From 05c90269074dc283f938ea983edd646c3e79db29 Mon Sep 17 00:00:00 2001 From: Alex Mickelson Date: Thu, 6 Mar 2025 20:38:09 -0700 Subject: [PATCH] moved onto kubernetes for nginx --- home-server/docker-compose.yml | 54 +- kubernetes/ingress-nodeport.yml | 24 - kubernetes/ingress/ingress-nginx.yml | 782 +++++++++++++++++++++++++++ kubernetes/ingress/values.yml | 9 - kubernetes/nginx-configuration.yaml | 14 - 5 files changed, 809 insertions(+), 74 deletions(-) delete mode 100644 kubernetes/ingress-nodeport.yml create mode 100644 kubernetes/ingress/ingress-nginx.yml delete mode 100644 kubernetes/ingress/values.yml delete mode 100644 kubernetes/nginx-configuration.yaml diff --git a/home-server/docker-compose.yml b/home-server/docker-compose.yml index 8c361d6..067c4e1 100644 --- a/home-server/docker-compose.yml +++ b/home-server/docker-compose.yml @@ -186,33 +186,33 @@ services: # - 0.0.0.0:9162:9162 # docker run -it --rm -p 9162:9162 --net=host sfudeus/apcupsd_exporter:master_1.19 - reverse-proxy: - image: ghcr.io/linuxserver/swag - container_name: reverse-proxy - restart: unless-stopped - cap_add: - - NET_ADMIN - environment: - - PUID=1000 - - PGID=1000 - - TZ=America/Denver - - URL=alexmickelson.guru - - SUBDOMAINS=wildcard - - VALIDATION=dns - - DNSPLUGIN=cloudflare - volumes: - - ./nginx.conf:/config/nginx/site-confs/default.conf - - /data/swag:/config - - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini - ports: - # - 0.0.0.0:80:80 - # - 0.0.0.0:443:443 - - 0.0.0.0:7080:80 - - 0.0.0.0:7443:443 - extra_hosts: - - host.docker.internal:host-gateway - networks: - - proxy + # reverse-proxy: + # image: ghcr.io/linuxserver/swag + # container_name: reverse-proxy + # restart: unless-stopped + # cap_add: + # - NET_ADMIN + # environment: + # - PUID=1000 + # - PGID=1000 + # - TZ=America/Denver + # - URL=alexmickelson.guru + # - SUBDOMAINS=wildcard + # - VALIDATION=dns + # - DNSPLUGIN=cloudflare + # volumes: + # - ./nginx.conf:/config/nginx/site-confs/default.conf + # - /data/swag:/config + # - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini + # ports: + # # - 0.0.0.0:80:80 + # # - 0.0.0.0:443:443 + # - 0.0.0.0:7080:80 + # - 0.0.0.0:7443:443 + # extra_hosts: + # - host.docker.internal:host-gateway + # networks: + # - proxy audiobookshelf: diff --git a/kubernetes/ingress-nodeport.yml b/kubernetes/ingress-nodeport.yml deleted file mode 100644 index a58db0d..0000000 --- a/kubernetes/ingress-nodeport.yml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: my-ingress-nginx-controller - namespace: ingress-nginx -spec: - ports: - - appProtocol: http - name: http - nodePort: 80 - port: 80 - protocol: TCP - targetPort: http - - appProtocol: https - name: https - nodePort: 443 - port: 443 - protocol: TCP - targetPort: https - selector: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - type: NodePort diff --git a/kubernetes/ingress/ingress-nginx.yml b/kubernetes/ingress/ingress-nginx.yml new file mode 100644 index 0000000..81dae7c --- /dev/null +++ b/kubernetes/ingress/ingress-nginx.yml @@ -0,0 +1,782 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + name: ingress-nginx +--- +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx + namespace: ingress-nginx +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission + namespace: ingress-nginx +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx + namespace: ingress-nginx +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - endpoints + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update +- apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch +- apiGroups: + - coordination.k8s.io + resourceNames: + - ingress-nginx-leader + resources: + - leases + verbs: + - get + - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission + namespace: ingress-nginx +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + - namespaces + verbs: + - list + - watch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update +- apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission +rules: +- apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - get + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx + namespace: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: ingress-nginx +subjects: +- kind: ServiceAccount + name: ingress-nginx + namespace: ingress-nginx +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission + namespace: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: ingress-nginx-admission +subjects: +- kind: ServiceAccount + name: ingress-nginx-admission + namespace: ingress-nginx +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ingress-nginx +subjects: +- kind: ServiceAccount + name: ingress-nginx + namespace: ingress-nginx +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ingress-nginx-admission +subjects: +- kind: ServiceAccount + name: ingress-nginx-admission + namespace: ingress-nginx +--- +apiVersion: v1 +data: + allow-snippet-annotations: "false" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-controller + namespace: ingress-nginx +data: + allow-snippet-annotations: "true" +# http-snippet: | +# proxy_cache_path /tmp/nginx-cache levels=1:2 keys_zone=static-cache:2m max_size=100m inactive=7d use_temp_path=off; +# proxy_cache_key $scheme$proxy_host$request_uri; +# proxy_cache_lock on; +# proxy_cache_use_stale updating; +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-controller + namespace: ingress-nginx +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - appProtocol: http + name: http + port: 80 + protocol: TCP + targetPort: http + - appProtocol: https + name: https + port: 443 + protocol: TCP + targetPort: https + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-controller-admission + namespace: ingress-nginx +spec: + ports: + - appProtocol: https + name: https-webhook + port: 443 + targetPort: webhook + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + type: ClusterIP +# --- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# labels: +# app.kubernetes.io/component: controller +# app.kubernetes.io/instance: ingress-nginx +# app.kubernetes.io/name: ingress-nginx +# app.kubernetes.io/part-of: ingress-nginx +# app.kubernetes.io/version: 1.10.0 +# name: ingress-nginx-controller +# namespace: ingress-nginx +# spec: +# minReadySeconds: 0 +# revisionHistoryLimit: 10 +# selector: +# matchLabels: +# app.kubernetes.io/component: controller +# app.kubernetes.io/instance: ingress-nginx +# app.kubernetes.io/name: ingress-nginx +# strategy: +# rollingUpdate: +# maxUnavailable: 1 +# type: RollingUpdate +# template: +# metadata: +# labels: +# app.kubernetes.io/component: controller +# app.kubernetes.io/instance: ingress-nginx +# app.kubernetes.io/name: ingress-nginx +# app.kubernetes.io/part-of: ingress-nginx +# app.kubernetes.io/version: 1.10.0 +# spec: +# hostNetwork: true +# containers: +# - args: +# - /nginx-ingress-controller +# - --election-id=ingress-nginx-leader +# - --controller-class=k8s.io/ingress-nginx +# - --ingress-class=nginx +# - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller +# - --validating-webhook=:8443 +# - --validating-webhook-certificate=/usr/local/certificates/cert +# - --validating-webhook-key=/usr/local/certificates/key +# - --enable-metrics=false +# env: +# - name: POD_NAME +# valueFrom: +# fieldRef: +# fieldPath: metadata.name +# - name: POD_NAMESPACE +# valueFrom: +# fieldRef: +# fieldPath: metadata.namespace +# - name: LD_PRELOAD +# value: /usr/local/lib/libmimalloc.so +# image: registry.k8s.io/ingress-nginx/controller:v1.10.0@sha256:42b3f0e5d0846876b1791cd3afeb5f1cbbe4259d6f35651dcc1b5c980925379c +# imagePullPolicy: IfNotPresent +# lifecycle: +# preStop: +# exec: +# command: +# - /wait-shutdown +# livenessProbe: +# failureThreshold: 5 +# httpGet: +# path: /healthz +# port: 10254 +# scheme: HTTP +# initialDelaySeconds: 10 +# periodSeconds: 10 +# successThreshold: 1 +# timeoutSeconds: 1 +# name: controller +# ports: +# - containerPort: 80 +# name: http +# protocol: TCP +# - containerPort: 443 +# name: https +# protocol: TCP +# - containerPort: 8443 +# name: webhook +# protocol: TCP +# readinessProbe: +# failureThreshold: 3 +# httpGet: +# path: /healthz +# port: 10254 +# scheme: HTTP +# initialDelaySeconds: 10 +# periodSeconds: 10 +# successThreshold: 1 +# timeoutSeconds: 1 +# resources: +# requests: +# cpu: 100m +# memory: 90Mi +# securityContext: +# allowPrivilegeEscalation: false +# capabilities: +# add: +# - NET_BIND_SERVICE +# drop: +# - ALL +# readOnlyRootFilesystem: false +# runAsNonRoot: true +# runAsUser: 101 +# seccompProfile: +# type: RuntimeDefault +# volumeMounts: +# - mountPath: /usr/local/certificates/ +# name: webhook-cert +# readOnly: true +# dnsPolicy: ClusterFirst +# nodeSelector: +# kubernetes.io/os: linux +# serviceAccountName: ingress-nginx +# terminationGracePeriodSeconds: 300 +# volumes: +# - name: webhook-cert +# secret: +# secretName: ingress-nginx-admission +--- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission-create + namespace: ingress-nginx +spec: + template: + metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission-create + spec: + containers: + - args: + - create + - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc + - --namespace=$(POD_NAMESPACE) + - --secret-name=ingress-nginx-admission + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.0@sha256:44d1d0e9f19c63f58b380c5fddaca7cf22c7cee564adeff365225a5df5ef3334 + imagePullPolicy: IfNotPresent + name: create + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + serviceAccountName: ingress-nginx-admission +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-controller + namespace: ingress-nginx +spec: + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + template: + metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + spec: + hostNetwork: true + containers: + - args: + - /nginx-ingress-controller + - --election-id=ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + - --enable-metrics=false + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.10.0@sha256:42b3f0e5d0846876b1791cd3afeb5f1cbbe4259d6f35651dcc1b5c980925379c + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: false + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + dnsPolicy: ClusterFirst + nodeSelector: + # kubernetes.io/hostname: alex-office2 + kubernetes.io/os: linux + serviceAccountName: ingress-nginx + terminationGracePeriodSeconds: 300 + volumes: + - name: webhook-cert + secret: + secretName: ingress-nginx-admission +--- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission-patch + namespace: ingress-nginx +spec: + template: + metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission-patch + spec: + containers: + - args: + - patch + - --webhook-name=ingress-nginx-admission + - --namespace=$(POD_NAMESPACE) + - --patch-mutating=false + - --secret-name=ingress-nginx-admission + - --patch-failure-policy=Fail + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.0@sha256:44d1d0e9f19c63f58b380c5fddaca7cf22c7cee564adeff365225a5df5ef3334 + imagePullPolicy: IfNotPresent + name: patch + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + serviceAccountName: ingress-nginx-admission +--- +apiVersion: networking.k8s.io/v1 +kind: IngressClass +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: nginx +spec: + controller: k8s.io/ingress-nginx +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.10.0 + name: ingress-nginx-admission +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: ingress-nginx-controller-admission + namespace: ingress-nginx + path: /networking/v1/ingresses + failurePolicy: Fail + matchPolicy: Equivalent + name: validate.nginx.ingress.kubernetes.io + rules: + - apiGroups: + - networking.k8s.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - ingresses + sideEffects: None diff --git a/kubernetes/ingress/values.yml b/kubernetes/ingress/values.yml deleted file mode 100644 index 19505ff..0000000 --- a/kubernetes/ingress/values.yml +++ /dev/null @@ -1,9 +0,0 @@ -controller: - hostNetwork: true - dnsPolicy: ClusterFirstWithHostNet - # kind: DaemonSet - # hostPort: - # enabled: true - # ports: - # http: 80 - # https: 443 diff --git a/kubernetes/nginx-configuration.yaml b/kubernetes/nginx-configuration.yaml deleted file mode 100644 index daa50ca..0000000 --- a/kubernetes/nginx-configuration.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.0 - name: ingress-nginx-controller - namespace: ingress-nginx -data: - allow-snippet-annotations: "true" - annotations-risk-level: Critical \ No newline at end of file