotations:
# summary: "Traefik Down"
# description: "{% raw %}{{ $labels.pod }} on {{ $labels.nodename }} is down{% endraw %}"
experimental:
{% if traefik_ondemand is defined %}
plugins:
sablier:
moduleName: "github.com/acouvreur/sablier"
version: "v1.8.0"
{% endif %}
kubernetesGateway:
enabled: false
{% if traefik_hub_token is defined %}
hub:
enabled: true
{% endif %}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ALL]
readOnlyRootFilesystem: true
seccompProfile:
type: RuntimeDefault
Reference in a new issue View git blame Copy permalink