shaneog · May 23, 2017 21:44
diff --git a/nginx.yaml b/nginx.yaml
 apiVersion: v1
 kind: Service
 metadata:
  name: nginx-ingress
 spec:
  loadBalancerIP: xxxxxxx
  type: LoadBalancer
  ports:
    # - port: 80
    #   name: http
    - port: 443
      name: https
  selector:
    k8s-app: nginx-ingress-lb

 ---
 apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
  name: nginx-ingress-controller
 spec:
  replicas: 1
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
    spec:
      terminationGracePeriodSeconds: 60
      containers:
        - name: nginx-ingress-controller
          # From https://github.com/kubernetes/contrib/blob/master/ingress/controllers/nginx/rc.yaml
          image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
          imagePullPolicy: Always
          args:
            - /nginx-ingress-controller
            # Ingress controller redirects to the given server for any unknown subdomain, can be any but:
            # - Should serve a HTTP/404 on /
            # - Must serve a HTTP/200 on /healthz
            - --default-backend-service=default/default-http-backend
          # Use downward API
          env:
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          ports:
            #- containerPort: 80
            - containerPort: 443
          # volumeMounts:  # Optional
          #   - name: tls-dhparam-vol
          #     mountPath: /etc/nginx-ssl/dhparam
          livenessProbe:  # Optional
            httpGet:
              path: /healthz
              port: 10254
              scheme: HTTP
            initialDelaySeconds: 30
            timeoutSeconds: 5
          resources:  # Optional
            requests:
              memory: "10Mi"
            limits:
              memory: "100Mi"
      # volumes:  # Optional
      #   - name: tls-dhparam-vol
      #     secret:
      #       secretName: tls-dhparam

 ---
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
  name: ingress
  annotations:
    # This tells to only use the Nginx Ingress Controller
    # and avoids the creation on a Global LoadBalancer on GKE.
    kubernetes.io/ingress.class: "nginx"
 spec:
  tls:
    - secretName: wildcard-staging
      # List of hosts supported by this certificate:
      hosts:
        - socket-1.staging.mynodeapp.com
        - socket-2.staging.mynodeapp.com
  rules:
    - host: socket-1.staging.mynodeapp.com
      http:
        paths:
          - path: /
            backend:
              serviceName: socket-1
              servicePort: 10001
    - host: socket-2.staging.mynodeapp.com
      http:
        paths:
          - path: /
            backend:
              serviceName: socket-2
              servicePort: 10002
	apiVersion: v1
	kind: Service
	metadata:
	name: nginx-ingress
	spec:
	loadBalancerIP: xxxxxxx
	type: LoadBalancer
	ports:
	# - port: 80
	# name: http
	- port: 443
	name: https
	selector:
	k8s-app: nginx-ingress-lb

	---
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	name: nginx-ingress-controller
	spec:
	replicas: 1
	template:
	metadata:
	labels:
	k8s-app: nginx-ingress-lb
	spec:
	terminationGracePeriodSeconds: 60
	containers:
	- name: nginx-ingress-controller
	# From https://github.com/kubernetes/contrib/blob/master/ingress/controllers/nginx/rc.yaml
	image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
	imagePullPolicy: Always
	args:
	- /nginx-ingress-controller
	# Ingress controller redirects to the given server for any unknown subdomain, can be any but:
	# - Should serve a HTTP/404 on /
	# - Must serve a HTTP/200 on /healthz
	- --default-backend-service=default/default-http-backend
	# Use downward API
	env:
	- name: POD_NAME
	valueFrom:
	fieldRef:
	fieldPath: metadata.name
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	ports:
	#- containerPort: 80
	- containerPort: 443
	# volumeMounts: # Optional
	# - name: tls-dhparam-vol
	# mountPath: /etc/nginx-ssl/dhparam
	livenessProbe: # Optional
	httpGet:
	path: /healthz
	port: 10254
	scheme: HTTP
	initialDelaySeconds: 30
	timeoutSeconds: 5
	resources: # Optional
	requests:
	memory: "10Mi"
	limits:
	memory: "100Mi"
	# volumes: # Optional
	# - name: tls-dhparam-vol
	# secret:
	# secretName: tls-dhparam

	---
	apiVersion: extensions/v1beta1
	kind: Ingress
	metadata:
	name: ingress
	annotations:
	# This tells to only use the Nginx Ingress Controller
	# and avoids the creation on a Global LoadBalancer on GKE.
	kubernetes.io/ingress.class: "nginx"
	spec:
	tls:
	- secretName: wildcard-staging
	# List of hosts supported by this certificate:
	hosts:
	- socket-1.staging.mynodeapp.com
	- socket-2.staging.mynodeapp.com
	rules:
	- host: socket-1.staging.mynodeapp.com
	http:
	paths:
	- path: /
	backend:
	serviceName: socket-1
	servicePort: 10001
	- host: socket-2.staging.mynodeapp.com
	http:
	paths:
	- path: /
	backend:
	serviceName: socket-2
	servicePort: 10002