8.1.3 Installing the Traefik Controller
- Create a $WORKDIR/kubernetes/helm/traefik-ingress-values-override.yaml that contains the following:
Note:
The configuration below:- Assumes that you have oud-ds-rs installed with value oud-ds-rs as a deployment/release name in the namespace oudns. If using a different deployment name and/or namespace change appropriately.
- Deploys an ingress using LoadBalancer. If you prefer to use NodePort, change the configuration accordingly.
- For more details about Traefik configuration see: Traefik Ingress Controller.
# Configuration for additional TCP ports to be exposed through Ingress ports: traefik: port: 9000 exposedPort: 9000 protocol: TCP web: port: 8000 exposedPort: 30080 nodePort: 30080 protocol: TCP websecure: port: 8443 exposedPort: 30443 nodePort: 30443 protocol: TCP tls: enabled: true # The port 1389 TCP port will be mapped to LBR LDAP service to get requests handled through any available POD/Endpoint serving LDAP Port ldap1389: port: 1389 exposedPort: 1389 nodePort: 31389 protocol: TCP expose: default: true # The port 1636 TCP port will be mapped to LBR LDAP service to get requests handled through any available POD/Endpoint serving LDAPS Port ldaps1636: port: 1636 exposedPort: 1636 nodePort: 31636 protocol: TCP expose: default: true additionalArguments: - "--log.level=INFO" # Traefik Helm values for custom TCP ports + standard web/websecure entrypoints # Replace namespaces/service names only in the Kubernetes CRDs, not here. - --providers.kubernetescrd - --providers.kubernetesingress=true - --entrypoints.web.address=:8000 - --entrypoints.websecure.address=:8443 - --entrypoints.ldap1389.address=:1389 - --entrypoints.ldaps1636.address=:1636 service: spec: type: LoadBalancer - To install and configure Traefik Ingress issue the following command:
$ helm install traefik --namespace <namespace> \ --values traefik-ingress-values-override.yaml \ traefik/traefikWhere:- traefik is your deployment name
- traefik/traefik is the chart reference
For example:$ helm install --namespace traefik \ --values traefik-ingress-values-override.yaml \ traefik traefik/traefik - Create a `$WORKDIR/kubernetes/helm/traefik-tcp-ingressroutes.yaml, for exposing the additional TCP ports through IngressRouteTCP:
# ================================ # LDAP LBR (1389) # ================================ apiVersion: traefik.io/v1alpha1 kind: IngressRouteTCP metadata: name: oud-ds-rs-ldap-lbr namespace: oudns spec: entryPoints: - ldap1389 routes: - match: HostSNI(`*`) services: - name: oud-ds-rs-lbr-ldap port: ldap --- # ================================ # LDAPS LBR (1636) # ================================ apiVersion: traefik.io/v1alpha1 kind: IngressRouteTCP metadata: name: oud-ds-rs-ldaps-lbr namespace: oudns spec: entryPoints: - ldaps1636 routes: - match: HostSNI(`*`) services: - name: oud-ds-rs-lbr-ldap port: ldaps tls: passthrough: true - To install the IngressRouteTCP issue the following command:
$ kubectl create -f traefik-tcp-ingressroutes.yaml
Optional: Command helm upgrade to update nginx-ingress.
If required, an traefik deployment can be updated/upgraded with following command. In this example, traefik configuration is updated with an additional TCP port and Node Port for accessing the LDAP/LDAPS port of a specific POD:
- Use the sample OracleUnifiedDirectory/kubernetes/helm/samples/oud-ds-rs_traefik-ingress_values.yaml that contains the additional ports.
- Run the following command to upgrade the ingress:
$ cd $WORKDIR$/kubernetes/helm/samples $ helm upgrade --namespace <namespace> \ --values oud-ds-rs_traefik-ingress_values.yaml \ traefik traefik/traefikWhere:- traefik is your deployment name
- traefik/traefik is the chart reference
For example:$ cd OracleUnifiedDirectory/kubernetes/helm/samples $ helm upgrade --namespace traefik \ --values oud-ds-rs_traefik-ingress_values.yaml \ traefik traefik/traefik - Next to update the IngressRouteTCP with additional ports. Refer the sample OracleUnifiedDirectory/kubernetes/helm/samples/traefik-tcp-ingressroutes.yaml that contains the additional ports. Issue the following command for applying the additonal ports:
$ kubectl apply -f traefik-tcp-ingressroutes.yaml