From 97ac6d224b9ffac01277e81f8bc9564ba5afec20 Mon Sep 17 00:00:00 2001 From: Alex Mickelson Date: Fri, 2 Jan 2026 16:29:49 -0700 Subject: [PATCH] refactoring proxy ingress to use endpointslice --- .../proxy-ingress/audiobook-proxy-ingress.yml | 30 ++++++++-- .../proxy-ingress/copilot-proxy-ingress.yml | 30 ++++++++-- .../proxy-ingress/grafana-proxy-ingress.yml | 30 ++++++++-- kubernetes/proxy-ingress/ha-proxy-ingress.yml | 30 ++++++++-- .../proxy-ingress/homepage-proxy-ingress.yml | 53 +++++++++++------ .../proxy-ingress/immich-proxy-ingress.yml | 52 ++++++++++++----- .../musicassistant-proxy-ingress.yml | 52 ++++++++++++----- .../proxy-ingress/nextcloud-proxy-ingress.yml | 58 +++++++++++++------ .../prometheus-proxy-ingress.yml | 28 +++++++-- 9 files changed, 271 insertions(+), 92 deletions(-) diff --git a/kubernetes/proxy-ingress/audiobook-proxy-ingress.yml b/kubernetes/proxy-ingress/audiobook-proxy-ingress.yml index ebd11fc..43b3958 100644 --- a/kubernetes/proxy-ingress/audiobook-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/audiobook-proxy-ingress.yml @@ -8,7 +8,7 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: + - hosts: - audiobook.alexmickelson.guru secretName: audiobookshelf-tls-cert rules: @@ -19,15 +19,35 @@ spec: pathType: Prefix backend: service: - name: audiobookshelf-service + name: audiobookshelf port: number: 13378 --- apiVersion: v1 kind: Service metadata: - name: audiobookshelf-service + name: audiobookshelf namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 13378 + targetPort: 13378 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: audiobookshelf + namespace: projects + labels: + kubernetes.io/service-name: audiobookshelf +addressType: IPv4 +ports: +- name: http + port: 13378 + protocol: TCP +endpoints: +- addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/copilot-proxy-ingress.yml b/kubernetes/proxy-ingress/copilot-proxy-ingress.yml index 0e5224a..509d511 100644 --- a/kubernetes/proxy-ingress/copilot-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/copilot-proxy-ingress.yml @@ -8,7 +8,7 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: + - hosts: - copilot.alexmickelson.guru secretName: copilot-tls-cert rules: @@ -19,15 +19,35 @@ spec: pathType: Prefix backend: service: - name: copilot-service + name: copilot port: number: 4444 --- apiVersion: v1 kind: Service metadata: - name: copilot-service + name: copilot namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 4444 + targetPort: 4444 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: copilot + namespace: projects + labels: + kubernetes.io/service-name: copilot +addressType: IPv4 +ports: +- name: http + port: 4444 + protocol: TCP +endpoints: +- addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/grafana-proxy-ingress.yml b/kubernetes/proxy-ingress/grafana-proxy-ingress.yml index 0127788..cc4af56 100644 --- a/kubernetes/proxy-ingress/grafana-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/grafana-proxy-ingress.yml @@ -8,7 +8,7 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: + - hosts: - grafana.alexmickelson.guru secretName: grafana-tls-cert rules: @@ -19,15 +19,35 @@ spec: pathType: Prefix backend: service: - name: grafana-service + name: grafana port: number: 3000 --- apiVersion: v1 kind: Service metadata: - name: grafana-service + name: grafana namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 3000 + targetPort: 3000 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: grafana + namespace: projects + labels: + kubernetes.io/service-name: grafana +addressType: IPv4 +ports: +- name: http + port: 3000 + protocol: TCP +endpoints: +- addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/ha-proxy-ingress.yml b/kubernetes/proxy-ingress/ha-proxy-ingress.yml index 2332c20..bb310d1 100644 --- a/kubernetes/proxy-ingress/ha-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/ha-proxy-ingress.yml @@ -8,7 +8,7 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: + - hosts: - ha.alexmickelson.guru secretName: ha-tls-cert rules: @@ -19,15 +19,35 @@ spec: pathType: Prefix backend: service: - name: home-assistant-service + name: home-assistant port: number: 8123 --- apiVersion: v1 kind: Service metadata: - name: home-assistant-service + name: home-assistant namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 8123 + targetPort: 8123 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: home-assistant + namespace: projects + labels: + kubernetes.io/service-name: home-assistant +addressType: IPv4 +ports: +- name: http + port: 8123 + protocol: TCP +endpoints: +- addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/homepage-proxy-ingress.yml b/kubernetes/proxy-ingress/homepage-proxy-ingress.yml index 9747190..5bdcd10 100644 --- a/kubernetes/proxy-ingress/homepage-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/homepage-proxy-ingress.yml @@ -8,27 +8,46 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: - - home.alexmickelson.guru - secretName: home-tls-cert + - hosts: + - home.alexmickelson.guru + secretName: home-tls-cert rules: - - host: home.alexmickelson.guru - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: homepage-service - port: - number: 3001 + - host: home.alexmickelson.guru + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: homepage + port: + number: 3001 --- apiVersion: v1 kind: Service metadata: - name: homepage-service + name: homepage namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 - \ No newline at end of file + ports: + - port: 3001 + targetPort: 3001 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: homepage + namespace: projects + labels: + kubernetes.io/service-name: homepage +addressType: IPv4 +ports: + - name: http + port: 3001 + protocol: TCP +endpoints: + - addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/immich-proxy-ingress.yml b/kubernetes/proxy-ingress/immich-proxy-ingress.yml index 46d6a0e..f1f8dd6 100644 --- a/kubernetes/proxy-ingress/immich-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/immich-proxy-ingress.yml @@ -12,26 +12,46 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: - - photos.alexmickelson.guru - secretName: immich-tls-cert + - hosts: + - photos.alexmickelson.guru + secretName: immich-tls-cert rules: - - host: photos.alexmickelson.guru - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: immich-service - port: - number: 2283 + - host: photos.alexmickelson.guru + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: immich + port: + number: 2283 --- apiVersion: v1 kind: Service metadata: - name: immich-service + name: immich namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 2283 + targetPort: 2283 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: immich + namespace: projects + labels: + kubernetes.io/service-name: immich +addressType: IPv4 +ports: + - name: http + port: 2283 + protocol: TCP +endpoints: + - addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/musicassistant-proxy-ingress.yml b/kubernetes/proxy-ingress/musicassistant-proxy-ingress.yml index 94fb76d..b6efc73 100644 --- a/kubernetes/proxy-ingress/musicassistant-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/musicassistant-proxy-ingress.yml @@ -8,26 +8,46 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: - - sound.alexmickelson.guru - secretName: sound-tls-cert + - hosts: + - sound.alexmickelson.guru + secretName: sound-tls-cert rules: - - host: sound.alexmickelson.guru - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: musicassistant-service - port: - number: 8095 + - host: sound.alexmickelson.guru + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: musicassistant + port: + number: 8095 --- apiVersion: v1 kind: Service metadata: - name: musicassistant-service + name: musicassistant namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 8095 + targetPort: 8095 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: musicassistant + namespace: projects + labels: + kubernetes.io/service-name: musicassistant +addressType: IPv4 +ports: + - name: http + port: 8095 + protocol: TCP +endpoints: + - addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/nextcloud-proxy-ingress.yml b/kubernetes/proxy-ingress/nextcloud-proxy-ingress.yml index 54e6131..12e4b9c 100644 --- a/kubernetes/proxy-ingress/nextcloud-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/nextcloud-proxy-ingress.yml @@ -5,10 +5,10 @@ metadata: namespace: projects annotations: cert-manager.io/cluster-issuer: cloudflare-issuer - nginx.ingress.kubernetes.io/proxy-body-size: 51200m + nginx.ingress.kubernetes.io/proxy-body-size: 51200m nginx.ingress.kubernetes.io/server-snippet: |- - server_tokens off; - proxy_hide_header X-Powered-By; + server_tokens off; + proxy_hide_header X-Powered-By; nginx.ingress.kubernetes.io/cors-allow-headers: X-Forwarded-For nginx.ingress.kubernetes.io/enable-cors: "true" nginx.ingress.kubernetes.io/proxy-buffer-size: 225m @@ -20,26 +20,46 @@ metadata: spec: ingressClassName: nginx tls: - - hosts: - - next.alexmickelson.guru - secretName: nextcloud-tls-cert + - hosts: + - next.alexmickelson.guru + secretName: nextcloud-tls-cert rules: - - host: next.alexmickelson.guru - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: nextcloud-service - port: - number: 9001 + - host: next.alexmickelson.guru + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: nextcloud + port: + number: 9001 --- apiVersion: v1 kind: Service metadata: - name: nextcloud-service + name: nextcloud namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 9001 + targetPort: 9001 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: nextcloud + namespace: projects + labels: + kubernetes.io/service-name: nextcloud +addressType: IPv4 +ports: + - name: http + port: 9001 + protocol: TCP +endpoints: + - addresses: + - 100.122.128.107 + conditions: + ready: true diff --git a/kubernetes/proxy-ingress/prometheus-proxy-ingress.yml b/kubernetes/proxy-ingress/prometheus-proxy-ingress.yml index 0b040fe..fa80474 100644 --- a/kubernetes/proxy-ingress/prometheus-proxy-ingress.yml +++ b/kubernetes/proxy-ingress/prometheus-proxy-ingress.yml @@ -19,15 +19,35 @@ spec: pathType: Prefix backend: service: - name: prometheus-service + name: prometheus port: number: 9091 --- apiVersion: v1 kind: Service metadata: - name: prometheus-service + name: prometheus namespace: projects spec: - type: ExternalName - externalName: 100.122.128.107 + ports: + - port: 9091 + targetPort: 9091 + protocol: TCP +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: prometheus + namespace: projects + labels: + kubernetes.io/service-name: prometheus +addressType: IPv4 +ports: + - name: http + port: 9091 + protocol: TCP +endpoints: + - addresses: + - 100.122.128.107 + conditions: + ready: true