Creating a Traefik Ingress Controller

Overview

While loadbalancer backed Kubernetes services are the most common method to expose your services, they can be too restrictive for your needs. You want to route traffic based on URI matches or have more control over TLS termination, for example. For cases like this we deploy ingress controllers in our Kibernetes cluster.

In this tutorial you will be guided through the process of deploying an ingress controller based on Traefik.

Ingress Controller Configuration

Deploying an ingress controller is a two-step process. The first of which is to create define the controller within Kubernetes, followed by the deployment of the ingress controller’s pod.

Create a new file named traefik-ingress-config.yaml to store the configuration for the ingress controller. This file will be applied to the cluster. Add the following contents to the file.

Apply the configuration using kubectl.

kubectl apply -f traefik-ingress-config.yml

Deploying a Traefik Ingress Controller

With the Kubernetes configurations completed a deployment must be defined for the ingress controller. Since the ingress controller runs as a pod, the deployment configuration will be very similar to any other application pod deployment.

Create a new file named traefik-ingress-deployment.yml and the following contents to it.

Apply the deployment using kubectl.

kubectl -f traefik-ingress-deployment.yml

Dynamic Certificates

One of the most valuable features offered by Traefik is dynamic certificates. This feature allows you to perform live updates of your certificates without having to reload a new configuration. With integrated Let’s Encrypt support, your ingress controller will handle its own certificates.

Let’s add dynamic certificates to our ingress controller.