Tutorial : Traefik 2.0 - Baremetal - RancherOS - Hetzner - OVH

Rancher 2.x
4

Hi @zedtux,

Sorry for the delay.
As it’s named “traefik-file-provider.yml” is used for Provider Configuration file .

This part of the configuration is holding the following configuration :

http:
  routers:
    api-dashboard:
      entryPoints:
        - "web-secure"
      rule :  Host(`traefik.example.com`) && PathPrefix(`/api`) || Host(`traefik.example.com`) && PathPrefix(`/dashboard`)
      tls:
        certResolver: default
      service: api@internal
      middlewares:
        - auth-dashboard
  middlewares:
    auth-dashboard:
      basicAuth:
        users:
          - "test:$test" 
          - "test2:$sample"

This let me have a kind of “unmovable” set of configuration in order to let me reach the Traefik dashboard.

Hope that it’s more clear.

I still need to update my global configuration regarding the deployment of traefik, see :

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: traefik
  name: traefik
  namespace: traefik

spec:
  selector:
    matchLabels:
      app: traefik
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: traefik
    spec:
      containers:
      - args:
        - --configFile=/local/traefik/traefik.yml
        env:
        - name: TZ
          value: Europe/Brussels
        - name: OVH_ENDPOINT
          valueFrom:
            secretKeyRef:
              key: ovh_endpoint
              name: ovh-credentials
              optional: false
        - name: OVH_APPLICATION_KEY
          valueFrom:
            secretKeyRef:
              key: ovh_application_key
              name: ovh-credentials
              optional: false
        - name: OVH_APPLICATION_SECRET
          valueFrom:
            secretKeyRef:
              key: ovh_application_secret
              name: ovh-credentials
              optional: false
        - name: OVH_CONSUMER_KEY
          valueFrom:
            secretKeyRef:
              key: ovh_consumer_key
              name: ovh-credentials
              optional: false
        image: traefik:v2.0
        name: traefik
        ports:
        - containerPort: 80
          hostPort: 80
          name: web
          protocol: TCP
        - containerPort: 443
          hostPort: 443
          name: websecure
          protocol: TCP
        - containerPort: 22
          hostPort: 22
          name: ssh
          protocol: TCP
        securityContext:
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
        volumeMounts:
        - mountPath: /local/traefik
          name: traefik-config
        - mountPath: /local/traefik-file-provider
          name: traefik-file-provider
        - mountPath: /data
          name: traefik-ssl-storage
      hostNetwork: true
      volumes:
      - configMap:
          defaultMode: 256
          name: traefik-config-yml
          optional: false
        name: traefik-config
      - configMap:
          defaultMode: 256
          name: traefik-file-provider
          optional: false
        name: traefik-file-provider
      - hostPath:
          path: /mnt/system/traefik-data
          type: DirectoryOrCreate
        name: traefik-ssl-storage

Don’t hesitate to reach me out as i’m still working to my setup of services decentralized.