Welcome to StackSimplify

stacksimplify · May 1, 2023 · 1148246 · 1148246
1 parent f04ff14
commit 1148246
Show file tree

Hide file tree

Showing 4 changed files with 102 additions and 15 deletions.
diff --git a/10-ECR-Elastic-Container-Registry-and-EKS/02-kube-manifests-old/01-ECR-Nginx-Deployment.yml b/10-ECR-Elastic-Container-Registry-and-EKS/02-kube-manifests-old/01-ECR-Nginx-Deployment.yml
@@ -0,0 +1,28 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kubeapp-ecr
+  labels:
+    app: kubeapp-ecr
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: kubeapp-ecr
+  template:
+    metadata:
+      labels:
+        app: kubeapp-ecr
+    spec:
+      containers:
+        - name: kubeapp-ecr
+          image: 180789647333.dkr.ecr.us-east-1.amazonaws.com/aws-ecr-kubenginx:1.0.0
+          resources:
+            requests:
+              memory: "128Mi"
+              cpu: "500m"
+            limits:
+              memory: "256Mi"
+              cpu: "1000m"
+          ports:
+            - containerPort: 80
diff --git a/...Elastic-Container-Registry-and-EKS/02-kube-manifests-old/02-ECR-Nginx-NodePortService.yml b/...Elastic-Container-Registry-and-EKS/02-kube-manifests-old/02-ECR-Nginx-NodePortService.yml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: kubeapp-ecr-nodeport-service
+  labels:
+    app: kubeapp-ecr
+  annotations:    
+#Important Note:  Need to add health check path annotations in service level if we are planning to use multiple targets in a load balancer    
+    alb.ingress.kubernetes.io/healthcheck-path: /index.html    
+spec:
+  type: NodePort
+  selector:
+    app: kubeapp-ecr
+  ports:
+    - port: 80
+      targetPort: 80
diff --git a/...stic-Container-Registry-and-EKS/02-kube-manifests-old/03-ECR-Nginx-ALB-IngressService.yml b/...stic-Container-Registry-and-EKS/02-kube-manifests-old/03-ECR-Nginx-ALB-IngressService.yml
@@ -0,0 +1,41 @@
+# Annotations Reference:  https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/ingress/annotation/
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: ecr-ingress-service
+  labels:
+    app: kubeapp-ecr
+  annotations:
+    # Ingress Core Settings  
+    kubernetes.io/ingress.class: "alb"
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    # Health Check Settings
+    alb.ingress.kubernetes.io/healthcheck-protocol: HTTP 
+    alb.ingress.kubernetes.io/healthcheck-port: traffic-port
+    alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
+    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
+    alb.ingress.kubernetes.io/success-codes: '200'
+    alb.ingress.kubernetes.io/healthy-threshold-count: '2'
+    alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'
+    ## SSL Settings
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}, {"HTTP":80}]'
+    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:180789647333:certificate/9f042b5d-86fd-4fad-96d0-c81c5abc71e1
+    #alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-1-2017-01 #Optional (Picks default if not used)    
+    # SSL Redirect Setting
+    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'   
+    # External DNS - For creating a Record Set in Route53
+    external-dns.alpha.kubernetes.io/hostname: ecrdemo.kubeoncloud.com       
+spec:
+  rules:
+    - http:
+        paths:
+          - path: /* # SSL Redirect Setting
+            backend:
+              serviceName: ssl-redirect
+              servicePort: use-annotation            
+          - path: /*
+            backend:
+              serviceName: kubeapp-ecr-nodeport-service
+              servicePort: 80                                   
+# Important Note-1: In path based routing order is very important, if we are going to use  "/*", try to use it at the end of all rules.         
+
diff --git a/...-Elastic-Container-Registry-and-EKS/02-kube-manifests/03-ECR-Nginx-ALB-IngressService.yml b/...-Elastic-Container-Registry-and-EKS/02-kube-manifests/03-ECR-Nginx-ALB-IngressService.yml
@@ -1,41 +1,43 @@
-# Annotations Reference:  https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/ingress/annotation/
-apiVersion: extensions/v1beta1
+# Annotations Reference: https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/ingress/annotations/
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: ecr-ingress-service
   labels:
     app: kubeapp-ecr
   annotations:
+    # Load Balancer Name
+    alb.ingress.kubernetes.io/load-balancer-name: ecr-ingress
     # Ingress Core Settings  
-    kubernetes.io/ingress.class: "alb"
+    #kubernetes.io/ingress.class: "alb" (OLD INGRESS CLASS NOTATION - STILL WORKS BUT RECOMMENDED TO USE IngressClass Resource)
     alb.ingress.kubernetes.io/scheme: internet-facing
     # Health Check Settings
     alb.ingress.kubernetes.io/healthcheck-protocol: HTTP 
     alb.ingress.kubernetes.io/healthcheck-port: traffic-port
+    #Important Note:  Need to add health check path annotations in service level if we are planning to use multiple targets in a load balancer    
     alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
     alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
     alb.ingress.kubernetes.io/success-codes: '200'
     alb.ingress.kubernetes.io/healthy-threshold-count: '2'
-    alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'
+    alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'  
     ## SSL Settings
     alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}, {"HTTP":80}]'
-    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:180789647333:certificate/9f042b5d-86fd-4fad-96d0-c81c5abc71e1
+    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:180789647333:certificate/d86de939-8ffd-410f-adce-0ce1f5be6e0d
     #alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-1-2017-01 #Optional (Picks default if not used)    
     # SSL Redirect Setting
-    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'   
+    alb.ingress.kubernetes.io/ssl-redirect: '443'
     # External DNS - For creating a Record Set in Route53
-    external-dns.alpha.kubernetes.io/hostname: ecrdemo.kubeoncloud.com       
+    external-dns.alpha.kubernetes.io/hostname: ecrdemo.kubeoncloud.com  
 spec:
   rules:
     - http:
-        paths:
-          - path: /* # SSL Redirect Setting
+        paths:      
+          - path: /
+            pathType: Prefix
             backend:
-              serviceName: ssl-redirect
-              servicePort: use-annotation            
-          - path: /*
-            backend:
-              serviceName: kubeapp-ecr-nodeport-service
-              servicePort: 80                                   
+              service:
+                name: kubeapp-ecr-nodeport-service
+                port: 
+                  number: 80                                   
 # Important Note-1: In path based routing order is very important, if we are going to use  "/*", try to use it at the end of all rules.