From 38e0d38eeefe36b5a668d483487926ac747ad8a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simen=20R=C3=B8stvik?= Date: Tue, 15 Nov 2022 12:12:04 +0100 Subject: [PATCH] Remove Chart --- Charts/traefik/Chart.lock | 6 - Charts/traefik/Chart.yaml | 7 - Charts/traefik/values.yaml | 531 ------------------------------------- 3 files changed, 544 deletions(-) delete mode 100644 Charts/traefik/Chart.lock delete mode 100644 Charts/traefik/Chart.yaml delete mode 100644 Charts/traefik/values.yaml diff --git a/Charts/traefik/Chart.lock b/Charts/traefik/Chart.lock deleted file mode 100644 index 64b823c..0000000 --- a/Charts/traefik/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: traefik - repository: https://helm.traefik.io/traefik - version: 10.24.0 -digest: sha256:92dfb96eee281fd2d1f301df59247c33ae1ecda50dd9ffa2bcb58a0669b0958c -generated: "2022-07-02T19:48:05.815350227Z" diff --git a/Charts/traefik/Chart.yaml b/Charts/traefik/Chart.yaml deleted file mode 100644 index dc959a8..0000000 --- a/Charts/traefik/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -name: traefik -version: 1.0.0 -dependencies: - - name: traefik - version: 10.24.0 - repository: https://helm.traefik.io/traefik diff --git a/Charts/traefik/values.yaml b/Charts/traefik/values.yaml deleted file mode 100644 index 737e78e..0000000 --- a/Charts/traefik/values.yaml +++ /dev/null @@ -1,531 +0,0 @@ -traefik: - # Default values for Traefik - image: - repository: &traefikImage library/traefik - name: *traefikImage - # defaults to appVersion - tag: v2.9.4 - pullPolicy: IfNotPresent - - # - # Configure the deployment - # - deployment: - enabled: true - # Can be either Deployment or DaemonSet - kind: Deployment - # Number of pods of the deployment (only applies when kind == Deployment) - replicas: 1 - # Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down - terminationGracePeriodSeconds: 60 - # The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available - minReadySeconds: 0 - # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} - # Additional deployment labels (e.g. for filtering deployment by custom labels) - labels: {} - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} - # Additional Pod labels (e.g. for filtering Pod by custom labels) - podLabels: {} - # Additional containers (e.g. for metric offloading sidecars) - additionalContainers: - # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host - - name: cloudflare - image: cloudflare/cloudflared:2022.6.3 - args: ["tunnel", "--no-autoupdate", "run", "--token", "$(cloudflared)"] - resources: - limits: - cpu: "800m" - memory: "100Mi" - requests: - cpu: "300m" - memory: "40Mi" - envFrom: - - secretRef: - name: cloudflared-secrets - - image: ghcr.io/roxedus/pipelines:traefik-cloudflare-tunnel-cca7aa94 - name: auto-cloudflare - resources: - limits: - cpu: "800m" - memory: "100Mi" - requests: - cpu: "300m" - memory: "40Mi" - envFrom: - - secretRef: - name: auto-cloudflared-secrets - env: - - name: TRAEFIK_SERVICE_ENDPOINT - value: http://localhost:8000 - - name: TRAEFIK_API_ENDPOINT - value: http://localhost:9000 - - name: TRAEFIK_ENTRYPOINT - value: web - # volumeMounts: - # - name: dsdsocket - # mountPath: /socket - # Additional volumes available for use with initContainers and additionalContainers - additionalVolumes: - [] - # - name: dsdsocket - # hostPath: - # path: /var/run/statsd-exporter - # Additional initContainers (e.g. for setting file permission as shown below) - initContainers: - [] - # The "volume-permissions" init container is required if you run into permission issues. - # Related issue: https://github.com/traefik/traefik/issues/6972 - # - name: volume-permissions - # image: busybox:1.31.1 - # command: ["sh", "-c", "chmod -Rv 600 /data/*"] - # volumeMounts: - # - name: data - # mountPath: /data - # Use process namespace sharing - shareProcessNamespace: false - # Custom pod DNS policy. Apply if `hostNetwork: true` - # dnsPolicy: ClusterFirstWithHostNet - # Additional imagePullSecrets - imagePullSecrets: - [] - # - name: myRegistryKeySecretName - - # Pod disruption budget - podDisruptionBudget: - enabled: false - # maxUnavailable: 1 - # maxUnavailable: 33% - # minAvailable: 0 - # minAvailable: 25% - - # Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x - ingressClass: - # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 - enabled: false - isDefaultClass: false - # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" - fallbackApiVersion: "" - - # Activate Pilot integration - pilot: - enabled: true - - # Enable experimental features - experimental: - http3: - enabled: true - plugins: - enabled: false - kubernetesGateway: - enabled: false - - # Create an IngressRoute for the dashboard - ingressRoute: - dashboard: - enabled: false - # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) - annotations: {} - # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) - labels: {} - - rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 - - # Customize liveness and readiness probe values. - readinessProbe: - failureThreshold: 1 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 2 - - livenessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 2 - - # - # Configure providers - # - providers: - kubernetesCRD: - enabled: true - allowCrossNamespace: false - allowExternalNameServices: false - # ingressClass: traefik-internal - # labelSelector: environment=production,method=traefik - namespaces: - - "default" - - kubernetesIngress: - enabled: true - allowExternalNameServices: false - allowEmptyServices: false - # ingressClass: traefik-internal - # labelSelector: environment=production,method=traefik - namespaces: - - "default" - # IP used for Kubernetes Ingress endpoints - publishedService: - enabled: false - # Published Kubernetes Service to copy status from. Format: namespace/servicename - # By default this Traefik service - # pathOverride: "" - - # - # Add volumes to the traefik pod. The volume name will be passed to tpl. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. - # After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: - # additionalArguments: - # - "--providers.file.filename=/config/dynamic.toml" - # - "--ping" - # - "--ping.entrypoint=web" - volumes: - [] - # - name: public-cert - # mountPath: "/certs" - # type: emptyDir - # - name: '{{ printf "%s-configs" .Release.Name }}' - # mountPath: "/config" - # type: configMap - - # Additional volumeMounts to add to the Traefik container - additionalVolumeMounts: - [] - # For instance when using a logshipper for access logs - # - name: traefik-logs - # mountPath: /var/log/traefik - - # Logs - # https://docs.traefik.io/observability/logs/ - logs: - # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). - general: - # By default, the logs use a text format (common), but you can - # also ask for the json format in the format option - # format: json - # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - level: ERROR - access: - # To enable access logs - enabled: false - # By default, logs are written using the Common Log Format (CLF). - # To write logs in JSON, use json in the format option. - # If the given format is unsupported, the default (CLF) is used instead. - # format: json - # To write the logs in an asynchronous fashion, specify a bufferingSize option. - # This option represents the number of log lines Traefik will keep in memory before writing - # them to the selected output. In some cases, this option can greatly help performances. - # bufferingSize: 100 - # Filtering https://docs.traefik.io/observability/access-logs/#filtering - filters: - {} - # statuscodes: "200,300-302" - # retryattempts: true - # minduration: 10ms - # Fields - # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers - fields: - general: - defaultmode: keep - names: - {} - # Examples: - # ClientUsername: drop - headers: - defaultmode: drop - names: - {} - # Examples: - # User-Agent: redact - # Authorization: drop - # Content-Type: keep - - metrics: - # datadog: - # address: 127.0.0.1:8125 - # influxdb: - # address: localhost:8089 - # protocol: udp - prometheus: - entryPoint: metrics - # addRoutersLabels: true - # statsd: - # address: localhost:8125 - - tracing: - {} - # instana: - # enabled: true - # datadog: - # localAgentHostPort: 127.0.0.1:8126 - # debug: false - # globalTag: "" - # prioritySampling: false - - globalArguments: - - "--global.checknewversion" - - # - # Configure Traefik static configuration - # Additional arguments to be passed at Traefik's binary - # All available options available on https://docs.traefik.io/reference/static-configuration/cli/ - ## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` - additionalArguments: - - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32" - - "--api.insecure=true" - - # certResolvers: - # cf: - # dnsChallenge: - # provider: cloudflare - # # add futher options for the dns challenge as needed - # # cf. https://doc.traefik.io/traefik/https/acme/#dnschallenge - # delayBeforeCheck: 30 - # resolvers: - # - 1.1.1.1 - # - 1.0.0.1 - # # match the path to persistence - # storage: /data/acme.json - # - "--providers.kubernetesingress.ingressclass=traefik-internal" - # - "--log.level=DEBUG" - - # Environment variables to be passed to Traefik's binary - env: [] - # - name: SOME_VAR - # value: some-var-value - # - name: SOME_VAR_FROM_CONFIG_MAP - # valueFrom: - # configMapRef: - # name: configmap-name - # key: config-key - # - name: SOME_SECRET - # valueFrom: - # secretKeyRef: - # name: secret-name - # key: secret-key - - envFrom: - # - configMapRef: - # name: config-map-name - - secretRef: - name: traefik-secrets - - # Configure ports - ports: - # The name of this one can't be changed as it is used for the readiness and - # liveness probes, but you can adjust its config to your liking - traefik: - port: 9000 - expose: false - # The exposed port for this service - exposedPort: 9000 - # The port protocol (TCP/UDP) - protocol: TCP - web: - port: 8000 - # hostPort: 8000 - expose: false - exposedPort: 80 - # The port protocol (TCP/UDP) - protocol: TCP - # Use nodeport if set. This is useful if you have configured Traefik in a - # LoadBalancer - # nodePort: 32080 - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection - # redirectTo: websecure - websecure: - port: 8443 - # hostPort: 8443 - expose: false - exposedPort: 443 - # The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 - # Enable HTTP/3. - # Requires enabling experimental http3 feature and tls. - # Note that you cannot have a UDP entrypoint with the same port. - http3: true - # Set TLS at the entrypoint - # https://doc.traefik.io/traefik/routing/entrypoints/#tls - tls: - enabled: true - # # this is the name of a TLSOption definition - # options: "" - # certResolver: cf - # domains: - # - main: roxedus.com - # sans: - # - "*.roxedus.com" - # - bar.example.com - metrics: - port: 9100 - # hostPort: 9100 - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # - # You may not want to expose the metrics port on production deployments. - # If you want to access it from outside of your cluster, - # use `kubectl port-forward` or create a secure ingress - expose: false - # The exposed port for this service - exposedPort: 9100 - # The port protocol (TCP/UDP) - protocol: TCP - - # TLS Options are created as TLSOption CRDs - # https://doc.traefik.io/traefik/https/tls/#tls-options - # Example: - tlsOptions: - default: - sniStrict: true - minVersion: VersionTLS12 - # preferServerCipherSuites: true - # foobar: - # curvePreferences: - # - CurveP521 - # - CurveP384 - - # Options for the main traefik service, where the entrypoints traffic comes - # from. - service: - enabled: false - type: NodePort - # Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) - annotations: {} - # Additional annotations for TCP service only - annotationsTCP: {} - # Additional annotations for UDP service only - annotationsUDP: {} - # Additional service labels (e.g. for filtering Service by custom labels) - labels: {} - # Additional entries here will be added to the service spec. - # Cannot contain type, selector or ports entries. - spec: - {} - # externalTrafficPolicy: Cluster - # loadBalancerIP: "1.2.3.4" - # clusterIP: "2.3.4.5" - loadBalancerSourceRanges: - [] - # - 192.168.0.1/32 - # - 172.16.0.0/16 - externalIPs: - [] - # - 1.2.3.4 - # One of SingleStack, PreferDualStack, or RequireDualStack. - # ipFamilyPolicy: SingleStack - # List of IP families (e.g. IPv4 and/or IPv6). - # ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - # ipFamilies: - # - IPv4 - # - IPv6 - - ## Create HorizontalPodAutoscaler object. - ## - autoscaling: - enabled: false - # minReplicas: 1 - # maxReplicas: 10 - # metrics: - # - type: Resource - # resource: - # name: cpu - # targetAverageUtilization: 60 - # - type: Resource - # resource: - # name: memory - # targetAverageUtilization: 60 - - # Enable persistence using Persistent Volume Claims - # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - # After the pvc has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: - # additionalArguments: - # - "--certificatesresolvers.le.acme.storage=/data/acme.json" - # It will persist TLS certificates. - persistence: - enabled: false - name: data - # existingClaim: "" - accessMode: ReadWriteOnce - size: 128Mi - # storageClass: "" - path: /data - annotations: {} - # subPath: "" # only mount a subpath of the Volume into the pod - - # If hostNetwork is true, runs traefik in the host network namespace - # To prevent unschedulabel pods due to port collisions, if hostNetwork=true - # and replicas>1, a pod anti-affinity is recommended and will be set if the - # affinity is left as default. - hostNetwork: false - - # Whether Role Based Access Control objects like roles and rolebindings should be created - rbac: - enabled: true - - # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. - # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace - namespaced: false - - # Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding - podSecurityPolicy: - enabled: false - - # The service account the pods will use to interact with the Kubernetes API - serviceAccount: - # If set, an existing service account is used - # If not set, a service account is created automatically using the fullname template - name: "" - - # Additional serviceAccount annotations (e.g. for oidc authentication) - serviceAccountAnnotations: {} - - resources: - {} - # requests: - # cpu: "100m" - # memory: "50Mi" - # limits: - # cpu: "300m" - # memory: "150Mi" - affinity: {} - # # This example pod anti-affinity forces the scheduler to put traefik pods - # # on nodes where no other traefik pods are scheduled. - # # It should be used when hostNetwork: true to prevent port conflicts - # podAntiAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # - labelSelector: - # matchExpressions: - # - key: app.kubernetes.io/name - # operator: In - # values: - # - {{ template "traefik.name" . }} - # topologyKey: kubernetes.io/hostname - nodeSelector: - kubernetes.io/arch: amd64 - tolerations: [] - - # Pods can have priority. - # Priority indicates the importance of a Pod relative to other Pods. - priorityClassName: "" - - # Set the container security context - # To run the container with ports below 1024 this will need to be adjust to run as root - securityContext: - capabilities: - drop: [ALL] - readOnlyRootFilesystem: true - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - - podSecurityContext: - fsGroup: 65532