mirror of
https://github.com/traefik/mesh.git
synced 2026-05-02 18:32:32 +00:00
Kevin Pollet
125 lines
3.8 KiB
YAML
125 lines
3.8 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: traefik-mesh-proxy
|
|
namespace: traefik-mesh
|
|
labels:
|
|
app: maesh
|
|
component: maesh-mesh
|
|
automountServiceAccountToken: false
|
|
|
|
---
|
|
kind: ClusterRole
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
metadata:
|
|
name: traefik-mesh-proxy-role
|
|
namespace: traefik-mesh
|
|
labels:
|
|
app: maesh
|
|
component: maesh-mesh
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
- services
|
|
verbs:
|
|
- list
|
|
---
|
|
kind: ClusterRoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
metadata:
|
|
name: traefik-mesh-proxy
|
|
namespace: traefik-mesh
|
|
labels:
|
|
app: maesh
|
|
component: maesh-mesh
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: traefik-mesh-proxy-role
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: traefik-mesh-proxy
|
|
namespace: traefik-mesh
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: traefik-mesh-proxy
|
|
namespace: traefik-mesh
|
|
labels:
|
|
app: maesh
|
|
component: maesh-mesh
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: maesh
|
|
component: maesh-mesh
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: maesh
|
|
component: maesh-mesh
|
|
spec:
|
|
serviceAccountName: traefik-mesh-proxy
|
|
terminationGracePeriodSeconds: 30
|
|
containers:
|
|
- name: traefik-mesh-proxy
|
|
image: traefik:v2.8
|
|
imagePullPolicy: IfNotPresent
|
|
args:
|
|
- "--entryPoints.readiness.address=:1081"
|
|
- "--entryPoints.liveness.address=:1082"
|
|
- "--entryPoints.http-5000.address=:5000"
|
|
- "--entryPoints.http-5000.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.http-5001.address=:5001"
|
|
- "--entryPoints.http-5001.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.http-5002.address=:5002"
|
|
- "--entryPoints.http-5002.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.http-5003.address=:5003"
|
|
- "--entryPoints.http-5003.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.http-5004.address=:5004"
|
|
- "--entryPoints.http-5004.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.tcp-10000.address=:10000"
|
|
- "--entryPoints.tcp-10000.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.tcp-10001.address=:10001"
|
|
- "--entryPoints.tcp-10001.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.tcp-10002.address=:10002"
|
|
- "--entryPoints.tcp-10002.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.tcp-10003.address=:10003"
|
|
- "--entryPoints.tcp-10003.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.tcp-10004.address=:10004"
|
|
- "--entryPoints.tcp-10004.forwardedHeaders.insecure=true"
|
|
- "--entryPoints.udp-15000.address=:15000/udp"
|
|
- "--entryPoints.udp-15001.address=:15001/udp"
|
|
- "--entryPoints.udp-15002.address=:15002/udp"
|
|
- "--entryPoints.udp-15003.address=:15003/udp"
|
|
- "--entryPoints.udp-15004.address=:15004/udp"
|
|
- "--providers.http.endpoint=http://traefik-mesh-controller.traefik-mesh.svc.cluster.local:9000/api/configuration/current"
|
|
- "--providers.http.pollInterval=100ms"
|
|
- "--providers.http.pollTimeout=100ms"
|
|
- "--api.dashboard=false"
|
|
- "--api.insecure"
|
|
- "--ping"
|
|
ports:
|
|
- name: readiness
|
|
containerPort: 1081
|
|
- name: liveness
|
|
containerPort: 1082
|
|
- name: api
|
|
containerPort: 8080
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /ping
|
|
port: readiness
|
|
initialDelaySeconds: 3
|
|
periodSeconds: 1
|
|
livenessProbe:
|
|
tcpSocket:
|
|
port: liveness
|
|
initialDelaySeconds: 3
|
|
periodSeconds: 1
|