Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- spiderunderurbed@raspberrypi:~/k8s $ cat traefik.yaml
- #apiVersion: traefik.io/kind: IngressRoute
- #metadata:
- # name: traefik-dashboard
- # namespace: kube-system
- #spec:
- # entryPoints:
- # - web
- # - websecure
- # routes:
- # - kind: Rule
- # match: Host(`traefik.spidershomelab.xyz`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
- # services:
- # - kind: TraefikService
- # name: api@internal
- ---
- # Update your existing traefik.yaml with this fixed version
- apiVersion: traefik.io/v1alpha1
- kind: IngressRoute
- metadata:
- name: traefik-dashboard
- namespace: kube-system
- spec:
- entryPoints:
- - web
- - websecure
- routes:
- - match: Host(`traefik.spidershomelab.xyz`) || (Host(`192.168.0.22`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))) || (Host(`192.168.68.77`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))) || (Host(`192.168.1.22`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`)))
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
- ---
- # Optional: Create an Ingress for easier access
- #apiVersion: networking.k8s.io/v1
- #kind: Ingress
- #metadata:
- # name: traefik-dashboard-ingress
- # namespace: kube-system
- # annotations:
- # kubernetes.io/ingress.class: traefik
- #spec:
- # rules:
- # - host: traefik.spidershomelab.xyz
- # http:
- # paths:
- # - path: /
- # pathType: Prefix
- # backend:
- # service:
- # name: traefik
- # port:
- # number: 8000
- spiderunderurbed@raspberrypi:~/k8s $ cat traefik-setup.yaml
- ---
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: traefik
- namespace: default
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: traefik-role
- rules:
- - apiGroups: [""]
- resources:
- - services
- - secrets
- - nodes
- - configmaps
- verbs:
- - get
- - list
- - watch
- - apiGroups: ["networking.k8s.io"]
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups: ["discovery.k8s.io"]
- resources:
- - endpointslices
- verbs:
- - get
- - list
- - watch
- - apiGroups: ["traefik.io"]
- resources:
- - middlewares
- - middlewaretcps
- - ingressroutes
- - ingressrouteudps
- - traefikservices
- - serverstransports
- - serverstransporttcps
- - tlsoptions
- - tlsstores
- - ingressroutetcps
- verbs:
- - get
- - list
- - watch
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: traefik-role-binding
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: traefik-role
- subjects:
- - kind: ServiceAccount
- name: traefik
- namespace: default
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: traefik
- namespace: default
- spec:
- # replicas: 2 # run Traefik on all nodes, adjust to number of nodes
- selector:
- matchLabels:
- app: traefik
- template:
- metadata:
- labels:
- app: traefik
- spec:
- serviceAccountName: traefik
- nodeSelector:
- kubernetes.io/hostname: raspberrypi
- # nodeSelector removed to allow scheduling on all nodes
- containers:
- - name: traefik
- image: traefik:v3.4.0
- args:
- - --api.insecure=true
- - --api.dashboard=true
- - --entryPoints.web.address=:80
- - --entryPoints.websecure.address=:443
- - --entryPoints.dashboard.address=:8085
- - --providers.kubernetescrd
- - --providers.kubernetesingress
- - --log.level=DEBUG
- ports:
- - name: web
- containerPort: 80
- - name: websecure
- containerPort: 443
- - name: dashboard
- containerPort: 8085
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: traefik
- namespace: default
- spec:
- type: LoadBalancer
- selector:
- app: traefik
- ports:
- - name: web
- port: 80
- targetPort: 80
- - name: websecure
- port: 443
- targetPort: 443
- - name: dashboard
- port: 8085
- targetPort: 8085
- # externalTrafficPolicy: Local # preserve client IP
- spiderunderurbed@raspberrypi:~/k8s $
Advertisement
Add Comment
Please, Sign In to add comment
