From 4e09c951c2ddd3fb10f8b1e9921f02e0f88d5424 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Sun, 7 Dec 2025 00:23:04 +0000 Subject: [PATCH] save --- .github/workflows/k8s_traefik_init_setup.yml | 3 +-- traefik/edge-router/middleware.yaml | 3 +-- traefik/edge-router/traefik-deployment.yml | 3 ++- traefik/edge-router/traefik-ingressroute.yml | 1 + traefik/edge-router/traefik-services.yml | 23 ++++++++++---------- 5 files changed, 16 insertions(+), 17 deletions(-) diff --git a/.github/workflows/k8s_traefik_init_setup.yml b/.github/workflows/k8s_traefik_init_setup.yml index dab5d61..6883b66 100644 --- a/.github/workflows/k8s_traefik_init_setup.yml +++ b/.github/workflows/k8s_traefik_init_setup.yml @@ -84,10 +84,9 @@ jobs: # Install Traefik CRDs (idempotent) - name: Install Traefik CRDs run: | - if ! kubectl get crd ingressroutes.traefik.containo.us >/dev/null 2>&1; then + if ! kubectl get crd ingressroutes.traefik.io >/dev/null 2>&1; then kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml - kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/user-guides/crd-acme/05-tlsoption.yml fi # Deploy Traefik diff --git a/traefik/edge-router/middleware.yaml b/traefik/edge-router/middleware.yaml index e946aea..9cf5963 100644 --- a/traefik/edge-router/middleware.yaml +++ b/traefik/edge-router/middleware.yaml @@ -5,5 +5,4 @@ metadata: name: test-auth spec: basicAuth: - secret: authsecret - namespace: default \ No newline at end of file + secret: authsecret \ No newline at end of file diff --git a/traefik/edge-router/traefik-deployment.yml b/traefik/edge-router/traefik-deployment.yml index 392207d..5553f15 100644 --- a/traefik/edge-router/traefik-deployment.yml +++ b/traefik/edge-router/traefik-deployment.yml @@ -46,8 +46,9 @@ spec: - "--certificatesresolvers.myresolver.acme.httpChallenge.entryPoint=web" - "--entrypoints.web.http.redirections.entrypoint.to=websecure" - "--entrypoints.web.http.redirections.entrypoint.scheme=https" - - "--entrypoints.websecure.address=:443" - "--providers.kubernetescrd.allowexternalnameservices=true" + - "--providers.kubernetescrd.allowcrossnamespace=false" + - "--providers.kubernetescrd.legacyCRDDisabled=true env: - name: AWS_ACCESS_KEY_ID valueFrom: diff --git a/traefik/edge-router/traefik-ingressroute.yml b/traefik/edge-router/traefik-ingressroute.yml index 1c35140..88f1772 100644 --- a/traefik/edge-router/traefik-ingressroute.yml +++ b/traefik/edge-router/traefik-ingressroute.yml @@ -11,6 +11,7 @@ spec: kind: Rule middlewares: - name: test-auth + namespace: default services: - name: traefik port: 8080 diff --git a/traefik/edge-router/traefik-services.yml b/traefik/edge-router/traefik-services.yml index 35e6bd6..6a0515f 100644 --- a/traefik/edge-router/traefik-services.yml +++ b/traefik/edge-router/traefik-services.yml @@ -3,18 +3,17 @@ kind: Service metadata: name: traefik namespace: default - spec: type: LoadBalancer - ports: - - protocol: TCP - name: web - port: 80 - - protocol: TCP - name: websecure - port: 443 - - protocol: TCP - name: admin - port: 8080 selector: - app: traefik \ No newline at end of file + app: traefik + ports: + - name: web + port: 80 + targetPort: web + - name: websecure + port: 443 + targetPort: websecure + - name: admin + port: 8080 + targetPort: admin