# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: secure-ingress annotations: kubernetes.io/ingress.class: "gce" kubernetes.io/ingress.global-static-ip-name: gke-foobar-public-ip networking.gke.io/managed-certificates: foobar-certificate networking.gke.io/v1beta1.FrontendConfig: ingress-security-config spec: rules: - host: foo.${DOMAIN}.com http: paths: - path: "/" pathType: Prefix backend: service: name: foo port: number: 8080 - host: bar.${DOMAIN}.com http: paths: - path: "/" pathType: Prefix backend: service: name: bar port: number: 8080 --- apiVersion: networking.gke.io/v1beta1 kind: FrontendConfig metadata: name: ingress-security-config spec: sslPolicy: gke-ingress-ssl-policy-https redirectToHttps: enabled: true --- apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: name: foobar-certificate spec: domains: - foo.${DOMAIN}.com - bar.${DOMAIN}.com --- apiVersion: v1 kind: Service metadata: name: foo annotations: cloud.google.com/neg: '{"ingress": true}' spec: ports: - port: 8080 targetPort: 8080 name: http selector: app: foo type: ClusterIP --- apiVersion: v1 kind: Service metadata: name: bar annotations: cloud.google.com/neg: '{"ingress": true}' spec: ports: - port: 8080 targetPort: 8080 name: http selector: app: bar type: ClusterIP --- apiVersion: apps/v1 kind: Deployment metadata: name: foo spec: replicas: 2 selector: matchLabels: app: foo template: metadata: labels: app: foo spec: containers: - name: whereami image: us-docker.pkg.dev/google-samples/containers/gke/whereami:v1.2.20 ports: - name: http containerPort: 8080 readinessProbe: httpGet: path: /healthz port: 8080 scheme: HTTP --- apiVersion: apps/v1 kind: Deployment metadata: name: bar spec: replicas: 2 selector: matchLabels: app: bar template: metadata: labels: app: bar spec: containers: - name: whereami image: us-docker.pkg.dev/google-samples/containers/gke/whereami:v1.2.20 ports: - name: http containerPort: 8080 readinessProbe: httpGet: path: /healthz port: 8080 scheme: HTTP