k8s: add traefik and test app "whoami"

11 files changed, 198 insertions, 12 deletions

diff --git a/kubernetes/README.md b/kubernetes/README.md
index 2114f71..72d9c55 100644
--- a/kubernetes/README.md
+++ b/kubernetes/README.md
@@ -1,7 +1,3 @@
-# Kubernetes Configurations
+# Kubernetes Applications
 
-This folder contains Kubernetes cluster and application configurations.
-
-## Structure
-- **clusters/**: Cluster setup and configuration.
-- **apps/**: Application deployments (e.g., Helm charts, manifests).
+This folder contains configurations for deploying applications on Kubernetes.
diff --git a/kubernetes/apps/README.md b/kubernetes/apps/README.md
deleted file mode 100644
index 72d9c55..0000000
--- a/kubernetes/apps/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Kubernetes Applications
-
-This folder contains configurations for deploying applications on Kubernetes.
diff --git a/kubernetes/clusters/README.md b/kubernetes/clusters/README.md
deleted file mode 100644
index 8f35ec4..0000000
--- a/kubernetes/clusters/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Kubernetes Clusters
-
-This folder contains configurations for Kubernetes clusters.
diff --git a/kubernetes/traefik/00-account.yml b/kubernetes/traefik/00-account.yml
new file mode 100644
index 0000000..27b8159
--- /dev/null
+++ b/kubernetes/traefik/00-account.yml
@@ -0,0 +1,6 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: traefik-account
+...
diff --git a/kubernetes/traefik/00-role.yml b/kubernetes/traefik/00-role.yml
new file mode 100644
index 0000000..2362a3b
--- /dev/null
+++ b/kubernetes/traefik/00-role.yml
@@ -0,0 +1,59 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: traefik-role
+
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - services
+      - secrets
+      - nodes
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - discovery.k8s.io
+    resources:
+      - endpointslices
+    verbs:
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+      - networking.k8s.io
+    resources:
+      - ingresses
+      - ingressclasses
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+      - networking.k8s.io
+    resources:
+      - ingresses/status
+    verbs:
+      - update
+  - apiGroups:
+      - traefik.io
+    resources:
+      - middlewares
+      - middlewaretcps
+      - ingressroutes
+      - traefikservices
+      - ingressroutetcps
+      - ingressrouteudps
+      - tlsoptions
+      - tlsstores
+      - serverstransports
+      - serverstransporttcps
+    verbs:
+      - get
+      - list
+      - watch
+...
diff --git a/kubernetes/traefik/01-role-binding.yml b/kubernetes/traefik/01-role-binding.yml
new file mode 100644
index 0000000..e5117f9
--- /dev/null
+++ b/kubernetes/traefik/01-role-binding.yml
@@ -0,0 +1,15 @@
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: traefik-role-binding
+
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: traefik-role
+subjects:
+  - kind: ServiceAccount
+    name: traefik-account
+    namespace: default
+...
diff --git a/kubernetes/traefik/02-traefik-services.yml b/kubernetes/traefik/02-traefik-services.yml
new file mode 100644
index 0000000..2a44a13
--- /dev/null
+++ b/kubernetes/traefik/02-traefik-services.yml
@@ -0,0 +1,28 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: traefik-dashboard-service
+
+spec:
+  type: LoadBalancer
+  ports:
+    - port: 8080
+      targetPort: dashboard
+  selector:
+    app: traefik
+...
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: traefik-web-service
+
+spec:
+  type: LoadBalancer
+  ports:
+    - targetPort: web
+      port: 80
+  selector:
+    app: traefik
+...
diff --git a/kubernetes/traefik/02-traefik.yml b/kubernetes/traefik/02-traefik.yml
new file mode 100644
index 0000000..2a6a4d1
--- /dev/null
+++ b/kubernetes/traefik/02-traefik.yml
@@ -0,0 +1,31 @@
+---
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: traefik-deployment
+  labels:
+    app: traefik
+
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: traefik
+  template:
+    metadata:
+      labels:
+        app: traefik
+    spec:
+      serviceAccountName: traefik-account
+      containers:
+        - name: traefik
+          image: traefik:v3.3
+          args:
+            - --api.insecure
+            - --providers.kubernetesingress
+          ports:
+            - name: web
+              containerPort: 80
+            - name: dashboard
+              containerPort: 8080
+...
diff --git a/kubernetes/traefik/03-whoami-services.yml b/kubernetes/traefik/03-whoami-services.yml
new file mode 100644
index 0000000..c0b0672
--- /dev/null
+++ b/kubernetes/traefik/03-whoami-services.yml
@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: whoami
+
+spec:
+  ports:
+    - name: web
+      port: 80
+      targetPort: web
+
+  selector:
+    app: whoami
+...
diff --git a/kubernetes/traefik/03-whoami.yml b/kubernetes/traefik/03-whoami.yml
new file mode 100644
index 0000000..8b21f67
--- /dev/null
+++ b/kubernetes/traefik/03-whoami.yml
@@ -0,0 +1,25 @@
+---
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: whoami
+  labels:
+    app: whoami
+
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: whoami
+  template:
+    metadata:
+      labels:
+        app: whoami
+    spec:
+      containers:
+        - name: whoami
+          image: traefik/whoami
+          ports:
+            - name: web
+              containerPort: 80
+...
diff --git a/kubernetes/traefik/04-whoami-ingress.yml b/kubernetes/traefik/04-whoami-ingress.yml
new file mode 100644
index 0000000..e8f3782
--- /dev/null
+++ b/kubernetes/traefik/04-whoami-ingress.yml
@@ -0,0 +1,17 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: whoami-ingress
+spec:
+  rules:
+  - http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: whoami
+            port:
+              name: web
+...