Last active
November 9, 2023 16:28
-
-
Save Phathdt/d2511ede26b73506f25d64b2bdca4be6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: my-app | |
spec: | |
replicas: 2 | |
selector: | |
matchLabels: | |
app: my-app | |
template: | |
metadata: | |
labels: | |
app: my-app | |
version: "v1.0.1" | |
spec: | |
containers: | |
- name: my-app | |
image: nginx:1.25-alpine | |
resources: | |
limits: | |
memory: "128Mi" | |
cpu: "500m" | |
ports: | |
- containerPort: 80 | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: my-app | |
spec: | |
selector: | |
app: my-app | |
ports: | |
- port: 80 | |
targetPort: 80 | |
--- | |
apiVersion: networking.istio.io/v1alpha3 | |
kind: Gateway | |
metadata: | |
name: my-app-gateway | |
spec: | |
selector: # select a standalone Envoy proxy running on a pod at the edge of service mesh | |
istio: ingress # use default istio gateway proxy in `istio-system` namespace, which exposes it using K8s service of LoadBalancer, which creates AWS ELB | |
servers: # defines L7 host, port, and protocol | |
- port: | |
number: 80 # define incoming port | |
name: http # label assigned to the port | |
protocol: HTTP # define incoming protocol, could be HTTP|HTTPS|GRPC|HTTP2|MONGO|TCP| | |
hosts: # hosts exposed by this gateway | |
- "*" | |
--- | |
apiVersion: networking.istio.io/v1alpha3 | |
kind: VirtualService | |
metadata: | |
name: my-app-virtualservice | |
spec: | |
hosts: | |
- "*" | |
gateways: # using gateways field, it'll be exposed externally | |
- my-app-gateway | |
http: | |
- match: | |
- uri: | |
prefix: / | |
route: | |
- destination: | |
host: my-app # specify service name | |
port: | |
number: 80 | |
# --- | |
# apiVersion: networking.k8s.io/v1 | |
# kind: Ingress | |
# metadata: | |
# annotations: | |
# alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:ap-southeast-1:108533296571:certificate/cc522bc2-9ca1-4352-93f1-def1d5473b2a | |
# alb.ingress.kubernetes.io/group.name: istio-lb | |
# alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15' | |
# alb.ingress.kubernetes.io/healthcheck-port: traffic-port | |
# alb.ingress.kubernetes.io/healthcheck-protocol: HTTP | |
# alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5' | |
# alb.ingress.kubernetes.io/healthy-threshold-count: '2' | |
# alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]' | |
# alb.ingress.kubernetes.io/scheme: internet-facing | |
# alb.ingress.kubernetes.io/ssl-redirect: '443' | |
# alb.ingress.kubernetes.io/success-codes: '200' | |
# alb.ingress.kubernetes.io/target-type: ip | |
# alb.ingress.kubernetes.io/unhealthy-threshold-count: '2' | |
# name: gw-ingress | |
# namespace: istio-system | |
# spec: | |
# ingressClassName: alb-ingress-class | |
# rules: | |
# - http: | |
# paths: | |
# - backend: | |
# service: | |
# name: ssl-redirect | |
# port: | |
# name: use-annotation | |
# path: / | |
# pathType: Prefix | |
# - backend: | |
# service: | |
# name: istio-ingress | |
# port: | |
# number: 15021 | |
# path: /healthz/ready | |
# pathType: Prefix | |
# - backend: | |
# service: | |
# name: istio-ingress | |
# port: | |
# number: 443 | |
# path: / | |
# pathType: Prefix |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment