refactor: migrate from ingress-nginx to Traefik v3 (#254)
## Summary - Replace ingress-nginx 4.15.1 with Traefik v3 (Helm chart 39.0.7) as ingress controller - Convert nginx-specific annotations to Traefik Middleware CRDs - Update setup script selectors, namespaces, and readiness checks - Add `.claude/settings.local.json` to `.gitignore` 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: #254
This commit was merged in pull request #254.
This commit is contained in:
@@ -1,2 +1,3 @@
|
|||||||
data
|
data
|
||||||
charts
|
charts
|
||||||
|
.claude/settings.local.json
|
||||||
|
|||||||
@@ -24,9 +24,9 @@ kind: Ingress
|
|||||||
metadata:
|
metadata:
|
||||||
name: frontend
|
name: frontend
|
||||||
annotations:
|
annotations:
|
||||||
nginx.ingress.kubernetes.io/upstream-vhost: "localhost:3300"
|
traefik.ingress.kubernetes.io/router.middlewares: default-frontend-host@kubernetescrd
|
||||||
spec:
|
spec:
|
||||||
ingressClassName: nginx
|
ingressClassName: traefik
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- staging-shiny.unbound.se
|
- staging-shiny.unbound.se
|
||||||
@@ -59,9 +59,9 @@ kind: Ingress
|
|||||||
metadata:
|
metadata:
|
||||||
name: api
|
name: api
|
||||||
annotations:
|
annotations:
|
||||||
nginx.ingress.kubernetes.io/upstream-vhost: "localhost:4444"
|
traefik.ingress.kubernetes.io/router.middlewares: default-api-host@kubernetescrd
|
||||||
spec:
|
spec:
|
||||||
ingressClassName: nginx
|
ingressClassName: traefik
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- staging-shiny-api.unbound.se
|
- staging-shiny-api.unbound.se
|
||||||
@@ -77,3 +77,21 @@ spec:
|
|||||||
name: api-external
|
name: api-external
|
||||||
port:
|
port:
|
||||||
number: 4444
|
number: 4444
|
||||||
|
---
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
metadata:
|
||||||
|
name: frontend-host
|
||||||
|
spec:
|
||||||
|
headers:
|
||||||
|
customRequestHeaders:
|
||||||
|
Host: "localhost:3300"
|
||||||
|
---
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
metadata:
|
||||||
|
name: api-host
|
||||||
|
spec:
|
||||||
|
headers:
|
||||||
|
customRequestHeaders:
|
||||||
|
Host: "localhost:4444"
|
||||||
|
|||||||
@@ -1,12 +0,0 @@
|
|||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
resources:
|
|
||||||
- namespaces.yaml
|
|
||||||
helmCharts:
|
|
||||||
- name: ingress-nginx
|
|
||||||
namespace: ingress-nginx
|
|
||||||
includeCRDs: true
|
|
||||||
releaseName: ingress-nginx
|
|
||||||
repo: https://kubernetes.github.io/ingress-nginx
|
|
||||||
version: 4.15.1
|
|
||||||
valuesFile: https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/hack/manifest-templates/provider/kind/values.yaml
|
|
||||||
@@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- namespaces.yaml
|
||||||
|
helmCharts:
|
||||||
|
- name: traefik
|
||||||
|
namespace: traefik
|
||||||
|
includeCRDs: true
|
||||||
|
releaseName: traefik
|
||||||
|
repo: https://traefik.github.io/charts
|
||||||
|
version: 39.0.7
|
||||||
|
valuesFile: values.yaml
|
||||||
@@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: traefik
|
||||||
@@ -0,0 +1,31 @@
|
|||||||
|
deployment:
|
||||||
|
kind: DaemonSet
|
||||||
|
|
||||||
|
ports:
|
||||||
|
web:
|
||||||
|
hostPort: 80
|
||||||
|
websecure:
|
||||||
|
hostPort: 443
|
||||||
|
|
||||||
|
tolerations:
|
||||||
|
- key: "node-role.kubernetes.io/master"
|
||||||
|
operator: "Equal"
|
||||||
|
effect: "NoSchedule"
|
||||||
|
- key: "node-role.kubernetes.io/control-plane"
|
||||||
|
operator: "Equal"
|
||||||
|
effect: "NoSchedule"
|
||||||
|
|
||||||
|
nodeSelector:
|
||||||
|
ingress-ready: "true"
|
||||||
|
|
||||||
|
providers:
|
||||||
|
kubernetesIngress:
|
||||||
|
publishedService:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
service:
|
||||||
|
type: ClusterIP
|
||||||
|
|
||||||
|
ingressClass:
|
||||||
|
enabled: true
|
||||||
|
isDefaultClass: true
|
||||||
@@ -12,20 +12,20 @@ kubectl create secret docker-registry gitlab \
|
|||||||
|
|
||||||
kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gitlab"}]}'
|
kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gitlab"}]}'
|
||||||
|
|
||||||
kustomized="$(mktemp -t unboundnginx.yaml.XXXXXX)"
|
kustomized="$(mktemp -t unboundtraefik.yaml.XXXXXX)"
|
||||||
|
|
||||||
kubectl kustomize --enable-helm "k8s/nginx" >> "${kustomized}"
|
kubectl kustomize --enable-helm "k8s/traefik" >> "${kustomized}"
|
||||||
kubectl apply -f "${kustomized}" --server-side || true
|
kubectl apply -f "${kustomized}" --server-side || true
|
||||||
|
|
||||||
printf "\nWait for pod app.kubernetes.io/component=controller to be created."
|
printf "\nWait for pod app.kubernetes.io/name=traefik to be created."
|
||||||
while :; do
|
while :; do
|
||||||
sleep 2
|
sleep 2
|
||||||
[ -n "$(kubectl -n ingress-nginx get pod --selector=app.kubernetes.io/component=controller 2>/dev/null)" ] && printf "\n\n" && break
|
[ -n "$(kubectl -n traefik get pod --selector=app.kubernetes.io/name=traefik 2>/dev/null)" ] && printf "\n\n" && break
|
||||||
printf "."
|
printf "."
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "Wait for nginx to be available."
|
echo "Wait for traefik to be available."
|
||||||
until [[ $(kubectl -n ingress-nginx get endpointslices -l 'kubernetes.io/service-name=ingress-nginx-controller' -o=jsonpath='{.items[*].endpoints[*].addresses[*]}') ]]; do sleep 5; done
|
until [[ $(kubectl -n traefik get endpointslices -l 'kubernetes.io/service-name=traefik' -o=jsonpath='{.items[*].endpoints[*].addresses[*]}') ]]; do sleep 5; done
|
||||||
|
|
||||||
kustomized="$(mktemp -t unboundinfra.yaml.XXXXXX)"
|
kustomized="$(mktemp -t unboundinfra.yaml.XXXXXX)"
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user