Note about Traefik static and dynamic configuration on Kubenetes using Helm chart, ConfigMap and CRD

Background

After quite a while on configuring Traefik as ingress controller in Kubernetes, I feel there are need to share some ideas regarding some confusions I have been through on different configurations and my current operation approach on how those being configured.

This article aimed to describe:

  1. Static and Dynamic configuration
  2. Different deployment approaches (a. Helm chart / b. Command Line Interface [CLI] / c. File base [through ConfigMap] / d. Environment variables / e. Custom Resources Definition [CRD] )
  3. My current choices

Static and Dynamic Configuration

The official documentation does have sections mentioned about this (which I didn’t read at the beginning of my journey, which is a big mistake)

https://doc.traefik.io/traefik/getting-started/configuration-overview/

Summary as:

Different deployment approaches

I like using helm chart to deploy Traefik, it is likely the simplest approach to install Traefik into Kubernetes cluster. The official Traefik documentation stated the steps how to install through helm.

What Helm chart achieve is like a setup template that allow some customization through a config file, the detail configs can always be referred in values.yaml of the chart (see github link to Traefik offical helm chart values.yaml)

What’s available in values.yaml

The configuration cover only static configurations (there are section of entrypoint, differnet sections for global options, as well as adding CLI config on additionalArguments section).

Because Helm chart deployment is expected to redeploy the services / pods, so we expected there is downtime on the Traefik pod.

When we check Traefik document, we would see most commonly there are 3 reference ( File(YAML), File(TOML) and CLI )

What we commonly see in official document

CLI cover both static and (some) dynamic configurations, as I see examples from internet, it’s mainly applied to docker as start command. I never used this approach.

Cover both static and dynamic configurations, I believe this is the most versatile approach, and likely there would be most example out there on the internet

The way we make it work is define a ConfigMap in Kubernetes:

Then we bind it to the Traefik deployment’s volume (example below is config file of Helm chart):

Note that config map update would require the pod reload, so I normally only put static config.

This is new to me, I know this only because I am preparing this article, I think it could be of good use. Reference link.

Note that environment variable only cover static configurations.

This is the most Kubernetes approach, because Traefik created the CRD for Kubernetes, I mainly use IngressRoute (incuding variant of TCP/UDP) and Middleware.

From left menu, Routing & Load Balancing > Provider > Kubernetes IngressRoute

The CRD approach only cover dynamic configurations.

My preference (at the moment)

I would use Helm chart for static configurations, given static configuration would take effect on process restart, so Helm chart deployment does no more harm than other approaches, and in addition, I can enjoy the version rollback.

For dynamic configurations, I prefer to use CRD as it’s more Kubernetes-ly and I use a set of yaml files together with Kustomize to manage different environments.

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

[Unity ECS] Extending ECS system to your own with an interface on struct

A Comprehensive Guide to Cypher Map Projection

How to create your own virtual private cloud like Google Drive?

Dev Update 27th Jun 2017

Ever since I was a little boy, I have only ever wanted to be a Doctor.

Formula 1 Cars is a Fascinating Engineering Problem/Masterpiece

Fetching from External APIs

What is Lambda Function in Python

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Stephen Cow Chau

Stephen Cow Chau

More from Medium

Kubernetes RBAC — Update default ClusterRoles without editing them

Kubernetes Network Policies with Cilium

Kubernetes troubleshooting and automation using Robusta

Kind — Install Prometheus Operator and fix missing targets