Created
January 14, 2019 13:30
-
-
Save jyaworski/29d0b2bfc69d18b80acddcf5fa1fac00 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[debug] Created tunnel using local port: '51628' | |
[debug] SERVER: "127.0.0.1:51628" | |
Release "haproxy-ingress" does not exist. Installing it now. | |
[debug] CHART PATH: /Users/josephyaworski/r1s/k8s/deployment-manifests/helm/charts/haproxy/haproxy-ingress | |
NAME: haproxy-ingress | |
REVISION: 1 | |
RELEASED: Mon Jan 14 08:25:08 2019 | |
CHART: haproxy-ingress-0.0.5 | |
USER-SUPPLIED VALUES: | |
{} | |
COMPUTED VALUES: | |
apiVersion: extensions/v1beta1 | |
controller: | |
accessLogsSidecar: true | |
affinity: {} | |
autoscaling: | |
customMetrics: [] | |
enabled: false | |
config: | |
drain-support: "true" | |
dynamic-scaling: "true" | |
hsts: "true" | |
hsts-include-subdomains: "true" | |
hsts-max-age: "15768000" | |
hsts-preload: "true" | |
modsecurity-endpoints: localhost:12345 | |
daemonset: | |
hostPorts: | |
http: 80 | |
https: 443 | |
tcp: [] | |
useHostPort: false | |
defaultBackendService: r1s/nginx-ingress-controller | |
dnsPolicy: ClusterFirst | |
extraArgs: {} | |
extraEnvs: [] | |
healthzPort: 10253 | |
hostNetwork: false | |
image: | |
pullPolicy: IfNotPresent | |
repository: quay.io/jcmoraisjr/haproxy-ingress | |
tag: v0.7-beta.5 | |
ingressClass: haproxy | |
kind: DaemonSet | |
livenessProbe: | |
failureThreshold: 3 | |
initialDelaySeconds: 10 | |
path: /healthz | |
periodSeconds: 10 | |
port: 10253 | |
successThreshold: 1 | |
timeoutSeconds: 1 | |
metrics: | |
enabled: true | |
image: | |
pullPolicy: IfNotPresent | |
repository: quay.io/prometheus/haproxy-exporter | |
tag: v0.9.0 | |
service: | |
annotations: {} | |
clusterIP: "" | |
externalIPs: [] | |
loadBalancerIP: "" | |
loadBalancerSourceRanges: [] | |
servicePort: 9101 | |
type: ClusterIP | |
minAvailable: 1 | |
minReadySeconds: 0 | |
name: controller | |
nodeSelector: {} | |
podAnnotations: | |
ingress.kubernetes.io/waf: modsecurity | |
podLabels: {} | |
readinessProbe: | |
failureThreshold: 3 | |
initialDelaySeconds: 10 | |
path: /healthz | |
periodSeconds: 10 | |
port: 10253 | |
successThreshold: 1 | |
timeoutSeconds: 1 | |
replicaCount: 1 | |
resources: {} | |
securityContext: {} | |
service: | |
annotations: | |
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true" | |
service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 | |
clusterIP: "" | |
externalIPs: [] | |
externalTrafficPolicy: "" | |
healthCheckNodePort: 0 | |
httpPorts: | |
- port: 80 | |
httpsPorts: | |
- port: 443 | |
labels: {} | |
loadBalancerIP: "" | |
loadBalancerSourceRanges: | |
- 10.0.0.0/8 | |
- 240.0.0.0/8 | |
type: LoadBalancer | |
stats: | |
enabled: true | |
port: 1936 | |
service: | |
annotations: {} | |
clusterIP: "" | |
externalIPs: [] | |
loadBalancerIP: "" | |
loadBalancerSourceRanges: [] | |
servicePort: 1936 | |
type: ClusterIP | |
tcp: {} | |
template: "" | |
tolerations: [] | |
updateStrategy: | |
rollingUpdate: | |
maxUnavailable: 1 | |
type: RollingUpdate | |
defaultBackend: | |
affinity: {} | |
enabled: false | |
image: | |
pullPolicy: IfNotPresent | |
repository: gcr.io/google_containers/defaultbackend | |
tag: "1.0" | |
minAvailable: 1 | |
name: default-backend | |
nodeSelector: {} | |
podAnnotations: {} | |
podLabels: {} | |
replicaCount: 1 | |
resources: | |
limits: | |
cpu: 10m | |
memory: 20Mi | |
service: | |
annotations: | |
ingress.kubernetes.io/waf: modsecurity | |
clusterIP: "" | |
externalIPs: [] | |
loadBalancerIP: "" | |
loadBalancerSourceRanges: [] | |
name: ingress-default-backend | |
servicePort: 8080 | |
type: ClusterIP | |
tolerations: [] | |
kind: Ingress | |
metadata: | |
name: haproxy-ingress | |
namespace: haproxy | |
rbac: | |
create: true | |
serviceAccount: | |
create: true | |
name: null | |
HOOKS: | |
MANIFEST: | |
--- | |
# Source: haproxy-ingress/templates/controller-configmap.yaml | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
component: "controller" | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress-controller | |
data: | |
healthz-port: "10253" | |
stats-port: "1936" | |
syslog-endpoint: "localhost:514" | |
drain-support: "true" | |
dynamic-scaling: "true" | |
hsts: "true" | |
hsts-include-subdomains: "true" | |
hsts-max-age: "15768000" | |
hsts-preload: "true" | |
modsecurity-endpoints: localhost:12345 | |
--- | |
# Source: haproxy-ingress/templates/serviceaccount.yaml | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress | |
--- | |
# Source: haproxy-ingress/templates/clusterrole.yaml | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: ClusterRole | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress | |
rules: | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
- endpoints | |
- nodes | |
- pods | |
- secrets | |
verbs: | |
- list | |
- watch | |
- apiGroups: | |
- "" | |
resources: | |
- nodes | |
verbs: | |
- get | |
- apiGroups: | |
- "" | |
resources: | |
- services | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- "extensions" | |
resources: | |
- ingresses | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- "" | |
resources: | |
- events | |
verbs: | |
- create | |
- patch | |
- apiGroups: | |
- "extensions" | |
resources: | |
- ingresses/status | |
verbs: | |
- update | |
--- | |
# Source: haproxy-ingress/templates/clusterrolebinding.yaml | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: ClusterRoleBinding | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: ClusterRole | |
name: haproxy-ingress | |
subjects: | |
- kind: ServiceAccount | |
name: haproxy-ingress | |
namespace: haproxy | |
- apiGroup: rbac.authorization.k8s.io | |
kind: User | |
name: haproxy-ingress | |
--- | |
# Source: haproxy-ingress/templates/role.yaml | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: Role | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress | |
rules: | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
- pods | |
- secrets | |
- namespaces | |
verbs: | |
- get | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
verbs: | |
- get | |
- update | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
verbs: | |
- create | |
- apiGroups: | |
- "" | |
resources: | |
- endpoints | |
verbs: | |
- get | |
- create | |
- update | |
--- | |
# Source: haproxy-ingress/templates/rolebinding.yaml | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: RoleBinding | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: Role | |
name: haproxy-ingress | |
subjects: | |
- kind: ServiceAccount | |
name: haproxy-ingress | |
namespace: haproxy | |
- apiGroup: rbac.authorization.k8s.io | |
kind: User | |
name: haproxy-ingress | |
--- | |
# Source: haproxy-ingress/templates/controller-metrics-service.yaml | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
component: "controller" | |
heritage: Tiller | |
release: haproxy-ingress | |
name: haproxy-ingress-controller-metrics | |
spec: | |
clusterIP: "" | |
ports: | |
- name: metrics | |
port: 9101 | |
targetPort: metrics | |
selector: | |
app: haproxy-ingress | |
component: "controller" | |
release: haproxy-ingress | |
type: "ClusterIP" | |
--- | |
# Source: haproxy-ingress/templates/controller-service.yaml | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
annotations: | |
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true" | |
service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
component: "controller" | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress-controller | |
namespace: haproxy | |
spec: | |
loadBalancerSourceRanges: | |
- 10.0.0.0/8 | |
- 240.0.0.0/8 | |
ports: | |
- name: "80-http" | |
port: 80 | |
protocol: TCP | |
targetPort: http | |
- name: "443-https" | |
port: 443 | |
protocol: TCP | |
targetPort: https | |
selector: | |
app: haproxy-ingress | |
component: "controller" | |
release: haproxy-ingress | |
type: "LoadBalancer" | |
--- | |
# Source: haproxy-ingress/templates/controller-stats-service.yaml | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
component: "controller" | |
heritage: Tiller | |
release: haproxy-ingress | |
name: haproxy-ingress-controller-stats | |
spec: | |
clusterIP: "" | |
ports: | |
- name: stats | |
port: 1936 | |
targetPort: stats | |
selector: | |
app: haproxy-ingress | |
component: "controller" | |
release: haproxy-ingress | |
type: "ClusterIP" | |
--- | |
# Source: haproxy-ingress/templates/controller-daemonset.yaml | |
apiVersion: apps/v1beta2 | |
kind: DaemonSet | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
component: "controller" | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress-controller | |
spec: | |
updateStrategy: | |
rollingUpdate: | |
maxUnavailable: 1 | |
type: RollingUpdate | |
minReadySeconds: 0 | |
selector: | |
matchLabels: | |
app: haproxy-ingress | |
release: haproxy-ingress | |
template: | |
metadata: | |
annotations: | |
ingress.kubernetes.io/waf: modsecurity | |
labels: | |
app: haproxy-ingress | |
component: "controller" | |
release: haproxy-ingress | |
spec: | |
serviceAccountName: haproxy-ingress | |
containers: | |
- name: modsecurity-spoa | |
image: quay.io/jcmoraisjr/modsecurity-spoa | |
args: | |
- -n | |
- "1" | |
ports: | |
- containerPort: 12345 | |
name: spop | |
protocol: TCP | |
- name: haproxy-ingress | |
image: "quay.io/jcmoraisjr/haproxy-ingress:v0.7-beta.5" | |
imagePullPolicy: "IfNotPresent" | |
args: | |
- --configmap=haproxy/haproxy-ingress-controller | |
- --ingress-class=haproxy | |
- --sort-backends | |
- --default-backend-service=r1s/nginx-ingress-controller | |
ports: | |
- name: http | |
containerPort: 80 | |
- name: https | |
containerPort: 443 | |
- name: stats | |
containerPort: 1936 | |
protocol: TCP | |
- name: healthz | |
containerPort: 10253 | |
livenessProbe: | |
httpGet: | |
path: "/healthz" | |
port: 10253 | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 10 | |
timeoutSeconds: 1 | |
successThreshold: 1 | |
failureThreshold: 3 | |
readinessProbe: | |
httpGet: | |
path: "/healthz" | |
port: 10253 | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 10 | |
timeoutSeconds: 1 | |
successThreshold: 1 | |
failureThreshold: 3 | |
env: | |
- name: POD_NAME | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.name | |
- name: POD_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
resources: | |
{} | |
- name: access-logs | |
image: whereisaaron/kube-syslog-sidecar | |
ports: | |
- name: udp | |
containerPort: 514 | |
protocol: UDP | |
resources: | |
limits: | |
cpu: 200m | |
memory: 512Mi | |
requests: | |
cpu: 100m | |
memory: 256Mi | |
- name: prometheus-exporter | |
image: "quay.io/prometheus/haproxy-exporter:v0.9.0" | |
imagePullPolicy: "IfNotPresent" | |
args: | |
- '--haproxy.scrape-uri=http://localhost:1936/haproxy?stats;csv' | |
ports: | |
- name: metrics | |
containerPort: 9101 | |
protocol: TCP | |
readinessProbe: | |
httpGet: | |
path: / | |
port: 9101 | |
resources: | |
limits: | |
cpu: 200m | |
memory: 512Mi | |
requests: | |
cpu: 100m | |
memory: 256Mi | |
terminationGracePeriodSeconds: 60 | |
dnsPolicy: ClusterFirst | |
hostNetwork: false | |
--- | |
# Source: haproxy-ingress/templates/controller-poddisruptionbudget.yaml | |
apiVersion: policy/v1beta1 | |
kind: PodDisruptionBudget | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
component: "controller" | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress-controller | |
spec: | |
selector: | |
matchLabels: | |
app: haproxy-ingress | |
release: haproxy-ingress | |
component: "controller" | |
minAvailable: 1 | |
--- | |
# Source: haproxy-ingress/templates/default-backend-poddisruptionbudget.yaml | |
apiVersion: policy/v1beta1 | |
kind: PodDisruptionBudget | |
metadata: | |
labels: | |
app: haproxy-ingress | |
chart: haproxy-ingress-0.0.5 | |
component: "default-backend" | |
release: haproxy-ingress | |
heritage: Tiller | |
name: haproxy-ingress-default-backend | |
spec: | |
selector: | |
matchLabels: | |
app: haproxy-ingress | |
release: haproxy-ingress | |
component: "default-backend" | |
minAvailable: 1 | |
LAST DEPLOYED: Mon Jan 14 08:25:08 2019 | |
NAMESPACE: haproxy | |
STATUS: DEPLOYED | |
RESOURCES: | |
==> v1/Pod(related) | |
NAME READY STATUS RESTARTS AGE | |
haproxy-ingress-controller-6k7fw 0/4 ContainerCreating 0 1s | |
haproxy-ingress-controller-j5zbs 0/4 ContainerCreating 0 1s | |
haproxy-ingress-controller-k2lq6 0/4 ContainerCreating 0 1s | |
haproxy-ingress-controller-rfn4x 0/4 ContainerCreating 0 1s | |
haproxy-ingress-controller-rpz74 0/4 ContainerCreating 0 1s | |
haproxy-ingress-controller-x4bzq 0/4 ContainerCreating 0 1s | |
==> v1/ServiceAccount | |
NAME SECRETS AGE | |
haproxy-ingress 1 1s | |
==> v1beta1/ClusterRole | |
NAME AGE | |
haproxy-ingress 1s | |
==> v1beta1/ClusterRoleBinding | |
NAME AGE | |
haproxy-ingress 1s | |
==> v1beta1/Role | |
NAME AGE | |
haproxy-ingress 1s | |
==> v1beta1/RoleBinding | |
NAME AGE | |
haproxy-ingress 1s | |
==> v1/Service | |
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
haproxy-ingress-controller-metrics ClusterIP 172.20.232.228 <none> 9101/TCP 1s | |
haproxy-ingress-controller LoadBalancer 172.20.34.74 <pending> 80:30149/TCP,443:32250/TCP 1s | |
haproxy-ingress-controller-stats ClusterIP 172.20.174.206 <none> 1936/TCP 1s | |
==> v1beta1/PodDisruptionBudget | |
NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE | |
haproxy-ingress-controller 1 N/A 0 1s | |
haproxy-ingress-default-backend 1 N/A 0 1s | |
==> v1/ConfigMap | |
NAME DATA AGE | |
haproxy-ingress-controller 10 1s | |
==> v1beta2/DaemonSet | |
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE | |
haproxy-ingress-controller 6 6 0 6 0 <none> 1s | |
NOTES: | |
The haproxy-ingress controller has been installed. | |
It may take a few minutes for the LoadBalancer IP to be available. | |
You can watch the status by running 'kubectl --namespace haproxy get services -o wide -w haproxy-ingress' | |
An example Ingress that makes use of the controller: | |
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
name: example | |
namespace: foo | |
spec: | |
rules: | |
- host: www.example.com | |
http: | |
paths: | |
- backend: | |
serviceName: exampleService | |
servicePort: 80 | |
path: / |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment