From 163792a91357e7ceb881ce3ac1d04c091ae1110c Mon Sep 17 00:00:00 2001 From: Udo Waechter Date: Thu, 29 Oct 2020 12:13:59 +0100 Subject: [PATCH] haproxy replaces nginx? --- _sys/haproxy-ingress.yaml | 202 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 202 insertions(+) create mode 100644 _sys/haproxy-ingress.yaml diff --git a/_sys/haproxy-ingress.yaml b/_sys/haproxy-ingress.yaml new file mode 100644 index 0000000..bf5396a --- /dev/null +++ b/_sys/haproxy-ingress.yaml @@ -0,0 +1,202 @@ +#https://raw.githubusercontent.com/haproxytech/kubernetes-ingress/master/deploy/haproxy-ingress.yaml +#https://www.haproxy.com/documentation/kubernetes/latest/installation/community/kubernetes/ +# +# NOTES: Image is not from haproxytech, no arm64 imgs +--- +apiVersion: v1 +kind: Namespace +metadata: + name: haproxy-controller + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: haproxy-ingress-service-account + namespace: haproxy-controller + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: haproxy-ingress-cluster-role +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - services + - namespaces + - events + - serviceaccounts + verbs: + - get + - list + - watch +- apiGroups: + - "extensions" + resources: + - ingresses + - ingresses/status + verbs: + - get + - list + - watch + - update +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - create + - patch + - update + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: haproxy-ingress-cluster-role-binding + namespace: haproxy-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: haproxy-ingress-cluster-role +subjects: +- kind: ServiceAccount + name: haproxy-ingress-service-account + namespace: haproxy-controller + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: haproxy + namespace: haproxy-controller +data: + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + run: ingress-default-backend + name: ingress-default-backend + namespace: haproxy-controller +spec: + replicas: 1 + selector: + matchLabels: + run: ingress-default-backend + template: + metadata: + labels: + run: ingress-default-backend + spec: + containers: + - name: ingress-default-backend + image: gcr.io/google_containers/defaultbackend:1.0 + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + run: ingress-default-backend + name: ingress-default-backend + namespace: haproxy-controller +spec: + selector: + run: ingress-default-backend + ports: + - name: port-1 + port: 8080 + protocol: TCP + targetPort: 8080 + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + run: haproxy-ingress + name: haproxy-ingress + namespace: haproxy-controller +spec: + replicas: 1 + selector: + matchLabels: + run: haproxy-ingress + template: + metadata: + labels: + run: haproxy-ingress + spec: + serviceAccountName: haproxy-ingress-service-account + containers: + - name: haproxy-ingress + #image: haproxytech/kubernetes-ingress + image: bmanojlovic/kubernetes-ingress:latest + args: + - --configmap=haproxy-controller/haproxy + - --default-backend-service=haproxy-controller/ingress-default-backend + resources: + requests: + cpu: "500m" + memory: "50Mi" + livenessProbe: + httpGet: + path: /healthz + port: 1042 + ports: + - name: http + containerPort: 80 + - name: https + containerPort: 443 + - name: stat + containerPort: 1024 + env: + - name: TZ + value: "Etc/UTC" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + run: haproxy-ingress + name: haproxy-ingress + namespace: haproxy-controller +spec: + selector: + run: haproxy-ingress + type: NodePort + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + - name: https + port: 443 + protocol: TCP + targetPort: 443 + - name: stat + port: 1024 + protocol: TCP + targetPort: 1024 \ No newline at end of file