Merge pull request 'k8s' (#2) from k8s into main

Reviewed-on: #2

README.md

@@ -1,2 +1,54 @@
 # akashop
+https://origin-akashop.akamai-lab.com
 
+## How to use HTTPS ##
+- traefik/02-traefik.yml
+```
+- --certificatesresolvers.le.acme.email=learn@akamai.com
+- --certificatesresolvers.le.acme.storage=acme.json
+- --certificatesresolvers.le.acme.tlschallenge=true
+- --certificatesresolvers.le.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
+# change caServer to production https://acme-v02.api.letsencrypt.org/directory
+```
+- akashop/ingress.yml
+```
+traefik.ingress.kubernetes.io/router.entrypoints: websecure
+traefik.ingress.kubernetes.io/router.tls: "true"
+traefik.ingress.kubernetes.io/router.tls.certresolver: le
+```
+
+## How to redirect HTTP to HTTPS ##
+- akashop/redirect.yml
+- akashop/ingress.yml
+```
+traefik.ingress.kubernetes.io/router.middlewares: "http-to-https-redirecte@kubernetescrd"
+```
+
+## How to maintain Session Stickyness ##
+- akashop/ingress.yml
+```
+traefik.ingress.kubernetes.io/router.sticky.cookie: "sticky"
+```
+- origin code (functions.php)
+```php
+// Define cookie name and value
+$cookie_name = "sticky";
+$cookie_value = time();
+
+// Set expiration time (optional, defaults to session end)
+$expire = time() + 60 * 60 * 24; // Expires in 24 hours
+
+if(!isset($_COOKIE[$cookie_name])) {
+  // Set cookie with secure flag (recommended)
+  setcookie($cookie_name, $cookie_value, $expire, "/", "", true);
+}
+```
+
+## How to use ReadWriteMany pvc ##
+- akashop/pv.yml
+```
+nfs:
+  path: /nfs/share/akashop/volumes/db
+  server: 10.0.0.5
+```
+- akashop/pvc.yml

akashop/deployment.yml

@@ -4,7 +4,7 @@ metadata:
   name: wp 
   namespace: akashop
 spec:
-  replicas: 1
+  replicas: 3
   selector:
     matchLabels:
       app: wp
@@ -41,12 +41,12 @@ spec:
           #     secretKeyRef:
           #       name: my-secret # Name of the secret containing the variable
           #       key: VAR2_KEY
-        # livenessProbe:
+        livenessProbe:
-        #   httpGet:
+          httpGet:
-        #     path: /
+            path: /
-        #     port: 80
+            port: 80
-        #   initialDelaySeconds: 5
+          initialDelaySeconds: 5
-        #   periodSeconds: 10
+          periodSeconds: 10
         volumeMounts:
           - name: wp-data
             mountPath: /var/www/html

akashop/ingress.yml

@@ -7,6 +7,7 @@ metadata:
     traefik.ingress.kubernetes.io/router.entrypoints: websecure
     traefik.ingress.kubernetes.io/router.tls: "true"
     traefik.ingress.kubernetes.io/router.tls.certresolver: le
+    traefik.ingress.kubernetes.io/router.sticky.cookie: "sticky"
 spec:
   rules:
   - host: whoami.172.233.168.9.nip.io
@@ -29,6 +30,7 @@ metadata:
   namespace: akashop
   annotations:
     traefik.ingress.kubernetes.io/router.entrypoints: web
+    traefik.ingress.kubernetes.io/router.middlewares: "http-to-https-redirecte@kubernetescrd"
 spec:
   rules:
   - host: whoami.172.233.168.9.nip.io
@@ -41,25 +43,3 @@ spec:
             name: wp
             port:
               number: 80 
-
----
-
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: wp-origin
-  namespace: akashop
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: web
-spec:
-  rules:
-  - host: origin-akashop.akamai-lab.com
-    http:
-      paths:
-      - path: / 
-        pathType: Prefix
-        backend:
-          service: 
-            name: wp
-            port:
-              number: 80 

akashop/nginx-ext.yml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: nginx
-  namespace: akashop
-spec:
-  type: ExternalName
-  externalName: nginx.nginx.svc.cluster.local
-  ports:
-    - name: http
-      port: 80
-      protocol: TCP

akashop/redirect.yml

@@ -0,0 +1,8 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: http-to-https-redirect
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true  # Set to true for permanent (301) redirect