apiVersion: v1 kind: Namespace metadata: name: kiamol-ingress-traefik labels: kiamol: ch15 --- kind: Service apiVersion: v1 metadata: name: ingress-traefik-controller namespace: kiamol-ingress-traefik spec: selector: k8s-app: traefik-ingress-lb ports: - name: http port: 8015 targetPort: http - name: https port: 9443 targetPort: https - name: admin port: 8080 targetPort: admin type: LoadBalancer --- kind: Deployment apiVersion: apps/v1 metadata: name: ingress-traefik-controller namespace: kiamol-ingress-traefik labels: k8s-app: traefik-ingress-lb spec: selector: matchLabels: k8s-app: traefik-ingress-lb template: metadata: labels: k8s-app: traefik-ingress-lb name: traefik-ingress-lb spec: containers: - image: traefik:v2.2.1 name: traefik-ingress-lb ports: - name: http containerPort: 80 - name: https containerPort: 443 - name: admin containerPort: 8080 args: - --api.insecure - --api.dashboard - --providers.kubernetesingress - --providers.kubernetesingress.ingressClass=traefik - --entryPoints.web.address=:80 - --entryPoints.websecure.address=:443 - --log.level=debug serviceAccountName: ingress-traefik --- # RBAC configuration apiVersion: v1 kind: ServiceAccount metadata: name: ingress-traefik namespace: kiamol-ingress-traefik --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: ingress-traefik-controller namespace: kiamol-ingress-traefik rules: - apiGroups: - "" resources: - services - endpoints - secrets verbs: - get - list - watch - apiGroups: - extensions resources: - ingresses verbs: - get - list - watch - apiGroups: - extensions resources: - ingresses/status verbs: - update --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: ingress-traefik-controller namespace: kiamol-ingress-traefik roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: ingress-traefik-controller subjects: - kind: ServiceAccount name: ingress-traefik namespace: kiamol-ingress-traefik