mirror of https://github.com/fluxcd/flagger.git
177 lines
4.4 KiB
YAML
177 lines
4.4 KiB
YAML
---
|
|
kind: ConfigMap
|
|
apiVersion: v1
|
|
metadata:
|
|
name: ingress-config
|
|
namespace: test
|
|
labels:
|
|
app: ingress
|
|
data:
|
|
envoy.yaml: |
|
|
static_resources:
|
|
listeners:
|
|
- address:
|
|
socket_address:
|
|
address: 0.0.0.0
|
|
port_value: 80
|
|
filter_chains:
|
|
- filters:
|
|
- name: envoy.http_connection_manager
|
|
config:
|
|
access_log:
|
|
- name: envoy.file_access_log
|
|
config:
|
|
path: /dev/stdout
|
|
codec_type: auto
|
|
stat_prefix: ingress_http
|
|
http_filters:
|
|
- name: envoy.router
|
|
config: {}
|
|
route_config:
|
|
name: local_route
|
|
virtual_hosts:
|
|
- name: local_service
|
|
domains: ["*"]
|
|
routes:
|
|
- match:
|
|
prefix: "/"
|
|
route:
|
|
cluster: podinfo
|
|
host_rewrite: podinfo.test
|
|
timeout: 15s
|
|
retry_policy:
|
|
retry_on: "gateway-error,connect-failure,refused-stream"
|
|
num_retries: 10
|
|
per_try_timeout: 5s
|
|
clusters:
|
|
- name: podinfo
|
|
connect_timeout: 0.30s
|
|
type: strict_dns
|
|
lb_policy: round_robin
|
|
http2_protocol_options: {}
|
|
hosts:
|
|
- socket_address:
|
|
address: podinfo.test
|
|
port_value: 9898
|
|
admin:
|
|
access_log_path: /dev/null
|
|
address:
|
|
socket_address:
|
|
address: 0.0.0.0
|
|
port_value: 9999
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: ingress
|
|
namespace: test
|
|
labels:
|
|
app: ingress
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: ingress
|
|
strategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
maxUnavailable: 0
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ingress
|
|
annotations:
|
|
prometheus.io/path: "/stats/prometheus"
|
|
prometheus.io/port: "9999"
|
|
prometheus.io/scrape: "true"
|
|
# dummy port to exclude ingress from mesh traffic
|
|
# only egress should go over the mesh
|
|
appmesh.k8s.aws/ports: "444"
|
|
spec:
|
|
terminationGracePeriodSeconds: 30
|
|
containers:
|
|
- name: ingress
|
|
image: "envoyproxy/envoy-alpine:d920944aed67425f91fc203774aebce9609e5d9a"
|
|
securityContext:
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
add:
|
|
- NET_BIND_SERVICE
|
|
command:
|
|
- /usr/bin/dumb-init
|
|
- --
|
|
args:
|
|
- /usr/local/bin/envoy
|
|
- --base-id 30
|
|
- --v2-config-only
|
|
- -l
|
|
- $loglevel
|
|
- -c
|
|
- /config/envoy.yaml
|
|
ports:
|
|
- name: admin
|
|
containerPort: 9999
|
|
protocol: TCP
|
|
- name: http
|
|
containerPort: 80
|
|
protocol: TCP
|
|
- name: https
|
|
containerPort: 443
|
|
protocol: TCP
|
|
livenessProbe:
|
|
initialDelaySeconds: 5
|
|
tcpSocket:
|
|
port: admin
|
|
readinessProbe:
|
|
initialDelaySeconds: 5
|
|
tcpSocket:
|
|
port: admin
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 64Mi
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /config
|
|
volumes:
|
|
- name: config
|
|
configMap:
|
|
name: ingress-config
|
|
---
|
|
kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
name: ingress
|
|
namespace: test
|
|
spec:
|
|
selector:
|
|
app: ingress
|
|
ports:
|
|
- protocol: TCP
|
|
name: http
|
|
port: 80
|
|
targetPort: 80
|
|
- protocol: TCP
|
|
name: https
|
|
port: 443
|
|
targetPort: 443
|
|
type: LoadBalancer
|
|
---
|
|
apiVersion: appmesh.k8s.aws/v1beta1
|
|
kind: VirtualNode
|
|
metadata:
|
|
name: ingress
|
|
namespace: test
|
|
spec:
|
|
meshName: global
|
|
listeners:
|
|
- portMapping:
|
|
port: 80
|
|
protocol: http
|
|
serviceDiscovery:
|
|
dns:
|
|
hostName: ingress.test
|
|
backends:
|
|
- virtualService:
|
|
virtualServiceName: podinfo.test |