feat: replace ingress-nginx with traefik

2026-01-15 20:10:45 +01:00 · 2026-01-15 20:10:45 +01:00 · cc0566af21
commit cc0566af21
parent 328c0a5a29
18 changed files with 108 additions and 78 deletions
--- a/module6/k8s/helm/cert-manager/clusterissuer-letsencrypt-production.yaml
+++ b/module6/k8s/helm/cert-manager/clusterissuer-letsencrypt-production.yaml
@ -10,4 +10,4 @@ spec:
    solvers:
      - http01:
          ingress:
-            ingressClassName: nginx
+            ingressClassName: traefik
--- a/module6/k8s/helm/ingress-nginx/README.md
+++ b/module6/k8s/helm/ingress-nginx/README.md
@ -1,15 +0,0 @@
-# ingress-nginx
-
-Docs: https://kubernetes.github.io/ingress-nginx/
-Github Repo: https://github.com/kubernetes/ingress-nginx
-
-```sh
-helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx --force-update
-helm upgrade \
-  ingress-nginx ingress-nginx/ingress-nginx \
-  --install \
-  --namespace ingress-nginx \
-  --create-namespace \
-  --version 4.12.1 \
-  --values values.yaml
-```
--- a/module6/k8s/helm/ingress-nginx/values.yaml
+++ b/module6/k8s/helm/ingress-nginx/values.yaml
@ -1,5 +0,0 @@
-controller:
-  metrics:
-    enabled: true
-    serviceMonitor:
-      enabled: true
--- a/module6/k8s/helm/traefik/README.md
+++ b/module6/k8s/helm/traefik/README.md
@ -0,0 +1,15 @@
+# traefik
+
+Docs: https://doc.traefik.io/traefik/setup/kubernetes/
+Github Repo: https://github.com/traefik/traefik/
+
+```sh
+helm repo add traefik https://traefik.github.io/charts/ --force-update
+helm upgrade \
+  traefik traefik/traefik \
+  --install \
+  --namespace traefik \
+  --create-namespace \
+  --version 38.0.2 \
+  --values values.yaml
+```
--- a/module6/k8s/helm/traefik/values.yaml
+++ b/module6/k8s/helm/traefik/values.yaml
@ -0,0 +1,25 @@
+# HA deployment
+deployment:
+  replicas: 3
+
+# Enable logs for better debugging
+logs:
+  access:
+    enabled: true
+
+# Spread pods better between nodes
+topologySpreadConstraints:
+  - maxSkew: 1
+    topologyKey: kubernetes.io/hostname
+    whenUnsatisfiable: ScheduleAnyway
+    labelSelector:
+      matchLabels:
+        app.kubernetes.io/name: '{{ template "traefik.name" . }}'
+
+# Enable metrics export and collection (serviceMonitor requires prometheus-operator-crds and alloy)
+metrics:
+  prometheus:
+    service:
+      enabled: true
+    serviceMonitor:
+      enabled: true
--- a/module6/k8s/kustomize/scrumlr/ingress-scrumlr.yaml.example
+++ b/module6/k8s/kustomize/scrumlr/ingress-scrumlr.yaml.example
@ -6,13 +6,9 @@ metadata:
    app.kubernetes.io/name: "scrumlr"
    app.kubernetes.io/part-of: "scrumlr"
  annotations:
-    nginx.ingress.kubernetes.io/limit-connections: "100"
-    # Websocket optimization https://kubernetes.github.io/ingress-nginx/user-guide/miscellaneous/#websockets
-    nginx.ingress.kubernetes.io/proxy-send-timeout: "7200"
-    nginx.ingress.kubernetes.io/proxy-read-timeout: "7200"
    cert-manager.io/cluster-issuer: "letsencrypt-production"
 spec:
-  ingressClassName: nginx
+  ingressClassName: traefik
  tls:
    - hosts:
      - CHANGE-ME.domain.tld