marceldegraaf/istio-ingressgateway-describe-pod Secret

## istio-ingressgateway-describe-pod
Name:               istio-ingressgateway-56b648f9fb-d95ml
Namespace:          istio-system
Priority:           0
PriorityClassName:  <none>
Node:               gke-services-eu-west-4-default-pool-a41e4a6c-g71k/10.0.7.218
Start Time:         Mon, 18 Feb 2019 15:29:00 +0100
Labels:             app=istio-ingressgateway
                    istio=ingressgateway
                    pod-template-hash=1262049596
Annotations:        scheduler.alpha.kubernetes.io/critical-pod=
                    seccomp.security.alpha.kubernetes.io/pod=docker/default
                    sidecar.istio.io/inject=false
Status:             Running
IP:                 10.4.0.10
Controlled By:      ReplicaSet/istio-ingressgateway-56b648f9fb
Containers:
  istio-proxy:
    Container ID:  docker://c3cfa6aa5b591951bca49a038a0bb04eac596667d317d42aa8f64b9aed40d243
    Image:         gcr.io/gke-release/istio/proxyv2:1.0.3-gke.0
    Image ID:      docker-pullable://gcr.io/gke-release/istio/proxyv2@sha256:26d33baeec371d5ea4d0ef0f4245db198dc159c22a5870b8afb33a9f7552cef0
    Ports:         80/TCP, 443/TCP, 31400/TCP, 15011/TCP, 8060/TCP, 853/TCP, 15030/TCP, 15031/TCP, 15090/TCP
    Host Ports:    0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP
    Args:
      proxy
      router
      -v
      2
      --discoveryRefreshDelay
      1s
      --drainDuration
      45s
      --parentShutdownDuration
      1m0s
      --connectTimeout
      10s
      --serviceCluster
      istio-ingressgateway
      --zipkinAddress
      zipkin:9411
      --proxyAdminPort
      15000
      --controlPlaneAuthPolicy
      NONE
      --discoveryAddress
      istio-pilot:8080
    State:          Running
      Started:      Wed, 20 Feb 2019 14:31:15 +0100
    Ready:          True
    Restart Count:  0
    Environment:
      POD_NAME:             istio-ingressgateway-56b648f9fb-d95ml (v1:metadata.name)
      POD_NAMESPACE:        istio-system (v1:metadata.namespace)
      INSTANCE_IP:           (v1:status.podIP)
      ISTIO_META_POD_NAME:  istio-ingressgateway-56b648f9fb-d95ml (v1:metadata.name)
    Mounts:
      /etc/certs from istio-certs (ro)
      /etc/istio/ingressgateway-ca-certs from ingressgateway-ca-certs (ro)
      /etc/istio/ingressgateway-certs from ingressgateway-certs (ro)
      /var/run/secrets/kubernetes.io/serviceaccount from istio-ingressgateway-service-account-token-g6vq7 (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  istio-certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  istio.istio-ingressgateway-service-account
    Optional:    true
  ingressgateway-certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  istio-ingressgateway-certs
    Optional:    true
  ingressgateway-ca-certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  istio-ingressgateway-ca-certs
    Optional:    true
  istio-ingressgateway-service-account-token-g6vq7:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  istio-ingressgateway-service-account-token-g6vq7
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:          <none>

## staging.yaml
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: website-nginx-conf
  namespace: staging
data:
  nginx_conf: |
    server {
      listen        80;
      server_name   staging.walterhq.com;
      server_tokens off;
      root          /usr/share/nginx/html;

      location /healthz {
        access_log off;
        return 200 "OK\n";
      }

      location / {
        if ($http_x_forwarded_proto = "http") {
          return 301 https://$host$request_uri;
        }

        index  index.html index.htm;
      }

      error_page   500 502 503 504  /50x.html;
      location = /50x.html {
        root   /usr/share/nginx/html;
      }
    }

---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: website
    tier: frontend
  name: website
  namespace: staging
spec:
  progressDeadlineSeconds: 600
  replicas: 2
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: website
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: website
        phase: staging
        tier: frontend
    spec:
      automountServiceAccountToken: true
      containers:
      - image: eu.gcr.io/walter-companies/website:%%TAG%%
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 80
            scheme: HTTP
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: website
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 80
            scheme: HTTP
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          limits:
            cpu: 100m
            memory: 200Mi
          requests:
            cpu: 50m
            memory: 50Mi
        volumeMounts:
        - mountPath: /etc/nginx/conf.d
          name: config
          readOnly: true
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      volumes:
      - configMap:
          defaultMode: 0
          items:
          - key: nginx_conf
            mode: 0
            path: default.conf
          name: website-nginx-conf
        name: config

---
apiVersion: v1
kind: Service
metadata:
  name: website
  namespace: staging
  labels:
    app: website
    tier: frontend
spec:
  ports:
    - port: 8000
      targetPort: 80
      protocol: TCP
  selector:
    app: website
    tier: frontend

---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: website-gateway
  namespace: staging
  labels:
    version: v1
spec:
  selector:
    istio: ingressgateway
  servers:
    - port:
        number: 80
        name: http
        protocol: HTTP
      hosts:
        - "*"

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: website
  namespace: staging
spec:
  hosts:
    - "*"
  gateways:
    - website-gateway
  http:
    - match:
      - uri:
          prefix: /
      route:
        - destination:
            host: website.staging.svc.cluster.local
            subset: v1
	Name: istio-ingressgateway-56b648f9fb-d95ml
	Namespace: istio-system
	Priority: 0
	PriorityClassName: <none>
	Node: gke-services-eu-west-4-default-pool-a41e4a6c-g71k/10.0.7.218
	Start Time: Mon, 18 Feb 2019 15:29:00 +0100
	Labels: app=istio-ingressgateway
	istio=ingressgateway
	pod-template-hash=1262049596
	Annotations: scheduler.alpha.kubernetes.io/critical-pod=
	seccomp.security.alpha.kubernetes.io/pod=docker/default
	sidecar.istio.io/inject=false
	Status: Running
	IP: 10.4.0.10
	Controlled By: ReplicaSet/istio-ingressgateway-56b648f9fb
	Containers:
	istio-proxy:
	Container ID: docker://c3cfa6aa5b591951bca49a038a0bb04eac596667d317d42aa8f64b9aed40d243
	Image: gcr.io/gke-release/istio/proxyv2:1.0.3-gke.0
	Image ID: docker-pullable://gcr.io/gke-release/istio/proxyv2@sha256:26d33baeec371d5ea4d0ef0f4245db198dc159c22a5870b8afb33a9f7552cef0
	Ports: 80/TCP, 443/TCP, 31400/TCP, 15011/TCP, 8060/TCP, 853/TCP, 15030/TCP, 15031/TCP, 15090/TCP
	Host Ports: 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP, 0/TCP
	Args:
	proxy
	router
	-v
	2
	--discoveryRefreshDelay
	1s
	--drainDuration
	45s
	--parentShutdownDuration
	1m0s
	--connectTimeout
	10s
	--serviceCluster
	istio-ingressgateway
	--zipkinAddress
	zipkin:9411
	--proxyAdminPort
	15000
	--controlPlaneAuthPolicy
	NONE
	--discoveryAddress
	istio-pilot:8080
	State: Running
	Started: Wed, 20 Feb 2019 14:31:15 +0100
	Ready: True
	Restart Count: 0
	Environment:
	POD_NAME: istio-ingressgateway-56b648f9fb-d95ml (v1:metadata.name)
	POD_NAMESPACE: istio-system (v1:metadata.namespace)
	INSTANCE_IP: (v1:status.podIP)
	ISTIO_META_POD_NAME: istio-ingressgateway-56b648f9fb-d95ml (v1:metadata.name)
	Mounts:
	/etc/certs from istio-certs (ro)
	/etc/istio/ingressgateway-ca-certs from ingressgateway-ca-certs (ro)
	/etc/istio/ingressgateway-certs from ingressgateway-certs (ro)
	/var/run/secrets/kubernetes.io/serviceaccount from istio-ingressgateway-service-account-token-g6vq7 (ro)
	Conditions:
	Type Status
	Initialized True
	Ready True
	ContainersReady True
	PodScheduled True
	Volumes:
	istio-certs:
	Type: Secret (a volume populated by a Secret)
	SecretName: istio.istio-ingressgateway-service-account
	Optional: true
	ingressgateway-certs:
	Type: Secret (a volume populated by a Secret)
	SecretName: istio-ingressgateway-certs
	Optional: true
	ingressgateway-ca-certs:
	Type: Secret (a volume populated by a Secret)
	SecretName: istio-ingressgateway-ca-certs
	Optional: true
	istio-ingressgateway-service-account-token-g6vq7:
	Type: Secret (a volume populated by a Secret)
	SecretName: istio-ingressgateway-service-account-token-g6vq7
	Optional: false
	QoS Class: BestEffort
	Node-Selectors: <none>
	Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
	node.kubernetes.io/unreachable:NoExecute for 300s
	Events: <none>
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: website-nginx-conf
	namespace: staging
	data:
	nginx_conf: \|
	server {
	listen 80;
	server_name staging.walterhq.com;
	server_tokens off;
	root /usr/share/nginx/html;

	location /healthz {
	access_log off;
	return 200 "OK\n";
	}

	location / {
	if ($http_x_forwarded_proto = "http") {
	return 301 https://$host$request_uri;
	}

	index index.html index.htm;
	}

	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /usr/share/nginx/html;
	}
	}

	---
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	labels:
	app: website
	tier: frontend
	name: website
	namespace: staging
	spec:
	progressDeadlineSeconds: 600
	replicas: 2
	revisionHistoryLimit: 10
	selector:
	matchLabels:
	app: website
	strategy:
	rollingUpdate:
	maxSurge: 25%
	maxUnavailable: 25%
	type: RollingUpdate
	template:
	metadata:
	creationTimestamp: null
	labels:
	app: website
	phase: staging
	tier: frontend
	spec:
	automountServiceAccountToken: true
	containers:
	- image: eu.gcr.io/walter-companies/website:%%TAG%%
	imagePullPolicy: IfNotPresent
	livenessProbe:
	failureThreshold: 3
	httpGet:
	path: /healthz
	port: 80
	scheme: HTTP
	periodSeconds: 10
	successThreshold: 1
	timeoutSeconds: 1
	name: website
	ports:
	- containerPort: 80
	name: http
	protocol: TCP
	readinessProbe:
	failureThreshold: 3
	httpGet:
	path: /healthz
	port: 80
	scheme: HTTP
	periodSeconds: 10
	successThreshold: 1
	timeoutSeconds: 1
	resources:
	limits:
	cpu: 100m
	memory: 200Mi
	requests:
	cpu: 50m
	memory: 50Mi
	volumeMounts:
	- mountPath: /etc/nginx/conf.d
	name: config
	readOnly: true
	restartPolicy: Always
	terminationGracePeriodSeconds: 30
	volumes:
	- configMap:
	defaultMode: 0
	items:
	- key: nginx_conf
	mode: 0
	path: default.conf
	name: website-nginx-conf
	name: config

	---
	apiVersion: v1
	kind: Service
	metadata:
	name: website
	namespace: staging
	labels:
	app: website
	tier: frontend
	spec:
	ports:
	- port: 8000
	targetPort: 80
	protocol: TCP
	selector:
	app: website
	tier: frontend

	---
	apiVersion: networking.istio.io/v1alpha3
	kind: Gateway
	metadata:
	name: website-gateway
	namespace: staging
	labels:
	version: v1
	spec:
	selector:
	istio: ingressgateway
	servers:
	- port:
	number: 80
	name: http
	protocol: HTTP
	hosts:
	- "*"

	---
	apiVersion: networking.istio.io/v1alpha3
	kind: VirtualService
	metadata:
	name: website
	namespace: staging
	spec:
	hosts:
	- "*"
	gateways:
	- website-gateway
	http:
	- match:
	- uri:
	prefix: /
	route:
	- destination:
	host: website.staging.svc.cluster.local
	subset: v1