Last active
September 14, 2017 12:46
-
-
Save peterhuene/14def6ad10d8f1f5c625989aa12ab55a to your computer and use it in GitHub Desktop.
Ingress controller deployment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: kube-ingress | |
--- | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: nginx-ingress-serviceaccount | |
namespace: kube-ingress | |
--- | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: ClusterRole | |
metadata: | |
name: nginx-ingress-clusterrole | |
rules: | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
- endpoints | |
- nodes | |
- pods | |
- secrets | |
verbs: | |
- list | |
- watch | |
- apiGroups: | |
- "" | |
resources: | |
- nodes | |
verbs: | |
- get | |
- apiGroups: | |
- "" | |
resources: | |
- services | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- "extensions" | |
resources: | |
- ingresses | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- "" | |
resources: | |
- events | |
verbs: | |
- create | |
- patch | |
- apiGroups: | |
- "extensions" | |
resources: | |
- ingresses/status | |
verbs: | |
- update | |
--- | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: Role | |
metadata: | |
name: nginx-ingress-role | |
namespace: kube-ingress | |
rules: | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
- pods | |
- secrets | |
verbs: | |
- get | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
resourceNames: | |
- "ingress-controller-leader-nginx" | |
verbs: | |
- get | |
- update | |
- apiGroups: | |
- "" | |
resources: | |
- configmaps | |
verbs: | |
- create | |
- apiGroups: | |
- "" | |
resources: | |
- endpoints | |
verbs: | |
- get | |
- create | |
- update | |
--- | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: RoleBinding | |
metadata: | |
name: nginx-ingress-role-nisa-binding | |
namespace: kube-ingress | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: Role | |
name: nginx-ingress-role | |
subjects: | |
- kind: ServiceAccount | |
name: nginx-ingress-serviceaccount | |
namespace: kube-ingress | |
--- | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: ClusterRoleBinding | |
metadata: | |
name: nginx-ingress-clusterrole-nisa-binding | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: ClusterRole | |
name: nginx-ingress-clusterrole | |
subjects: | |
- kind: ServiceAccount | |
name: nginx-ingress-serviceaccount | |
namespace: kube-ingress | |
--- | |
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: default-http-backend | |
labels: | |
k8s-app: default-http-backend | |
namespace: kube-ingress | |
spec: | |
replicas: 1 | |
template: | |
metadata: | |
labels: | |
k8s-app: default-http-backend | |
spec: | |
terminationGracePeriodSeconds: 60 | |
containers: | |
- name: default-http-backend | |
image: gcr.io/google_containers/defaultbackend-arm:1.3 | |
livenessProbe: | |
httpGet: | |
path: /healthz | |
port: 8080 | |
scheme: HTTP | |
initialDelaySeconds: 30 | |
timeoutSeconds: 5 | |
ports: | |
- containerPort: 8080 | |
resources: | |
limits: | |
cpu: 10m | |
memory: 20Mi | |
requests: | |
cpu: 10m | |
memory: 20Mi | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: default-http-backend | |
namespace: kube-ingress | |
labels: | |
k8s-app: default-http-backend | |
spec: | |
ports: | |
- port: 80 | |
targetPort: 8080 | |
selector: | |
k8s-app: default-http-backend | |
--- | |
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: nginx-ingress-controller | |
namespace: kube-ingress | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
k8s-app: nginx-ingress-lb | |
template: | |
metadata: | |
labels: | |
k8s-app: nginx-ingress-lb | |
spec: | |
serviceAccountName: nginx-ingress-serviceaccount | |
containers: | |
- name: nginx-ingress-controller | |
image: gcr.io/google_containers/nginx-ingress-controller-arm:0.9.0-beta.11 | |
args: | |
- /nginx-ingress-controller | |
- --default-backend-service=kube-ingress/default-http-backend | |
env: | |
- name: POD_NAME | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.name | |
name: POD_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
ports: | |
- name: http | |
containerPort: 80 | |
- name: https | |
containerPort: 443 | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: nginx-ingress | |
namespace: kube-ingress | |
spec: | |
type: NodePort | |
ports: | |
- name: http | |
port: 80 | |
nodePort: 30080 | |
targetPort: 80 | |
protocol: TCP | |
- name: https | |
port: 443 | |
nodePort: 30081 | |
targetPort: 443 | |
selector: | |
k8s-app: nginx-ingress-lb |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment