baschno/kubern-everything
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b47fe8f66b98fad22dfe5d70abedf17d7e8033fe
kubern-everything/Traefik
History
baschno b47fe8f66b fix formatting
2025-12-27 20:38:12 +01:00
..
test
savegame
2025-04-10 22:56:27 +02:00
cert-manager-cluster-issuer.yaml
fixing certmanager issues2
2025-01-06 19:50:14 +01:00
cert-manager-issuer-secret.yaml
fixing certmanager issues2
2025-01-06 19:50:14 +01:00
cert-manager-values.yaml
moving from lempa to traefik folder
2025-01-06 18:19:14 +01:00
README.md
fix formatting
2025-12-27 20:38:12 +01:00
traefik-values.yaml
longhorn nummer 2
2025-04-21 21:18:23 +02:00

README.md

Traefik via Helm

helm repo add traefik https://helm.traefik.io/traefik

helm install traefik traefik/traefik --namespace traefik --create-namespace --values traefik-values.yaml

Cert-Manager

Cert Manager will be used as it will store certs in a secret, therefore accessible for every pod. In contrast to this, Traefik stores certs on disk, so a volume would be needed in RWX mode (too much effort).

Issuer - CA

An issuer is a CA. This can be done with 2 different kinds.

Issuer

can be used in the namespace they are created in.

Cluster Issuer

can be used throughout the whole cluster, not limited to a specific namespace. i.e. general issuer for all namespaces in cluster.

Test Deployment

k create ns test
kubectl create deploy nginx --image=nginx -n test
k create svc -n test clusterip nginx --tcp=80
k scale --replicas=3 deployment/nginx -n test

Install Traefik & Cert-Manager


helm install traefik traefik/traefik --namespace traefik --create-namespace --values traefik-values.yaml

traefik-dashboard.k8s.schnrbs.work

helm repo add jetstack https://charts.jetstack.io --force-update
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --values cert-manager-values.yaml


k apply -f cert-manager-issuer-secret.yaml
k get secret -n cert-manager

k apply -f cert-manager-cluster-issuer.yaml

Switch Test Deployment to https

k apply -f test/nginx-certificate.yaml
k apply -f test/nginx-ingress.yaml

Troubleshooting steps

k get po -n test -o wide
k create svc -n test clusterip nginx 
k create svc -n test clusterip nginx --tcp=80
k get svc -n test
dig k.internal.schnrbs.work
dig k8s.internal.schnrbs.work
dig n.k8s.internal.schnrbs.work
k apply -f traefik_lempa/nginx-ingress.yaml
k delete ingress nginx-ingress
k apply -f traefik_lempa/nginx-ingress.yaml
k get svc -n test
k get ingress
k get ingress -n test

k get svc ingressRoute
k get svc ingressRoutes
k get svc ingressroutes.traefik.io
k get ingressroutes.traefik.io --all-namespaces
helm upgrade traefik traefik/traefik --namespace traefik --create-namespace --values traefik_lempa/traefik-values.yaml
cert-manager-values.yaml
echo -n 'P96My4uiHudZtiC2ymjSGQ0174CoRBnI9ztmA0Wh' | base64
k get po
alias k=kubectl
k get po
k apply -f traefik_lempa/cert-manager-issuer-secret.yaml
k get secret
k get secrets
k get clusterissuers.cert-manager.io