|
|
@@ -0,0 +1,141 @@
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ name: proxmox-haproxy
|
|
|
+ labels:
|
|
|
+ run: proxmox-haproxy
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: http
|
|
|
+ port: 8000
|
|
|
+ targetPort: 8000
|
|
|
+ selector:
|
|
|
+ run: proxmox-haproxy
|
|
|
+# type: LoadBalancer
|
|
|
+#status:
|
|
|
+# loadBalancer: {}
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: PersistentVolume
|
|
|
+metadata:
|
|
|
+ name: proxmox-haproxy-config
|
|
|
+spec:
|
|
|
+ capacity:
|
|
|
+ storage: 5Mi
|
|
|
+ volumeMode: Filesystem
|
|
|
+ accessModes:
|
|
|
+ - ReadWriteMany
|
|
|
+ persistentVolumeReclaimPolicy: Retain # Keep 4eva
|
|
|
+ storageClassName: default
|
|
|
+ mountOptions:
|
|
|
+ - hard
|
|
|
+ - nfsvers=3
|
|
|
+ nfs:
|
|
|
+ path: /mnt/DroboFS/Shares/Kubernetes/volumes/static/proxmox-haproxy-config
|
|
|
+ server: 10.42.42.10
|
|
|
+ claimRef:
|
|
|
+ name: proxmox-haproxy-config
|
|
|
+ namespace: default
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: PersistentVolumeClaim
|
|
|
+metadata:
|
|
|
+ name: proxmox-haproxy-config
|
|
|
+ annotations:
|
|
|
+ nfs.io/storage-path: "proxmox-haproxy-config"
|
|
|
+spec:
|
|
|
+ storageClassName: default
|
|
|
+ accessModes:
|
|
|
+ - ReadWriteMany
|
|
|
+ resources:
|
|
|
+ requests:
|
|
|
+ storage: 5Mi
|
|
|
+status: {}
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: proxmox-haproxy
|
|
|
+spec:
|
|
|
+ replicas: 1
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ run: proxmox-haproxy
|
|
|
+ strategy:
|
|
|
+ type: Recreate
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ run: proxmox-haproxy
|
|
|
+ spec:
|
|
|
+ terminationGracePeriodSeconds: 30
|
|
|
+ containers:
|
|
|
+ - image: haproxy:latest
|
|
|
+ imagePullPolicy: "Always"
|
|
|
+ name: proxmox-haproxy
|
|
|
+ env:
|
|
|
+ - name: TZ
|
|
|
+ value: US/Michigan
|
|
|
+ ports:
|
|
|
+ - containerPort: 8000
|
|
|
+ resources:
|
|
|
+ limits:
|
|
|
+ memory: "500Mi"
|
|
|
+ cpu: "1000m"
|
|
|
+ requests:
|
|
|
+ memory: "200Mi"
|
|
|
+ cpu: "500m"
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /usr/local/etc/haproxy
|
|
|
+ name: proxmox-haproxy-config
|
|
|
+ restartPolicy: Always
|
|
|
+ volumes:
|
|
|
+ - name: proxmox-haproxy-config
|
|
|
+ persistentVolumeClaim:
|
|
|
+ claimName: proxmox-haproxy-config
|
|
|
+# dnsPolicy: "None"
|
|
|
+# dnsConfig:
|
|
|
+# nameservers:
|
|
|
+# - 10.42.42.239
|
|
|
+# - 10.42.42.1
|
|
|
+# searches:
|
|
|
+# - default.svc.cluster.local
|
|
|
+# - svc.cluster.local
|
|
|
+# - cluster.local
|
|
|
+# options:
|
|
|
+# - name: ndots
|
|
|
+# value: "2"
|
|
|
+# - name: edns0
|
|
|
+# - name: trust-ad
|
|
|
+status: {}
|
|
|
+---
|
|
|
+# Hosting
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: Ingress
|
|
|
+metadata:
|
|
|
+ name: proxmox-haproxy-ingress
|
|
|
+ annotations:
|
|
|
+ cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
|
+ ## No basic auth for proxmox-haproxy
|
|
|
+ ## type of authentication
|
|
|
+ #nginx.ingress.kubernetes.io/auth-type: basic
|
|
|
+ ## name of the secret that contains the user/password definitions
|
|
|
+ #nginx.ingress.kubernetes.io/auth-secret: basic-auth
|
|
|
+ ## message to display with an appropriate context why the authentication is required
|
|
|
+ #nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - Proxmox'
|
|
|
+spec:
|
|
|
+ tls:
|
|
|
+ - hosts:
|
|
|
+ - proxmox.monkeybox.org
|
|
|
+ secretName: proxmox-haproxy-tls
|
|
|
+ rules:
|
|
|
+ - host: proxmox.monkeybox.org
|
|
|
+ http:
|
|
|
+ paths:
|
|
|
+ - path: /
|
|
|
+ pathType: Prefix
|
|
|
+ backend:
|
|
|
+ service:
|
|
|
+ name: proxmox-haproxy
|
|
|
+ port:
|
|
|
+ number: 8000
|
