k3s: Make ingress.tls completely optional.

[IngwiePhoenix]

What would you like to be added?

Hello there!

First off, thank you for that comprehensive helm chart. I actually used that to familiarize myself with a good amount of the syntax; reading the source is my prefered method of learning.

But, I spent a good bit trying to find out why k8s Dashboard would not deploy properly on my k3s node; and eventually found out that it was trying to access a secret that does not exist - and, is also not needed, either.

In particular, these lines here:
https://github.com/kubernetes/dashboard/blob/master/charts/kubernetes-dashboard/templates/networking/ingress.yaml#L50-L58

Traefik, bundled in k3s, provisions Let's Encrypt certificates on it's own (and stores it in a PVC as part of acme.json) and allows one to use regular Ingress objects and still have those applied. Problem is, if the Ingress object is explicitly requesting a secret, this will be entirely skipped/ignored - thus, causing Traefik to just 500 the request, forever. Oh, and only spit out a single line of log about that - it took a while to find, but this is not your fault.

This is why I would like to request having the option to completely remove the TLS object from the ingress, if possible, to avoid incompatibilities.

Why is this needed?

k3s is a great kubernetes distribution to get started and into the weed of things. And it has a built-in Helm controller with which it is quite trivial to provision just about any Helm chart - including this one.

So effectively, it increases compatibility. At least, I think so but I could be wrong.

Kind regards,
Ingwie

[floreks]

You basically want to be able to define host but disable TLS and use HTTP only, right?

[IngwiePhoenix]

That's correct, yes.