generated from canonical/template-operator
-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathmetadata.yaml
110 lines (100 loc) · 3.7 KB
/
metadata.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# Copyright 2022 Canonical Ltd.
# See LICENSE file for licensing details.
# For a complete list of supported options, see:
# https://discourse.charmhub.io/t/charm-metadata-v2/3674/15
name: traefik-k8s
assumes:
- k8s-api
display-name: |
Traefik Ingress Operator for Kubernetes
summary: |
A Juju charm to run a Traefik-powered ingress controller on Kubernetes.
description: |
A Juju-operated Traefik operator that routes requests from the outside of a
Kubernetes cluster to Juju units and applications.
website: https://charmhub.io/traefik-k8s
source: https://github.com/canonical/traefik-k8s-operator
issues: https://github.com/canonical/traefik-k8s-operator/issues
docs: https://discourse.charmhub.io/t/traefik-k8s-docs-index/10778
containers:
traefik:
resource: traefik-image
mounts:
- storage: configurations
location: /opt/traefik/
resources:
traefik-image:
type: oci-image
description: |
OCI image for traefik. This charms makes the following assumptions about the image:
- executable is `/usr/bin/traefik`
- has `update-ca-certificates`
upstream-source: docker.io/ubuntu/traefik:2-22.04
storage:
# We need to store the configurations in a volume, as Traefik's directory
# discovery provider does not work in the file system of the Docker image
configurations:
type: filesystem
provides:
ingress:
interface: ingress
description: |
Provides ingress-like routing to the related Juju application, load-balancing across all units
ingress-per-unit:
interface: ingress_per_unit
description: |
Provides ingress-like routing to the single units of the related Juju application
metrics-endpoint:
interface: prometheus_scrape
description: |
Exposes the Prometheus metrics endpoint providing telemetry about the
Traefik instance
traefik-route:
interface: traefik_route
description: |
Provides endpoint for a traefik-route charm to sit between Traefik and a
charm in need of ingress, configuring the relation on a per-unit basis.
grafana-dashboard:
description: |
Forwards the built-in grafana dashboard(s) for monitoring traefik.
interface: grafana_dashboard
requires:
certificates:
interface: tls-certificates
limit: 1
description: |
Send a CSR to- and obtain a signed certificate from an external CA.
experimental-forward-auth:
interface: forward_auth
limit: 1
description: |
Receive config from e.g. oathkeeper, for rendering the forwardAuth middleware.
The same middleware is applied to all proxied endpoints that requested Identity and Access Proxy (IAP) protection.
For this reason we set a relation count limit of 1.
This feature is experimental and may be unstable. In order to enable it, run `juju config enable_experimental_forward_auth=True`.
logging:
interface: loki_push_api
description: |
Receives Loki's push api endpoint address to push logs to, and forwards charm's built-in alert rules to Loki.
charm-tracing:
description: |
Enables sending charm traces to a distributed tracing backend such as Tempo.
limit: 1
interface: tracing
workload-tracing:
description: |
Enables sending workload traces to a distributed tracing backend such as Tempo.
limit: 1
interface: tracing
receive-ca-cert:
interface: certificate_transfer
description: |
Receive a CA cert for traefik to trust.
This relation can be used with a local CA to obtain the CA cert that was used to sign proxied
endpoints.
# Must limit the relation count to 1 due to
# https://github.com/canonical/certificate-transfer-interface/issues/6
limit: 1
peers:
peers:
interface: traefik_peers