Skip to content

Instantly share code, notes, and snippets.

@sofyan48

sofyan48/values.yml

Created November 20, 2025 09:53
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save sofyan48/178105dabc82317754cf90797cb41203 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save sofyan48/178105dabc82317754cf90797cb41203 to your computer and use it in GitHub Desktop.
Download ZIP
traefik-gateway-values
Raw
values.yml
# Traefik Gateway - Development Environment
image:
registry: docker.io
repository: traefik
pullPolicy: IfNotPresent
deployment:
enabled: true
kind: Deployment
replicas: 1
terminationGracePeriodSeconds: 60
minReadySeconds: 0
goMemLimitPercentage: 0.9
podDisruptionBudget:
enabled: false
ingressClass:
enabled: false
isDefaultClass: true
experimental:
abortOnPluginFailure: false
fastProxy:
enabled: false
debug: false
kubernetesGateway:
enabled: false
otlpLogs: false
knative: false
gateway:
enabled: false
gatewayClass:
enabled: true
api:
dashboard: false
ingressRoute:
dashboard:
enabled: false
matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
services:
- name: api@internal
kind: TraefikService
entryPoints: ["traefik"]
healthcheck:
enabled: false
matchRule: PathPrefix(`/ping`)
services:
- name: ping@internal
kind: TraefikService
entryPoints: ["traefik"]
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
readinessProbe:
failureThreshold: 1
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
providers:
kubernetesCRD:
enabled: true
allowCrossNamespace: false
allowExternalNameServices: false
allowEmptyServices: true
nativeLBByDefault: false
kubernetesIngress:
enabled: false
allowExternalNameServices: false
allowEmptyServices: true
publishedService:
enabled: true
nativeLBByDefault: false
strictPrefixMatching: false
kubernetesGateway:
enabled: true
experimentalChannel: false
nativeLBByDefault: false
statusAddress:
service:
enabled: true
file:
enabled: false
watch: true
knative:
enabled: false
logs:
general:
level: "INFO"
noColor: false
format: json
access:
enabled: true
format: json
addInternals: false
fields:
general:
defaultmode: keep
headers:
defaultmode: drop
metrics:
addInternals: false
prometheus:
entryPoint: metrics
addRoutersLabels: true
addNamespaces: true
headerLabels:
host: X-Forwarded-Host
manualRouting: false
service:
enabled: false
serviceMonitor:
enabled: false
ocsp:
enabled: false
global:
checkNewVersion: true
sendAnonymousUsage: false
ports:
traefik:
port: 8080
expose:
default: false
exposedPort: 8080
protocol: TCP
web:
port: 8000
expose:
default: true
exposedPort: 80
protocol: TCP
websecure:
port: 8443
expose:
default: true
exposedPort: 443
protocol: TCP
allowACMEByPass: false
http3:
enabled: false
tls:
enabled: true
intl-web:
port: 8001
expose:
default: false
internal: true
exposedPort: 80
protocol: TCP
intl-websecure:
port: 8444
expose:
default: false
internal: true
exposedPort: 443
protocol: TCP
allowACMEByPass: false
http3:
enabled: false
tls:
enabled: true
metrics:
port: 9100
expose:
default: false
exposedPort: 9100
protocol: TCP
observability:
metrics: true
accessLogs: true
tracing: true
traceVerbosity: detailed
service:
enabled: true
single: false
type: LoadBalancer
annotations:
metallb.universe.tf/loadBalancerIPs: "10.184.0.5"
externalIPs:
- 10.184.0.5
additionalServices:
internal:
type: LoadBalancer
annotations:
metallb.universe.tf/loadBalancerIPs: "10.184.0.6"
externalIPs:
- 10.184.0.6
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 4
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: "{{ template \"traefik.fullname\" . }}"
persistence:
enabled: false
name: data
accessMode: ReadWriteOnce
size: 128Mi
path: /data
hostNetwork: false
rbac:
enabled: true
namespaced: false
podSecurityPolicy:
enabled: false
podSecurityContext:
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ALL]
readOnlyRootFilesystem: true
hub:
apimanagement:
enabled: false
mcpgateway:
enabled: false
aigateway:
enabled: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment