University/course_deploying_an_application_with_ske
9
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Switch to Traefik & update everything #1

Merged
sebastian.heusser merged 9 commits from feat/update-2026-01 into main 2026-01-20 12:52:01 +00:00
Conversation 0 Commits 9 Files changed 40 +166 -136
40 changed files with 166 additions and 136 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
module3/README.md
View file

@ -25,24 +25,24 @@ cd $(git rev-parse --show-toplevel)/module3/k8s/
minikube start
minikube tunnel
# Install ingress-nginx and nats with helm
# Install traefik and nats with helm
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo add nats https://nats-io.github.io/k8s/helm/charts/
helm repo add nats https://nats-io.github.io/k8s/helm/charts/
helm repo add traefik https://traefik.github.io/charts
helm repo update
helm upgrade \
ingress-nginx ingress-nginx/ingress-nginx \
traefik traefik/traefik \
--install \
--namespace ingress-nginx \
--namespace traefik \
--create-namespace \
--version 4.12.1 \
--values helm/ingress-nginx/values.yaml
--version 38.0.2 \
--values helm/traefik/values.yaml
helm upgrade \
--install \
nats nats/nats \
--namespace nats \
--create-namespace \
--version 1.3.3 \
--version 2.12.3 \
--values helm/nats/values.yaml
@ -52,7 +52,7 @@ kubectl apply -k kustomize/postgres
kubectl apply -k kustomize/scrumlr
# Use external IP of your Ingress Controller in your Browser to open Scrumlr
kubectl get services --namespace ingress-nginx ingress-nginx-controller --output jsonpath='{.status.loadBalancer.ingress[0].ip}'
kubectl get services --namespace traefik traefik --output jsonpath='{.status.loadBalancer.ingress[0].ip}'
# Destroy Cluster
minikube stop

15
module3/k8s/helm/ingress-nginx/README.md
View file

@ -1,15 +0,0 @@
# ingress-nginx
Docs: https://kubernetes.github.io/ingress-nginx/
Github Repo: https://github.com/kubernetes/ingress-nginx
```sh
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx --force-update
helm upgrade \
ingress-nginx ingress-nginx/ingress-nginx \
--install \
--namespace ingress-nginx \
--create-namespace \
--version 4.12.1 \
--values values.yaml
```

1
module3/k8s/helm/ingress-nginx/values.yaml
View file

@ -1 +0,0 @@
# Note: This file is intentionally empty and is more of a placeholder to ensure consistency.

2
module3/k8s/helm/nats/README.md
View file

@ -10,6 +10,6 @@ helm upgrade \
nats nats/nats \
--namespace nats \
--create-namespace \
--version 1.3.3 \
--version 2.12.3 \
--values values.yaml
```

15
module3/k8s/helm/traefik/README.md Normal file
View file

@ -0,0 +1,15 @@
# traefik
Docs: https://doc.traefik.io/traefik/setup/kubernetes/
Github Repo: https://github.com/traefik/traefik/
```sh
helm repo add traefik https://traefik.github.io/charts/ --force-update
helm upgrade \
traefik traefik/traefik \
--install \
--namespace traefik \
--create-namespace \
--version 38.0.2 \
--values values.yaml
```

8
module3/k8s/helm/traefik/values.yaml Normal file
View file

@ -0,0 +1,8 @@
# HA deployment
deployment:
replicas: 3
# Enable logs for better debugging
logs:
access:
enabled: true

4
module3/k8s/kustomize/postgres/statefulset-postgres-scrumlr.yaml
View file

@ -24,7 +24,7 @@ spec:
spec:
containers:
- name: postgres
image: postgres:17.4
image: postgres:18.1
resources:
requests:
memory: "256Mi"
@ -46,7 +46,7 @@ spec:
- containerPort: 5432
volumeMounts:
- name: postgres
mountPath: /var/lib/postgresql/data
mountPath: /var/lib/postgresql
subPath: postgres
volumes:
- name: postgres

2
module3/k8s/kustomize/scrumlr/backend/deployment-scrumlr-backend.yaml
View file

@ -22,7 +22,7 @@ spec:
spec:
containers:
- name: backend
image: ghcr.io/inovex/scrumlr.io/scrumlr-server:3.10.3
image: ghcr.io/inovex/scrumlr.io/scrumlr-server:4.4.0
args:
- "/app/main"
- "-disable-check-origin"

2
module3/k8s/kustomize/scrumlr/frontend/deployment-scrumlr-frontend.yaml
View file

@ -22,7 +22,7 @@ spec:
spec:
containers:
- name: frontend
image: ghcr.io/inovex/scrumlr.io/scrumlr-frontend:3.10.3
image: ghcr.io/inovex/scrumlr.io/scrumlr-frontend:4.4.0
resources:
requests:
cpu: "25m"

7
module3/k8s/kustomize/scrumlr/ingress-scrumlr.yaml
View file

@ -5,13 +5,8 @@ metadata:
labels:
app.kubernetes.io/name: "scrumlr"
app.kubernetes.io/part-of: "scrumlr"
annotations:
nginx.ingress.kubernetes.io/limit-connections: "100"
# Websocket optimization https://kubernetes.github.io/ingress-nginx/user-guide/miscellaneous/#websockets
nginx.ingress.kubernetes.io/proxy-send-timeout: "7200"
nginx.ingress.kubernetes.io/proxy-read-timeout: "7200"
spec:
ingressClassName: nginx
ingressClassName: traefik
rules:
- http:
paths:

34
module4/tf/.terraform.lock.hcl
View file

@ -2,24 +2,24 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.50.0"
constraints = "0.50.0"
version = "0.76.0"
constraints = "0.76.0"
hashes = [
"h1:uU8/DLvW8tEty0PI2sUMem43IDNSrncHuLaXaEYdGFk=",
"h1:p7/5SsEjwvGhQUFfS1zvefqxiOztixYzcc/Ch9TQ4Dg=",
"zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
"zh:219d678bc471b3f5030724dcdde6be3f3fa63e911b7c7a0f446b0a0b4e5f48e7",
"zh:4cd09155a09e320b0b68db4ba2971564f3d147c19ad991d6b7e731e26034d91c",
"zh:507c1e24432f0d455ac8b628c37ee20db62e89a6e85508568c2820ba52404786",
"zh:5aa10bfc4baad277a2bc746c83fca19911bb95a5e8821dd46f333bc621cbb453",
"zh:67b55ad1135ca12997b0928cb67973b11ea196299e0cf66e3e0145faec762644",
"zh:6d1d108edcd6794a8839d849e6ea48699875e22afeea7edd38bee3dd56dea7e8",
"zh:7473c28b3781c0d00294d985bd067e753a419ca8e379f91a8f6f2ce4663566ee",
"zh:8d234b24734f950f986322a5f084ca23bfd9b3d9fb7742b54404171cfcabc99e",
"zh:af0804ea918648600cc6300dffce8a7b9115d30dc88db10f962b8e596d1465e1",
"zh:b557940dc6387dc4cce8b100981ccaadac6bc4e6b50c566baf148d67939f8f2e",
"zh:d477f77ce6f807d60069c1efcfa20607088ae7ab91d22805331a7634d84c2d1c",
"zh:d95086e2338ceed511e798a2acc6d5cefdfff1a14f7b47b2d29b4ebc36b77a3a",
"zh:ea0d8d5c9cf7d5871a54dd4786c378dfd9d10416f3c4d0ea4776465e8c562e10",
"zh:f96af7b89dc99745f6a22c0ca2aedb18e10273251b8cbac9e2b1011c68c3c3f9",
"zh:19329e79735c80f028527dc10cb1e2ed4e41d3d401f053013b5b88fe95c9ca15",
"zh:1c2ca9686e5dc7a8896d50d3c17c6fdd3690a7f2a78120318f9dd7ae8650ad32",
"zh:36f7ba648784e1910e6cbff0070fa7ea5db5327d3f27b6a33664bfa5530319de",
"zh:634cba2439b3bed154db38db4c88b767361dd6052c263e86db9b99b5419d4176",
"zh:639cc643d24054cdeba68430e11a27d75c2d250066206c11364c875e176aa057",
"zh:69b6a554a13d355c9e470d82c234ca8519d36eaf4f4dab848ce92b5dede5764d",
"zh:6ca4c435e9bd9619bc9c6514f64a0d80cc016e960a566dbbc697deab643a52b5",
"zh:755add9446f8523e7429b9ffa8c68115f5d883abb2fe858b03c761bdeb0c6a96",
"zh:9303619c5eb9a94dca56b8ff4b4e9cc34b701f4eb5fe3d2b10784e3cd474564b",
"zh:99baa35d28c30d0e62727c8567903b929070bd4dacb94b4f5c2abc14143bbf23",
"zh:a58b6a5081db418be32a86b68f53dfe3ab9300313eb3790dd4c06a6e8430f005",
"zh:a9fd9c7b59c048a9bd239c167dc8069a722d9900498e63d4b6042d5276697cf2",
"zh:e51d544e9f0dd533fca9d5072897df0e569cf3859a2ccf78b31fe955279f1b9a",
"zh:f5cc53057cef61c381c77f557fd256539180fcd7b02bd8148e2cd95f0b091278",
]
}

2
module4/tf/main.tf
View file

@ -2,7 +2,7 @@ terraform {
required_providers {
stackit = {
source = "stackitcloud/stackit"
version = "0.50.0"
version = "0.76.0"
}
}
backend "s3" {

2
module4/tf/postgres.tf
View file

@ -2,7 +2,7 @@ resource "stackit_postgresflex_instance" "scrumlr" {
project_id = var.project_id
name = "scrumlr"
acl = stackit_ske_cluster.scrumlr.egress_address_ranges
backup_schedule = "00 00 * * *"
backup_schedule = "0 0 * * *"
flavor = {
cpu = 2
ram = 4

2
module4/tf/ske.tf
View file

@ -1,7 +1,7 @@
resource "stackit_ske_cluster" "scrumlr" {
project_id = var.project_id
name = "scrumlr"
kubernetes_version_min = "1.31.7"
kubernetes_version_min = "1.34.2"
node_pools = [
{
name = "scrumlrpool"

2
module5/k8s/helm/cert-manager/README.md
View file

@ -10,7 +10,7 @@ helm upgrade \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.17.2 \
--version v1.19.2 \
--values values.yaml
```

2
module5/k8s/helm/cert-manager/clusterissuer-letsencrypt-production.yaml
View file

@ -10,4 +10,4 @@ spec:
solvers:
- http01:
ingress:
ingressClassName: nginx
ingressClassName: traefik

15
module5/k8s/helm/ingress-nginx/README.md
View file

@ -1,15 +0,0 @@
# ingress-nginx
Docs: https://kubernetes.github.io/ingress-nginx/
Github Repo: https://github.com/kubernetes/ingress-nginx
```sh
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx --force-update
helm upgrade \
ingress-nginx ingress-nginx/ingress-nginx \
--install \
--namespace ingress-nginx \
--create-namespace \
--version 4.12.1 \
--values values.yaml
```

1
module5/k8s/helm/ingress-nginx/values.yaml
View file

@ -1 +0,0 @@
# Note: This file is intentionally empty and is more of a placeholder to ensure consistency.

2
module5/k8s/helm/nats/README.md
View file

@ -10,6 +10,6 @@ helm upgrade \
nats nats/nats \
--namespace nats \
--create-namespace \
--version 1.3.3 \
--version 2.12.3 \
--values values.yaml
```

15
module5/k8s/helm/traefik/README.md Normal file
View file

@ -0,0 +1,15 @@
# traefik
Docs: https://doc.traefik.io/traefik/setup/kubernetes/
Github Repo: https://github.com/traefik/traefik/
```sh
helm repo add traefik https://traefik.github.io/charts/ --force-update
helm upgrade \
traefik traefik/traefik \
--install \
--namespace traefik \
--create-namespace \
--version 38.0.2 \
--values values.yaml
```

17
module5/k8s/helm/traefik/values.yaml Normal file
View file

@ -0,0 +1,17 @@
# HA deployment
deployment:
replicas: 3
# Enable logs for better debugging
logs:
access:
enabled: true
# Spread pods better between nodes
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ template "traefik.name" . }}'

2
module5/k8s/kustomize/scrumlr/backend/deployment-scrumlr-backend.yaml
View file

@ -31,7 +31,7 @@ spec:
app.kubernetes.io/part-of: "scrumlr"
containers:
- name: backend
image: ghcr.io/inovex/scrumlr.io/scrumlr-server:3.10.3
image: ghcr.io/inovex/scrumlr.io/scrumlr-server:4.4.0
args:
- "/app/main"
- "-disable-check-origin"

2
module5/k8s/kustomize/scrumlr/frontend/deployment-scrumlr-frontend.yaml
View file

@ -31,7 +31,7 @@ spec:
app.kubernetes.io/part-of: "scrumlr"
containers:
- name: frontend
image: ghcr.io/inovex/scrumlr.io/scrumlr-frontend:3.10.3
image: ghcr.io/inovex/scrumlr.io/scrumlr-frontend:4.4.0
resources:
requests:
cpu: "25m"

6
module5/k8s/kustomize/scrumlr/ingress-scrumlr.yaml.example
View file

@ -6,13 +6,9 @@ metadata:
app.kubernetes.io/name: "scrumlr"
app.kubernetes.io/part-of: "scrumlr"
annotations:
nginx.ingress.kubernetes.io/limit-connections: "100"
# Websocket optimization https://kubernetes.github.io/ingress-nginx/user-guide/miscellaneous/#websockets
nginx.ingress.kubernetes.io/proxy-send-timeout: "7200"
nginx.ingress.kubernetes.io/proxy-read-timeout: "7200"
cert-manager.io/cluster-issuer: "letsencrypt-production"
spec:
ingressClassName: nginx
ingressClassName: traefik
tls:
- hosts:
- CHANGE-ME.domain.tld

2
module6/k8s/helm/alloy/README.md
View file

@ -11,6 +11,6 @@ helm upgrade \
alloy grafana/alloy \
--namespace o11y \
--create-namespace \
--version 1.0.2 \
--version 1.5.2 \
--values values.yaml
```

2
module6/k8s/helm/cert-manager/README.md
View file

@ -10,7 +10,7 @@ helm upgrade \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.17.2 \
--version v1.19.2 \
--values values.yaml
```

2
module6/k8s/helm/cert-manager/clusterissuer-letsencrypt-production.yaml
View file

@ -10,4 +10,4 @@ spec:
solvers:
- http01:
ingress:
ingressClassName: nginx
ingressClassName: traefik

15
module6/k8s/helm/ingress-nginx/README.md
View file

@ -1,15 +0,0 @@
# ingress-nginx
Docs: https://kubernetes.github.io/ingress-nginx/
Github Repo: https://github.com/kubernetes/ingress-nginx
```sh
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx --force-update
helm upgrade \
ingress-nginx ingress-nginx/ingress-nginx \
--install \
--namespace ingress-nginx \
--create-namespace \
--version 4.12.1 \
--values values.yaml
```

5
module6/k8s/helm/ingress-nginx/values.yaml
View file

@ -1,5 +0,0 @@
controller:
metrics:
enabled: true
serviceMonitor:
enabled: true

2
module6/k8s/helm/nats/README.md
View file

@ -10,6 +10,6 @@ helm upgrade \
nats nats/nats \
--namespace nats \
--create-namespace \
--version 1.3.3 \
--version 2.12.3 \
--values values.yaml
```

2
module6/k8s/helm/prometheus-operator-crds/README.md
View file

@ -10,6 +10,6 @@ helm upgrade \
prometheus-operator-crds prometheus-community/prometheus-operator-crds \
--namespace o11y \
--create-namespace \
--version 19.1.0 \
--version 26.0.0 \
--values values.yaml
```

15
module6/k8s/helm/traefik/README.md Normal file
View file

@ -0,0 +1,15 @@
# traefik
Docs: https://doc.traefik.io/traefik/setup/kubernetes/
Github Repo: https://github.com/traefik/traefik/
```sh
helm repo add traefik https://traefik.github.io/charts/ --force-update
helm upgrade \
traefik traefik/traefik \
--install \
--namespace traefik \
--create-namespace \
--version 38.0.2 \
--values values.yaml
```

25
module6/k8s/helm/traefik/values.yaml Normal file
View file

@ -0,0 +1,25 @@
# HA deployment
deployment:
replicas: 3
# Enable logs for better debugging
logs:
access:
enabled: true
# Spread pods better between nodes
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ template "traefik.name" . }}'
# Enable metrics export and collection (serviceMonitor requires prometheus-operator-crds and alloy)
metrics:
prometheus:
service:
enabled: true
serviceMonitor:
enabled: true

2
module6/k8s/kustomize/scrumlr/backend/deployment-scrumlr-backend.yaml
View file

@ -31,7 +31,7 @@ spec:
app.kubernetes.io/part-of: "scrumlr"
containers:
- name: backend
image: ghcr.io/inovex/scrumlr.io/scrumlr-server:3.10.3
image: ghcr.io/inovex/scrumlr.io/scrumlr-server:4.4.0
args:
- "/app/main"
- "-disable-check-origin"

2
module6/k8s/kustomize/scrumlr/frontend/deployment-scrumlr-frontend.yaml
View file

@ -31,7 +31,7 @@ spec:
app.kubernetes.io/part-of: "scrumlr"
containers:
- name: frontend
image: ghcr.io/inovex/scrumlr.io/scrumlr-frontend:3.10.3
image: ghcr.io/inovex/scrumlr.io/scrumlr-frontend:4.4.0
resources:
requests:
cpu: "25m"

6
module6/k8s/kustomize/scrumlr/ingress-scrumlr.yaml.example
View file

@ -6,13 +6,9 @@ metadata:
app.kubernetes.io/name: "scrumlr"
app.kubernetes.io/part-of: "scrumlr"
annotations:
nginx.ingress.kubernetes.io/limit-connections: "100"
# Websocket optimization https://kubernetes.github.io/ingress-nginx/user-guide/miscellaneous/#websockets
nginx.ingress.kubernetes.io/proxy-send-timeout: "7200"
nginx.ingress.kubernetes.io/proxy-read-timeout: "7200"
cert-manager.io/cluster-issuer: "letsencrypt-production"
spec:
ingressClassName: nginx
ingressClassName: traefik
tls:
- hosts:
- CHANGE-ME.domain.tld

34
module6/tf/.terraform.lock.hcl
View file

@ -2,24 +2,24 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.50.0"
constraints = "0.50.0"
version = "0.76.0"
constraints = "0.76.0"
hashes = [
"h1:uU8/DLvW8tEty0PI2sUMem43IDNSrncHuLaXaEYdGFk=",
"h1:p7/5SsEjwvGhQUFfS1zvefqxiOztixYzcc/Ch9TQ4Dg=",
"zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
"zh:219d678bc471b3f5030724dcdde6be3f3fa63e911b7c7a0f446b0a0b4e5f48e7",
"zh:4cd09155a09e320b0b68db4ba2971564f3d147c19ad991d6b7e731e26034d91c",
"zh:507c1e24432f0d455ac8b628c37ee20db62e89a6e85508568c2820ba52404786",
"zh:5aa10bfc4baad277a2bc746c83fca19911bb95a5e8821dd46f333bc621cbb453",
"zh:67b55ad1135ca12997b0928cb67973b11ea196299e0cf66e3e0145faec762644",
"zh:6d1d108edcd6794a8839d849e6ea48699875e22afeea7edd38bee3dd56dea7e8",
"zh:7473c28b3781c0d00294d985bd067e753a419ca8e379f91a8f6f2ce4663566ee",
"zh:8d234b24734f950f986322a5f084ca23bfd9b3d9fb7742b54404171cfcabc99e",
"zh:af0804ea918648600cc6300dffce8a7b9115d30dc88db10f962b8e596d1465e1",
"zh:b557940dc6387dc4cce8b100981ccaadac6bc4e6b50c566baf148d67939f8f2e",
"zh:d477f77ce6f807d60069c1efcfa20607088ae7ab91d22805331a7634d84c2d1c",
"zh:d95086e2338ceed511e798a2acc6d5cefdfff1a14f7b47b2d29b4ebc36b77a3a",
"zh:ea0d8d5c9cf7d5871a54dd4786c378dfd9d10416f3c4d0ea4776465e8c562e10",
"zh:f96af7b89dc99745f6a22c0ca2aedb18e10273251b8cbac9e2b1011c68c3c3f9",
"zh:19329e79735c80f028527dc10cb1e2ed4e41d3d401f053013b5b88fe95c9ca15",
"zh:1c2ca9686e5dc7a8896d50d3c17c6fdd3690a7f2a78120318f9dd7ae8650ad32",
"zh:36f7ba648784e1910e6cbff0070fa7ea5db5327d3f27b6a33664bfa5530319de",
"zh:634cba2439b3bed154db38db4c88b767361dd6052c263e86db9b99b5419d4176",
"zh:639cc643d24054cdeba68430e11a27d75c2d250066206c11364c875e176aa057",
"zh:69b6a554a13d355c9e470d82c234ca8519d36eaf4f4dab848ce92b5dede5764d",
"zh:6ca4c435e9bd9619bc9c6514f64a0d80cc016e960a566dbbc697deab643a52b5",
"zh:755add9446f8523e7429b9ffa8c68115f5d883abb2fe858b03c761bdeb0c6a96",
"zh:9303619c5eb9a94dca56b8ff4b4e9cc34b701f4eb5fe3d2b10784e3cd474564b",
"zh:99baa35d28c30d0e62727c8567903b929070bd4dacb94b4f5c2abc14143bbf23",
"zh:a58b6a5081db418be32a86b68f53dfe3ab9300313eb3790dd4c06a6e8430f005",
"zh:a9fd9c7b59c048a9bd239c167dc8069a722d9900498e63d4b6042d5276697cf2",
"zh:e51d544e9f0dd533fca9d5072897df0e569cf3859a2ccf78b31fe955279f1b9a",
"zh:f5cc53057cef61c381c77f557fd256539180fcd7b02bd8148e2cd95f0b091278",
]
}

2
module6/tf/main.tf
View file

@ -2,7 +2,7 @@ terraform {
required_providers {
stackit = {
source = "stackitcloud/stackit"
version = "0.50.0"
version = "0.76.0"
}
}
backend "s3" {

2
module6/tf/postgres.tf
View file

@ -2,7 +2,7 @@ resource "stackit_postgresflex_instance" "scrumlr" {
project_id = var.project_id
name = "scrumlr"
acl = stackit_ske_cluster.scrumlr.egress_address_ranges
backup_schedule = "00 00 * * *"
backup_schedule = "0 0 * * *"
flavor = {
cpu = 2
ram = 4

6
module6/tf/ske.tf
View file

@ -1,7 +1,7 @@
resource "stackit_ske_cluster" "scrumlr" {
project_id = var.project_id
name = "scrumlr"
kubernetes_version_min = "1.31.7"
kubernetes_version_min = "1.34.2"
node_pools = [
{
name = "scrumlrpool"
@ -24,8 +24,8 @@ resource "stackit_ske_cluster" "scrumlr" {
enabled = true
zones = [stackit_dns_zone.scrumlr.dns_name]
}
argus = {
argus_instance_id = stackit_observability_instance.scrumlr.instance_id
observability = {
instance_id = stackit_observability_instance.scrumlr.instance_id
enabled = true
}
}