johnparn/05-kube-lego-namespace.yaml Secret

## 05-kube-lego-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: kube-lego

## 05-web-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: web

## 20-desktop-web-svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: desktop-web-svc
  namespace: web
spec:
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
  type: NodePort
  selector:
    app: desktop-web


## 20-kube-lego-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: kube-lego-configmap
  namespace: kube-lego
data:
  # modify this to specify your address
  lego.email: "john@company.org"
  #Prod
  lego.url: "https://acme-v01.api.letsencrypt.org/directory"
  # Staging
  #lego.url: "https://acme-staging.api.letsencrypt.org/directory"

## 20-mobile-web-svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: mobile-web-svc
  namespace: web
spec:
  ports:
  - port: 80        # Service port
    targetPort: 80  # Port on which the container is exposing itself
    protocol: TCP
  type: NodePort
  selector:
    app: mobile-web

## 50-desktop-web-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: desktop-web
  namespace: web
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: desktop-web
        env: prod
        tier: frontend
        target: desktop
    spec:
      containers:
      - name: desktop-web
        image: eu.gcr.io/project/desktop-web:0.23
        imagePullPolicy: Always
        ports:
        - containerPort: 80
        # Check if site is responding, else restart
        livenessProbe:
          httpGet:
            path: /index.html
            port: 80
          initialDelaySeconds: 30
          timeoutSeconds: 1

## 50-kube-lego-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: kube-lego
  namespace: kube-lego
spec:
  replicas: 2
  template:
    metadata:
      labels:
        # Required for the auto-create kube-lego-nginx service to work.
        app: kube-lego
    spec:
      containers:
      - name: kube-lego
        image: jetstack/kube-lego:0.1.2
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
        env:
        - name: LEGO_EMAIL
          valueFrom:
            configMapKeyRef:
              name: kube-lego-configmap
              key: lego.email
        - name: LEGO_URL
          valueFrom:
            configMapKeyRef:
              name: kube-lego-configmap
              key: lego.url
        - name: LEGO_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LEGO_POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        readinessProbe:
          httpGet:
            path: /healthz
            port: 8080
          initialDelaySeconds: 5
          timeoutSeconds: 1

## 50-mobile-web-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: mobile-web
  namespace: web
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: mobile-web
        env: prod
        tier: frontend
        target: mobile
    spec:
      containers:
      - name: mobile-web
        image: eu.gcr.io/project/mobile-web:0.37
        imagePullPolicy: Always
        ports:
        - containerPort: 80
        # Check if site is responding, else restart
        livenessProbe:
          httpGet:
            path: /index.html
            port: 80
          initialDelaySeconds: 30
          timeoutSeconds: 1

## 70-web-ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: mobile-web-ingress
  namespace: web
  annotations:
    kubernetes.io/tls-acme: "true"
    kubernetes.io/ingress.class: "gce" # Use Google Load Balancer
spec:
  tls:
  - hosts:
    - m.example.com
    secretName: mobile-web-tls
  rules:
  - host: m.example.com
    http:
      paths:
      - path: /*
        backend:
          serviceName: mobile-web-svc
          servicePort: 80
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: desktop-web-ingress
  namespace: web
  annotations:
    kubernetes.io/tls-acme: "true"
    kubernetes.io/ingress.class: "gce" # Use Google Load Balancer
spec:
  tls:
  - hosts:
    - www.example.com
    secretName: desktop-web-tls
  rules:
  - host: www.example.com
    http:
      paths:
      - path: /*
        backend:
          serviceName: desktop-web-svc
          servicePort: 80

## setup.sh
#!/bin/sh

### kube-lego

# Namespace
kubectl --cluster websites create -f 05-kube-lego-namespace.yaml
# Configs
kubectl --cluster websites create -f 20-kube-lego-configmap.yaml
# Deployment
kubectl --cluster websites create -f 50-kube-lego-deployment.yaml


### Web services

# Namespace
kubectl --cluster websites create -f 05-web-namespace.yaml


# Services

# Service (has to be Type=NodePort)
kubectl --cluster websites create -f 20-mobile-web-svc.yaml
# Deployment
kubectl --cluster websites create -f 50-mobile-web-deployment.yaml

# Service (has to be Type=NodePort)
kubectl --cluster websites create -f 20-desktop-web-svc.yaml
# Deployment
kubectl --cluster websites create -f 50-desktop-web-deployment.yaml


# Ingress
kubectl --cluster websites create -f 70-web-ingress.yaml
	apiVersion: v1
	kind: Service
	metadata:
	name: desktop-web-svc
	namespace: web
	spec:
	ports:
	- port: 80
	targetPort: 80
	protocol: TCP
	type: NodePort
	selector:
	app: desktop-web
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: kube-lego-configmap
	namespace: kube-lego
	data:
	# modify this to specify your address
	lego.email: "john@company.org"
	#Prod
	lego.url: "https://acme-v01.api.letsencrypt.org/directory"
	# Staging
	#lego.url: "https://acme-staging.api.letsencrypt.org/directory"
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	name: desktop-web
	namespace: web
	spec:
	replicas: 2
	template:
	metadata:
	labels:
	app: desktop-web
	env: prod
	tier: frontend
	target: desktop
	spec:
	containers:
	- name: desktop-web
	image: eu.gcr.io/project/desktop-web:0.23
	imagePullPolicy: Always
	ports:
	- containerPort: 80
	# Check if site is responding, else restart
	livenessProbe:
	httpGet:
	path: /index.html
	port: 80
	initialDelaySeconds: 30
	timeoutSeconds: 1
	apiVersion: extensions/v1beta1
	kind: Ingress
	metadata:
	name: mobile-web-ingress
	namespace: web
	annotations:
	kubernetes.io/tls-acme: "true"
	kubernetes.io/ingress.class: "gce" # Use Google Load Balancer
	spec:
	tls:
	- hosts:
	- m.example.com
	secretName: mobile-web-tls
	rules:
	- host: m.example.com
	http:
	paths:
	- path: /*
	backend:
	serviceName: mobile-web-svc
	servicePort: 80
	---
	apiVersion: extensions/v1beta1
	kind: Ingress
	metadata:
	name: desktop-web-ingress
	namespace: web
	annotations:
	kubernetes.io/tls-acme: "true"
	kubernetes.io/ingress.class: "gce" # Use Google Load Balancer
	spec:
	tls:
	- hosts:
	- www.example.com
	secretName: desktop-web-tls
	rules:
	- host: www.example.com
	http:
	paths:
	- path: /*
	backend:
	serviceName: desktop-web-svc
	servicePort: 80
	#!/bin/sh

	### kube-lego

	# Namespace
	kubectl --cluster websites create -f 05-kube-lego-namespace.yaml
	# Configs
	kubectl --cluster websites create -f 20-kube-lego-configmap.yaml
	# Deployment
	kubectl --cluster websites create -f 50-kube-lego-deployment.yaml


	### Web services

	# Namespace
	kubectl --cluster websites create -f 05-web-namespace.yaml


	# Services

	# Service (has to be Type=NodePort)
	kubectl --cluster websites create -f 20-mobile-web-svc.yaml
	# Deployment
	kubectl --cluster websites create -f 50-mobile-web-deployment.yaml

	# Service (has to be Type=NodePort)
	kubectl --cluster websites create -f 20-desktop-web-svc.yaml
	# Deployment
	kubectl --cluster websites create -f 50-desktop-web-deployment.yaml


	# Ingress
	kubectl --cluster websites create -f 70-web-ingress.yaml