cluster.fun/manifests/nginx-lb/nginx-lb.yaml

184 lines
5.2 KiB
YAML
Raw Normal View History

kind: Service
apiVersion: v1
metadata:
name: nginx-ingress-service
namespace: kube-system
spec:
selector:
app.kubernetes.io/name: ingress-nginx
ports:
- protocol: TCP
port: 80
name: http
- protocol: TCP
port: 443
name: https
type: LoadBalancer
---
kind: Service
apiVersion: v1
metadata:
name: nginx-ingress-service-metrics
namespace: kube-system
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "10254"
spec:
selector:
app.kubernetes.io/name: ingress-nginx
ports:
- protocol: TCP
port: 10254
targetPort: 10254
name: metrics
---
apiVersion: v1
kind: ConfigMap
metadata:
annotations:
meta.helm.sh/release-name: kapsule-ingress
meta.helm.sh/release-namespace: kube-system
labels:
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
k8s.scw.cloud/ingress: nginx
k8s.scw.cloud/object: ConfigMap
k8s.scw.cloud/system: ingress
name: ingress-nginx-configuration
namespace: kube-system
data:
log-format-upstream: '{"time": "$time_iso8601", "request_id": "$req_id", "remote_user": "$remote_user", "bytes_sent": $bytes_sent, "request_time": $request_time, "status": $status, "host": "$host", "request_proto": "$server_protocol", "path": "$uri", "request_query": "$args", "request_length": $request_length, "duration": $request_time,"method": "$request_method", "http_referrer": "$http_referer", "http_user_agent": "$http_user_agent", "redirect_location": "$redirect_location" }'
plugins: "redirect_location"
location-snippet: |
set $redirect_location '';
---
apiVersion: v1
kind: ConfigMap
metadata:
annotations:
meta.helm.sh/release-name: kapsule-ingress
meta.helm.sh/release-namespace: kube-system
labels:
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
k8s.scw.cloud/ingress: nginx
k8s.scw.cloud/object: ConfigMap
k8s.scw.cloud/system: ingress
name: ingress-nginx-plugin-redirect-location
namespace: kube-system
data:
main.lua: |
local ngx = ngx
local _M = {}
function _M.header_filter()
ngx.var.redirect_location = ngx.resp.get_headers()["Location"]
end
return _M
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
annotations:
meta.helm.sh/release-name: kapsule-ingress
meta.helm.sh/release-namespace: kube-system
configmap.reloader.stakater.com/reload: "ingress-nginx-configuration"
labels:
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
k8s.scw.cloud/ingress: nginx
k8s.scw.cloud/object: DaemonSet
k8s.scw.cloud/system: ingress
name: nginx-ingress
namespace: kube-system
spec:
selector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
containers:
- args:
- /nginx-ingress-controller
- --election-id=ingress-controller-leader-nginx
- --controller-class=k8s.io/ingress-nginx
- --configmap=$(POD_NAMESPACE)/ingress-nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/ingress-nginx-tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/ingress-nginx-udp-services
- --annotations-prefix=nginx.ingress.kubernetes.io
- --watch-ingress-without-class
- --enable-metrics
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: k8s.gcr.io/ingress-nginx/controller:v1.0.0-beta.1
imagePullPolicy: IfNotPresent
name: nginx-ingress-controller
ports:
- containerPort: 80
hostPort: 80
name: http
protocol: TCP
- containerPort: 443
hostPort: 443
name: https
protocol: TCP
- containerPort: 10254
name: http-metrics
protocol: TCP
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
securityContext:
allowPrivilegeEscalation: true
capabilities:
add:
- NET_BIND_SERVICE
drop:
- ALL
runAsUser: 101
volumeMounts:
- name: plugins
mountPath: /etc/nginx/lua/plugins/redirect_location
volumes:
- name: plugins
configMap:
name: ingress-nginx-plugin-redirect-location