akamai
/
akashop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: akamai:k8s
Branches Tags
akamai:main
akamai:k8s
akamai:docker
..
compare: akamai:main
Branches Tags
akamai:main
akamai:k8s
akamai:docker

2 Commits
k8s ... main

Author SHA1 Message Date
Sangmin Kim b5cd9207d6 modified: traefik/traefik-deployment.yml 2024-04-29 18:08:50 +09:00
Sangmin Kim b194736d7c new file: akashop/hpa.yml 2024-04-26 16:55:41 +09:00
4 changed files with 68 additions and 16 deletions
Show Stats Expand all files Collapse all files

24
akashop/deployment.yml
View File

@ -4,7 +4,7 @@ metadata:
name: wp name: wp
namespace: akashop namespace: akashop
spec: spec:
replicas: 3 replicas: 1
selector: selector:
matchLabels: matchLabels:
app: wp app: wp
@ -19,11 +19,11 @@ spec:
imagePullPolicy: Always imagePullPolicy: Always
resources: resources:
limits: limits:
cpu: "2"
memory: "2Gi"
requests:
cpu: "1" cpu: "1"
memory: "1Gi" memory: "1Gi"
requests:
cpu: "0.5"
memory: "200Mi"
ports: ports:
- name: http - name: http
containerPort: 80 containerPort: 80
@ -41,12 +41,12 @@ spec:
# secretKeyRef: # secretKeyRef:
# name: my-secret # Name of the secret containing the variable # name: my-secret # Name of the secret containing the variable
# key: VAR2_KEY # key: VAR2_KEY
livenessProbe: #livenessProbe:
httpGet: #httpGet:
path: / #path: /
port: 80 #port: 80
initialDelaySeconds: 5 #initialDelaySeconds: 5
periodSeconds: 10 #periodSeconds: 10
volumeMounts: volumeMounts:
- name: wp-data - name: wp-data
mountPath: /var/www/html mountPath: /var/www/html
@ -78,8 +78,8 @@ spec:
imagePullPolicy: Always imagePullPolicy: Always
resources: resources:
limits: limits:
cpu: "1" cpu: "2"
memory: "1Gi" memory: "2Gi"
requests: requests:
cpu: "0.5" cpu: "0.5"
memory: "200Mi" memory: "200Mi"

19
akashop/hpa.yml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: wp-hpa
namespace: akashop
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: wp
minReplicas: 1
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 50

18
akashop/traefik-ingressR.yml
View File

@ -1,3 +1,15 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: akashop-ratelimit
namespace: akashop
spec:
rateLimit:
average: 30
burst: 50
---
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
@ -27,7 +39,8 @@ spec:
- name: wp - name: wp
port: 80 port: 80
# middlewares: middlewares:
- name: akashop-ratelimit
# - name: akashop-redir # - name: akashop-redir
--- ---
@ -60,3 +73,6 @@ spec:
# strategy: RoundRobin # strategy: RoundRobin
# weight: 10 # weight: 10
# nativeLB: true # nativeLB: true
middlewares:
- name: akashop-ratelimit

23
traefik/traefik-deployment.yml
View File

@ -2,6 +2,7 @@ kind: Deployment
apiVersion: apps/v1 apiVersion: apps/v1
metadata: metadata:
name: traefik-deployment name: traefik-deployment
namespace: traefik
labels: labels:
app: traefik app: traefik
@ -22,19 +23,35 @@ spec:
image: traefik:latest image: traefik:latest
args: args:
- --api.insecure - --api.insecure
- --accesslog
- --log.level=DEBUG - --log.level=DEBUG
# access log - https://doc.traefik.io/traefik/observability/access-logs/#limiting-the-fieldsincluding-headers
- --accesslog.filepath=/root/traefik/access.log
- --accesslog.fields.headers.names.X-Forwarded-For=keep
- --accesslog.fields.headers.names.User-Agent=keep
# - --providers.kubernetesingress # - --providers.kubernetesingress
# - --providers.kubernetesingress.allowexternalnameservices=true # - --providers.kubernetesingress.allowexternalnameservices=true
- --providers.kubernetescrd - --providers.kubernetescrd
- --providers.kubernetescrd.allowCrossNamespace=true - --providers.kubernetescrd.allowCrossNamespace=true
- --entrypoints.web.address=:80 - --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443 - --entrypoints.websecure.address=:443
# Get real client IP using proxy protocol
# https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol
- --entryPoints.web.proxyProtocol.trustedIPs=127.0.0.1/32,10.2.0.0/16,172.233.0.0/16
- --entryPoints.websecure.proxyProtocol.trustedIPs=127.0.0.1/32,10.2.0.0/16,172.233.0.0/16
# Get real client IP from X-Forwarded-For
# - --entrypoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32,10.2.0.0/16
# - --entryPoints.websecure.forwardedHeaders.trustedIPs=127.0.0.1/32,172.233.168.36/32
- --certificatesresolvers.le.acme.email=learn@akamai.com - --certificatesresolvers.le.acme.email=learn@akamai.com
- --certificatesresolvers.le.acme.storage=acme.json - --certificatesresolvers.le.acme.storage=acme.json
- --certificatesresolvers.le.acme.tlschallenge=true - --certificatesresolvers.le.acme.tlschallenge=true
# - --certificatesresolvers.le.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory - --certificatesresolvers.le.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.le.acme.caServer=https://acme-v02.api.letsencrypt.org/directory # - --certificatesresolvers.le.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
# change caServer to production https://acme-v02.api.letsencrypt.org/directory # change caServer to production https://acme-v02.api.letsencrypt.org/directory
ports: ports:
- name: web - name: web