apiVersion:v1kind:Servicemetadata:name:p2p-robot-servicespec:selector:app:p2p-robotports:-name:httpprotocol:TCPport:80targetPort:http# can a text label (port name) or port number---apiVersion:apps/v1kind:Deploymentmetadata:name:p2p-robot-deploymentspec:selector:matchLabels:app:p2p-robotreplicas:2# tells deployment to run 2 pods matching the templatetemplate:# create pods using pod definition in this templatemetadata:# the name is not included in the meta data as a unique name is# generated from the deployment namelabels:app:p2p-robot# label used above in matchLabelsspec:containers:-name:p2p-robotimage:"johncd/p2p-robot:1.0.0"imagePullPolicy:IfNotPresentports:-containerPort:9000name:httpenv:-name:APPLICATION_SECRET# Place the application secret in an environment variable, which is read in application.conf valueFrom:secretKeyRef:name:application-secretkey:application_secretvolumeMounts:-name:conf-volumemountPath:/usr/local/etcvolumes:-name:conf-volumeconfigMap:# The configMap resource provides a way to inject configuration data into Pods.name:app-conf
# Ingress # https://kubernetes.io/docs/concepts/services-networking/ingress/apiVersion:extensions/v1beta1kind:Ingressmetadata:name:testannotations:ingress.kubernetes.io/rewrite-target:/kubernetes.io/ingress.class:nginx# Use the nginx-ingress Ingress controllerspec:tls:-secretName:ingresssecret# Referencing this secret in an Ingress will tell the Ingress controller to secure the channel from the client to the loadbalancer using TLSrules:-http:paths:-path:/apibackend:serviceName:s1servicePort:80---# Secure the Ingress by specifying a secret that contains a TLS private key and certificate. apiVersion:v1data:tls.crt:base64 encoded certtls.key:base64 encoded keykind:Secretmetadata:name:ingresssecretnamespace:defaulttype:Opaque