diff --git a/juiceshop/deployment.yml b/juiceshop/deployment.yml index 40f3891..36c2174 100644 --- a/juiceshop/deployment.yml +++ b/juiceshop/deployment.yml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: juiceshop - namespace: origin + namespace: juiceshop spec: replicas: 1 selector: diff --git a/juiceshop/ingress.yml b/juiceshop/ingress.yml deleted file mode 100644 index 1c2a21e..0000000 --- a/juiceshop/ingress.yml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: juiceshop-https - namespace: origin - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.tls.certresolver: le - # traefik.ingress.kubernetes.io/router.sticky.cookie: sticky -spec: - rules: - - host: whoami.172.233.169.18.nip.io - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: juiceshop - port: - number: 3000 - ---- - -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: juiceshop-http - namespace: origin - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: web - # traefik.ingress.kubernetes.io/router.middlewares: "http-to-https-redirect@kubernetescrd" -spec: - rules: - - host: whoami.172.233.169.18.nip.io - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: juiceshop - port: - number: 3000 diff --git a/juiceshop/pv.yml b/juiceshop/pv.yml deleted file mode 100644 index 5783d4c..0000000 --- a/juiceshop/pv.yml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: wp-data - namespace: akashop -spec: - capacity: - storage: 1Gi - volumeMode: Filesystem - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Recycle - storageClassName: "" - nfs: - path: /nfs/share/akashop/volumes/wp - server: 10.0.0.5 - ---- - -apiVersion: v1 -kind: PersistentVolume -metadata: - name: db-data - namespace: akashop -spec: - capacity: - storage: 1Gi - volumeMode: Filesystem - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Recycle - storageClassName: "" - nfs: - path: /nfs/share/akashop/volumes/db - server: 10.0.0.5 diff --git a/juiceshop/pvc.yml b/juiceshop/pvc.yml deleted file mode 100644 index 9b5a3e6..0000000 --- a/juiceshop/pvc.yml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wp-data-pvc -spec: - accessModes: - - ReadWriteMany - volumeMode: Filesystem - storageClassName: "" - resources: - requests: - storage: 1Gi - volumeName: wp-data - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: db-data-pvc -spec: - accessModes: - - ReadWriteMany - volumeMode: Filesystem - storageClassName: "" - resources: - requests: - storage: 1Gi - volumeName: db-data \ No newline at end of file diff --git a/juiceshop/redirect.yml b/juiceshop/redirect.yml deleted file mode 100644 index 795a705..0000000 --- a/juiceshop/redirect.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: http-to-https-redirect - namespace: origin -spec: - redirectScheme: - scheme: https - permanent: true # Set to true for permanent (301) redirect \ No newline at end of file diff --git a/juiceshop/service.yml b/juiceshop/service.yml index 8a0748b..6d43fc0 100644 --- a/juiceshop/service.yml +++ b/juiceshop/service.yml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: name: juiceshop - namespace: origin + namespace: juiceshop spec: selector: app: juiceshop diff --git a/juiceshop/traefik-ingressR.yaml b/juiceshop/traefik-ingressR.yaml new file mode 100644 index 0000000..bcf0b6b --- /dev/null +++ b/juiceshop/traefik-ingressR.yaml @@ -0,0 +1,62 @@ +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: juiceshop-redir + namespace: juiceshop +spec: + redirectScheme: + scheme: https + permanent: true # Set to true for permanent (301) redirect + +--- + +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: juiceshop-http + namespace: juiceshop + +spec: + entryPoints: + - web + + routes: + - match: Host(`origin-juiceshop.akamai-lab.com`) && PathPrefix(`/`) + kind: Rule + services: + - name: juiceshop + port: 3000 + + # middlewares: + # - name: juiceshop-redir + +--- + +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: juiceshop-https + namespace: juiceshop + +spec: + entryPoints: + - websecure + + tls: + certResolver: le + + routes: + - match: Host(`whoami.172.233.169.31.nip.io`) && PathPrefix(`/`) + kind: Rule + services: + - name: juiceshop + port: 3000 + sticky: + cookie: + httpOnly: true + # name: cookie + # secure: true + # sameSite: none + # strategy: RoundRobin + # weight: 10 + # nativeLB: true diff --git a/traefik/00-account.yml b/traefik/00-account.yml deleted file mode 100644 index 566d892..0000000 --- a/traefik/00-account.yml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: traefik-account diff --git a/traefik/00-role.yml b/traefik/00-role.yml deleted file mode 100644 index 7e07e3f..0000000 --- a/traefik/00-role.yml +++ /dev/null @@ -1,33 +0,0 @@ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: traefik-role - -rules: - - apiGroups: - - "" - resources: - - services - - endpoints - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - extensions - - networking.k8s.io - resources: - - ingresses - - ingressclasses - verbs: - - get - - list - - watch - - apiGroups: - - extensions - - networking.k8s.io - resources: - - ingresses/status - verbs: - - update diff --git a/traefik/01-role-binding.yml b/traefik/01-role-binding.yml deleted file mode 100644 index c461a14..0000000 --- a/traefik/01-role-binding.yml +++ /dev/null @@ -1,13 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: traefik-role-binding - -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: traefik-role -subjects: - - kind: ServiceAccount - name: traefik-account - namespace: origin diff --git a/traefik/02-traefik-services.yml b/traefik/02-traefik-services.yml deleted file mode 100644 index 76303c6..0000000 --- a/traefik/02-traefik-services.yml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: traefik-dashboard-service - -spec: - type: LoadBalancer - ports: - - port: 8080 - targetPort: dashboard - selector: - app: traefik ---- - -apiVersion: v1 -kind: Service -metadata: - name: traefik-web - -spec: - type: LoadBalancer - ports: - - name: http - targetPort: web - port: 80 - - name: https - targetPort: websecure - port: 443 - selector: - app: traefik \ No newline at end of file diff --git a/traefik/02-traefik.yml b/traefik/02-traefik.yml deleted file mode 100644 index c9e9eae..0000000 --- a/traefik/02-traefik.yml +++ /dev/null @@ -1,42 +0,0 @@ -kind: Deployment -apiVersion: apps/v1 -metadata: - name: traefik-deployment - labels: - app: traefik - -spec: - replicas: 1 - selector: - matchLabels: - app: traefik - template: - metadata: - labels: - app: traefik - spec: - serviceAccountName: traefik-account - containers: - - name: traefik - image: traefik:latest - args: - - --api.insecure - - --accesslog - - --log.level=DEBUG - - --providers.kubernetesingress - - --providers.kubernetesingress.allowexternalnameservices=true - # - --providers.kubernetescrd - # - --providers.kubernetescrd.allowCrossNamespace=true - - --entrypoints.web.address=:80 - - --entrypoints.websecure.address=:443 - - --certificatesresolvers.le.acme.email=learn@akamai.com - - --certificatesresolvers.le.acme.storage=acme.json - - --certificatesresolvers.le.acme.tlschallenge=true - - --certificatesresolvers.le.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory - ports: - - name: web - containerPort: 80 - - name: websecure - containerPort: 443 - - name: dashboard - containerPort: 8080