Phathdt/gist:d2511ede26b73506f25d64b2bdca4be6

## gistfile1.txt
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
        version: "v1.0.1"
    spec:
      containers:
      - name: my-app
        image: nginx:1.25-alpine
        resources:
          limits:
            memory: "128Mi"
            cpu: "500m"
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: my-app
spec:
  selector:
    app: my-app
  ports:
  - port: 80
    targetPort: 80

---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: my-app-gateway
spec:
  selector:  # select a standalone Envoy proxy running on a pod at the edge of service mesh
    istio: ingress # use default istio gateway proxy in `istio-system` namespace, which exposes it using K8s service of LoadBalancer, which creates AWS ELB
  servers: # defines L7 host, port, and protocol
  - port:
      number: 80 # define incoming port
      name: http # label assigned to the port
      protocol: HTTP # define incoming protocol, could be HTTP|HTTPS|GRPC|HTTP2|MONGO|TCP|
    hosts: # hosts exposed by this gateway
    - "*"

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: my-app-virtualservice
spec:
  hosts:
  - "*"
  gateways: # using gateways field, it'll be exposed externally
  - my-app-gateway
  http:
  - match:
    - uri:
        prefix: /
    route:
    - destination:
        host: my-app # specify service name
        port:
          number: 80
# ---
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
#   annotations:
#     alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:ap-southeast-1:108533296571:certificate/cc522bc2-9ca1-4352-93f1-def1d5473b2a
#     alb.ingress.kubernetes.io/group.name: istio-lb
#     alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
#     alb.ingress.kubernetes.io/healthcheck-port: traffic-port
#     alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
#     alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
#     alb.ingress.kubernetes.io/healthy-threshold-count: '2'
#     alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
#     alb.ingress.kubernetes.io/scheme: internet-facing
#     alb.ingress.kubernetes.io/ssl-redirect: '443'
#     alb.ingress.kubernetes.io/success-codes: '200'
#     alb.ingress.kubernetes.io/target-type: ip
#     alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'
#   name: gw-ingress
#   namespace: istio-system
# spec:
#   ingressClassName: alb-ingress-class
#   rules:
#     - http:
#         paths:
#         - backend:
#             service:
#               name: ssl-redirect
#               port:
#                 name: use-annotation
#           path: /
#           pathType: Prefix
#         - backend:
#             service:
#               name: istio-ingress
#               port:
#                 number: 15021
#           path: /healthz/ready
#           pathType: Prefix
#         - backend:
#             service:
#               name: istio-ingress
#               port:
#                 number: 443
#           path: /
#           pathType: Prefix
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: my-app
	spec:
	replicas: 2
	selector:
	matchLabels:
	app: my-app
	template:
	metadata:
	labels:
	app: my-app
	version: "v1.0.1"
	spec:
	containers:
	- name: my-app
	image: nginx:1.25-alpine
	resources:
	limits:
	memory: "128Mi"
	cpu: "500m"
	ports:
	- containerPort: 80
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: my-app
	spec:
	selector:
	app: my-app
	ports:
	- port: 80
	targetPort: 80

	---
	apiVersion: networking.istio.io/v1alpha3
	kind: Gateway
	metadata:
	name: my-app-gateway
	spec:
	selector: # select a standalone Envoy proxy running on a pod at the edge of service mesh
	istio: ingress # use default istio gateway proxy in `istio-system` namespace, which exposes it using K8s service of LoadBalancer, which creates AWS ELB
	servers: # defines L7 host, port, and protocol
	- port:
	number: 80 # define incoming port
	name: http # label assigned to the port
	protocol: HTTP # define incoming protocol, could be HTTP\|HTTPS\|GRPC\|HTTP2\|MONGO\|TCP\|
	hosts: # hosts exposed by this gateway
	- "*"

	---
	apiVersion: networking.istio.io/v1alpha3
	kind: VirtualService
	metadata:
	name: my-app-virtualservice
	spec:
	hosts:
	- "*"
	gateways: # using gateways field, it'll be exposed externally
	- my-app-gateway
	http:
	- match:
	- uri:
	prefix: /
	route:
	- destination:
	host: my-app # specify service name
	port:
	number: 80
	# ---
	# apiVersion: networking.k8s.io/v1
	# kind: Ingress
	# metadata:
	# annotations:
	# alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:ap-southeast-1:108533296571:certificate/cc522bc2-9ca1-4352-93f1-def1d5473b2a
	# alb.ingress.kubernetes.io/group.name: istio-lb
	# alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
	# alb.ingress.kubernetes.io/healthcheck-port: traffic-port
	# alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
	# alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
	# alb.ingress.kubernetes.io/healthy-threshold-count: '2'
	# alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
	# alb.ingress.kubernetes.io/scheme: internet-facing
	# alb.ingress.kubernetes.io/ssl-redirect: '443'
	# alb.ingress.kubernetes.io/success-codes: '200'
	# alb.ingress.kubernetes.io/target-type: ip
	# alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'
	# name: gw-ingress
	# namespace: istio-system
	# spec:
	# ingressClassName: alb-ingress-class
	# rules:
	# - http:
	# paths:
	# - backend:
	# service:
	# name: ssl-redirect
	# port:
	# name: use-annotation
	# path: /
	# pathType: Prefix
	# - backend:
	# service:
	# name: istio-ingress
	# port:
	# number: 15021
	# path: /healthz/ready
	# pathType: Prefix
	# - backend:
	# service:
	# name: istio-ingress
	# port:
	# number: 443
	# path: /
	# pathType: Prefix