From 566c603738936d746da9bccf1b24845422a9c4c3 Mon Sep 17 00:00:00 2001 From: Tanguy Herbron Date: Sun, 15 May 2022 19:28:59 +0200 Subject: [PATCH] Cleanup unused files --- helm-traefik/additional-ep.yaml | 25 - helm-traefik/dashboard.yaml | 14 - tcp/all.yaml | 49 -- traefik-lb/crd/kubernetes-crd-rbac.yml | 63 -- .../traefik.containo.us_ingressroutes.yaml | 198 ------ .../traefik.containo.us_ingressroutetcps.yaml | 162 ----- .../traefik.containo.us_ingressrouteudps.yaml | 84 --- .../crd/traefik.containo.us_middlewares.yaml | 596 ------------------ ...traefik.containo.us_serverstransports.yaml | 122 ---- .../crd/traefik.containo.us_tlsoptions.yaml | 92 --- .../crd/traefik.containo.us_tlsstores.yaml | 64 -- .../traefik.containo.us_traefikservices.yaml | 270 -------- traefik-lb/deployment.yaml | 4 +- traefik-lb/service.yaml | 15 +- traefik-lb/whoami/deployment.yaml | 37 -- traefik-lb/whoami/service.yaml | 32 - 16 files changed, 4 insertions(+), 1823 deletions(-) delete mode 100644 helm-traefik/additional-ep.yaml delete mode 100644 helm-traefik/dashboard.yaml delete mode 100644 tcp/all.yaml delete mode 100644 traefik-lb/crd/kubernetes-crd-rbac.yml delete mode 100644 traefik-lb/crd/traefik.containo.us_ingressroutes.yaml delete mode 100644 traefik-lb/crd/traefik.containo.us_ingressroutetcps.yaml delete mode 100644 traefik-lb/crd/traefik.containo.us_ingressrouteudps.yaml delete mode 100644 traefik-lb/crd/traefik.containo.us_middlewares.yaml delete mode 100644 traefik-lb/crd/traefik.containo.us_serverstransports.yaml delete mode 100644 traefik-lb/crd/traefik.containo.us_tlsoptions.yaml delete mode 100644 traefik-lb/crd/traefik.containo.us_tlsstores.yaml delete mode 100644 traefik-lb/crd/traefik.containo.us_traefikservices.yaml delete mode 100644 traefik-lb/whoami/deployment.yaml delete mode 100644 traefik-lb/whoami/service.yaml diff --git a/helm-traefik/additional-ep.yaml b/helm-traefik/additional-ep.yaml deleted file mode 100644 index 5e3c9fc..0000000 --- a/helm-traefik/additional-ep.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -additionalArguments: - - --entrypoints.minecraftudp.address=:25565/udp - - --entrypoints.whoamitcp.address=:8080/tcp - -api: - dashboard: true - insecure: true - -ports: - minecrafttcp: - port: 25565 - expose: true - exposedPort: 25565 - protocol: TCP - minecraftudp: - port: 25565 - expose: true - exposedPort: 25565 - protocol: UDP - whoamitcp: - port: 8080 - expose: true - exposedPort: 8080 - protocol: TCP diff --git a/helm-traefik/dashboard.yaml b/helm-traefik/dashboard.yaml deleted file mode 100644 index 6afb348..0000000 --- a/helm-traefik/dashboard.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# dashboard.yaml -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: dashboard -spec: - entryPoints: - - web - routes: - - match: Host(`traefik.localhost`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`)) - kind: Rule - services: - - name: api@internal - kind: TraefikService diff --git a/tcp/all.yaml b/tcp/all.yaml deleted file mode 100644 index 167d686..0000000 --- a/tcp/all.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRouteTCP -metadata: - name: whoamitcp -spec: - entryPoints: - - whoamitcp - - routes: - - match: HostSNI(`*`) - services: - - name: whoamitcp - port: 8080 - ---- -apiVersion: v1 -kind: Service -metadata: - name: whoamitcp -spec: - type: ClusterIP - ports: - - protocol: TCP - port: 8080 - selector: - app: whoamitcp - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: whoamitcp -spec: - replicas: 3 - selector: - matchLabels: - app: whoamitcp - template: - metadata: - labels: - app: whoamitcp - spec: - containers: - - name: whoamitcp - image: traefik/whoamitcp:latest - imagePullPolicy: IfNotPresent - ports: - - protocol: TCP - containerPort: 8080 diff --git a/traefik-lb/crd/kubernetes-crd-rbac.yml b/traefik-lb/crd/kubernetes-crd-rbac.yml deleted file mode 100644 index 4a5b80e..0000000 --- a/traefik-lb/crd/kubernetes-crd-rbac.yml +++ /dev/null @@ -1,63 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: traefik-ingress-controller - -rules: - - apiGroups: - - "" - resources: - - services - - endpoints - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - extensions - - networking.k8s.io - resources: - - ingresses - - ingressclasses - verbs: - - get - - list - - watch - - apiGroups: - - extensions - resources: - - ingresses/status - verbs: - - update - - apiGroups: - - traefik.containo.us - resources: - - middlewares - - middlewaretcps - - ingressroutes - - traefikservices - - ingressroutetcps - - ingressrouteudps - - tlsoptions - - tlsstores - - serverstransports - verbs: - - get - - list - - watch - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: traefik-ingress-controller - -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: traefik-ingress-controller -subjects: - - kind: ServiceAccount - name: traefik-ingress-controller - namespace: default diff --git a/traefik-lb/crd/traefik.containo.us_ingressroutes.yaml b/traefik-lb/crd/traefik.containo.us_ingressroutes.yaml deleted file mode 100644 index 1f55459..0000000 --- a/traefik-lb/crd/traefik.containo.us_ingressroutes.yaml +++ /dev/null @@ -1,198 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: ingressroutes.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: IngressRoute - listKind: IngressRouteList - plural: ingressroutes - singular: ingressroute - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: IngressRoute is an Ingress CRD specification. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IngressRouteSpec is a specification for a IngressRouteSpec - resource. - properties: - entryPoints: - items: - type: string - type: array - routes: - items: - description: Route contains the set of routes. - properties: - kind: - enum: - - Rule - type: string - match: - type: string - middlewares: - items: - description: MiddlewareRef is a ref to the Middleware resources. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - priority: - type: integer - services: - items: - description: Service defines an upstream to proxy traffic. - properties: - kind: - enum: - - Service - - TraefikService - type: string - name: - description: Name is a reference to a Kubernetes Service - object (for a load-balancer of servers), or to a TraefikService - object (service load-balancer, mirroring, etc). The - differentiation between the two is specified in the - Kind field. - type: string - namespace: - type: string - passHostHeader: - type: boolean - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding holds configuration for - the forward of the response. - properties: - flushInterval: - type: string - type: object - scheme: - type: string - serversTransport: - type: string - sticky: - description: Sticky holds the sticky configuration. - properties: - cookie: - description: Cookie holds the sticky configuration - based on cookie. - properties: - httpOnly: - type: boolean - name: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - strategy: - type: string - weight: - description: Weight should only be specified when Name - references a TraefikService object (and to be precise, - one that embeds a Weighted Round Robin). - type: integer - required: - - name - type: object - type: array - required: - - kind - - match - type: object - type: array - tls: - description: "TLS contains the TLS certificates configuration of the - routes. To enable Let's Encrypt, use an empty TLS struct, e.g. in - YAML: \n \t tls: {} # inline format \n \t tls: \t secretName: - # block format" - properties: - certResolver: - type: string - domains: - items: - description: Domain holds a domain name with SANs. - properties: - main: - type: string - sans: - items: - type: string - type: array - type: object - type: array - options: - description: Options is a reference to a TLSOption, that specifies - the parameters of the TLS connection. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - secretName: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - type: string - store: - description: Store is a reference to a TLSStore, that specifies - the parameters of the TLS store. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: object - required: - - routes - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/crd/traefik.containo.us_ingressroutetcps.yaml b/traefik-lb/crd/traefik.containo.us_ingressroutetcps.yaml deleted file mode 100644 index e20d612..0000000 --- a/traefik-lb/crd/traefik.containo.us_ingressroutetcps.yaml +++ /dev/null @@ -1,162 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: ingressroutetcps.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: IngressRouteTCP - listKind: IngressRouteTCPList - plural: ingressroutetcps - singular: ingressroutetcp - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: IngressRouteTCP is an Ingress CRD specification. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IngressRouteTCPSpec is a specification for a IngressRouteTCPSpec - resource. - properties: - entryPoints: - items: - type: string - type: array - routes: - items: - description: RouteTCP contains the set of routes. - properties: - match: - type: string - middlewares: - description: Middlewares contains references to MiddlewareTCP - resources. - items: - description: ObjectReference is a generic reference to a Traefik - resource. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - priority: - type: integer - services: - items: - description: ServiceTCP defines an upstream to proxy traffic. - properties: - name: - type: string - namespace: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - proxyProtocol: - description: ProxyProtocol holds the ProxyProtocol configuration. - properties: - version: - type: integer - type: object - terminationDelay: - type: integer - weight: - type: integer - required: - - name - - port - type: object - type: array - required: - - match - type: object - type: array - tls: - description: "TLSTCP contains the TLS certificates configuration of - the routes. To enable Let's Encrypt, use an empty TLS struct, e.g. - in YAML: \n \t tls: {} # inline format \n \t tls: \t secretName: - # block format" - properties: - certResolver: - type: string - domains: - items: - description: Domain holds a domain name with SANs. - properties: - main: - type: string - sans: - items: - type: string - type: array - type: object - type: array - options: - description: Options is a reference to a TLSOption, that specifies - the parameters of the TLS connection. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - passthrough: - type: boolean - secretName: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - type: string - store: - description: Store is a reference to a TLSStore, that specifies - the parameters of the TLS store. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: object - required: - - routes - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/crd/traefik.containo.us_ingressrouteudps.yaml b/traefik-lb/crd/traefik.containo.us_ingressrouteudps.yaml deleted file mode 100644 index 57fbaa7..0000000 --- a/traefik-lb/crd/traefik.containo.us_ingressrouteudps.yaml +++ /dev/null @@ -1,84 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: ingressrouteudps.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: IngressRouteUDP - listKind: IngressRouteUDPList - plural: ingressrouteudps - singular: ingressrouteudp - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: IngressRouteUDP is an Ingress CRD specification. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IngressRouteUDPSpec is a specification for a IngressRouteUDPSpec - resource. - properties: - entryPoints: - items: - type: string - type: array - routes: - items: - description: RouteUDP contains the set of routes. - properties: - services: - items: - description: ServiceUDP defines an upstream to proxy traffic. - properties: - name: - type: string - namespace: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - weight: - type: integer - required: - - name - - port - type: object - type: array - type: object - type: array - required: - - routes - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/crd/traefik.containo.us_middlewares.yaml b/traefik-lb/crd/traefik.containo.us_middlewares.yaml deleted file mode 100644 index d9a4cfd..0000000 --- a/traefik-lb/crd/traefik.containo.us_middlewares.yaml +++ /dev/null @@ -1,596 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: middlewares.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: Middleware - listKind: MiddlewareList - plural: middlewares - singular: middleware - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Middleware is a specification for a Middleware resource. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MiddlewareSpec holds the Middleware configuration. - properties: - addPrefix: - description: AddPrefix holds the AddPrefix configuration. - properties: - prefix: - type: string - type: object - basicAuth: - description: BasicAuth holds the HTTP basic authentication configuration. - properties: - headerField: - type: string - realm: - type: string - removeHeader: - type: boolean - secret: - type: string - type: object - buffering: - description: Buffering holds the request/response buffering configuration. - properties: - maxRequestBodyBytes: - format: int64 - type: integer - maxResponseBodyBytes: - format: int64 - type: integer - memRequestBodyBytes: - format: int64 - type: integer - memResponseBodyBytes: - format: int64 - type: integer - retryExpression: - type: string - type: object - chain: - description: Chain holds a chain of middlewares. - properties: - middlewares: - items: - description: MiddlewareRef is a ref to the Middleware resources. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - type: object - circuitBreaker: - description: CircuitBreaker holds the circuit breaker configuration. - properties: - checkPeriod: - anyOf: - - type: integer - - type: string - description: CheckPeriod is the interval between successive checks - of the circuit breaker condition (when in standby state). - x-kubernetes-int-or-string: true - expression: - description: Expression is the condition that triggers the tripped - state. - type: string - fallbackDuration: - anyOf: - - type: integer - - type: string - description: FallbackDuration is the duration for which the circuit - breaker will wait before trying to recover (from a tripped state). - x-kubernetes-int-or-string: true - recoveryDuration: - anyOf: - - type: integer - - type: string - description: RecoveryDuration is the duration for which the circuit - breaker will try to recover (as soon as it is in recovering - state). - x-kubernetes-int-or-string: true - type: object - compress: - description: Compress holds the compress configuration. - properties: - excludedContentTypes: - items: - type: string - type: array - minResponseBodyBytes: - type: integer - type: object - contentType: - description: ContentType middleware - or rather its unique `autoDetect` - option - specifies whether to let the `Content-Type` header, if - it has not been set by the backend, be automatically set to a value - derived from the contents of the response. As a proxy, the default - behavior should be to leave the header alone, regardless of what - the backend did with it. However, the historic default was to always - auto-detect and set the header if it was nil, and it is going to - be kept that way in order to support users currently relying on - it. This middleware exists to enable the correct behavior until - at least the default one can be changed in a future version. - properties: - autoDetect: - type: boolean - type: object - digestAuth: - description: DigestAuth holds the Digest HTTP authentication configuration. - properties: - headerField: - type: string - realm: - type: string - removeHeader: - type: boolean - secret: - type: string - type: object - errors: - description: ErrorPage holds the custom error page configuration. - properties: - query: - type: string - service: - description: Service defines an upstream to proxy traffic. - properties: - kind: - enum: - - Service - - TraefikService - type: string - name: - description: Name is a reference to a Kubernetes Service object - (for a load-balancer of servers), or to a TraefikService - object (service load-balancer, mirroring, etc). The differentiation - between the two is specified in the Kind field. - type: string - namespace: - type: string - passHostHeader: - type: boolean - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding holds configuration for the - forward of the response. - properties: - flushInterval: - type: string - type: object - scheme: - type: string - serversTransport: - type: string - sticky: - description: Sticky holds the sticky configuration. - properties: - cookie: - description: Cookie holds the sticky configuration based - on cookie. - properties: - httpOnly: - type: boolean - name: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - strategy: - type: string - weight: - description: Weight should only be specified when Name references - a TraefikService object (and to be precise, one that embeds - a Weighted Round Robin). - type: integer - required: - - name - type: object - status: - items: - type: string - type: array - type: object - forwardAuth: - description: ForwardAuth holds the http forward authentication configuration. - properties: - address: - type: string - authRequestHeaders: - items: - type: string - type: array - authResponseHeaders: - items: - type: string - type: array - authResponseHeadersRegex: - type: string - tls: - description: ClientTLS holds TLS specific configurations as client. - properties: - caOptional: - type: boolean - caSecret: - type: string - certSecret: - type: string - insecureSkipVerify: - type: boolean - type: object - trustForwardHeader: - type: boolean - type: object - headers: - description: Headers holds the custom header configuration. - properties: - accessControlAllowCredentials: - description: AccessControlAllowCredentials is only valid if true. - false is ignored. - type: boolean - accessControlAllowHeaders: - description: AccessControlAllowHeaders must be used in response - to a preflight request with Access-Control-Request-Headers set. - items: - type: string - type: array - accessControlAllowMethods: - description: AccessControlAllowMethods must be used in response - to a preflight request with Access-Control-Request-Method set. - items: - type: string - type: array - accessControlAllowOriginList: - description: AccessControlAllowOriginList is a list of allowable - origins. Can also be a wildcard origin "*". - items: - type: string - type: array - accessControlAllowOriginListRegex: - description: AccessControlAllowOriginListRegex is a list of allowable - origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/). - items: - type: string - type: array - accessControlExposeHeaders: - description: AccessControlExposeHeaders sets valid headers for - the response. - items: - type: string - type: array - accessControlMaxAge: - description: AccessControlMaxAge sets the time that a preflight - request may be cached. - format: int64 - type: integer - addVaryHeader: - description: AddVaryHeader controls if the Vary header is automatically - added/updated when the AccessControlAllowOriginList is set. - type: boolean - allowedHosts: - items: - type: string - type: array - browserXssFilter: - type: boolean - contentSecurityPolicy: - type: string - contentTypeNosniff: - type: boolean - customBrowserXSSValue: - type: string - customFrameOptionsValue: - type: string - customRequestHeaders: - additionalProperties: - type: string - type: object - customResponseHeaders: - additionalProperties: - type: string - type: object - featurePolicy: - description: 'Deprecated: use PermissionsPolicy instead.' - type: string - forceSTSHeader: - type: boolean - frameDeny: - type: boolean - hostsProxyHeaders: - items: - type: string - type: array - isDevelopment: - type: boolean - permissionsPolicy: - type: string - publicKey: - type: string - referrerPolicy: - type: string - sslForceHost: - description: 'Deprecated: use RedirectRegex instead.' - type: boolean - sslHost: - description: 'Deprecated: use RedirectRegex instead.' - type: string - sslProxyHeaders: - additionalProperties: - type: string - type: object - sslRedirect: - description: 'Deprecated: use EntryPoint redirection or RedirectScheme - instead.' - type: boolean - sslTemporaryRedirect: - description: 'Deprecated: use EntryPoint redirection or RedirectScheme - instead.' - type: boolean - stsIncludeSubdomains: - type: boolean - stsPreload: - type: boolean - stsSeconds: - format: int64 - type: integer - type: object - inFlightReq: - description: InFlightReq limits the number of requests being processed - and served concurrently. - properties: - amount: - format: int64 - type: integer - sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If none - are set, the default is to use the request's remote address - field. All fields are mutually exclusive. - properties: - ipStrategy: - description: IPStrategy holds the ip strategy configuration. - properties: - depth: - type: integer - excludedIPs: - items: - type: string - type: array - type: object - requestHeaderName: - type: string - requestHost: - type: boolean - type: object - type: object - ipWhiteList: - description: IPWhiteList holds the ip white list configuration. - properties: - ipStrategy: - description: IPStrategy holds the ip strategy configuration. - properties: - depth: - type: integer - excludedIPs: - items: - type: string - type: array - type: object - sourceRange: - items: - type: string - type: array - type: object - passTLSClientCert: - description: PassTLSClientCert holds the TLS client cert headers configuration. - properties: - info: - description: TLSClientCertificateInfo holds the client TLS certificate - info configuration. - properties: - issuer: - description: TLSClientCertificateIssuerDNInfo holds the client - TLS certificate distinguished name info configuration. cf - https://tools.ietf.org/html/rfc3739 - properties: - commonName: - type: boolean - country: - type: boolean - domainComponent: - type: boolean - locality: - type: boolean - organization: - type: boolean - province: - type: boolean - serialNumber: - type: boolean - type: object - notAfter: - type: boolean - notBefore: - type: boolean - sans: - type: boolean - serialNumber: - type: boolean - subject: - description: TLSClientCertificateSubjectDNInfo holds the client - TLS certificate distinguished name info configuration. cf - https://tools.ietf.org/html/rfc3739 - properties: - commonName: - type: boolean - country: - type: boolean - domainComponent: - type: boolean - locality: - type: boolean - organization: - type: boolean - organizationalUnit: - type: boolean - province: - type: boolean - serialNumber: - type: boolean - type: object - type: object - pem: - type: boolean - type: object - plugin: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - rateLimit: - description: RateLimit holds the rate limiting configuration for a - given router. - properties: - average: - format: int64 - type: integer - burst: - format: int64 - type: integer - period: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - sourceCriterion: - description: SourceCriterion defines what criterion is used to - group requests as originating from a common source. If none - are set, the default is to use the request's remote address - field. All fields are mutually exclusive. - properties: - ipStrategy: - description: IPStrategy holds the ip strategy configuration. - properties: - depth: - type: integer - excludedIPs: - items: - type: string - type: array - type: object - requestHeaderName: - type: string - requestHost: - type: boolean - type: object - type: object - redirectRegex: - description: RedirectRegex holds the redirection configuration. - properties: - permanent: - type: boolean - regex: - type: string - replacement: - type: string - type: object - redirectScheme: - description: RedirectScheme holds the scheme redirection configuration. - properties: - permanent: - type: boolean - port: - type: string - scheme: - type: string - type: object - replacePath: - description: ReplacePath holds the ReplacePath configuration. - properties: - path: - type: string - type: object - replacePathRegex: - description: ReplacePathRegex holds the ReplacePathRegex configuration. - properties: - regex: - type: string - replacement: - type: string - type: object - retry: - description: Retry holds the retry configuration. - properties: - attempts: - type: integer - initialInterval: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - stripPrefix: - description: StripPrefix holds the StripPrefix configuration. - properties: - forceSlash: - type: boolean - prefixes: - items: - type: string - type: array - type: object - stripPrefixRegex: - description: StripPrefixRegex holds the StripPrefixRegex configuration. - properties: - regex: - items: - type: string - type: array - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/crd/traefik.containo.us_serverstransports.yaml b/traefik-lb/crd/traefik.containo.us_serverstransports.yaml deleted file mode 100644 index aac4679..0000000 --- a/traefik-lb/crd/traefik.containo.us_serverstransports.yaml +++ /dev/null @@ -1,122 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: serverstransports.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: ServersTransport - listKind: ServersTransportList - plural: serverstransports - singular: serverstransport - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServersTransport is a specification for a ServersTransport resource. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServersTransportSpec options to configure communication between - Traefik and the servers. - properties: - certificatesSecrets: - description: Certificates for mTLS. - items: - type: string - type: array - disableHTTP2: - description: Disable HTTP/2 for connections with backend servers. - type: boolean - forwardingTimeouts: - description: Timeouts for requests forwarded to the backend servers. - properties: - dialTimeout: - anyOf: - - type: integer - - type: string - description: DialTimeout is the amount of time to wait until a - connection to a backend server can be established. If zero, - no timeout exists. - x-kubernetes-int-or-string: true - idleConnTimeout: - anyOf: - - type: integer - - type: string - description: IdleConnTimeout is the maximum period for which an - idle HTTP keep-alive connection will remain open before closing - itself. - x-kubernetes-int-or-string: true - pingTimeout: - anyOf: - - type: integer - - type: string - description: PingTimeout is the timeout after which the HTTP/2 - connection will be closed if a response to ping is not received. - x-kubernetes-int-or-string: true - readIdleTimeout: - anyOf: - - type: integer - - type: string - description: ReadIdleTimeout is the timeout after which a health - check using ping frame will be carried out if no frame is received - on the HTTP/2 connection. If zero, no health check is performed. - x-kubernetes-int-or-string: true - responseHeaderTimeout: - anyOf: - - type: integer - - type: string - description: ResponseHeaderTimeout is the amount of time to wait - for a server's response headers after fully writing the request - (including its body, if any). If zero, no timeout exists. - x-kubernetes-int-or-string: true - type: object - insecureSkipVerify: - description: Disable SSL certificate verification. - type: boolean - maxIdleConnsPerHost: - description: If non-zero, controls the maximum idle (keep-alive) to - keep per-host. If zero, DefaultMaxIdleConnsPerHost is used. - type: integer - peerCertURI: - description: URI used to match against SAN URI during the peer certificate - verification. - type: string - rootCAsSecrets: - description: Add cert file for self-signed certificate. - items: - type: string - type: array - serverName: - description: ServerName used to contact the server. - type: string - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/crd/traefik.containo.us_tlsoptions.yaml b/traefik-lb/crd/traefik.containo.us_tlsoptions.yaml deleted file mode 100644 index 40e813d..0000000 --- a/traefik-lb/crd/traefik.containo.us_tlsoptions.yaml +++ /dev/null @@ -1,92 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: tlsoptions.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: TLSOption - listKind: TLSOptionList - plural: tlsoptions - singular: tlsoption - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: TLSOption is a specification for a TLSOption resource. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TLSOptionSpec configures TLS for an entry point. - properties: - alpnProtocols: - items: - type: string - type: array - cipherSuites: - items: - type: string - type: array - clientAuth: - description: ClientAuth defines the parameters of the client authentication - part of the TLS connection, if any. - properties: - clientAuthType: - description: ClientAuthType defines the client authentication - type to apply. - enum: - - NoClientCert - - RequestClientCert - - RequireAnyClientCert - - VerifyClientCertIfGiven - - RequireAndVerifyClientCert - type: string - secretNames: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - items: - type: string - type: array - type: object - curvePreferences: - items: - type: string - type: array - maxVersion: - type: string - minVersion: - type: string - preferServerCipherSuites: - type: boolean - sniStrict: - type: boolean - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/crd/traefik.containo.us_tlsstores.yaml b/traefik-lb/crd/traefik.containo.us_tlsstores.yaml deleted file mode 100644 index eef5f1f..0000000 --- a/traefik-lb/crd/traefik.containo.us_tlsstores.yaml +++ /dev/null @@ -1,64 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: tlsstores.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: TLSStore - listKind: TLSStoreList - plural: tlsstores - singular: tlsstore - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: TLSStore is a specification for a TLSStore resource. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TLSStoreSpec configures a TLSStore resource. - properties: - defaultCertificate: - description: DefaultCertificate holds a secret name for the TLSOption - resource. - properties: - secretName: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - type: string - required: - - secretName - type: object - required: - - defaultCertificate - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/crd/traefik.containo.us_traefikservices.yaml b/traefik-lb/crd/traefik.containo.us_traefikservices.yaml deleted file mode 100644 index 61f2aa9..0000000 --- a/traefik-lb/crd/traefik.containo.us_traefikservices.yaml +++ /dev/null @@ -1,270 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: traefikservices.traefik.containo.us -spec: - group: traefik.containo.us - names: - kind: TraefikService - listKind: TraefikServiceList - plural: traefikservices - singular: traefikservice - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: TraefikService is the specification for a service (that an IngressRoute - refers to) that is usually not a terminal service (i.e. not a pod of servers), - as opposed to a Kubernetes Service. That is to say, it usually refers to - other (children) services, which themselves can be TraefikServices or Services. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec defines whether a TraefikService is a load-balancer - of services or a mirroring service. - properties: - mirroring: - description: Mirroring defines a mirroring service, which is composed - of a main load-balancer, and a list of mirrors. - properties: - kind: - enum: - - Service - - TraefikService - type: string - maxBodySize: - format: int64 - type: integer - mirrors: - items: - description: MirrorService defines one of the mirrors of a Mirroring - service. - properties: - kind: - enum: - - Service - - TraefikService - type: string - name: - description: Name is a reference to a Kubernetes Service - object (for a load-balancer of servers), or to a TraefikService - object (service load-balancer, mirroring, etc). The differentiation - between the two is specified in the Kind field. - type: string - namespace: - type: string - passHostHeader: - type: boolean - percent: - type: integer - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding holds configuration for - the forward of the response. - properties: - flushInterval: - type: string - type: object - scheme: - type: string - serversTransport: - type: string - sticky: - description: Sticky holds the sticky configuration. - properties: - cookie: - description: Cookie holds the sticky configuration based - on cookie. - properties: - httpOnly: - type: boolean - name: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - strategy: - type: string - weight: - description: Weight should only be specified when Name references - a TraefikService object (and to be precise, one that embeds - a Weighted Round Robin). - type: integer - required: - - name - type: object - type: array - name: - description: Name is a reference to a Kubernetes Service object - (for a load-balancer of servers), or to a TraefikService object - (service load-balancer, mirroring, etc). The differentiation - between the two is specified in the Kind field. - type: string - namespace: - type: string - passHostHeader: - type: boolean - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding holds configuration for the forward - of the response. - properties: - flushInterval: - type: string - type: object - scheme: - type: string - serversTransport: - type: string - sticky: - description: Sticky holds the sticky configuration. - properties: - cookie: - description: Cookie holds the sticky configuration based on - cookie. - properties: - httpOnly: - type: boolean - name: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - strategy: - type: string - weight: - description: Weight should only be specified when Name references - a TraefikService object (and to be precise, one that embeds - a Weighted Round Robin). - type: integer - required: - - name - type: object - weighted: - description: WeightedRoundRobin defines a load-balancer of services. - properties: - services: - items: - description: Service defines an upstream to proxy traffic. - properties: - kind: - enum: - - Service - - TraefikService - type: string - name: - description: Name is a reference to a Kubernetes Service - object (for a load-balancer of servers), or to a TraefikService - object (service load-balancer, mirroring, etc). The differentiation - between the two is specified in the Kind field. - type: string - namespace: - type: string - passHostHeader: - type: boolean - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding holds configuration for - the forward of the response. - properties: - flushInterval: - type: string - type: object - scheme: - type: string - serversTransport: - type: string - sticky: - description: Sticky holds the sticky configuration. - properties: - cookie: - description: Cookie holds the sticky configuration based - on cookie. - properties: - httpOnly: - type: boolean - name: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - strategy: - type: string - weight: - description: Weight should only be specified when Name references - a TraefikService object (and to be precise, one that embeds - a Weighted Round Robin). - type: integer - required: - - name - type: object - type: array - sticky: - description: Sticky holds the sticky configuration. - properties: - cookie: - description: Cookie holds the sticky configuration based on - cookie. - properties: - httpOnly: - type: boolean - name: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/traefik-lb/deployment.yaml b/traefik-lb/deployment.yaml index c13d52b..e722a22 100644 --- a/traefik-lb/deployment.yaml +++ b/traefik-lb/deployment.yaml @@ -24,14 +24,14 @@ spec: - --api - --api.insecure - --entrypoints.web.address=:80 - - --entrypoints.udpep.address=:25565/udp + - --entrypoints.minecrafttcp.address=:25565/tcp - --providers.kubernetescrd ports: - name: web containerPort: 80 - name: admin containerPort: 8080 - - name: udpep + - name: minecrafttcp containerPort: 25565 diff --git a/traefik-lb/service.yaml b/traefik-lb/service.yaml index d5f8b53..b1ce083 100644 --- a/traefik-lb/service.yaml +++ b/traefik-lb/service.yaml @@ -15,18 +15,7 @@ spec: port: 8080 name: admin targetPort: 8080 - ---- -apiVersion: v1 -kind: Service -metadata: - name: traefikudp -spec: - type: LoadBalancer - selector: - app: traefik - ports: - - protocol: UDP + - protocol: TCP port: 25565 - name: udpep + name: minecrafttcp targetPort: 25565 diff --git a/traefik-lb/whoami/deployment.yaml b/traefik-lb/whoami/deployment.yaml deleted file mode 100644 index c13d52b..0000000 --- a/traefik-lb/whoami/deployment.yaml +++ /dev/null @@ -1,37 +0,0 @@ -kind: Deployment -apiVersion: apps/v1 -metadata: - name: traefik - labels: - app: traefik - -spec: - replicas: 1 - selector: - matchLabels: - app: traefik - template: - metadata: - labels: - app: traefik - spec: - serviceAccountName: traefik-ingress-controller - containers: - - name: traefik - image: traefik:v2.7 - args: - - --log.level=DEBUG - - --api - - --api.insecure - - --entrypoints.web.address=:80 - - --entrypoints.udpep.address=:25565/udp - - --providers.kubernetescrd - ports: - - name: web - containerPort: 80 - - name: admin - containerPort: 8080 - - name: udpep - containerPort: 25565 - - diff --git a/traefik-lb/whoami/service.yaml b/traefik-lb/whoami/service.yaml deleted file mode 100644 index d5f8b53..0000000 --- a/traefik-lb/whoami/service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: traefik -spec: - type: LoadBalancer - selector: - app: traefik - ports: - - protocol: TCP - port: 80 - name: web - targetPort: 80 - - protocol: TCP - port: 8080 - name: admin - targetPort: 8080 - ---- -apiVersion: v1 -kind: Service -metadata: - name: traefikudp -spec: - type: LoadBalancer - selector: - app: traefik - ports: - - protocol: UDP - port: 25565 - name: udpep - targetPort: 25565