mirror of https://github.com/codevalet/codevalet
Switch to relying on the nginx-ingress controller rather than our dumb proxy
There can be one ingress controller (ish) per clusters, but dumping an ingress resource in each namespace with a specific path seems to do the right thing as far as routing everything under codevalet.io
This commit is contained in:
parent
8cacff969c
commit
f833106f82
|
@ -13,15 +13,12 @@ items:
|
|||
name: 'canary'
|
||||
namespace: 'canary'
|
||||
spec:
|
||||
type: 'LoadBalancer'
|
||||
selector:
|
||||
name: 'canary'
|
||||
ports:
|
||||
-
|
||||
name: 'http'
|
||||
port: 80
|
||||
- port: 80
|
||||
targetPort: 9292
|
||||
protocol: 'TCP'
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: 'canary'
|
||||
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
|
@ -74,4 +71,27 @@ items:
|
|||
port: 9292
|
||||
initialDelaySeconds: 60
|
||||
timeoutSeconds: 10
|
||||
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: 'http-ingress'
|
||||
namespace: 'canary'
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/rewrite-target: /
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- codevalet.io
|
||||
secretName: ingress-tls
|
||||
rules:
|
||||
- host: codevalet.io
|
||||
http:
|
||||
paths:
|
||||
- path: /canary/
|
||||
backend:
|
||||
serviceName: canary
|
||||
servicePort: 80
|
||||
# vim: ft=yaml
|
||||
|
|
|
@ -0,0 +1,77 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: List
|
||||
items:
|
||||
- apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: 'nginx-ingress'
|
||||
|
||||
- apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: 'nginx'
|
||||
namespace: 'nginx-ingress'
|
||||
spec:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- port: 80
|
||||
name: http
|
||||
- port: 443
|
||||
name: https
|
||||
sessionAffinity: 'ClientIP'
|
||||
selector:
|
||||
app: 'nginx'
|
||||
|
||||
- apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
namespace: 'nginx-ingress'
|
||||
name: 'nginx'
|
||||
data:
|
||||
proxy-connect-timeout: "15"
|
||||
proxy-read-timeout: "600"
|
||||
proxy-send-timeout: "600"
|
||||
hsts-include-subdomains: "false"
|
||||
body-size: "64m"
|
||||
server-name-hash-bucket-size: "256"
|
||||
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: 'nginx'
|
||||
namespace: 'nginx-ingress'
|
||||
spec:
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: 'nginx'
|
||||
spec:
|
||||
containers:
|
||||
- image: 'gcr.io/google_containers/nginx-ingress-controller:0.8.3'
|
||||
name: 'nginx'
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 10254
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: 30
|
||||
timeoutSeconds: 5
|
||||
ports:
|
||||
- containerPort: 80
|
||||
- containerPort: 443
|
||||
args:
|
||||
- /nginx-ingress-controller
|
||||
- --default-backend-service=webapp/webapp
|
||||
- --nginx-configmap=nginx-ingress/nginx
|
|
@ -1,29 +1,20 @@
|
|||
---
|
||||
# Based on
|
||||
# https://radu-matei.github.io/blog/kubernetes-jenkins-azure/#configuring-jenkins-to-dinamically-spawn-agents-docker-containers-for-builds
|
||||
# https://github.com/kubernetes/charts/blob/master/stable/jenkins/templates/jenkins-master-deployment.yaml
|
||||
#
|
||||
# Thanks Radu!
|
||||
apiVersion: "v1"
|
||||
apiVersion: v1
|
||||
kind: "List"
|
||||
items:
|
||||
# jenkins
|
||||
- apiVersion: "v1"
|
||||
kind: "PersistentVolume"
|
||||
- apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: "jenkins-@@USER@@"
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
capacity:
|
||||
storage: 5Gi
|
||||
gcePersistentDisk:
|
||||
pdName: 'jenkins-@@USER@@'
|
||||
fsType: ext4
|
||||
|
||||
- apiVersion: "v1"
|
||||
kind: "PersistentVolumeClaim"
|
||||
- apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: "jenkins-@@USER@@"
|
||||
namespace: "jenkins-@@USER@@"
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
|
@ -31,31 +22,77 @@ items:
|
|||
requests:
|
||||
storage: 5Gi
|
||||
|
||||
- apiVersion: "v1"
|
||||
kind: "ReplicationController"
|
||||
- apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: 'jenkins-@@USER@@'
|
||||
namespace: 'jenkins-@@USER@@'
|
||||
spec:
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 8080
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: 'jenkins-@@USER@@'
|
||||
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: 'http-ingress'
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- codevalet.io
|
||||
secretName: ingress-tls
|
||||
rules:
|
||||
- host: codevalet.io
|
||||
http:
|
||||
paths:
|
||||
- path: '/u/@@USER@@'
|
||||
backend:
|
||||
serviceName: 'jenkins-@@USER@@'
|
||||
servicePort: 80
|
||||
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: "jenkins-@@USER@@"
|
||||
namespace: "jenkins-@@USER@@"
|
||||
labels:
|
||||
name: "jenkins-@@USER@@"
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
selector:
|
||||
template:
|
||||
metadata:
|
||||
name: "jenkins-@@USER@@"
|
||||
labels:
|
||||
name: "jenkins-@@USER@@"
|
||||
app: "jenkins-@@USER@@"
|
||||
annotations:
|
||||
spec:
|
||||
volumes:
|
||||
- name: "jenkins-@@USER@@"
|
||||
persistentVolumeClaim:
|
||||
claimName: "jenkins-@@USER@@"
|
||||
containers:
|
||||
- name: "jenkins-@@USER@@"
|
||||
image: 'rtyler/codevalet-master:latest'
|
||||
image: "rtyler/codevalet-master:latest"
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: http
|
||||
resources:
|
||||
limits:
|
||||
memory: 1G
|
||||
requests:
|
||||
memory: 384M
|
||||
limits:
|
||||
memory: 1G
|
||||
volumeMounts:
|
||||
- name: "jenkins-@@USER@@"
|
||||
mountPath: "/var/jenkins_home"
|
||||
env:
|
||||
- name: CPU_REQUEST
|
||||
valueFrom:
|
||||
|
@ -120,35 +157,4 @@ items:
|
|||
secretKeyRef:
|
||||
name: jenkins-masters
|
||||
key: azure_subscription
|
||||
volumeMounts:
|
||||
- name: "jenkins-@@USER@@"
|
||||
mountPath: "/var/jenkins_home"
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: '/u/@@USER@@/login'
|
||||
port: 8080
|
||||
initialDelaySeconds: 60
|
||||
timeoutSeconds: 5
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
volumes:
|
||||
- name: "jenkins-@@USER@@"
|
||||
persistentVolumeClaim:
|
||||
claimName: "jenkins-@@USER@@"
|
||||
|
||||
- apiVersion: "v1"
|
||||
kind: "Service"
|
||||
metadata:
|
||||
name: "jenkins-@@USER@@"
|
||||
spec:
|
||||
type: 'LoadBalancer'
|
||||
selector:
|
||||
name: "jenkins-@@USER@@"
|
||||
ports:
|
||||
-
|
||||
name: "http"
|
||||
port: 80
|
||||
targetPort: 8080
|
||||
protocol: "TCP"
|
||||
|
||||
# vim: ft=yaml
|
||||
|
|
|
@ -7,6 +7,19 @@ items:
|
|||
metadata:
|
||||
name: 'webapp'
|
||||
|
||||
- apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: 'webapp'
|
||||
namespace: 'webapp'
|
||||
spec:
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 9292
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: 'webapp'
|
||||
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
|
@ -15,7 +28,7 @@ items:
|
|||
labels:
|
||||
name: 'webapp'
|
||||
spec:
|
||||
replicas: 3
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
selector:
|
||||
|
@ -27,7 +40,7 @@ items:
|
|||
spec:
|
||||
containers:
|
||||
- name: 'webapp'
|
||||
image: 'rtyler/codevalet-webapp:latest'
|
||||
image: 'rtyler/codevalet-webapp:201711291143'
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 9292
|
||||
|
@ -62,4 +75,28 @@ items:
|
|||
port: 9292
|
||||
initialDelaySeconds: 60
|
||||
timeoutSeconds: 10
|
||||
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: 'http-ingress'
|
||||
namespace: 'webapp'
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
nginx.ingress.kubernetes.io/affinity: 'cookie'
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- codevalet.io
|
||||
secretName: ingress-tls
|
||||
rules:
|
||||
- host: codevalet.io
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: webapp
|
||||
servicePort: 80
|
||||
|
||||
# vim: ft=yaml
|
||||
|
|
Loading…
Reference in New Issue