flywithu/community-catalog
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' into master

Browse Source
This commit is contained in:
Jason 2018-03-02 01:42:05 +08:00 committed by GitHub
commit 7f6f06da57
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 711 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
infra-templates/imagepuller/0/docker-compose.yml.tpl Normal file
View File

@ -0,0 +1,25 @@
version: '2'
services:
imagepuller:
image: superseb/imagepuller:0.1.5
{{- if eq .Values.PRIVILEGED "true"}}
privileged: true
{{- end}}
environment:
CHECK_CPU_USAGE: ${CHECK_CPU_USAGE}
CPU_USAGE_MAX: ${CPU_USAGE_MAX}
CPU_USAGE_SLEEP: ${CPU_USAGE_SLEEP}
RANCHER_VERSION: ${RANCHER_VERSION}
RANDOM_SLEEP: ${RANDOM_SLEEP}
stdin_open: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
{{- if eq .Values.MOUNT_DOCKER_CONFIG "true"}}
- ${DOCKER_CONFIG_LOCATION}:/root/.docker/config.json
{{- end}}
tty: true
labels:
io.rancher.container.agent.role: environment
io.rancher.container.start_once: 'true'
io.rancher.container.create_agent: 'true'
io.rancher.scheduler.global: 'true'

58
infra-templates/imagepuller/0/rancher-compose.yml Normal file
View File

@ -0,0 +1,58 @@
version: '2'
catalog:
name: imagepuller
version: 0.1.5
description: A script to pull images for a specific Rancher version to speed up upgrades
minimum_rancher_version: v1.6.0
questions:
- variable: CHECK_CPU_USAGE
label: CHECK_CPU_USAGE
description: Enable CPU usage check
type: boolean
default: true
required: true
- variable: CPU_USAGE_MAX
label: CPU_USAGE_MAX
description: Maximum CPU usage in % to halt pulling images
type: int
default: 75
required: true
- variable: CPU_USAGE_SLEEP
label: CPU_USAGE_SLEEP
description: Amount of seconds to sleep when cpu usage is too high
type: int
default: 120
required: true
- variable: MOUNT_DOCKER_CONFIG
label: MOUNT_DOCKER_CONFIG
description: Mount docker config as volume (for registries with authentication)
type: boolean
default: false
required: true
- variable: DOCKER_CONFIG_LOCATION
label: DOCKER_CONFIG_LOCATION
description: Docker config location on the host (for registries with authentication)
type: string
default: "/root/.docker/config.json"
required: true
- variable: PRIVILEGED
label: PRIVILEGED
description: Run as privileged (e.g. when SELinux is enabled)
type: boolean
default: false
required: true
- variable: RANDOM_SLEEP
label: RANDOM_SLEEP
description: Sleep a "random" amount of seconds between image pulls
type: boolean
default: false
required: true
- variable: RANCHER_VERSION
label: RANCHER_VERSION
description: Reference version to identify what images to pull
type: string
default: v1.6.14
required: true
services:
imagepuller:
start_on_create: true

26
infra-templates/imagepuller/catalogIcon-imagepuller.svg Normal file
View File

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg viewBox="0 0 640 480" xmlns="http://www.w3.org/2000/svg">
<defs>
<linearGradient id="d" x1=".49992" x2=".49992" y1=".29294" y2=".48514">
<stop stop-color="#919191" offset="0"/>
<stop stop-color="#919191" offset=".0056"/>
<stop stop-color="#bf0d00" offset="1"/>
</linearGradient>
<radialGradient id="c" cx="39.756" cy="24.221" r="120.09" gradientTransform="matrix(-3.2183 0 0 -3.7099 528.11 462.82)" gradientUnits="userSpaceOnUse">
<stop stop-color="#e88080" offset="0"/>
<stop stop-color="#de4848" offset=".6181"/>
<stop stop-color="#d82a2a" offset="1"/>
</radialGradient>
</defs>
<g transform="rotate(89.067 290.58 230.38)">
<path d="m294.18 450.89c112.45 0 198.11-95.137 206.99-223.43 5.0848-73.49-2.9544-149.56-34.967-214.24-8.4029-5.4128-32.662 0-42.198 0-8.8888 0-31.381-5.1679-36.572 6.6964-8.6217 19.677 0.40872 52.028 3.5208 72.143 5.0849 32.907 8.6314 64.46 6.2918 97.949-3.3953 48.552-18.968 91.019-63.567 102.07-38.014 9.4009-94.215 9.3342-123.11-25.828-32.212-39.177-29.045-108.23-19.857-156.75 4.821-25.476 17.884-60.509 11.937-86.812-3.5498-15.712-30.162-9.7756-40.193-9.9092-14.154-0.20404-41.915-8.1989-49.13 7.4161-17.591 38.019-27.996 78.75-31.6 121.62-6.6844 79.518 1.0588 161.26 47.312 224.34 40.721 55.534 102.63 84.738 165.15 84.738" fill="url(#c)"/>
<path d="m498.78 146.64c-2.964-33.564-8.2902-67.176-18.611-98.847-1.4514-4.4445-10.353-34.573-14.424-34.573h-17.585c-24.697 0-64.204-13.133-63.303 26.908 0.63077 28.099 7.1671 55.897 10.736 83.603 3.1282 24.252 0.048279 22.909 19.998 22.909h83.189m-313.47 0c2.8289-36.814 15.535-71.791 17.99-108.58 1.6992-25.469-9.4875-24.827-27.111-25.086-19.538-0.27826-39.073-0.55649-58.621-0.84958-6.1051-0.077911-18.785 46.912-20.684 53.545-7.4921 26.222-12.197 53.486-14.411 80.973h102.84" fill="#e5e5e5"/>
<path d="m504.83 201.55c0-37.938-1.4257-76.057-9.5293-113-5.7221-26.103-13.713-78.843-41.786-78.843-16.574 0-41.026-5.5204-56.902 0-28.742 0.43405-8.7956 80.149-6.414 95.916 7.4439 49.19 15.058 132.42-24.935 168.09-29.602 26.4-83.833 23.688-117.98 13.374-45.381-13.704-57.462-63.065-59.338-111.85-1.5512-40.56 9.1528-78.005 15.689-117.4 2.0243-12.202 6.1244-31.115-0.71767-42.397-5.0913-8.3733-18.212-5.8542-25.74-5.9618-12.094-0.18552-56.558-9.0077-63.902 4.003-17.63 31.171-27.284 73.39-32.154 109.78-9.4553 70.548-6.797 147.66 24.739 210.79 47.769 95.638 150.28 138.08 241.77 113.45 99.532-26.789 157.21-131.85 157.21-245.94m-5.558 0c0 129.36-76.366 237.89-191.32 245.39-111.66 7.2714-210.16-80.861-223.76-210.44-7.8912-75.178 2.8771-154.37 34.616-220.86 15.329 0.20035 30.651 0.44891 45.983 0.66409 18.528 0.27081 37.998-6.0694 35.613 23.016-5.7768 70.381-34.461 139.76-4.4284 208.93 19.706 45.387 64.272 52.143 104.02 51.349 35.424-0.71231 71.954-9.5382 88.251-49.921 23.851-59.103 8.8148-126.14 1.2712-187.06-2.3719-19.165-7.4985-45.906 14.547-45.906h54.875c16.294 0 27.568 57.029 31.082 73.238 7.9105 36.465 9.2397 74.165 9.2397 111.59" fill="url(#d)"/>
<path d="m120.86 317.55c0 10.499 30.168 38.19 36.659 44.597 34.519 34.068 77.792 53.938 123.28 55.842 48.094 1.9997 95.418-14.28 135.96-43.762 13.929-10.124 27.033-21.718 39.295-34.391 1.6574-1.7103 12.59-16.32 15.045-15.504 1.9696 0.65668-40.335 52.996-43.46 55.916-39.276 36.84-88.126 58.954-139.02 58.954-47.608 0-92.831-21.15-127.46-58.646-11.241-12.169-40.302-42.594-40.302-63.006" fill="#ffa3a3"/>
<path d="m187.96 243.85c0.63078 8.44 21.546 27.654 27.301 32.959 26.364 24.3 58.827 32.562 92.072 29.486 31.864-2.9531 84.56-21.391 95.834-62.735-11.56 42.386-45.7 72.804-82.652 81.333-48.525 11.185-127.29-11.13-132.55-81.043" fill="#b20d0d"/>
<g fill="#fff">
<path d="m405.87 36.096c7.1735-17.095 53.382 27.472 51.705 36.142 0.20273-1.0499-14.424-9.9166-16.497-9.6495-4.763 0.61954 20.291 54.495 23.564 53.716-11.734 2.8084-37.612-20.041-43.971-30.718-5.5161-9.2563-19.837-37.426-14.801-49.49"/>
<path d="m137.55 132.6c-4.5764-6.5703-10.231-13.107-16.951-16.669-14.077-7.4643-11.846 9.7571-20.336 12.495 5.4164-1.7474 15.763-100.47 38.497-73.601 13.584 16.049 42.546 101.66-1.2101 77.775"/>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.0 KiB

8
infra-templates/imagepuller/config.yml Normal file
View File

@ -0,0 +1,8 @@
name: Imagepuller
description: |
A script to pull images for a specific Rancher version to speed up upgrades
version: 0.1.5
category: Automation
maintainer: "Sebastiaan van Steenis <seb@rancher.com>"
license: Apache 2.0
projectURL: https://github.com/superseb/imagepuller

24
infra-templates/imagesyncer/0/docker-compose.yml.tpl Normal file
View File

@ -0,0 +1,24 @@
version: '2'
services:
imagesyncer:
image: superseb/imagesyncer:0.1.0
{{- if eq .Values.PRIVILEGED "true"}}
privileged: true
{{- end}}
environment:
CHECK_CPU_USAGE: ${CHECK_CPU_USAGE}
CHECK_INTERVAL: ${CHECK_INTERVAL}
CPU_USAGE_MAX: ${CPU_USAGE_MAX}
CPU_USAGE_SLEEP: ${CPU_USAGE_SLEEP}
RANDOM_SLEEP: ${RANDOM_SLEEP}
stdin_open: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
{{- if eq .Values.MOUNT_DOCKER_CONFIG "true"}}
- ${DOCKER_CONFIG_LOCATION}:/root/.docker/config.json
{{- end}}
tty: true
labels:
io.rancher.container.agent.role: environment
io.rancher.container.create_agent: 'true'
io.rancher.scheduler.global: 'true'

58
infra-templates/imagesyncer/0/rancher-compose.yml Normal file
View File

@ -0,0 +1,58 @@
version: '2'
catalog:
name: imagesyncer
version: 0.1.0
description: Sync all images in use in your environment to all hosts
minimum_rancher_version: v1.6.0
questions:
- variable: CHECK_CPU_USAGE
label: CHECK_CPU_USAGE
description: Enable CPU usage check
type: boolean
default: true
required: true
- variable: CHECK_INTERVAL
label: CHECK_INTERVAL
description: Amount of seconds to sleep before checking images
type: int
default: 300
required: true
- variable: CPU_USAGE_MAX
label: CPU_USAGE_MAX
description: Maximum CPU usage in % to halt pulling images
type: int
default: 75
required: true
- variable: CPU_USAGE_SLEEP
label: CPU_USAGE_SLEEP
description: Amount of seconds to sleep when cpu usage is too high
type: int
default: 120
required: true
- variable: MOUNT_DOCKER_CONFIG
label: MOUNT_DOCKER_CONFIG
description: Mount docker config as volume (for registries with authentication)
type: boolean
default: false
required: true
- variable: DOCKER_CONFIG_LOCATION
label: DOCKER_CONFIG_LOCATION
description: Docker config location on the host (for registries with authentication)
type: string
default: "/root/.docker/config.json"
required: true
- variable: PRIVILEGED
label: PRIVILEGED
description: Run as privileged (e.g. when SELinux is enabled)
type: boolean
default: false
required: true
- variable: RANDOM_SLEEP
label: RANDOM_SLEEP
description: Sleep a "random" amount of seconds between image pulls
type: boolean
default: false
required: true
services:
imagesyncer:
start_on_create: true

28
infra-templates/imagesyncer/catalogIcon-imagesyncer.svg Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg viewBox="0 0 48 48" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<defs>
<linearGradient id="a">
<stop stop-color="#fff" offset="0"/>
<stop stop-color="#fff" stop-opacity="0" offset="1"/>
</linearGradient>
<linearGradient id="e" x2="0" y1="7.7115" y2="24.463" gradientUnits="userSpaceOnUse">
<stop stop-color="#93b9dd" offset="0"/>
<stop stop-color="#6396cd" offset="1"/>
</linearGradient>
<linearGradient id="c" x2="0" y1="39.785" y2="23.034" gradientUnits="userSpaceOnUse">
<stop stop-color="#d7e866" offset="0"/>
<stop stop-color="#8cab2a" offset="1"/>
</linearGradient>
<linearGradient id="f" x1="34.119" x2="10.525" y1="13.085" y2="21.932" gradientUnits="userSpaceOnUse" xlink:href="#a"/>
<linearGradient id="d" x1="12.756" x2="36.35" y1="34.412" y2="25.564" gradientUnits="userSpaceOnUse" xlink:href="#a"/>
<radialGradient id="b" cx="62.625" cy="4.625" r="10.625" gradientTransform="matrix(2.1499 0 0 .87466 -110.64 34.661)" gradientUnits="userSpaceOnUse">
<stop offset="0"/>
<stop stop-opacity="0" offset="1"/>
</radialGradient>
</defs>
<path d="m46.842 38.707a22.842 9.2933 0 0 1 -45.685 0 22.842 9.2933 0 1 1 45.685 0z" fill="url(#b)" fill-rule="evenodd" opacity=".56044"/>
<path d="m23.531 4.5c-9.8484 0.39886-17.691 8.0151-18.906 17.656h10.625c1.0577-3.9266 4.8512-6.9835 9.0312-6.9375 2.3639 0.02602 4.646 0.79971 6.3438 2.4375l-4.4062 4.0625h16.031v-15.812l-4.2188 4.2188c-3.7082-3.644-7.9959-5.5648-13.469-5.625-0.34792-0.00383-0.68793-0.0139-1.0312 0z" fill="url(#e)" stroke="#387ab8" stroke-linejoin="round"/>
<path d="m14.219 21.75c1.2893-4.2881 5.5889-7.7538 10.125-7.6875 2.6731 0.03908 5.955 1.1919 7.9688 3.4688l-3.2188 3.0625 12.062 0.03125v-12.062l-3.1562 3.2188c-3.542-3.9509-8.0534-5.9758-13.594-6.0312-9.6095-0.09616-17.172 6.815-18.562 16" fill="none" opacity=".4" stroke="url(#f)" stroke-width="1.193"/>
<path d="m23.344 42.997c9.8484-0.39886 17.691-8.0151 18.906-17.656h-10.625c-1.0577 3.9266-4.8512 6.9835-9.0312 6.9375-2.3639-0.02602-4.646-0.79971-6.3438-2.4375l4.4062-4.0625h-16.031v15.812l4.2188-4.2188c3.7082 3.644 7.9959 5.5648 13.469 5.625 0.34792 0.0038 0.68793 0.01391 1.0312 0z" fill="url(#c)" stroke="#42770c" stroke-linejoin="round"/>
<path d="m32.656 25.747c-1.2893 4.2881-5.5889 7.7538-10.125 7.6875-2.6731-0.03908-5.955-1.1919-7.9688-3.4688l3.2188-3.0625-12.062-0.03125v12.062l3.1562-3.2188c3.542 3.9509 8.0534 5.9758 13.594 6.0312 9.6095 0.09616 17.172-6.815 18.562-16" fill="none" opacity=".4" stroke="url(#d)" stroke-width="1.193"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.6 KiB

8
infra-templates/imagesyncer/config.yml Normal file
View File

@ -0,0 +1,8 @@
name: Imagesyncer
description: |
Sync all images in use in your environment to all hosts
version: 0.1.0
category: Automation
maintainer: "Sebastiaan van Steenis <seb@rancher.com>"
license: Apache 2.0
projectURL: https://github.com/superseb/imagesyncer

105
templates/traefik/20/README.md Normal file
View File

@ -0,0 +1,105 @@
# Traefik active load balancer
### Info:
This template deploys traefik active load balancers on top of Rancher. The configuration is generated and updated with confd from Rancher metadata.
It would be deployed in hosts with label traefik_lb=true.
### Config:
- rancher_integration = "metadata" # Rancher integration method.
- rancher_healthcheck = false # Enable/Disable traefik rancher services healthcheck filter. Only valid for api and metadata integration.
- usage_enable = false # Enable/disable send Traefik [anonymous usage collection](https://docs.traefik.io/basics/#collected-data)
- constraints = "" # Traefik constraints for rancher provider. Only valid for api and metadata integration.
- host_label = "traefik_lb=true" # Host label where to run traefik service.
- http_port = 8080 # Port exposed to get access to the published services.
- https_port = 8443 # Port exposed to get secured access to the published services.
- admin_port = 8000 # Port exposed to get admin access to the traefik service.
- admin_ssl = false # Enable/Disable ssl on api, rest, ping and webui using `ssl_key` and `ssl_crt`
- https_enable = <false | true | only>
- false: Enable http enpoints and disable https ones.
- true: Enable http and https endpoints.
- only: Enable https endpoints and redirect http to https.
- https_min_tls = "" # See the [traefik documentation](https://docs.traefik.io/configuration/entrypoints/#specify-minimum-tls-version) for allowed values.
- trusted_ips="" # Enable [proxyProtocol](https://docs.traefik.io/configuration/entrypoints/#proxyprotocol) and [forwardHeaders](https://docs.traefik.io/configuration/entrypoints/#forwarded-header) for these IPs (eg: "172.0.0.0/16,192.168.0.1")
- acme_enable = false # Enable/Disable acme traefik support. [acme](https://docs.traefik.io/configuration/acme/)
- acme_email = "test@traefik.io" # acme user email
- acme_challenge = http # acme challenge parameter. WIP to support dns.
- acme_onhostrule = true # acme onHostRule parameter.
- acme_caserver = "https://acme-v01.api.letsencrypt.org/directory" # acme caServer parameter.
- acme_vol_name = "traefik_acme_vol" # Volume name to user by acme sidekick
- acme_vol_driver = "local" # Volume driver to user by acme sidekick
- ssl_key # Paste your ssl key. *Required if you enable https
- ssl_crt # Paste your ssl crt. *Required if you enable https
- insecure_skip = false # Enable InsecureSkipVerify param.
- compress_enable = true # Enable traefik compression
- refresh_interval = 10s # Interval to refresh traefik rules.toml from rancher-metadata.
- admin_readonly = false # Set REST API to read-only mode.
- admin_statistics = 10 # Enable more detailed statistics, extend recent errors number.
- admin_auth_method = "basic" # Selec auth method, basic or digest.
- admin_users = "" # Paste basic or digest users created with htdigest, one user per line.
- metrics_enable="false" # Enable/disable traefik [metrics](https://docs.traefik.io/configuration/metrics/)
- metrics_exporter="" # Metrics exporter prometheus | datadog | statsd | influxdb
- metrics_push="10" # Metrics exporter push interval (s). datadog | statsd | influxdb
- metrics_address="" # Metrics exporter address. datadog | statsd | influxdb
- metrics_prometheus_buckets="[0.1,0.3,1.2,5.0]" # Metrics buckets for prometheus
### Service configuration labels:
Traefik labels has to be added to your services, in order to get included in traefik config.
## Metadata or api
Please use traefik defined labels if you choose metadata or api rancher integration.
[Traefik rancher backend labels][traefik rancher backend]
Metadata is the prefered and recommended rancher integration.
## External
Use this labels if you choose extenal rancher integration.
- traefik.enable = < true | stack | false > #Controls if you want to publish or not the service
- true: the service will be published as *service_name.stack_name.traefik_domain*
- stack: the service will be published as *stack_name.domain*. WARNING: You can have collisions inside services within your stack
- false: the service will not be published
- traefik.priority = <priority> # Override for frontend priority. Default `5`
- traefik.protocol = < http | https > # Override the default protocol `http`
- traefik.sticky = < true | false > # Enable/disable sticky sessions to the backend. Default `false`
- traefik.backend.loadbalancer.method = < drr | wrr > # Override default lb algorithm `drr`
- traefik.backend.circuitbreaker.expression = < expression > # Override default backend circuitbreaker expression `NetworkErrorRatio() > 0.5`
- traefik.frontend.passHostHeader = < true | false > # Forward client Host header to the backend. Default `true`
- traefik.weight = < weight > # Override default backend weight `5`
- traefik.alias = < alias > # Alternate names to route rule. Multiple values separated by ",". traefik.domain is appended. WARNING: You could have collisions BE CAREFULL
- traefik.alias.fqdn = < alias fqdn > # Alternate names to route rule. Multiple values separated by ",". traefik.domain must be defined but is not appended here.
- traefik.domain = < domain.name > # Domain names to route rules. Multiple domains separated by ","
- traefik.domain.regexp = < domain.regexp > # Domain name regexp rule. Multiple domains separated by ","
- traefik.port = <port> # port to expose throught traefik. Default `80`
- traefik.acme = < true | false > # Enable/disable ACME traefik feature. Default `false`
- traefik.path = < path > # Path rule. Multiple values separated by ","
- traefik.path.strip = < path > # Path strip rule. Multiple values separated by ","
- traefik.path.prefix = < path > # Path prefix rule. Multiple values separated by ","
- traefik.path.prefix.strip = < path > # Path prefix strip rule. Multiple values separated by ","
- traefik.ratelimit.enable = < true | false > # Enable/disabe rate-limiting based on client ip. Default `false`
- traefik.ratelimit.period = < n > # Replace n with desired amount of seconds in which traefik is checking the limits "average" and "burst". Default `10`
- traefik.ratelimit.average = < n > # Change to desired average allowed requests by client ip. Default `100`
- traefik.ratelimit.burst = < n > # State what limit the client ip is allowed to burst up to respectively. Default `200`
WARNING: Only services with healthy state are added to traefik, so health checks are mandatory.
More info [rancher-traefik](https://github.com/rawmind0/rancher-traefik)
### Usage:
Select Traefik from catalog.
Set the params.
Click deploy.
Access your traefik admin service at $admin_port to see your published services.
Note: To access the services, you need to create A or CNAMES dns entries for every one.
[traefik rancher backend]: https://docs.traefik.io/configuration/backends/rancher/#labels-overriding-default-behaviour

128
templates/traefik/20/docker-compose.yml.tpl Normal file
View File

@ -0,0 +1,128 @@
version: '2'
services:
traefik:
ports:
- ${admin_port}:${admin_port}/tcp
- ${http_port}:${http_port}/tcp
{{- if ne .Values.https_enable "false"}}
- ${https_port}:${https_port}/tcp
{{- end}}
labels:
io.rancher.scheduler.global: 'true'
io.rancher.scheduler.affinity:host_label: ${host_label}
io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
{{- if eq .Values.rancher_integration "api"}}
io.rancher.container.agent.role: environment
io.rancher.container.create_agent: 'true'
{{- end}}
{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}}
io.rancher.sidekicks:
{{- if eq .Values.rancher_integration "external"}} traefik-conf
{{- if eq .Values.acme_enable "true" -}},{{- end -}}
{{- end -}}
{{- if eq .Values.acme_enable "true" -}}
{{- if ne .Values.rancher_integration "external"}} traefik-acme
{{- else -}}traefik-acme
{{- end -}}
{{- end -}}
{{- end}}
io.rancher.container.hostname_override: container_name
image: rawmind/alpine-traefik:1.5.3-3
environment:
- TRAEFIK_HTTP_PORT=${http_port}
- TRAEFIK_HTTP_COMPRESSION=${compress_enable}
- TRAEFIK_HTTPS_PORT=${https_port}
- TRAEFIK_HTTPS_ENABLE=${https_enable}
- TRAEFIK_HTTPS_COMPRESSION=${compress_enable}
- TRAEFIK_USAGE_ENABLE=${usage_enable}
{{- if ne .Values.https_min_tls ""}}
- TRAEFIK_HTTPS_MIN_TLS=${https_min_tls}
{{- end}}
{{- if ne .Values.trusted_ips ""}}
- TRAEFIK_TRUSTEDIPS=${trusted_ips}
{{- end}}
{{- if ne .Values.ssl_key ""}}
- TRAEFIK_SSL_KEY=${ssl_key}
{{- end}}
{{- if ne .Values.ssl_crt ""}}
- TRAEFIK_SSL_CRT=${ssl_crt}
{{- end}}
- TRAEFIK_INSECURE_SKIP=${insecure_skip}
- TRAEFIK_ADMIN_ENABLE=true
- TRAEFIK_ADMIN_PORT=${admin_port}
- TRAEFIK_ADMIN_SSL=${admin_ssl}
- TRAEFIK_ADMIN_STATISTICS=${admin_statistics}
- TRAEFIK_ADMIN_AUTH_METHOD=${admin_auth_method}
- TRAEFIK_ADMIN_AUTH_USERS=${admin_users}
{{- if eq .Values.acme_enable "true"}}
- TRAEFIK_ACME_ENABLE=${acme_enable}
- TRAEFIK_ACME_EMAIL=${acme_email}
- TRAEFIK_ACME_CHALLENGE=${acme_challenge}
- TRAEFIK_ACME_CHALLENGE_HTTP_ENTRYPOINT=http
- TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule}
- TRAEFIK_ACME_CASERVER=${acme_caserver}
{{- end}}
{{- if ne .Values.rancher_integration "external"}}
- TRAEFIK_RANCHER_ENABLE=true
- TRAEFIK_FILE_ENABLE=false
- TRAEFIK_CONSTRAINTS=${constraints}
- TRAEFIK_RANCHER_HEALTHCHECK=${rancher_healthcheck}
- TRAEFIK_RANCHER_MODE=${rancher_integration}
{{- else}}
- TRAEFIK_FILE_ENABLE=true
{{- end}}
{{- if eq .Values.metrics_enable "true"}}
- TRAEFIK_METRICS_ENABLE=${metrics_enable}
- TRAEFIK_METRICS_EXPORTER=${metrics_exporter}
- TRAEFIK_METRICS_PUSH=${metrics_push}
- TRAEFIK_METRICS_ADDRESS=${metrics_address}
- TRAEFIK_METRICS_PROMETHEUS_BUCKETS=${metrics_prometheus_buckets}
{{- end}}
{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}}
volumes_from:
{{- if eq .Values.rancher_integration "external"}}
- traefik-conf
{{- end}}
{{- if eq .Values.acme_enable "true"}}
- traefik-acme
{{- end}}
{{- end}}
{{- if eq .Values.rancher_integration "external"}}
traefik-conf:
labels:
io.rancher.scheduler.global: 'true'
io.rancher.scheduler.affinity:host_label: ${host_label}
io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
io.rancher.container.start_once: 'true'
image: rawmind/rancher-traefik:1.5.0-0
network_mode: none
volumes:
- tools-volume:/opt/tools
{{- end}}
{{- if eq .Values.acme_enable "true"}}
traefik-acme:
network_mode: none
labels:
io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
io.rancher.container.hostname_override: container_name
io.rancher.container.start_once: true
environment:
- SERVICE_UID=10001
- SERVICE_GID=10001
- SERVICE_VOLUME=/opt/traefik/acme
volumes:
- ${acme_vol_name}:/opt/traefik/acme
image: rawmind/alpine-volume:0.0.2-1
{{- end}}
{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}}
volumes:
{{- if eq .Values.rancher_integration "external"}}
tools-volume:
driver: local
per_container: true
{{- end}}
{{- if eq .Values.acme_enable "true"}}
${acme_vol_name}:
driver: ${acme_vol_driver}
{{- end}}
{{- end}}

242
templates/traefik/20/rancher-compose.yml Normal file
View File

@ -0,0 +1,242 @@
version: '2'
catalog:
name: traefik
version: v1.5.3-rancher1
description: |
Traefik load balancer.
minimum_rancher_version: v0.59.0
maintainer: "Raul Sanchez <rawmind@gmail.com>"
uuid: traefik-0
questions:
- variable: "rancher_integration"
label: "Choose rancher integration:"
description: |
Enable rancher integration mode. Traefik built in integration, metadata or api, or external sidekick integration with confd.
default: metadata
required: true
type: enum
options:
- metadata
- api
- external
- variable: "rancher_healthcheck"
description: |
Enable/disable rancher services healtcheck filter. If enable, just healthy services will be published.
Only valid for api and metadata integration.
label: "Rancher healthcheck filter:"
required: true
default: false
type: "boolean"
- variable: "usage_enable"
description: |
Enable/disable send anonymous usage collection to Traefik. See https://docs.traefik.io/basics/#collected-data
label: "Traefik send anonymous usage:"
required: true
default: false
type: "boolean"
- variable: "constraints"
description: |
Traefik constraints for rancher provider. Eg: "tag==api"
Only valid for api and metadata integration.
label: "Traefik constraints:"
required: false
default: ""
type: "string"
- variable: "host_label"
description: "Host label where to run traefik service."
label: "Host label:"
required: true
default: "traefik_lb=true"
type: "string"
- variable: "http_port"
description: "Traefik http public port to listen."
label: "Http port:"
required: true
default: 8080
type: "int"
- variable: "https_port"
description: "Traefik https public port to listen."
label: "Https port:"
required: true
default: 8443
type: "int"
- variable: "admin_port"
description: "Traefik admin public port to listen for api, rest, ping and webui."
label: "Admin port:"
required: true
default: 8000
type: "int"
- variable: "admin_ssl"
description: "Enable ssl for api, rest, ping and webui."
label: "Admin ssl:"
required: true
default: false
type: "boolean"
- variable: "https_enable"
label: "Https enable:"
description: |
Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work.
default: false
required: true
type: enum
options:
- false
- true
- only
- variable: "https_min_tls"
description: |
Minimal allowed tls version to accept connections from.
See the traefik documentation for allowed values. Default is `VersionTLS12`.
label: "Https min tls:"
required: false
default: ""
type: "string"
- variable: "trusted_ips"
description: |
Enable proxyProtocol and forwardHeaders just for trusted IPs. Eg: `172.0.0.0/16,192.168.0.1`
See the traefik documentation for more info. Default is ``.
label: "Trusted IPs:"
required: false
default: ""
type: "string"
- variable: "acme_enable"
description: "Enable acme support on traefik."
label: "ACME enable:"
required: true
default: false
type: "boolean"
- variable: "acme_email"
description: "ACME user email."
label: "ACME email:"
required: true
default: "test@traefik.io"
type: "string"
- variable: "acme_challenge"
description: "ACME challenge."
label: "ACME challenge:"
required: true
default: http
type: enum
options: # List of options if using type of `enum`
- http
- variable: "acme_onhostrule"
description: "Enable acme onHostRule."
label: "ACME onHostRule:"
required: true
default: true
type: "boolean"
- variable: "acme_caserver"
description: "ACME caServer to use."
label: "ACME caServer:"
required: true
default: "https://acme-v01.api.letsencrypt.org/directory"
type: "string"
- variable: "acme_vol_name"
description: "The volume name shared to store ACME certs"
label: "ACME Volume Name"
required: true
default: "traefik_acme_vol"
type: "string"
- variable: "acme_vol_driver"
description: "The volume driver shared to store ACME certs"
label: "ACME Volume Driver"
required: true
default: "local"
type: enum
options: # List of options if using type of `enum`
- local
- rancher-nfs
- rancher-efs
- rancher-ebs
- variable: "ssl_key"
description: "SSL key to secure the service. *Required if you enable https or admin ssl"
label: "Https key"
type: "multiline"
required: false
default: ""
- variable: "ssl_crt"
description: "SSL cert to secure the service. *Required if you enable https or admin ssl"
label: "Https crt"
type: "multiline"
required: false
default: ""
- variable: "insecure_skip"
description: "Enable InsecureSkipVerify param."
label: "InsecureSkipVerify:"
required: true
default: false
type: "boolean"
- variable: "compress_enable"
label: "Enable compression:"
description: |
Enable Traefik compression for entrypoints.
default: true
required: true
type: "boolean"
- variable: "admin_statistics"
description: "Enable more detailed statistics."
label: "Admin statistics history:"
required: true
default: 10
type: "int"
- variable: "admin_auth_method"
description: "Admin auth method on api, rest and webui."
label: "Admin auth method:"
required: true
default: "basic"
type: enum
options: # List of options if using type of `enum`
- basic
- digest
- variable: "admin_users"
description: "Admin auth user list on api, rest and webui. Generate with htpassword for basic or htdigest with traefik realm for digest."
label: "Admin users:"
type: "multiline"
required: false
default: ""
- variable: "metrics_enable"
description: "Enable traefik metrics."
label: "Metrics enable"
default: false
required: true
type: "boolean"
- variable: "metrics_exporter"
description: "Traefik metrics exporter."
label: "Metrics exporter:"
required: false
default:
type: enum
options: # List of options if using type of `enum`
- prometheus
- datadog
- statsd
- influxdb
- variable: "metrics_push"
description: "Traefik metrics exporter push interval. Apply on datadog, statsd and influxdb."
label: "Metrics push interval (s):"
required: false
default: 10
type: "int"
- variable: "metrics_address"
description: "Traefik metrics exporter address to push. Apply on datadog, statsd and influxdb."
label: "Metrics address:"
required: false
default: ""
type: "string"
- variable: "metrics_prometheus_buckets"
description: "Traefik metrics buckets for prometheus."
label: "Metrics prometheus buckets"
default: "[0.1,0.3,1.2,5.0]"
required: false
type: "string"
services:
traefik:
retain_ip: true
health_check:
healthy_threshold: 2
response_timeout: 5000
port: ${admin_port}
unhealthy_threshold: 3
interval: 5000
strategy: recreate

3
templates/traefik/config.yml
View File

@ -1,9 +1,8 @@
name: Traefik
description: |
Traefik active load balancer
version: v1.5.2-rancher1
version: v1.5.3-rancher1
category: Load Balancing
maintainer: "Raul Sanchez <rawmind@gmail.com>"
minimum_rancher_version: v0.59.0
license:
projectURL: https://github.com/rawmind0/alpine-traefik