Last active
May 11, 2018 00:47
-
-
Save gregkeys/3a8a9820b7ba45b59c2ae91e1c2557ee to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# default k8s version: v1.8.9-rancher1-1 | |
# default network plugin: flannel | |
nodes: | |
- address: 1.1.1.1 | |
user: rancher | |
role: [controlplane,etcd,worker] | |
ssh_key_path: ~/.ssh/id_rsa.pem | |
- address: 1.1.1.2 | |
user: rancher | |
role: [controlplane,etcd,worker] | |
ssh_key_path: ~/.ssh/id_rsa.pem | |
- address: 1.1.1.3 | |
user: rancher | |
role: [controlplane,etcd,worker] | |
ssh_key_path: ~/.ssh/id_rsa.pem | |
ingress: | |
provider: nginx | |
extra_args: | |
enable-ssl-passthrough: "" | |
addons: |- | |
--- | |
kind: Namespace | |
apiVersion: v1 | |
metadata: | |
name: cattle-system | |
--- | |
kind: ServiceAccount | |
apiVersion: v1 | |
metadata: | |
name: cattle-admin | |
namespace: cattle-system | |
--- | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: cattle-crb | |
namespace: cattle-system | |
subjects: | |
- kind: ServiceAccount | |
name: cattle-admin | |
namespace: cattle-system | |
roleRef: | |
kind: ClusterRole | |
name: cluster-admin | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
namespace: cattle-system | |
name: cattle-service | |
labels: | |
app: cattle | |
spec: | |
ports: | |
- port: 80 | |
targetPort: 80 | |
protocol: TCP | |
name: http | |
- port: 443 | |
targetPort: 443 | |
protocol: TCP | |
name: https | |
selector: | |
app: cattle | |
--- | |
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
namespace: cattle-system | |
name: cattle-ingress-http | |
annotations: | |
nginx.ingress.kubernetes.io/proxy-connect-timeout: "30" | |
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800" # Max time in seconds for ws to remain shell window open | |
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800" # Max time in seconds for ws to remain shell window open | |
nginx.ingress.kubernetes.io/ssl-passthrough: "true" # Enable ssl-passthrough to backend. | |
nginx.ingress.kubernetes.io/force-ssl-redirect: "true" # Force redirect to ssl. | |
spec: | |
rules: | |
- host: example.com | |
http: | |
paths: | |
- backend: | |
serviceName: cattle-service | |
servicePort: 443 | |
--- | |
kind: Deployment | |
apiVersion: extensions/v1beta1 | |
metadata: | |
namespace: cattle-system | |
name: cattle | |
spec: | |
replicas: 1 | |
template: | |
metadata: | |
labels: | |
app: cattle | |
spec: | |
serviceAccountName: cattle-admin | |
containers: | |
- image: rancher/rancher:master | |
command: ["rancher"] | |
args: [ | |
" --http-listen-port=80", | |
" --https-listen-port=443", | |
" --acme-domain=my.example.com" | |
] | |
imagePullPolicy: Always | |
name: cattle-server | |
ports: | |
- containerPort: 80 | |
protocol: TCP | |
- containerPort: 443 | |
protocol: TCP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment