commit
595a1bf3de
52
README.md
52
README.md
|
@ -1,2 +1,54 @@
|
||||||
# akashop
|
# akashop
|
||||||
|
https://origin-akashop.akamai-lab.com
|
||||||
|
|
||||||
|
## How to use HTTPS ##
|
||||||
|
- traefik/02-traefik.yml
|
||||||
|
```
|
||||||
|
- --certificatesresolvers.le.acme.email=learn@akamai.com
|
||||||
|
- --certificatesresolvers.le.acme.storage=acme.json
|
||||||
|
- --certificatesresolvers.le.acme.tlschallenge=true
|
||||||
|
- --certificatesresolvers.le.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
# change caServer to production https://acme-v02.api.letsencrypt.org/directory
|
||||||
|
```
|
||||||
|
- akashop/ingress.yml
|
||||||
|
```
|
||||||
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||||
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||||
|
traefik.ingress.kubernetes.io/router.tls.certresolver: le
|
||||||
|
```
|
||||||
|
|
||||||
|
## How to redirect HTTP to HTTPS ##
|
||||||
|
- akashop/redirect.yml
|
||||||
|
- akashop/ingress.yml
|
||||||
|
```
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: "http-to-https-redirecte@kubernetescrd"
|
||||||
|
```
|
||||||
|
|
||||||
|
## How to maintain Session Stickyness ##
|
||||||
|
- akashop/ingress.yml
|
||||||
|
```
|
||||||
|
traefik.ingress.kubernetes.io/router.sticky.cookie: "sticky"
|
||||||
|
```
|
||||||
|
- origin code (functions.php)
|
||||||
|
```php
|
||||||
|
// Define cookie name and value
|
||||||
|
$cookie_name = "sticky";
|
||||||
|
$cookie_value = time();
|
||||||
|
|
||||||
|
// Set expiration time (optional, defaults to session end)
|
||||||
|
$expire = time() + 60 * 60 * 24; // Expires in 24 hours
|
||||||
|
|
||||||
|
if(!isset($_COOKIE[$cookie_name])) {
|
||||||
|
// Set cookie with secure flag (recommended)
|
||||||
|
setcookie($cookie_name, $cookie_value, $expire, "/", "", true);
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
## How to use ReadWriteMany pvc ##
|
||||||
|
- akashop/pv.yml
|
||||||
|
```
|
||||||
|
nfs:
|
||||||
|
path: /nfs/share/akashop/volumes/db
|
||||||
|
server: 10.0.0.5
|
||||||
|
```
|
||||||
|
- akashop/pvc.yml
|
|
@ -4,7 +4,7 @@ metadata:
|
||||||
name: wp
|
name: wp
|
||||||
namespace: akashop
|
namespace: akashop
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 3
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: wp
|
app: wp
|
||||||
|
@ -41,12 +41,12 @@ spec:
|
||||||
# secretKeyRef:
|
# secretKeyRef:
|
||||||
# name: my-secret # Name of the secret containing the variable
|
# name: my-secret # Name of the secret containing the variable
|
||||||
# key: VAR2_KEY
|
# key: VAR2_KEY
|
||||||
# livenessProbe:
|
livenessProbe:
|
||||||
# httpGet:
|
httpGet:
|
||||||
# path: /
|
path: /
|
||||||
# port: 80
|
port: 80
|
||||||
# initialDelaySeconds: 5
|
initialDelaySeconds: 5
|
||||||
# periodSeconds: 10
|
periodSeconds: 10
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: wp-data
|
- name: wp-data
|
||||||
mountPath: /var/www/html
|
mountPath: /var/www/html
|
||||||
|
|
|
@ -7,6 +7,7 @@ metadata:
|
||||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||||
traefik.ingress.kubernetes.io/router.tls.certresolver: le
|
traefik.ingress.kubernetes.io/router.tls.certresolver: le
|
||||||
|
traefik.ingress.kubernetes.io/router.sticky.cookie: "sticky"
|
||||||
spec:
|
spec:
|
||||||
rules:
|
rules:
|
||||||
- host: whoami.172.233.168.9.nip.io
|
- host: whoami.172.233.168.9.nip.io
|
||||||
|
@ -29,6 +30,7 @@ metadata:
|
||||||
namespace: akashop
|
namespace: akashop
|
||||||
annotations:
|
annotations:
|
||||||
traefik.ingress.kubernetes.io/router.entrypoints: web
|
traefik.ingress.kubernetes.io/router.entrypoints: web
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: "http-to-https-redirecte@kubernetescrd"
|
||||||
spec:
|
spec:
|
||||||
rules:
|
rules:
|
||||||
- host: whoami.172.233.168.9.nip.io
|
- host: whoami.172.233.168.9.nip.io
|
||||||
|
@ -41,25 +43,3 @@ spec:
|
||||||
name: wp
|
name: wp
|
||||||
port:
|
port:
|
||||||
number: 80
|
number: 80
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: wp-origin
|
|
||||||
namespace: akashop
|
|
||||||
annotations:
|
|
||||||
traefik.ingress.kubernetes.io/router.entrypoints: web
|
|
||||||
spec:
|
|
||||||
rules:
|
|
||||||
- host: origin-akashop.akamai-lab.com
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: Prefix
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: wp
|
|
||||||
port:
|
|
||||||
number: 80
|
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: nginx
|
|
||||||
namespace: akashop
|
|
||||||
spec:
|
|
||||||
type: ExternalName
|
|
||||||
externalName: nginx.nginx.svc.cluster.local
|
|
||||||
ports:
|
|
||||||
- name: http
|
|
||||||
port: 80
|
|
||||||
protocol: TCP
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
apiVersion: traefik.containo.us/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
metadata:
|
||||||
|
name: http-to-https-redirect
|
||||||
|
spec:
|
||||||
|
redirectScheme:
|
||||||
|
scheme: https
|
||||||
|
permanent: true # Set to true for permanent (301) redirect
|
Loading…
Reference in New Issue