apiVersion: v1 kind: Service metadata: name: monkeybox labels: run: monkeybox spec: ports: - name: http port: 80 targetPort: 80 selector: run: monkeybox # type: LoadBalancer # Uncomment the following if you wnat to expose an IP #status: # loadBalancer: {} --- apiVersion: v1 kind: PersistentVolume metadata: name: monkeybox spec: capacity: storage: 5Mi volumeMode: Filesystem accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain # Keep 4eva storageClassName: default mountOptions: - hard - nfsvers=3 nfs: path: /mnt/DroboFS/Shares/Kubernetes/volumes/static/monkeybox server: 10.42.42.10 claimRef: name: monkeybox namespace: default --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: monkeybox annotations: nfs.io/storage-path: "monkeybox" spec: storageClassName: default accessModes: - ReadWriteOnce resources: requests: storage: 5Mi status: {} --- apiVersion: apps/v1 kind: Deployment metadata: name: monkeybox spec: replicas: 1 selector: matchLabels: run: monkeybox strategy: type: Recreate template: metadata: labels: run: monkeybox spec: terminationGracePeriodSeconds: 30 containers: - image: nginx imagePullPolicy: "Always" name: monkeybox ports: - containerPort: 80 resources: {} volumeMounts: - mountPath: /usr/share/nginx/html name: monkeybox restartPolicy: Always # This didn't seem to do what I want/need # affinity: # podAntiAffinity: # requiredDuringSchedulingIgnoredDuringExecution: #<---- hard requirement not to schedule "nginx" pod if already one scheduled. # - topologyKey: kubernetes.io/hostname # <---- Anti affinity scope is host # labelSelector: # matchLabels: # app: monkeybox topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: DoNotSchedule labelSelector: matchLabels: app: monkeybox volumes: - name: monkeybox persistentVolumeClaim: claimName: monkeybox dnsConfig: # nameservers: # - 10.42.42.239 # - 10.42.42.1 searches: - default.svc.cluster.local - svc.cluster.local - cluster.local # options: # - name: ndots # value: "2" # - name: edns0 # - name: trust-ad status: {} --- # Hosting apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: monkeybox-ingress annotations: cert-manager.io/cluster-issuer: "letsencrypt-prod" ## basic auth for monkeybox # type of authentication #nginx.ingress.kubernetes.io/auth-type: basic # name of the secret that contains the user/password definitions #nginx.ingress.kubernetes.io/auth-secret: basic-auth ## message to display with an appropriate context why the authentication is required #nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - Octoprint' nginx.ingress.kubernetes.io/enable-cors: "true" nginx.ingress.kubernetes.io/cors-allow-origin: "*" nginx.ingress.kubernetes.io/cors-allow-methods: "GET, HEAD, OPTIONS" nginx.ingress.kubernetes.io/cors-allow-headers: "Origin, X-Requested-With, Content-Type, Accept, Authorization" spec: tls: - hosts: - monkeybox.org - www.monkeybox.org secretName: monkeybox-tls rules: - host: monkeybox.org http: paths: - path: / pathType: Prefix backend: service: name: monkeybox port: number: 80 - host: www.monkeybox.org http: paths: - path: / pathType: Prefix backend: service: name: monkeybox port: number: 80