apitech
/
loki
mirror of https://github.com/grafana/loki
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Like Prometheus, but for logs.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8156 Commits
839 Branches
309 Tags
649 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 4fa045d380
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4fa045d380'
${ noResults }
loki/operator/hack/addons_traefik.yaml

163 lines
3.3 KiB
Raw Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: traefik
---
apiVersion: v1
kind: ConfigMap
metadata:
name: traefik
namespace: traefik
data:
config.yaml: |
http:
middlewares:
lokistack-stripprefix:
stripPrefix:
prefixes:
- "/lokistack"
token-refresher-stripprefix:
stripPrefix:
prefixes:
- "/token-refresher"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: acme-storage
namespace: traefik
spec:
accessModes:
- ReadWriteOnce
# Replace the storageClassName with the storage you use in your Kubernetes cluster.
storageClassName: standard
resources:
requests:
# Replace by an appropriate size.
storage: 10Mi
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik
namespace: traefik
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: traefik
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
- ingressclasses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- traefik.containo.us
resources:
- middlewares
- middlewaretcps
- ingressroutes
- traefikservices
- ingressroutetcps
- ingressrouteudps
- tlsoptions
- tlsstores
- serverstransports
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: traefik
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik
subjects:
- kind: ServiceAccount
name: traefik
namespace: traefik
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik
namespace: traefik
spec:
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik
containers:
- name: traefik
image: traefik:v2.7.0
args:
- --api.insecure
- --api.dashboard
- --log.level=debug
- --accesslog=true
- --entryPoints.web.address=:80
- --entryPoints.websecure.address=:443
- --providers.kubernetesIngress
- --providers.file.filename=/config/config.yaml
- --providers.file.watch=false
ports:
- name: http
containerPort: 80
hostPort: 80
- name: https
containerPort: 443
hostPort: 443
- name: admin
containerPort: 8080
hostPort: 8080
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
volumeMounts:
- mountPath: /letsencrypt
name: acme-storage
- mountPath: /config
name: config
volumes:
- name: acme-storage
persistentVolumeClaim:
claimName: acme-storage
- name: config
configMap:
name: traefik