Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Our ingress setting
### This ingress is for our frontend/UI ###
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: myapp-ingress-ui
namespace: myapp-dev
annotations:
kubernetes.io/ingress.class: "kong"
cert-manager.io/cluster-issuer: myappui-letsencrypt-prod
kubernetes.io/tls-acme: "true"
configuration.konghq.com: myapp-kong-ingress
plugins.konghq.com: user-kong-cors
#plugins.konghq.com: http-ratelimit, http-auth
spec:
tls:
- secretName: myappui-letsencrypt-prod
hosts:
- devui.myapp.net
- www.devui.myapp.net
rules:
- host: devui.myapp.net
http:
paths:
- path: /
backend:
serviceName: myapp-web
servicePort: 3000
- host: www.devui.myapp.net
http:
paths:
- path: /
backend:
serviceName: myapp-web
servicePort: 3000
---
### This ingress is for our backend/API ###
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: myapp-ingress-api
namespace: myapp-dev
annotations:
kubernetes.io/ingress.class: "kong"
cert-manager.io/cluster-issuer: myappapi-letsencrypt-prod
kubernetes.io/tls-acme: "true"
configuration.konghq.com: myapp-kong-ingress
plugins.konghq.com: user-kong-cors
#plugins.konghq.com: http-auth
spec:
tls:
- secretName: myappapi-letsencrypt-prod
hosts:
- devapi.myapp.net
rules:
- host: devapi.myapp.net
http:
paths:
- path: /
backend:
serviceName: myapp-api
servicePort: 3333
-----
apiVersion: configuration.konghq.com/v1
kind: KongIngress
metadata:
name: myapp-kong-ingress
namespace: myapp-dev
route:
protocols:
- https
https_redirect_status_code: 302
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: user-kong-cors
namespace: myapp-dev
enabled: true
plugin: cors
config:
origins: https://devui.myapp.net
methods:
- GET
- HEAD
- PUT
- PATCH
- POST
- DELETE
- OPTIONS
headers:
- Origin
- Access-Control-Request-Headers
- Access-Control-Allow-Origin
exposed_headers:
- Origin
- Access-Control-Request-Headers
- Access-Control-Allow-Origin
preflight_continue: true
credentials: false
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: http-add-header
namespace: myapp-dev
enabled: true
config:
add:
headers:
- "Access-Control-Allow-Origin: https://devui.myapp.net"
plugin: request-transformer
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: https-redirect
namespace: myapp-dev
plugin: pre-function
config:
functions:
- |
local scheme = kong.request.get_scheme()
if scheme == "http" then
local host = kong.request.get_host()
local query = kong.request.get_path_with_query()
local url = "https://" .. host ..query
kong.response.set_header("Location",url)
return kong.response.exit(302,url)
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment