Skip to content

Helm Chart Configuration Reference

This page explains how to customize your Helm-based installation Traefik Enterprise Edition (TraefikEE).

Synopsis

The Helm chart for TraefikEE uses the Helm Chart Customization Mechanism.

The commands helm install and helm upgrade get the configuration items and their values with:

  • With --set flags:
helm install --set licensekey=SUPERSECRETKEY \
  --set key1=value1 ... containous/traefikee

helm upgrade --set licensekey=ANOTHERSECRETKEY \
  --set key1=newValue2 ... traefikee-external containous/traefikee
  • Or with YAML files:
helm install --values ./license-values.yaml \
  --values ./storage-values.yaml ... containous/traefikee

helm upgrade --values ./new-license.yaml \
  --values ./new-storage-values.yaml ... traefikee-external containous/traefikee

Modifying the Helm Chart Configuration Items

You can change the configuration items (values) by using a custom-values.yaml file. Once you have created the file, you can run helm upgrade to apply your changes:

helm upgrade --namespace=traefikee \
  --values=custom-values.yaml \
  traefikee containous/traefikee

For more information about upgrading and rolling back, check the Helm Chart Customization Guide, and the Helm Upgrade Guide

Configuration Items Reference

The following table lists the configurable items of the TraefikEE chart and their default values.

Parameter Description Default
image.name Docker Image's name to use containous/traefikee
image.tag Docker Image's tag to use v1.0.0-beta15
image.pullPolicy Pull Policy for the Docker Images IfNotPresent
commons.terminationGracePeriodSeconds Graceful period in seconds to wait before forcing pod termination 10
commons.joinTokenSecretName Secret name to use for storing join tokens traefikee-tokens
logging.traefik Log level used for Traefik-related logs INFO
ports.http Port used for HTTP traffic at Service level 80
ports.https Port used for HTTPS traffic at Service level 443
ports.api Port used for internal API traffic 8080
ports.control Port used for internal control node communications 4242
replicas.bootstrap.total Number of instances used for bootstrapping the cluster 1
replicas.controlNode.total Number of Control Node instances 3
replicas.controlNode.allowedUnavailable Number of Control Node instances which could be unavailable at the same time. Should be ceil((N/2) -1) where N is replicas.controlNode.total 1
replicas.dataNode.total Number of Data Node instances run as Deployment. It uses a DaemonSet if not set. Not set by default
replicas.dataNode.allowedUnavailable Number of Data Node instances which could be unavailable at the same time. 1
licensekey License key to use for the cluster fakeLicense
resources.requests.memory Amount of memory to reserve for each node Not set by default
resources.requests.cpu Amount of CPU "unit" to reserve for each node Not set by default
resources.limits.memory Memory limit for each node: the scheduler kills a node when it reaches this limit Not set by default
resources.limits.cpu CPU share limit for each node: the scheduler kills a node when it reaches this limit Not set by default
storage.controlNode.type Which kind of storage to use for the Control Nodes data persistence. Can be emptyDir or defaultStorageClass Not set by default (Storage on node host outside Kubernetes management)
storage.controlNode.volume Volume of the persistent volume for each node when storage.controlNode.type has the value defaultStorageClass Not set by default
dashboard.type Enables the dashboard with the specified network access type. Can be ingress, service-loadbalancer or service-nodeport. ingress
dashboard.insecure Disables the automatically generated basic authentication for the dashboard. Not set by default
dashboard.secretName Provides a Kubernetes Secret to enable password based authentication for the dashboard. Not set by default
dashboard.host Specifies the external hostname when using an Ingress type for the dashboard. Not set by default
dashboard.path Specifies the URI path when using an Ingress type for the dashboard. Not set by default
ports.nodeports.http Configures external service as Nodeport service, instead of LoadBalancer, with http traffic on this port Not set by default
ports.nodeports.https Configures external service as Nodeport service, instead of LoadBalancer, with https traffic on this port Not set by default

Examples

Basic Installation

Basic installation in the namespace traefikee-ingress:

helm install --name traefikee --namespace "traefikee-ingress" \
  --set licensekey="YOURLICENSEKEYHERE" containous/traefikee

Dashboard Enabled

Installation in the namespace traefikee, with the dashboard enabled on the external domain http://webui.example.com, secured by password-based authentication defined in the secret named traefikee-webui-auth:

helm install --name traefikee --namespace traefikee \
  --set licensekey="YOURLICENSEKEYHERE" \
  --set dashboard.type=ingress \
  --set dashboard.host=webui.example.com \
  --set dashboard.secretName=traefikee-webui-auth \
  containous/traefikee

Custom Docker Image

Installation in the namespace traefikee-test, using a docker image named mycompany/traefikee:beta-test:

helm install --name traefikee --namespace "traefikee-ingress" \
  --set licensekey="YOURLICENSEKEYHERE" \
  --set image.name="mycompany/traefikee" \
  --set image.tag="beta-test" \
  containous/traefikee

Custom Node Allocation and Resources Limitation

Installation in the namespace traefikee-test, with 5 Control Nodes (with 2 allowedUnavailable), 10 Data Nodes (with 5 allowedUnavailable), each node having limits at 500 Mb of memory and 1 vCPU, with values set in a file:

helm install --name traefikee --namespace "traefikee-ingress" \
  --values="custom-values.yaml" \
  containous/traefikee
replicas:
  controlNode:
    total: 5
    allowedUnavailable: 2
  dataNode:
    total: 10
    allowedUnavailable: 4
licensekey: fakeLicense
resources:
  requests:
    memory: 500Mi
    cpu: 1
  limits:
    memory: 500Mi
    cpu: 1