kubernetes/odroid/traefik/values.org

image: # @schema additionalProperties: false

registry: docker.io

repository: traefik

tag: # @schema type:[string, null]

pullPolicy: IfNotPresent

commonLabels: {}

deployment:

enabled: true

kind: Deployment

replicas: 1

revisionHistoryLimit: # @schema type:[integer, null];minimum:0

terminationGracePeriodSeconds: 60

minReadySeconds: 0 ## – Override the liveness/readiness port. This is useful to integrate traefik ## with an external Load Balancer that performs healthchecks. ## Default: ports.traefik.port healthchecksPort: # @schema type:[integer, null];minimum:0 ## – Override the liveness/readiness host. Useful for getting ping to respond on non-default entryPoint. ## Default: ports.traefik.hostIP if set, otherwise Pod IP healthchecksHost: "" ## – Override the liveness/readiness scheme. Useful for getting ping to ## respond on websecure entryPoint. healthchecksScheme: # @schema enum:[HTTP, HTTPS, null]; type:[string, null]; default: HTTP ## – Override the readiness path. ## Default: /ping readinessPath: ""

livenessPath: ""

annotations: {}

labels: {}

podAnnotations: {}

podLabels: {}

additionalContainers: []

additionalVolumes: []

initContainers: []

shareProcessNamespace: false

dnsPolicy: ""

dnsConfig: {}

hostAliases: []

imagePullSecrets: []

lifecycle: {}

runtimeClassName: ""

podDisruptionBudget: # @schema additionalProperties: false enabled: false maxUnavailable: # @schema type:[string, integer, null];minimum:0 minAvailable: # @schema type:[string, integer, null];minimum:0

ingressClass: # @schema additionalProperties: false enabled: true isDefaultClass: true name: ""

core: # @schema additionalProperties: false

defaultRuleSyntax: ""

experimental:

abortOnPluginFailure: false fastProxy:

enabled: false

debug: false kubernetesGateway:

enabled: false

plugins: {}

gateway:

enabled: true

name: ""

namespace: ""

annotations: {}

infrastructure: {}

listeners: web:

port: 8000

hostname: ""

protocol: HTTP

namespacePolicy: # @schema type:[string, null]

gatewayClass: # @schema additionalProperties: false

enabled: true

name: ""

labels: {}

ingressRoute: dashboard:

enabled: false

annotations: {}

labels: {}

matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`)

services:

• name: api@internal kind: TraefikService

entryPoints: ["traefik"]

middlewares: []

tls: {} healthcheck:

enabled: false

annotations: {}

labels: {}

matchRule: PathPrefix(`/ping`)

services:

• name: ping@internal kind: TraefikService

entryPoints: ["traefik"]

middlewares: []

tls: {}

updateStrategy: # @schema additionalProperties: false

type: RollingUpdate rollingUpdate: maxUnavailable: 0 # @schema type:[integer, string, null] maxSurge: 1 # @schema type:[integer, string, null]

readinessProbe: # @schema additionalProperties: false

failureThreshold: 1

initialDelaySeconds: 2

periodSeconds: 10

successThreshold: 1

timeoutSeconds: 2 livenessProbe: # @schema additionalProperties: false

failureThreshold: 3

initialDelaySeconds: 2

periodSeconds: 10

successThreshold: 1

timeoutSeconds: 2

startupProbe: {}

providers: # @schema additionalProperties: false kubernetesCRD:

enabled: true

allowCrossNamespace: false

allowExternalNameServices: false

allowEmptyServices: true

ingressClass: ""

namespaces: []

nativeLBByDefault: false

kubernetesIngress:

enabled: true

allowExternalNameServices: false

allowEmptyServices: true

ingressClass: # @schema type:[string, null]

namespaces: []

publishedService:

enabled: true

pathOverride: ""

nativeLBByDefault: false

kubernetesGateway:

enabled: false

experimentalChannel: false

namespaces: []

labelselector: ""

nativeLBByDefault: false statusAddress:

ip: ""

hostname: ""

service: enabled: true name: "" namespace: ""

file:

enabled: false

watch: true

content: ""

volumes: []

additionalVolumeMounts: []

logs: general:

format: # @schema enum:["common", "json", null]; type:[string, null]; default: "common"

level: "INFO" # @schema enum:[TRACE,DEBUG,INFO,WARN,ERROR,FATAL,PANIC]; default: "INFO"

filePath: ""

noColor: false access:

enabled: false

format: # @schema enum:["common", "json", null]; type:[string, null]; default: "common"

bufferingSize: # @schema type:[integer, null]

filters: # @schema additionalProperties: false

statuscodes: ""

retryattempts: false

minduration: ""

addInternals: false fields: general:

defaultmode: keep # @schema enum:[keep, drop, redact]; default: keep

names: {}

headers:

defaultmode: drop # @schema enum:[keep, drop, redact]; default: drop names: {}

metrics:

addInternals: false

## Prometheus is enabled by default. ## It can be disabled by setting "prometheus: null" prometheus:

entryPoint: metrics

addEntryPointsLabels: # @schema type:[boolean, null]

addRoutersLabels: # @schema type:[boolean, null]

addServicesLabels: # @schema type:[boolean, null]

buckets: ""

## order to allow creating a custom router for prometheus@internal service. manualRouting: false

headerLabels: {} # @schema type:[object, null] service:

enabled: false labels: {} annotations: {}

disableAPICheck: # @schema type:[boolean, null] serviceMonitor:

enabled: false metricRelabelings: [] relabelings: [] jobLabel: "" interval: "" honorLabels: false scrapeTimeout: "" honorTimestamps: false enableHttp2: false followRedirects: false additionalLabels: {} namespace: "" namespaceSelector: {} prometheusRule:

enabled: false additionalLabels: {} namespace: ""

otlp:

enabled: false

addEntryPointsLabels: # @schema type:[boolean, null]

addRoutersLabels: # @schema type:[boolean, null]

addServicesLabels: # @schema type:[boolean, null]

explicitBoundaries: []

pushInterval: ""

serviceName: # @schema type:[string, null] http:

enabled: false

endpoint: ""

headers: {} ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. tls:

ca: ""

cert: ""

key: ""

insecureSkipVerify: # @schema type:[boolean, null] grpc:

enabled: false

endpoint: ""

insecure: false ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. tls:

ca: ""

cert: ""

key: ""

insecureSkipVerify: false

## Tracing

tracing: # @schema additionalProperties: false

addInternals: false

serviceName: # @schema type:[string, null]

resourceAttributes: {}

capturedRequestHeaders: []

capturedResponseHeaders: []

safeQueryParams: []

sampleRate: # @schema type:[number, null]; minimum:0; maximum:1 otlp:

enabled: false http:

enabled: false

endpoint: ""

headers: {} ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. tls:

ca: ""

cert: ""

key: ""

insecureSkipVerify: false grpc:

enabled: false

endpoint: ""

insecure: false ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. tls:

ca: ""

cert: ""

key: ""

insecureSkipVerify: false

global: # @schema additionalProperties: false checkNewVersion: true

sendAnonymousUsage: false

azure:

enabled: false images: proxy: image: traefik tag: latest registry: docker.io/library hub: image: traefik-hub tag: latest registry: ghcr.io/traefik

additionalArguments: []

env: []

envFrom: []

ports: traefik: port: 8080

hostPort: # @schema type:[integer, null]; minimum:0

hostIP: # @schema type:[string, null]

#

expose: default: false

exposedPort: 8080

protocol: TCP web: ## – Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint.

port: 8000

expose: default: true exposedPort: 80 ## – Different target traefik port on the cluster, useful for IP type LB targetPort: # @schema type:[string, integer, null]; minimum:0

protocol: TCP

nodePort: # @schema type:[integer, null]; minimum:0 redirections:

entryPoint: {} forwardedHeaders:

trustedIPs: [] insecure: false proxyProtocol:

trustedIPs: [] insecure: false

transport: respondingTimeouts: readTimeout: # @schema type:[string, integer, null] writeTimeout: # @schema type:[string, integer, null] idleTimeout: # @schema type:[string, integer, null] lifeCycle: requestAcceptGraceTimeout: # @schema type:[string, integer, null] graceTimeOut: # @schema type:[string, integer, null] keepAliveMaxRequests: # @schema type:[integer, null]; minimum:0 keepAliveMaxTime: # @schema type:[string, integer, null] websecure: ## – Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint.

port: 8443 hostPort: # @schema type:[integer, null]; minimum:0 containerPort: # @schema type:[integer, null]; minimum:0 expose: default: true exposedPort: 443 ## – Different target traefik port on the cluster, useful for IP type LB targetPort: # @schema type:[string, integer, null]; minimum:0 ## – The port protocol (TCP/UDP) protocol: TCP

nodePort: # @schema type:[integer, null]; minimum:0

appProtocol: # @schema type:[string, null]

allowACMEByPass: false http3: ## – Enable HTTP/3 on the entrypoint ## Enabling it will also enable http3 experimental feature ## https://doc.traefik.io/traefik/routing/entrypoints/#http3 ## There are known limitations when trying to listen on same ports for ## TCP & UDP (Http3). There is a workaround in this chart using dual Service. ## https://github.com/kubernetes/kubernetes/issues/47249#issuecomment-587960741 enabled: false advertisedPort: # @schema type:[integer, null]; minimum:0 forwardedHeaders:

trustedIPs: [] insecure: false proxyProtocol:

trustedIPs: [] insecure: false

transport: respondingTimeouts: readTimeout: # @schema type:[string, integer, null] writeTimeout: # @schema type:[string, integer, null] idleTimeout: # @schema type:[string, integer, null] lifeCycle: requestAcceptGraceTimeout: # @schema type:[string, integer, null] graceTimeOut: # @schema type:[string, integer, null] keepAliveMaxRequests: # @schema type:[integer, null]; minimum:0 keepAliveMaxTime: # @schema type:[string, integer, null]

tls: enabled: true options: "" certResolver: "" domains: []

middlewares: [] metrics:

port: 9100

expose: default: false

exposedPort: 9100

protocol: TCP

tlsOptions: {}

tlsStore: {}

service: enabled: true ## – Single service is using `MixedProtocolLBService` feature gate. ## – When set to false, it will create two Service, one for TCP and one for UDP. single: true type: LoadBalancer

annotations: {}

annotationsTCP: {}

annotationsUDP: {}

labels: {}

spec: {}

loadBalancerSourceRanges: []

## – Class of the load balancer implementation

externalIPs: []

## One of SingleStack, PreferDualStack, or RequireDualStack.

## List of IP families (e.g. IPv4 and/or IPv6). ## ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services

## additionalServices: {} ## – An additional and optional internal Service. ## Same parameters as external Service

autoscaling:

enabled: false

persistence:

enabled: false name: data existingClaim: "" accessMode: ReadWriteOnce size: 128Mi storageClass: "" volumeName: "" path: /data annotations: {}

subPath: ""

certificatesResolvers: {}

hostNetwork: false

rbac: # @schema additionalProperties: false enabled: true

namespaced: false

aggregateTo: []

secretResourceNames: []

podSecurityPolicy: enabled: false

serviceAccount: # @schema additionalProperties: false

name: ""

serviceAccountAnnotations: {}

resources: {}

affinity: {}

nodeSelector: {}

tolerations: []

topologySpreadConstraints: []

priorityClassName: ""

securityContext: allowPrivilegeEscalation: false capabilities: drop: [ALL] readOnlyRootFilesystem: true

podSecurityContext: runAsGroup: 65532 runAsNonRoot: true runAsUser: 65532

#

#

extraObjects: []

namespaceOverride: ""

instanceLabelOverride: ""

versionOverride: ""

hub:

token: ""

offline: false

namespaces: [] # @schema required:true apimanagement:

enabled: false admission:

listenAddr: ""

secretName: "hub-agent-cert"

customWebhookCertificate: {}

restartOnCertificateChange: true openApi:

validateRequestMethodAndPath: false

experimental:

aigateway: false providers: consulCatalogEnterprise:

enabled: false

cache: false

connectAware: false

connectByDefault: false

constraints: ""

defaultRule: "Host(`{{ normalize .Name }}`)" endpoint:

address: ""

datacenter: ""

endpointWaitTime: 0 httpauth:

password: ""

username: ""

scheme: "" tls:

ca: ""

cert: ""

insecureSkipVerify: false

key: ""

token: ""

exposedByDefault: true

namespaces: ""

partition: ""

prefix: "traefik"

refreshInterval: 15

requireConsistent: false

serviceName: "traefik"

stale: false

strictChecks: "passing, warning"

watch: false microcks:

enabled: false auth:

clientId: ""

clientSecret: ""

endpoint: ""

token: ""

endpoint: ""

pollInterval: 30

pollTimeout: 5 tls:

ca: ""

cert: ""

insecureSkipVerify: false

key: "" redis:

cluster: # @schema type:[boolean, null]

database: # @schema type:[string, null]

endpoints: ""

username: ""

password: "" sentinel:

masterset: ""

username: ""

password: ""

timeout: "" tls:

ca: ""

cert: ""

key: ""

insecureSkipVerify: false

sendlogs: # @schema type:[boolean, null]

tracing:

additionalTraceHeaders: enabled: false traceContext:

parentId: ""

traceId: ""

traceParent: ""

traceState: ""

oci_meta:

enabled: false

repo: traefik images: proxy: image: traefik tag: latest hub: image: traefik-hub tag: latest