From 8942355bea14b93e1cbdb2ab0a9b687a1e43ebc5 Mon Sep 17 00:00:00 2001 From: WilliamMiceli <9000802+WilliamMiceli@users.noreply.github.com> Date: Tue, 10 Jul 2018 19:33:30 -0400 Subject: [PATCH] Very basic beginnings --- templates/Traefik/0/docker-compose.yml | 137 +---------- templates/Traefik/0/rancher-compose.yml | 307 +----------------------- templates/Traefik/config.yml | 2 +- 3 files changed, 12 insertions(+), 434 deletions(-) diff --git a/templates/Traefik/0/docker-compose.yml b/templates/Traefik/0/docker-compose.yml index 8432c8c..88376dd 100644 --- a/templates/Traefik/0/docker-compose.yml +++ b/templates/Traefik/0/docker-compose.yml @@ -1,133 +1,14 @@ version: '2' services: + traefik: + image: traefik:latest + restart: always ports: - - ${admin_port}:${admin_port}/tcp - - ${http_port}:${http_port}/tcp - {{- if ne .Values.https_enable "false"}} - - ${https_port}:${https_port}/tcp - {{- end}} - labels: - io.rancher.scheduler.global: 'true' - io.rancher.scheduler.affinity:host_label: ${host_label} - io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} - {{- if eq .Values.rancher_integration "api"}} - io.rancher.container.agent.role: environment - io.rancher.container.create_agent: 'true' - {{- end}} - {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} - io.rancher.sidekicks: - {{- if eq .Values.rancher_integration "external"}} traefik-conf - {{- if eq .Values.acme_enable "true" -}},{{- end -}} - {{- end -}} - {{- if eq .Values.acme_enable "true" -}} - {{- if ne .Values.rancher_integration "external"}} traefik-acme - {{- else -}}traefik-acme - {{- end -}} - {{- end -}} - {{- end}} - io.rancher.container.hostname_override: container_name - image: rawmind/alpine-traefik:1.6.4-0 - environment: - - TRAEFIK_HTTP_PORT=${http_port} - - TRAEFIK_HTTP_COMPRESSION=${compress_enable} - - TRAEFIK_HTTPS_PORT=${https_port} - - TRAEFIK_HTTPS_ENABLE=${https_enable} - - TRAEFIK_HTTPS_COMPRESSION=${compress_enable} - - TRAEFIK_USAGE_ENABLE=${usage_enable} - - TRAEFIK_TIMEOUT_READ=${timeout_read} - - TRAEFIK_TIMEOUT_WRITE=${timeout_write} - - TRAEFIK_TIMEOUT_IDLE=${timeout_idle} - - TRAEFIK_TIMEOUT_DIAL=${timeout_dial} - - TRAEFIK_TIMEOUT_HEADER=${timeout_header} - {{- if ne .Values.https_min_tls ""}} - - TRAEFIK_HTTPS_MIN_TLS=${https_min_tls} - {{- end}} - {{- if ne .Values.trusted_ips ""}} - - TRAEFIK_TRUSTEDIPS=${trusted_ips} - {{- end}} - {{- if ne .Values.ssl_key ""}} - - TRAEFIK_SSL_KEY=${ssl_key} - {{- end}} - {{- if ne .Values.ssl_crt ""}} - - TRAEFIK_SSL_CRT=${ssl_crt} - {{- end}} - - TRAEFIK_INSECURE_SKIP=${insecure_skip} - - TRAEFIK_ADMIN_ENABLE=true - - TRAEFIK_ADMIN_PORT=${admin_port} - - TRAEFIK_ADMIN_SSL=${admin_ssl} - - TRAEFIK_ADMIN_STATISTICS=${admin_statistics} - - TRAEFIK_ADMIN_AUTH_METHOD=${admin_auth_method} - - TRAEFIK_ADMIN_AUTH_USERS=${admin_users} - {{- if eq .Values.acme_enable "true"}} - - TRAEFIK_ACME_ENABLE=${acme_enable} - - TRAEFIK_ACME_EMAIL=${acme_email} - - TRAEFIK_ACME_CHALLENGE=${acme_challenge} - - TRAEFIK_ACME_CHALLENGE_HTTP_ENTRYPOINT=http - - TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule} - - TRAEFIK_ACME_CASERVER=${acme_caserver} - {{- end}} - {{- if ne .Values.rancher_integration "external"}} - - TRAEFIK_RANCHER_ENABLE=true - - TRAEFIK_FILE_ENABLE=false - - TRAEFIK_CONSTRAINTS=${constraints} - - TRAEFIK_RANCHER_HEALTHCHECK=${rancher_healthcheck} - - TRAEFIK_RANCHER_MODE=${rancher_integration} - {{- else}} - - TRAEFIK_FILE_ENABLE=true - {{- end}} - {{- if eq .Values.metrics_enable "true"}} - - TRAEFIK_METRICS_ENABLE=${metrics_enable} - - TRAEFIK_METRICS_EXPORTER=${metrics_exporter} - - TRAEFIK_METRICS_PUSH=${metrics_push} - - TRAEFIK_METRICS_ADDRESS=${metrics_address} - - TRAEFIK_METRICS_PROMETHEUS_BUCKETS=${metrics_prometheus_buckets} - {{- end}} - {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} - volumes_from: - {{- if eq .Values.rancher_integration "external"}} - - traefik-conf - {{- end}} - {{- if eq .Values.acme_enable "true"}} - - traefik-acme - {{- end}} - {{- end}} - {{- if eq .Values.rancher_integration "external"}} - traefik-conf: - labels: - io.rancher.scheduler.global: 'true' - io.rancher.scheduler.affinity:host_label: ${host_label} - io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} - io.rancher.container.start_once: 'true' - image: rawmind/rancher-traefik:1.5.0-0 - network_mode: none + - 80:80 + - 443:443 volumes: - - tools-volume:/opt/tools - {{- end}} - {{- if eq .Values.acme_enable "true"}} - traefik-acme: - network_mode: none - labels: - io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} - io.rancher.container.hostname_override: container_name - io.rancher.container.start_once: true - environment: - - SERVICE_UID=10001 - - SERVICE_GID=10001 - - SERVICE_VOLUME=/opt/traefik/acme - volumes: - - ${acme_vol_name}:/opt/traefik/acme - image: rawmind/alpine-volume:0.0.2-1 - {{- end}} -{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} -volumes: - {{- if eq .Values.rancher_integration "external"}} - tools-volume: - driver: local - per_container: true - {{- end}} - {{- if eq .Values.acme_enable "true"}} - ${acme_vol_name}: - driver: ${acme_vol_driver} - {{- end}} -{{- end}} \ No newline at end of file + - /var/run/docker.sock:/var/run/docker.sock + - /RancherStorage/Traefik/traefik.toml:/traefik.toml + - /RancherStorage/Traefik/acme.json:/acme.json + # container_name: traefik \ No newline at end of file diff --git a/templates/Traefik/0/rancher-compose.yml b/templates/Traefik/0/rancher-compose.yml index ee897c9..34dc7d0 100644 --- a/templates/Traefik/0/rancher-compose.yml +++ b/templates/Traefik/0/rancher-compose.yml @@ -6,308 +6,5 @@ catalog: # minimum_rancher_version: # maximum_rancher_version: # upgrade_from: - uuid: traefik-0 - questions: - - - variable: "rancher_integration" - label: "Choose rancher integration:" - description: | - Enable rancher integration mode. Traefik built in integration, metadata or api, or external sidekick integration with confd. - default: metadata - required: true - type: enum - options: - - metadata - - api - - external - - - variable: "rancher_healthcheck" - description: | - Enable/disable rancher services healtcheck filter. If enable, just healthy services will be published. - Only valid for api and metadata integration. - label: "Rancher healthcheck filter:" - required: true - default: false - type: "boolean" - - - variable: "usage_enable" - description: | - Enable/disable send anonymous usage collection to Traefik. See https://docs.traefik.io/basics/#collected-data - label: "Traefik send anonymous usage:" - required: true - default: false - type: "boolean" - - - variable: "constraints" - description: | - Traefik constraints for rancher provider. Eg: "tag==api" - Only valid for api and metadata integration. - label: "Traefik constraints:" - required: false - default: "" - type: "string" - - - variable: "host_label" - description: "Host label where to run traefik service." - label: "Host label:" - required: true - default: "traefik_lb=true" - type: "string" - - - variable: "http_port" - description: "Traefik http public port to listen." - label: "Http port:" - required: true - default: 8080 - type: "int" - - - variable: "https_port" - description: "Traefik https public port to listen." - label: "Https port:" - required: true - default: 8443 - type: "int" - - - variable: "admin_port" - description: "Traefik admin public port to listen for api, rest, ping and webui." - label: "Admin port:" - required: true - default: 8000 - type: "int" - - - variable: "admin_ssl" - description: "Enable ssl for api, rest, ping and webui." - label: "Admin ssl:" - required: true - default: false - type: "boolean" - - - variable: "https_enable" - label: "Https enable:" - description: | - Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work. - default: false - required: true - type: enum - options: - - false - - true - - only - - - variable: "https_min_tls" - description: | - Minimal allowed tls version to accept connections from. - See the traefik documentation for allowed values. Default is `VersionTLS12`. - label: "Https min tls:" - required: false - default: "" - type: "string" - - - variable: "trusted_ips" - description: | - Enable proxyProtocol and forwardHeaders just for trusted IPs. Eg: `172.0.0.0/16,192.168.0.1` - See the traefik documentation for more info. Default is ``. - label: "Trusted IPs:" - required: false - default: "" - type: "string" - - - variable: "acme_enable" - description: "Enable acme support on traefik." - label: "ACME enable:" - required: true - default: false - type: "boolean" - - - variable: "acme_email" - description: "ACME user email." - label: "ACME email:" - required: true - default: "test@traefik.io" - type: "string" - - - variable: "acme_challenge" - description: "ACME challenge." - label: "ACME challenge:" - required: true - default: http - type: enum - options: # List of options if using type of `enum` - - http - - - variable: "acme_onhostrule" - description: "Enable acme onHostRule." - label: "ACME onHostRule:" - required: true - default: true - type: "boolean" - - - variable: "acme_caserver" - description: "ACME caServer to use." - label: "ACME caServer:" - required: true - default: "https://acme-v01.api.letsencrypt.org/directory" - type: "string" - - - variable: "acme_vol_name" - description: "The volume name shared to store ACME certs" - label: "ACME Volume Name" - required: true - default: "traefik_acme_vol" - type: "string" - - - variable: "acme_vol_driver" - description: "The volume driver shared to store ACME certs" - label: "ACME Volume Driver" - required: true - default: "local" - type: enum - options: # List of options if using type of `enum` - - local - - rancher-nfs - - rancher-efs - - rancher-ebs - - - variable: "ssl_key" - description: "SSL key to secure the service. *Required if you enable https or admin ssl" - label: "Https key" - type: "multiline" - required: false - default: "" - - - variable: "ssl_crt" - description: "SSL cert to secure the service. *Required if you enable https or admin ssl" - label: "Https crt" - type: "multiline" - required: false - default: "" - - - variable: "insecure_skip" - description: "Enable InsecureSkipVerify param." - label: "InsecureSkipVerify:" - required: true - default: false - type: "boolean" - - - variable: "compress_enable" - label: "Enable compression:" - description: | - Enable Traefik compression for entrypoints. - default: true - required: true - type: "boolean" - - - variable: "timeout_read" - label: "Timeout read:" - description: | - Traefik respondingTimeouts readTimeout (s). - default: 0 - required: true - type: "int" - - - variable: "timeout_write" - label: "Timeout write:" - description: | - Traefik respondingTimeouts writeTimeout (s). - default: 0 - required: true - type: "int" - - - variable: "timeout_idle" - label: "Timeout idle:" - description: | - Traefik respondingTimeouts idleTimeout (s). - default: 180 - required: true - type: "int" - - - variable: "timeout_dial" - label: "Timeout dial:" - description: | - Traefik forwardingTimeouts dialTimeout (s). - default: 30 - required: true - type: "int" - - - variable: "timeout_header" - label: "Timeout header:" - description: | - Traefik forwardingTimeouts responseHeaderTimeout (s). - default: 0 - required: true - type: "int" - - - variable: "admin_statistics" - description: "Enable more detailed statistics." - label: "Admin statistics history:" - required: true - default: 10 - type: "int" - - - variable: "admin_auth_method" - description: "Admin auth method on api, rest and webui." - label: "Admin auth method:" - required: true - default: "basic" - type: enum - options: # List of options if using type of `enum` - - basic - - digest - - - variable: "admin_users" - description: "Admin auth user list on api, rest and webui. Generate with htpassword for basic or htdigest with traefik realm for digest." - label: "Admin users:" - type: "multiline" - required: false - default: "" - - - variable: "metrics_enable" - description: "Enable traefik metrics." - label: "Metrics enable" - default: false - required: true - type: "boolean" - - - variable: "metrics_exporter" - description: "Traefik metrics exporter." - label: "Metrics exporter:" - required: false - default: - type: enum - options: # List of options if using type of `enum` - - prometheus - - datadog - - statsd - - influxdb - - - variable: "metrics_push" - description: "Traefik metrics exporter push interval. Apply on datadog, statsd and influxdb." - label: "Metrics push interval (s):" - required: false - default: 10 - type: "int" - - - variable: "metrics_address" - description: "Traefik metrics exporter address to push. Apply on datadog, statsd and influxdb." - label: "Metrics address:" - required: false - default: "" - type: "string" - - - variable: "metrics_prometheus_buckets" - description: "Traefik metrics buckets for prometheus." - label: "Metrics prometheus buckets" - default: "[0.1,0.3,1.2,5.0]" - required: false - type: "string" - -services: - traefik: - retain_ip: true - health_check: - healthy_threshold: 2 - response_timeout: 5000 - port: ${admin_port} - unhealthy_threshold: 3 - interval: 5000 - strategy: recreate \ No newline at end of file + # uuid: traefik-0 + # questions: \ No newline at end of file diff --git a/templates/Traefik/config.yml b/templates/Traefik/config.yml index ebe232e..e94a991 100644 --- a/templates/Traefik/config.yml +++ b/templates/Traefik/config.yml @@ -2,7 +2,7 @@ name: Traefik description: | Status: NOT READY # version: v1.6.4-rancher1 -category: Load Balancing +category: Networking maintainer: WilliamMiceli # license: # projectURL: https://github.com/rawmind0/alpine-traefik \ No newline at end of file