Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- apiVersion: v1
- kind: Namespace
- metadata:
- name: ingress-nginx
- ---
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: nginx-ingress-serviceaccount
- namespace: ingress-nginx
- ---
- apiVersion: rbac.authorization.k8s.io/v1beta1
- kind: ClusterRole
- metadata:
- name: nginx-ingress-clusterrole
- rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- - endpoints
- - nodes
- - pods
- - secrets
- verbs:
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - apiGroups:
- - ""
- resources:
- - services
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - "extensions"
- resources:
- - ingresses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
- - apiGroups:
- - "extensions"
- resources:
- - ingresses/status
- verbs:
- - update
- ---
- apiVersion: rbac.authorization.k8s.io/v1beta1
- kind: Role
- metadata:
- name: nginx-ingress-role
- namespace: ingress-nginx
- rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- - pods
- - secrets
- - namespaces
- verbs:
- - get
- - apiGroups:
- - ""
- resources:
- - configmaps
- resourceNames:
- # Defaults to "<election-id>-<ingress-class>"
- # Here: "<ingress-controller-leader>-<nginx>"
- # This has to be adapted if you change either parameter
- # when launching the nginx-ingress-controller.
- - "ingress-controller-leader-nginx"
- verbs:
- - get
- - update
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - create
- - apiGroups:
- - ""
- resources:
- - endpoints
- verbs:
- - get
- ---
- apiVersion: rbac.authorization.k8s.io/v1beta1
- kind: RoleBinding
- metadata:
- name: nginx-ingress-role-nisa-binding
- namespace: ingress-nginx
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: nginx-ingress-role
- subjects:
- - kind: ServiceAccount
- name: nginx-ingress-serviceaccount
- namespace: ingress-nginx
- ---
- apiVersion: rbac.authorization.k8s.io/v1beta1
- kind: ClusterRoleBinding
- metadata:
- name: nginx-ingress-clusterrole-nisa-binding
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: nginx-ingress-clusterrole
- subjects:
- - kind: ServiceAccount
- name: nginx-ingress-serviceaccount
- namespace: ingress-nginx
- ---
- kind: ConfigMap
- apiVersion: v1
- metadata:
- name: nginx-configuration
- namespace: ingress-nginx
- labels:
- app: ingress-nginx
- ---
- kind: ConfigMap
- apiVersion: v1
- metadata:
- name: tcp-services
- namespace: ingress-nginx
- ---
- kind: ConfigMap
- apiVersion: v1
- metadata:
- name: udp-services
- namespace: ingress-nginx
- ---
- apiVersion: extensions/v1beta1
- kind: Deployment
- metadata:
- name: default-http-backend
- labels:
- app: default-http-backend
- namespace: ingress-nginx
- spec:
- replicas: 1
- template:
- metadata:
- labels:
- app: default-http-backend
- spec:
- terminationGracePeriodSeconds: 60
- containers:
- - name: default-http-backend
- # Any image is permissable as long as:
- # 1. It serves a 404 page at /
- # 2. It serves 200 on a /healthz endpoint
- image: gcr.io/google_containers/defaultbackend:1.4
- livenessProbe:
- httpGet:
- path: /healthz
- port: 8080
- scheme: HTTP
- initialDelaySeconds: 30
- timeoutSeconds: 5
- ports:
- - containerPort: 8080
- resources:
- limits:
- cpu: 10m
- memory: 20Mi
- requests:
- cpu: 10m
- memory: 20Mi
- ---
- apiVersion: extensions/v1beta1
- kind: Deployment
- metadata:
- name: nginx-ingress-controller
- namespace: ingress-nginx
- spec:
- replicas: 1
- selector:
- matchLabels:
- app: ingress-nginx
- template:
- metadata:
- labels:
- app: ingress-nginx
- annotations:
- prometheus.io/port: '10254'
- prometheus.io/scrape: 'true'
- spec:
- serviceAccountName: nginx-ingress-serviceaccount
- containers:
- - name: nginx-ingress-controller
- image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0-beta.17
- args:
- - /nginx-ingress-controller
- - --default-backend-service=$(POD_NAMESPACE)/default-http-backend
- - --configmap=$(POD_NAMESPACE)/nginx-configuration
- - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- - --publish-service=$(POD_NAMESPACE)/ingress-nginx
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- ports:
- - name: http
- containerPort: 80
- - name: https
- containerPort: 443
- livenessProbe:
- failureThreshold: 3
- httpGet:
- path: /healthz
- port: 10254
- scheme: HTTP
- initialDelaySeconds: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 1
- readinessProbe:
- failureThreshold: 3
- httpGet:
- path: /healthz
- port: 10254
- scheme: HTTP
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 1
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: default-http-backend
- namespace: ingress-nginx
- labels:
- app: default-http-backend
- spec:
- ports:
- - port: 80
- targetPort: 8080
- selector:
- app: default-http-backend
- ---
- kind: Service
- apiVersion: v1
- metadata:
- name: ingress-nginx
- namespace: ingress-nginx
- labels:
- app: ingress-nginx
- spec:
- externalTrafficPolicy: Local
- type: LoadBalancer
- selector:
- app: ingress-nginx
- ports:
- - name: http
- port: 80
- targetPort: http
- - name: https
- port: 443
- targetPort: https
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement