Skip to content

Commit f7775de

Browse files
unfor19unfor19
authored
Merge pull request #12 from unfor19/kubernetes/1.21.2
Kubernetes/1.21.2
2 parents 20b7590 + 8cf254f commit f7775de

File tree

10 files changed

+113
-25551
lines changed

10 files changed

+113
-25551
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,3 @@
11
.*
22
!.*ignore*
3+
minikube-bin

1-baby.yaml

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ spec:
4848
app: cats
4949
type: baby
5050
---
51-
apiVersion: networking.k8s.io/v1beta1 # NGINX Ingress Controller supports this version
51+
apiVersion: networking.k8s.io/v1
5252
kind: Ingress
5353
metadata:
5454
name: baby
@@ -61,5 +61,7 @@ spec:
6161
- path: /
6262
pathType: Prefix
6363
backend:
64-
serviceName: baby
65-
servicePort: 80
64+
service:
65+
name: baby
66+
port:
67+
number: 80

2-green.yaml

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -48,17 +48,17 @@ spec:
4848
app: cats
4949
type: green
5050
---
51-
apiVersion: networking.k8s.io/v1beta1 # NGINX Ingress Controller supports this version
51+
apiVersion: networking.k8s.io/v1
5252
kind: Ingress
5353
metadata:
5454
name: green
5555
annotations:
5656
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
5757
spec:
5858
tls:
59-
- hosts:
60-
- green.kubemaster.me
61-
secretName: green-tls-secret
59+
- hosts:
60+
- green.kubemaster.me
61+
secretName: green-tls-secret
6262
ingressClassName: nginx
6363
rules:
6464
- host: green.kubemaster.me
@@ -67,5 +67,7 @@ spec:
6767
- path: /
6868
pathType: Prefix
6969
backend:
70-
serviceName: green
71-
servicePort: 80
70+
service:
71+
name: green
72+
port:
73+
number: 80

3-dark.yaml

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ spec:
3636
valueFrom:
3737
secretKeyRef:
3838
name: google-credentials
39-
key: google_client_id
39+
key: google_client_id
4040
ports:
4141
- containerPort: 8080
4242
---
@@ -53,20 +53,20 @@ spec:
5353
app: cats
5454
type: dark
5555
---
56-
apiVersion: networking.k8s.io/v1beta1 # NGINX Ingress Controller supports this version
56+
apiVersion: networking.k8s.io/v1
5757
kind: Ingress
5858
metadata:
5959
name: dark
6060
annotations:
6161
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
6262
nginx.ingress.kubernetes.io/auth-url: https://auth.kubemaster.me/oauth2/auth
6363
nginx.ingress.kubernetes.io/auth-signin: https://auth.kubemaster.me/oauth2/start?rd=https://$host$escaped_request_uri
64-
nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Auth-Request-User, X-Auth-Request-Email, X-Auth-Request-Preferred-Username, X-Auth-Request-Access-Token"
64+
nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Auth-Request-User, X-Auth-Request-Email, X-Auth-Request-Preferred-Username, X-Auth-Request-Access-Token"
6565
spec:
6666
tls:
67-
- hosts:
68-
- dark.kubemaster.me
69-
secretName: dark-tls-secret
67+
- hosts:
68+
- dark.kubemaster.me
69+
secretName: dark-tls-secret
7070
ingressClassName: nginx
7171
rules:
7272
- host: dark.kubemaster.me
@@ -75,5 +75,7 @@ spec:
7575
- path: /
7676
pathType: Prefix
7777
backend:
78-
serviceName: dark
79-
servicePort: 80
78+
service:
79+
name: dark
80+
port:
81+
number: 80

3-oauth2-proxy.yaml

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -46,8 +46,8 @@ spec:
4646
valueFrom:
4747
secretKeyRef:
4848
name: google-credentials
49-
key: google_client_secret
50-
image: quay.io/oauth2-proxy/oauth2-proxy:v7.1.0
49+
key: google_client_secret
50+
image: quay.io/oauth2-proxy/oauth2-proxy:v7.2.1
5151
imagePullPolicy: IfNotPresent
5252
name: oauth2-proxy
5353
ports:
@@ -76,23 +76,26 @@ spec:
7676
selector:
7777
k8s-app: oauth2-proxy
7878
---
79-
apiVersion: networking.k8s.io/v1beta1
79+
apiVersion: networking.k8s.io/v1
8080
kind: Ingress
8181
metadata:
8282
name: oauth2-proxy
8383
annotations:
84-
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
84+
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
8585
spec:
8686
tls:
8787
- hosts:
8888
- auth.kubemaster.me
8989
secretName: oauth2-proxy-tls-secret
90+
ingressClassName: nginx
9091
rules:
9192
- host: auth.kubemaster.me
9293
http:
9394
paths:
9495
- path: /oauth2
9596
pathType: Prefix
9697
backend:
97-
serviceName: oauth2-proxy
98-
servicePort: 4180
98+
service:
99+
name: oauth2-proxy
100+
port:
101+
number: 4180

4-darker.yaml

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -32,13 +32,13 @@ spec:
3232
env:
3333
- name: APP_NAME
3434
value: dark
35-
- name: FROM_AUTHOR
35+
- name: FROM_AUTHOR
3636
value: darker
3737
- name: CLIENT_ID
3838
valueFrom:
3939
secretKeyRef:
4040
name: google-credentials
41-
key: google_client_id
41+
key: google_client_id
4242
ports:
4343
- containerPort: 8080
4444
---
@@ -55,20 +55,20 @@ spec:
5555
app: cats
5656
type: darker
5757
---
58-
apiVersion: networking.k8s.io/v1beta1 # NGINX Ingress Controller supports this version
58+
apiVersion: networking.k8s.io/v1
5959
kind: Ingress
6060
metadata:
6161
name: darker
6262
annotations:
63-
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
63+
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
6464
nginx.ingress.kubernetes.io/auth-url: https://oidc.kubemaster.me/oauth2/auth
6565
nginx.ingress.kubernetes.io/auth-signin: https://oidc.kubemaster.me/oauth2/start?rd=https://$host$escaped_request_uri
6666
nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Auth-Request-User, X-Auth-Request-Email, X-Auth-Request-Preferred-Username, X-Auth-Request-Access-Token"
6767
spec:
6868
tls:
69-
- hosts:
70-
- darker.kubemaster.me
71-
secretName: darker-tls-secret
69+
- hosts:
70+
- darker.kubemaster.me
71+
secretName: darker-tls-secret
7272
ingressClassName: nginx
7373
rules:
7474
- host: darker.kubemaster.me
@@ -77,5 +77,7 @@ spec:
7777
- path: /
7878
pathType: Prefix
7979
backend:
80-
serviceName: darker
81-
servicePort: 80
80+
service:
81+
name: darker
82+
port:
83+
number: 80

4-oauth2-proxy-oidc.yaml

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ spec:
2020
- --provider=oidc # Google in our case
2121
- --scope=openid profile email
2222
- --oidc-issuer-url=https://accounts.google.com
23-
- --oidc-jwks-url=https://accounts.google.com/.well-known/openid-configuration
23+
- --oidc-jwks-url=https://accounts.google.com/.well-known/openid-configuration
2424
- --email-domain=* #
2525
- --http-address=0.0.0.0:4180 # accept from anywhere to port 4180
2626
- --whitelist-domain=.kubemaster.me # any subdomain
@@ -79,23 +79,26 @@ spec:
7979
selector:
8080
k8s-app: oauth2-proxy-oidc
8181
---
82-
apiVersion: networking.k8s.io/v1beta1
82+
apiVersion: networking.k8s.io/v1
8383
kind: Ingress
8484
metadata:
8585
name: oauth2-proxy-oidc
8686
annotations:
87-
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
87+
cert-manager.io/cluster-issuer: tls-ca-issuer # https://cert-manager.io/docs/usage/ingress/
8888
spec:
8989
tls:
9090
- hosts:
9191
- oidc.kubemaster.me
9292
secretName: oauth2-proxy-oidc-tls-secret
93+
ingressClassName: nginx
9394
rules:
9495
- host: oidc.kubemaster.me
9596
http:
9697
paths:
9798
- path: /oauth2
9899
pathType: Prefix
99100
backend:
100-
serviceName: oauth2-proxy-oidc
101-
servicePort: 4180
101+
service:
102+
name: oauth2-proxy-oidc
103+
port:
104+
number: 4180

0 commit comments

Comments
 (0)