--- /dev/null
+secret.yaml
--- /dev/null
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: acme-prod
+spec:
+ acme:
+ email: adam.shamblin@zeroecks.com
+ server: https://acme-v02.api.letsencrypt.org/directory
+ privateKeySecretRef:
+ name: letsencrypt-prod
+ solvers:
+ - dns01:
+ digitalocean:
+ tokenSecretRef:
+ name: digitalocean-dns
+ key: access-token
--- /dev/null
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "letters.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ {{- include "letters.labels" . | nindent 4 }}
+ {{- with .Values.ingress.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ .path }}
+ backend:
+ serviceName: {{ $fullName }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
name: {{ include "letters.fullname" . }}
labels:
{{- include "letters.labels" . | nindent 4 }}
- annotations:
- {{- range $key, $val := .Values.service.annotations }}
- {{ $key }}: {{ $val | quote }}
- {{- end }}
spec:
type: {{ .Values.service.type }}
ports:
- {{- range .Values.service.ports }}
- - name: {{ .name }}
- protocol: {{ .protocol }}
- port: {{ .port }}
- targetPort: {{ .targetPort }}
- {{- end }}
+ - port: {{ .Values.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
selector:
{{- include "letters.selectorLabels" . | nindent 4 }}
name: ""
service:
- type: LoadBalancer
- annotations:
- service.beta.kubernetes.io/do-loadbalancer-algorithm: "least_connections"
- service.beta.kubernetes.io/do-loadbalancer-healthcheck-protocol: "http"
- service.beta.kubernetes.io/do-loadbalancer-healthcheck-path: "/"
- service.beta.kubernetes.io/do-loadbalancer-healthcheck-check-interval-seconds: "3"
- service.beta.kubernetes.io/do-loadbalancer-healthcheck-response-timeout-seconds: "5"
- service.beta.kubernetes.io/do-loadbalancer-healthcheck-unhealthy-threshold: "3"
- service.beta.kubernetes.io/do-loadbalancer-healthcheck-healthy-threshold: "5"
- service.beta.kubernetes.io/do-loadbalancer-protocol: "http"
- service.beta.kubernetes.io/do-loadbalancer-algorithm: "round_robin"
- service.beta.kubernetes.io/do-loadbalancer-certificate-id: "28d85d51-a9dd-441b-8f23-299847e1eb85"
- service.beta.kubernetes.io/do-loadbalancer-redirect-http-to-https: "true"
- ports:
- - name: http
- protocol: TCP
- port: 80
- targetPort: 80
- - name: https
- protocol: TCP
- port: 443
- targetPort: 80
+ type: ClusterIP
+ port: 80
ingress:
- enabled: false
- annotations: {}
- # kubernetes.io/ingress.class: nginx
- # kubernetes.io/tls-acme: "true"
+ enabled: true
+ annotations:
+ kubernetes.io/ingress.class: nginx
+ cert-manager.io/cluster-issuer: "acme-prod"
hosts:
- - host: chart-example.local
- paths: []
- tls: []
- # - secretName: chart-example-tls
- # hosts:
- # - chart-example.local
+ - host: letters.vexingworkshop.com
+ paths:
+ - path: /
+ tls:
+ - hosts:
+ - letters.vexingworkshop.com
+ secretName: vexing-tls
+
resources: {}
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
- # targetMemoryUtilizationPercentage: 80
nodeSelector: {}
projects / letters.git / commitdiff