github.com/IBM-Blockchain/fabric-operator@v1.0.4/integration/nginx-deployment.yaml (about) 1 apiVersion: apps/v1 2 kind: Deployment 3 metadata: 4 labels: 5 app.kubernetes.io/component: controller 6 app.kubernetes.io/instance: ingress-nginx 7 app.kubernetes.io/name: ingress-nginx 8 app.kubernetes.io/part-of: ingress-nginx 9 app.kubernetes.io/version: 1.2.0 10 name: ingress-nginx-controller 11 namespace: ingress-nginx 12 spec: 13 minReadySeconds: 0 14 revisionHistoryLimit: 10 15 selector: 16 matchLabels: 17 app.kubernetes.io/component: controller 18 app.kubernetes.io/instance: ingress-nginx 19 app.kubernetes.io/name: ingress-nginx 20 strategy: 21 rollingUpdate: 22 maxUnavailable: 1 23 type: RollingUpdate 24 template: 25 metadata: 26 labels: 27 app.kubernetes.io/component: controller 28 app.kubernetes.io/instance: ingress-nginx 29 app.kubernetes.io/name: ingress-nginx 30 spec: 31 containers: 32 - args: 33 - /nginx-ingress-controller 34 - --election-id=ingress-controller-leader 35 - --controller-class=k8s.io/ingress-nginx 36 - --ingress-class=nginx 37 - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller 38 - --validating-webhook=:8443 39 - --validating-webhook-certificate=/usr/local/certificates/cert 40 - --validating-webhook-key=/usr/local/certificates/key 41 - --watch-ingress-without-class=true 42 - --publish-status-address=localhost 43 - --enable-ssl-passthrough 44 env: 45 - name: POD_NAME 46 valueFrom: 47 fieldRef: 48 fieldPath: metadata.name 49 - name: POD_NAMESPACE 50 valueFrom: 51 fieldRef: 52 fieldPath: metadata.namespace 53 - name: LD_PRELOAD 54 value: /usr/local/lib/libmimalloc.so 55 image: k8s.gcr.io/ingress-nginx/controller:v1.2.0@sha256:d8196e3bc1e72547c5dec66d6556c0ff92a23f6d0919b206be170bc90d5f9185 56 imagePullPolicy: IfNotPresent 57 lifecycle: 58 preStop: 59 exec: 60 command: 61 - /wait-shutdown 62 livenessProbe: 63 failureThreshold: 5 64 httpGet: 65 path: /healthz 66 port: 10254 67 scheme: HTTP 68 initialDelaySeconds: 10 69 periodSeconds: 10 70 successThreshold: 1 71 timeoutSeconds: 1 72 name: controller 73 ports: 74 - containerPort: 80 75 hostPort: 80 76 name: http 77 protocol: TCP 78 - containerPort: 443 79 hostPort: 443 80 name: https 81 protocol: TCP 82 - containerPort: 8443 83 name: webhook 84 protocol: TCP 85 readinessProbe: 86 failureThreshold: 3 87 httpGet: 88 path: /healthz 89 port: 10254 90 scheme: HTTP 91 initialDelaySeconds: 10 92 periodSeconds: 10 93 successThreshold: 1 94 timeoutSeconds: 1 95 resources: 96 requests: 97 cpu: 100m 98 memory: 90Mi 99 securityContext: 100 allowPrivilegeEscalation: true 101 capabilities: 102 add: 103 - NET_BIND_SERVICE 104 drop: 105 - ALL 106 runAsUser: 101 107 volumeMounts: 108 - mountPath: /usr/local/certificates/ 109 name: webhook-cert 110 readOnly: true 111 dnsPolicy: ClusterFirst 112 nodeSelector: 113 ingress-ready: "true" 114 kubernetes.io/os: linux 115 serviceAccountName: ingress-nginx 116 terminationGracePeriodSeconds: 0 117 tolerations: 118 - effect: NoSchedule 119 key: node-role.kubernetes.io/master 120 operator: Equal 121 - effect: NoSchedule 122 key: node-role.kubernetes.io/control-plane 123 operator: Equal 124 volumes: 125 - name: webhook-cert 126 secret: 127 secretName: ingress-nginx-admission