Skip to content

Commit

Permalink
feat(Traefik): ✨ support Gateway API statusAddress
Browse files Browse the repository at this point in the history
  • Loading branch information
mloiseleur authored Oct 30, 2024
1 parent 626469d commit e7dcac1
Show file tree
Hide file tree
Showing 7 changed files with 79 additions and 2 deletions.
2 changes: 2 additions & 0 deletions EXAMPLES.md
Original file line number Diff line number Diff line change
Expand Up @@ -907,6 +907,8 @@ Once it's applied, whoami should be accessible on http://whoami.docker.localhost

</details>

:information_source: In this example, `Deployment` and `HTTPRoute` should be deployed in the same namespace as the Traefik Gateway: Chart namespace.

# Use Kubernetes Gateway API with cert-manager

One can use the new stable kubernetes gateway API provider with automatic TLS certificates delivery (with cert-manager) setting the following _values_:
Expand Down
3 changes: 3 additions & 0 deletions traefik/VALUES.md
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,9 @@ Kubernetes: `>=1.22.0-0`
| providers.kubernetesGateway.experimentalChannel | bool | `false` | Toggles support for the Experimental Channel resources (Gateway API release channels documentation). This option currently enables support for TCPRoute and TLSRoute. |
| providers.kubernetesGateway.labelselector | string | `""` | A label selector can be defined to filter on specific GatewayClass objects only. |
| providers.kubernetesGateway.namespaces | list | `[]` | Array of namespaces to watch. If left empty, Traefik watches all namespaces. |
| providers.kubernetesGateway.statusAddress.hostname | string | `""` | This Hostname will get copied to the Gateway status.addresses. |
| providers.kubernetesGateway.statusAddress.ip | string | `""` | This IP will get copied to the Gateway status.addresses, and currently only supports one IP value (IPv4 or IPv6). |
| providers.kubernetesGateway.statusAddress.service | object | `{"name":"{{ (include \"traefik.fullname\" .) }}","namespace":"{{ .Release.Namespace }}"}` | The Kubernetes service to copy status addresses from. When using third parties tools like External-DNS, this option can be used to copy the service loadbalancer.status (containing the service's endpoints IPs) to the gateways. Default to Service of this Chart. |
| providers.kubernetesIngress.allowEmptyServices | bool | `true` | Allows to return 503 when there is no endpoints available |
| providers.kubernetesIngress.allowExternalNameServices | bool | `false` | Allows to reference ExternalName services in Ingress |
| providers.kubernetesIngress.enabled | bool | `true` | Load Kubernetes Ingress provider |
Expand Down
12 changes: 12 additions & 0 deletions traefik/templates/_podtemplate.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -514,6 +514,18 @@
{{- with .Values.providers.kubernetesGateway }}
{{- if .enabled }}
- "--providers.kubernetesgateway"
{{- with .statusAddress }}
{{- with .ip }}
- "--providers.kubernetesgateway.statusaddress.ip={{ . }}"
{{- end }}
{{- with .hostname }}
- "--providers.kubernetesgateway.statusaddress.hostname={{ . }}"
{{- end }}
{{- with .service }}
- "--providers.kubernetesgateway.statusaddress.service.name={{ tpl .name $ }}"
- "--providers.kubernetesgateway.statusaddress.service.namespace={{ tpl .namespace $ }}"
{{- end }}
{{- end }}
{{- if or .namespaces (and $.Values.rbac.enabled $.Values.rbac.namespaced) }}
- "--providers.kubernetesgateway.namespaces={{ template "providers.kubernetesGateway.namespaces" $ }}"
{{- end }}
Expand Down
8 changes: 7 additions & 1 deletion traefik/tests/pod-config_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -293,7 +293,7 @@ tests:
content:
key: "RSA"
operator: "Destructor"
- it: should have all k8s provider enabled when gateway provider is enabled
- it: When gateway provider is enabled, k8s providers & default statusAddress should be set
set:
providers:
kubernetesGateway:
Expand All @@ -308,6 +308,12 @@ tests:
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesgateway"
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesgateway.statusaddress.service.name=RELEASE-NAME-traefik"
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesgateway.statusaddress.service.namespace=NAMESPACE"
- it: should have experimental flag when set
set:
experimental:
Expand Down
25 changes: 24 additions & 1 deletion traefik/tests/traefik-config_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,30 @@ tests:
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesingress.ingressendpoint.publishedservice=foo/bar"

- it: should be possible to set statusAddress fields
set:
providers:
kubernetesGateway:
enabled: true
statusAddress:
ip: 1.2.3.4
hostname: example.net
service:
name: foo
namespace: default
asserts:
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesgateway.statusaddress.ip=1.2.3.4"
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesgateway.statusaddress.hostname=example.net"
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesgateway.statusaddress.service.name=foo"
- contains:
path: spec.template.spec.containers[0].args
content: "--providers.kubernetesgateway.statusaddress.service.namespace=default"
- it: should allow cross namespace services when specified in configuration
set:
providers:
Expand Down
22 changes: 22 additions & 0 deletions traefik/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -1353,6 +1353,28 @@
},
"namespaces": {
"type": "array"
},
"statusAddress": {
"properties": {
"hostname": {
"type": "string"
},
"ip": {
"type": "string"
},
"service": {
"properties": {
"name": {
"type": "string"
},
"namespace": {
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
}
},
"type": "object"
Expand Down
9 changes: 9 additions & 0 deletions traefik/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,15 @@ providers: # @schema additionalProperties: false
namespaces: []
# -- A label selector can be defined to filter on specific GatewayClass objects only.
labelselector: ""
statusAddress:
# -- This IP will get copied to the Gateway status.addresses, and currently only supports one IP value (IPv4 or IPv6).
ip: ""
# -- This Hostname will get copied to the Gateway status.addresses.
hostname: ""
# -- The Kubernetes service to copy status addresses from. When using third parties tools like External-DNS, this option can be used to copy the service loadbalancer.status (containing the service's endpoints IPs) to the gateways. Default to Service of this Chart.
service:
name: "{{ (include \"traefik.fullname\" .) }}"
namespace: "{{ .Release.Namespace }}"

file:
# -- Create a file provider
Expand Down

0 comments on commit e7dcac1

Please sign in to comment.