From 39551a18629df19e574e61cd91279ce26ba65984 Mon Sep 17 00:00:00 2001 From: Joakim Olsson Date: Wed, 15 Apr 2026 14:55:12 +0200 Subject: [PATCH] refactor: migrate from ingress-nginx to Traefik v3 Replace ingress-nginx 4.15.1 with Traefik v3 (Helm chart 39.0.7) as the ingress controller for the local kind cluster. - Replace k8s/nginx/ with k8s/traefik/ (Helm chart, values, namespace) - Update setup script selectors and namespace references - Convert nginx upstream-vhost annotations to Traefik Middleware CRDs - Update ingressClassName from nginx to traefik Co-Authored-By: Claude Opus 4.6 (1M context) refactor: migrate from ingress-nginx to Traefik v3 Replace ingress-nginx 4.15.1 with Traefik v3 (Helm chart 39.0.7) as the ingress controller for the local kind cluster. - Replace k8s/nginx/ with k8s/traefik/ (Helm chart, values, namespace) - Update setup script selectors and namespace references - Convert nginx upstream-vhost annotations to Traefik Middleware CRDs - Update ingressClassName from nginx to traefik - Add .claude/ to .gitignore Co-Authored-By: Claude Opus 4.6 (1M context) --- .gitignore | 1 + k8s/app/local-proxy.yaml | 26 ++++++++++++++++++++++---- k8s/nginx/kustomization.yaml | 12 ------------ k8s/traefik/kustomization.yaml | 12 ++++++++++++ k8s/traefik/namespaces.yaml | 4 ++++ k8s/traefik/values.yaml | 31 +++++++++++++++++++++++++++++++ setup | 12 ++++++------ 7 files changed, 76 insertions(+), 22 deletions(-) delete mode 100644 k8s/nginx/kustomization.yaml create mode 100644 k8s/traefik/kustomization.yaml create mode 100644 k8s/traefik/namespaces.yaml create mode 100644 k8s/traefik/values.yaml diff --git a/.gitignore b/.gitignore index 9891bfc..46c5ecc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ data charts +.claude/settings.local.json diff --git a/k8s/app/local-proxy.yaml b/k8s/app/local-proxy.yaml index 21abe25..623ea7c 100644 --- a/k8s/app/local-proxy.yaml +++ b/k8s/app/local-proxy.yaml @@ -24,9 +24,9 @@ kind: Ingress metadata: name: frontend annotations: - nginx.ingress.kubernetes.io/upstream-vhost: "localhost:3300" + traefik.ingress.kubernetes.io/router.middlewares: default-frontend-host@kubernetescrd spec: - ingressClassName: nginx + ingressClassName: traefik tls: - hosts: - staging-shiny.unbound.se @@ -59,9 +59,9 @@ kind: Ingress metadata: name: api annotations: - nginx.ingress.kubernetes.io/upstream-vhost: "localhost:4444" + traefik.ingress.kubernetes.io/router.middlewares: default-api-host@kubernetescrd spec: - ingressClassName: nginx + ingressClassName: traefik tls: - hosts: - staging-shiny-api.unbound.se @@ -77,3 +77,21 @@ spec: name: api-external port: number: 4444 +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: frontend-host +spec: + headers: + customRequestHeaders: + Host: "localhost:3300" +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: api-host +spec: + headers: + customRequestHeaders: + Host: "localhost:4444" diff --git a/k8s/nginx/kustomization.yaml b/k8s/nginx/kustomization.yaml deleted file mode 100644 index e9b2170..0000000 --- a/k8s/nginx/kustomization.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- namespaces.yaml -helmCharts: -- name: ingress-nginx - namespace: ingress-nginx - includeCRDs: true - releaseName: ingress-nginx - repo: https://kubernetes.github.io/ingress-nginx - version: 4.15.1 - valuesFile: https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/hack/manifest-templates/provider/kind/values.yaml diff --git a/k8s/traefik/kustomization.yaml b/k8s/traefik/kustomization.yaml new file mode 100644 index 0000000..4fec7f0 --- /dev/null +++ b/k8s/traefik/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- namespaces.yaml +helmCharts: +- name: traefik + namespace: traefik + includeCRDs: true + releaseName: traefik + repo: https://traefik.github.io/charts + version: 39.0.7 + valuesFile: values.yaml diff --git a/k8s/traefik/namespaces.yaml b/k8s/traefik/namespaces.yaml new file mode 100644 index 0000000..c088a91 --- /dev/null +++ b/k8s/traefik/namespaces.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: traefik diff --git a/k8s/traefik/values.yaml b/k8s/traefik/values.yaml new file mode 100644 index 0000000..f05a707 --- /dev/null +++ b/k8s/traefik/values.yaml @@ -0,0 +1,31 @@ +deployment: + kind: DaemonSet + +ports: + web: + hostPort: 80 + websecure: + hostPort: 443 + +tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Equal" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Equal" + effect: "NoSchedule" + +nodeSelector: + ingress-ready: "true" + +providers: + kubernetesIngress: + publishedService: + enabled: false + +service: + type: ClusterIP + +ingressClass: + enabled: true + isDefaultClass: true diff --git a/setup b/setup index e957c20..1f3bafa 100755 --- a/setup +++ b/setup @@ -12,20 +12,20 @@ kubectl create secret docker-registry gitlab \ kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gitlab"}]}' -kustomized="$(mktemp -t unboundnginx.yaml.XXXXXX)" +kustomized="$(mktemp -t unboundtraefik.yaml.XXXXXX)" -kubectl kustomize --enable-helm "k8s/nginx" >> "${kustomized}" +kubectl kustomize --enable-helm "k8s/traefik" >> "${kustomized}" kubectl apply -f "${kustomized}" --server-side || true -printf "\nWait for pod app.kubernetes.io/component=controller to be created." +printf "\nWait for pod app.kubernetes.io/name=traefik to be created." while :; do sleep 2 - [ -n "$(kubectl -n ingress-nginx get pod --selector=app.kubernetes.io/component=controller 2>/dev/null)" ] && printf "\n\n" && break + [ -n "$(kubectl -n traefik get pod --selector=app.kubernetes.io/name=traefik 2>/dev/null)" ] && printf "\n\n" && break printf "." done -echo "Wait for nginx to be available." -until [[ $(kubectl -n ingress-nginx get endpointslices -l 'kubernetes.io/service-name=ingress-nginx-controller' -o=jsonpath='{.items[*].endpoints[*].addresses[*]}') ]]; do sleep 5; done +echo "Wait for traefik to be available." +until [[ $(kubectl -n traefik get endpointslices -l 'kubernetes.io/service-name=traefik' -o=jsonpath='{.items[*].endpoints[*].addresses[*]}') ]]; do sleep 5; done kustomized="$(mktemp -t unboundinfra.yaml.XXXXXX)"