apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: ingress
-
nginx
namespace: ingress
-
nginx
automountServiceAccountToken: true
-
-
-
apiVersion: v1
kind: ConfigMap
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: ingress
-
nginx
-
controller
namespace: ingress
-
nginx
data:
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: ClusterRole
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
name: ingress
-
nginx
rules:
-
apiGroups:
-
''
resources:
-
configmaps
-
endpoints
-
nodes
-
pods
-
secrets
verbs:
-
list
-
watch
-
apiGroups:
-
''
resources:
-
nodes
verbs:
-
get
-
apiGroups:
-
''
resources:
-
services
verbs:
-
get
-
list
-
watch
-
apiGroups:
-
networking.k8s.io
resources:
-
ingresses
verbs:
-
get
-
list
-
watch
-
apiGroups:
-
''
resources:
-
events
verbs:
-
create
-
patch
-
apiGroups:
-
networking.k8s.io
resources:
-
ingresses
/
status
verbs:
-
update
-
apiGroups:
-
networking.k8s.io
resources:
-
ingressclasses
verbs:
-
get
-
list
-
watch
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: ClusterRoleBinding
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
name: ingress
-
nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ingress
-
nginx
subjects:
-
kind: ServiceAccount
name: ingress
-
nginx
namespace: ingress
-
nginx
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: Role
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: ingress
-
nginx
namespace: ingress
-
nginx
rules:
-
apiGroups:
-
''
resources:
-
namespaces
verbs:
-
get
-
apiGroups:
-
''
resources:
-
configmaps
-
pods
-
secrets
-
endpoints
verbs:
-
get
-
list
-
watch
-
apiGroups:
-
''
resources:
-
services
verbs:
-
get
-
list
-
watch
-
apiGroups:
-
networking.k8s.io
resources:
-
ingresses
verbs:
-
get
-
list
-
watch
-
apiGroups:
-
networking.k8s.io
resources:
-
ingresses
/
status
verbs:
-
update
-
apiGroups:
-
networking.k8s.io
resources:
-
ingressclasses
verbs:
-
get
-
list
-
watch
-
apiGroups:
-
''
resources:
-
configmaps
resourceNames:
-
ingress
-
controller
-
leader
verbs:
-
get
-
update
-
apiGroups:
-
''
resources:
-
configmaps
verbs:
-
create
-
apiGroups:
-
''
resources:
-
events
verbs:
-
create
-
patch
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: RoleBinding
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: ingress
-
nginx
namespace: ingress
-
nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: ingress
-
nginx
subjects:
-
kind: ServiceAccount
name: ingress
-
nginx
namespace: ingress
-
nginx
-
-
-
apiVersion: v1
kind: Service
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: ingress
-
nginx
-
controller
-
admission
namespace: ingress
-
nginx
spec:
type
: ClusterIP
ports:
-
name: https
-
webhook
port:
443
targetPort: webhook
appProtocol: https
selector:
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
component: controller
-
-
-
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io
/
exoscale
-
loadbalancer
-
description: NGINX Ingress Controller
load balancer
service.beta.kubernetes.io
/
exoscale
-
loadbalancer
-
name: nginx
-
ingress
-
controller
service.beta.kubernetes.io
/
exoscale
-
loadbalancer
-
service
-
healthcheck
-
interval:
10s
service.beta.kubernetes.io
/
exoscale
-
loadbalancer
-
service
-
healthcheck
-
mode: tcp
service.beta.kubernetes.io
/
exoscale
-
loadbalancer
-
service
-
healthcheck
-
retries:
'1'
service.beta.kubernetes.io
/
exoscale
-
loadbalancer
-
service
-
healthcheck
-
timeout:
3s
service.beta.kubernetes.io
/
exoscale
-
loadbalancer
-
service
-
strategy: source
-
hash
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: ingress
-
nginx
-
controller
namespace: ingress
-
nginx
spec:
type
: LoadBalancer
externalTrafficPolicy: Local
ports:
-
name: http
port:
80
protocol: TCP
targetPort: http
appProtocol: http
-
name: https
port:
443
protocol: TCP
targetPort: https
appProtocol: https
selector:
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
component: controller
-
-
-
apiVersion: apps
/
v1
kind: DaemonSet
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: ingress
-
nginx
-
controller
namespace: ingress
-
nginx
spec:
selector:
matchLabels:
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
component: controller
revisionHistoryLimit:
10
minReadySeconds:
0
template:
metadata:
labels:
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
component: controller
spec:
hostNetwork: true
dnsPolicy: ClusterFirst
containers:
-
name: controller
image: serenade11
/
ingress
-
nginx
-
controller:v1.
0.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec
:
command:
-
/
wait
-
shutdown
args:
-
/
nginx
-
ingress
-
controller
-
-
-
election
-
id
=
ingress
-
controller
-
leader
-
-
-
controller
-
class
=
k8s.io
/
ingress
-
nginx
-
-
-
configmap
=
$(POD_NAMESPACE)
/
ingress
-
nginx
-
controller
-
-
-
validating
-
webhook
=
:
8443
-
-
-
validating
-
webhook
-
certificate
=
/
usr
/
local
/
certificates
/
cert
-
-
-
validating
-
webhook
-
key
=
/
usr
/
local
/
certificates
/
key
securityContext:
capabilities:
drop:
-
ALL
add:
-
NET_BIND_SERVICE
runAsUser:
101
allowPrivilegeEscalation: true
env:
-
name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
-
name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
-
name: LD_PRELOAD
value:
/
usr
/
local
/
lib
/
libmimalloc.so
livenessProbe:
failureThreshold:
5
httpGet:
path:
/
healthz
port:
10254
scheme: HTTP
initialDelaySeconds:
10
periodSeconds:
10
successThreshold:
1
timeoutSeconds:
1
readinessProbe:
failureThreshold:
3
httpGet:
path:
/
healthz
port:
10254
scheme: HTTP
initialDelaySeconds:
10
periodSeconds:
10
successThreshold:
1
timeoutSeconds:
1
ports:
-
name: http
containerPort:
80
protocol: TCP
-
name: https
containerPort:
443
protocol: TCP
-
name: webhook
containerPort:
8443
protocol: TCP
volumeMounts:
-
name: webhook
-
cert
mountPath:
/
usr
/
local
/
certificates
/
readOnly: true
resources:
requests:
cpu:
100m
memory:
90Mi
nodeSelector:
kubernetes.io
/
os: linux
serviceAccountName: ingress
-
nginx
terminationGracePeriodSeconds:
300
volumes:
-
name: webhook
-
cert
secret:
secretName: ingress
-
nginx
-
admission
-
-
-
apiVersion: networking.k8s.io
/
v1
kind: IngressClass
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: controller
name: nginx
namespace: ingress
-
nginx
spec:
controller: k8s.io
/
ingress
-
nginx
-
-
-
apiVersion: admissionregistration.k8s.io
/
v1
kind: ValidatingWebhookConfiguration
metadata:
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
name: ingress
-
nginx
-
admission
webhooks:
-
name: validate.nginx.ingress.kubernetes.io
matchPolicy: Equivalent
rules:
-
apiGroups:
-
networking.k8s.io
apiVersions:
-
v1
operations:
-
CREATE
-
UPDATE
resources:
-
ingresses
failurePolicy: Fail
sideEffects:
None
admissionReviewVersions:
-
v1
clientConfig:
service:
namespace: ingress
-
nginx
name: ingress
-
nginx
-
controller
-
admission
path:
/
networking
/
v1
/
ingresses
-
-
-
apiVersion: v1
kind: ServiceAccount
metadata:
name: ingress
-
nginx
-
admission
namespace: ingress
-
nginx
annotations:
helm.sh
/
hook: pre
-
install,pre
-
upgrade,post
-
install,post
-
upgrade
helm.sh
/
hook
-
delete
-
policy: before
-
hook
-
creation,hook
-
succeeded
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: ClusterRole
metadata:
name: ingress
-
nginx
-
admission
annotations:
helm.sh
/
hook: pre
-
install,pre
-
upgrade,post
-
install,post
-
upgrade
helm.sh
/
hook
-
delete
-
policy: before
-
hook
-
creation,hook
-
succeeded
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
rules:
-
apiGroups:
-
admissionregistration.k8s.io
resources:
-
validatingwebhookconfigurations
verbs:
-
get
-
update
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: ClusterRoleBinding
metadata:
name: ingress
-
nginx
-
admission
annotations:
helm.sh
/
hook: pre
-
install,pre
-
upgrade,post
-
install,post
-
upgrade
helm.sh
/
hook
-
delete
-
policy: before
-
hook
-
creation,hook
-
succeeded
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ingress
-
nginx
-
admission
subjects:
-
kind: ServiceAccount
name: ingress
-
nginx
-
admission
namespace: ingress
-
nginx
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: Role
metadata:
name: ingress
-
nginx
-
admission
namespace: ingress
-
nginx
annotations:
helm.sh
/
hook: pre
-
install,pre
-
upgrade,post
-
install,post
-
upgrade
helm.sh
/
hook
-
delete
-
policy: before
-
hook
-
creation,hook
-
succeeded
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
rules:
-
apiGroups:
-
''
resources:
-
secrets
verbs:
-
get
-
create
-
-
-
apiVersion: rbac.authorization.k8s.io
/
v1
kind: RoleBinding
metadata:
name: ingress
-
nginx
-
admission
namespace: ingress
-
nginx
annotations:
helm.sh
/
hook: pre
-
install,pre
-
upgrade,post
-
install,post
-
upgrade
helm.sh
/
hook
-
delete
-
policy: before
-
hook
-
creation,hook
-
succeeded
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: ingress
-
nginx
-
admission
subjects:
-
kind: ServiceAccount
name: ingress
-
nginx
-
admission
namespace: ingress
-
nginx
-
-
-
apiVersion: batch
/
v1
kind: Job
metadata:
name: ingress
-
nginx
-
admission
-
create
namespace: ingress
-
nginx
annotations:
helm.sh
/
hook: pre
-
install,pre
-
upgrade
helm.sh
/
hook
-
delete
-
policy: before
-
hook
-
creation,hook
-
succeeded
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
spec:
template:
metadata:
name: ingress
-
nginx
-
admission
-
create
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
spec:
containers:
-
name: create
image: serenade11
/
kube
-
webhook
-
certgen:v1.
0
imagePullPolicy: IfNotPresent
args:
-
create
-
-
-
host
=
ingress
-
nginx
-
controller
-
admission,ingress
-
nginx
-
controller
-
admission.$(POD_NAMESPACE).svc
-
-
-
namespace
=
$(POD_NAMESPACE)
-
-
-
secret
-
name
=
ingress
-
nginx
-
admission
env:
-
name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
serviceAccountName: ingress
-
nginx
-
admission
nodeSelector:
kubernetes.io
/
os: linux
securityContext:
runAsNonRoot: true
runAsUser:
2000
-
-
-
apiVersion: batch
/
v1
kind: Job
metadata:
name: ingress
-
nginx
-
admission
-
patch
namespace: ingress
-
nginx
annotations:
helm.sh
/
hook: post
-
install,post
-
upgrade
helm.sh
/
hook
-
delete
-
policy: before
-
hook
-
creation,hook
-
succeeded
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
spec:
template:
metadata:
name: ingress
-
nginx
-
admission
-
patch
labels:
helm.sh
/
chart: ingress
-
nginx
-
4.0
.
1
app.kubernetes.io
/
name: ingress
-
nginx
app.kubernetes.io
/
instance: ingress
-
nginx
app.kubernetes.io
/
version:
1.0
.
0
app.kubernetes.io
/
managed
-
by: Helm
app.kubernetes.io
/
component: admission
-
webhook
spec:
containers:
-
name: patch
image: serenade11
/
kube
-
webhook
-
certgen:v1.
0
imagePullPolicy: IfNotPresent
args:
-
patch
-
-
-
webhook
-
name
=
ingress
-
nginx
-
admission
-
-
-
namespace
=
$(POD_NAMESPACE)
-
-
-
patch
-
mutating
=
false
-
-
-
secret
-
name
=
ingress
-
nginx
-
admission
-
-
-
patch
-
failure
-
policy
=
Fail
env:
-
name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
serviceAccountName: ingress
-
nginx
-
admission
nodeSelector:
kubernetes.io
/
os: linux
securityContext:
runAsNonRoot: true
runAsUser:
2000