Kubernetes Examples

Service + Deployment example

apiVersion: v1
kind: Service
metadata:
  name: p2p-robot-service
spec:
  selector:
    app: p2p-robot
  ports:
  - name: http
    protocol: TCP
    port: 80
    targetPort: http    # can a text label (port name) or port number
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: p2p-robot-deployment
spec:
  selector:
    matchLabels:
      app: p2p-robot
  replicas: 2          # tells deployment to run 2 pods matching the template
  template:            # create pods using pod definition in this template
    metadata:
      # the name is not included in the meta data as a unique name is
      # generated from the deployment name
      labels:
        app: p2p-robot # label used above in matchLabels
    spec:
        containers:
        - name: p2p-robot
          image: "johncd/p2p-robot:1.0.0"
          imagePullPolicy: IfNotPresent
          ports:
          - containerPort: 9000
            name: http
          env:
          - name: APPLICATION_SECRET    #  Place the application secret in an environment variable, which is read in application.conf 
            valueFrom:
                secretKeyRef:
                  name: application-secret
                  key: application_secret           
          volumeMounts:
          - name: conf-volume
            mountPath: /usr/local/etc
        volumes:
        - name: conf-volume
          configMap:            # The configMap resource provides a way to inject configuration data into Pods.
            name: app-conf

Ingress example

# Ingress 
# https://kubernetes.io/docs/concepts/services-networking/ingress/
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: test
  annotations:
    ingress.kubernetes.io/rewrite-target: /
    kubernetes.io/ingress.class: nginx      # Use the nginx-ingress Ingress controller
spec:
  tls:
  - secretName: ingresssecret  # Referencing this secret in an Ingress will tell the Ingress controller to secure the channel from the client to the loadbalancer using TLS
  rules:
  - http:
      paths:
      - path: /api
        backend:
          serviceName: s1
          servicePort: 80
---
# Secure the Ingress by specifying a secret that contains a TLS private key and certificate. 
apiVersion: v1
data:
  tls.crt: base64 encoded cert
  tls.key: base64 encoded key
kind: Secret
metadata:
  name: ingresssecret
  namespace: default
type: Opaque