Fix deployments until next release (#3142)

deploy/configmap.yaml

@@ -1,5 +1,3 @@
----
-
 kind: ConfigMap
 apiVersion: v1
 metadata:
@@ -7,3 +5,7 @@ metadata:
   namespace: ingress-nginx
   labels:
     app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx
+
+---
+

deploy/default-backend.yaml

@@ -1,5 +1,3 @@
----
-
 apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
@@ -22,29 +20,29 @@ spec:
     spec:
       terminationGracePeriodSeconds: 60
       containers:
-      - name: default-http-backend
+        - name: default-http-backend
-        # Any image is permissible as long as:
+          # Any image is permissible as long as:
-        # 1. It serves a 404 page at /
+          # 1. It serves a 404 page at /
-        # 2. It serves 200 on a /healthz endpoint
+          # 2. It serves 200 on a /healthz endpoint
-        image: gcr.io/google_containers/defaultbackend:1.4
+          image: gcr.io/google_containers/defaultbackend:1.4
-        livenessProbe:
+          livenessProbe:
-          httpGet:
+            httpGet:
-            path: /healthz
+              path: /healthz
-            port: 8080
+              port: 8080
-            scheme: HTTP
+              scheme: HTTP
-          initialDelaySeconds: 30
+            initialDelaySeconds: 30
-          timeoutSeconds: 5
+            timeoutSeconds: 5
-        ports:
+          ports:
-        - containerPort: 8080
+            - containerPort: 8080
-        resources:
+          resources:
-          limits:
+            limits:
-            cpu: 10m
+              cpu: 10m
-            memory: 20Mi
+              memory: 20Mi
-          requests:
+            requests:
-            cpu: 10m
+              cpu: 10m
-            memory: 20Mi
+              memory: 20Mi
----
 
+---
 apiVersion: v1
 kind: Service
 metadata:
@@ -55,8 +53,11 @@ metadata:
     app.kubernetes.io/part-of: ingress-nginx
 spec:
   ports:
-  - port: 80
+    - port: 80
-    targetPort: 8080
+      targetPort: 8080
   selector:
     app.kubernetes.io/name: default-http-backend
     app.kubernetes.io/part-of: ingress-nginx
+
+---
+

deploy/mandatory.yaml

@@ -1,11 +1,72 @@
----
-
 apiVersion: v1
 kind: Namespace
 metadata:
   name: ingress-nginx
+
 ---
 
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: default-http-backend
+  labels:
+    app.kubernetes.io/name: default-http-backend
+    app.kubernetes.io/part-of: ingress-nginx
+  namespace: ingress-nginx
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: default-http-backend
+      app.kubernetes.io/part-of: ingress-nginx
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: default-http-backend
+        app.kubernetes.io/part-of: ingress-nginx
+    spec:
+      terminationGracePeriodSeconds: 60
+      containers:
+        - name: default-http-backend
+          # Any image is permissible as long as:
+          # 1. It serves a 404 page at /
+          # 2. It serves 200 on a /healthz endpoint
+          image: gcr.io/google_containers/defaultbackend:1.4
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 30
+            timeoutSeconds: 5
+          ports:
+            - containerPort: 8080
+          resources:
+            limits:
+              cpu: 10m
+              memory: 20Mi
+            requests:
+              cpu: 10m
+              memory: 20Mi
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: default-http-backend
+  namespace: ingress-nginx
+  labels:
+    app.kubernetes.io/name: default-http-backend
+    app.kubernetes.io/part-of: ingress-nginx
+spec:
+  ports:
+    - port: 80
+      targetPort: 8080
+  selector:
+    app.kubernetes.io/name: default-http-backend
+    app.kubernetes.io/part-of: ingress-nginx
+
+---
 
 kind: ConfigMap
 apiVersion: v1
@@ -15,6 +76,7 @@ metadata:
   labels:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
+
 ---
 
 kind: ConfigMap
@@ -25,6 +87,7 @@ metadata:
   labels:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
+
 ---
 
 kind: ConfigMap
@@ -35,6 +98,7 @@ metadata:
   labels:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
+
 ---
 
 apiVersion: v1
@@ -47,7 +111,6 @@ metadata:
     app.kubernetes.io/part-of: ingress-nginx
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRole
 metadata:
@@ -92,10 +155,10 @@ rules:
   - apiGroups:
       - ""
     resources:
-        - events
+      - events
     verbs:
-        - create
+      - create
-        - patch
+      - patch
   - apiGroups:
       - "extensions"
     resources:
@@ -104,7 +167,6 @@ rules:
       - update
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: Role
 metadata:
@@ -150,7 +212,6 @@ rules:
       - get
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: RoleBinding
 metadata:
@@ -169,7 +230,6 @@ subjects:
     namespace: ingress-nginx
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
 metadata:
@@ -185,6 +245,7 @@ subjects:
   - kind: ServiceAccount
     name: nginx-ingress-serviceaccount
     namespace: ingress-nginx
+
 ---
 
 apiVersion: extensions/v1beta1
@@ -207,8 +268,8 @@ spec:
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
       annotations:
-        prometheus.io/port: '10254'
+        prometheus.io/port: "10254"
-        prometheus.io/scrape: 'true'
+        prometheus.io/scrape: "true"
     spec:
       serviceAccountName: nginx-ingress-serviceaccount
       containers:
@@ -216,6 +277,7 @@ spec:
           image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.19.0
           args:
             - /nginx-ingress-controller
+            - --default-backend-service=$(POD_NAMESPACE)/default-http-backend
             - --configmap=$(POD_NAMESPACE)/nginx-configuration
             - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
             - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
@@ -223,9 +285,9 @@ spec:
             - --annotations-prefix=nginx.ingress.kubernetes.io
           securityContext:
             capabilities:
-                drop:
+              drop:
                 - ALL
-                add:
+              add:
                 - NET_BIND_SERVICE
             # www-data -> 33
             runAsUser: 33
@@ -239,10 +301,10 @@ spec:
                 fieldRef:
                   fieldPath: metadata.namespace
           ports:
-          - name: http
+            - name: http
-            containerPort: 80
+              containerPort: 80
-          - name: https
+            - name: https
-            containerPort: 443
+              containerPort: 443
           livenessProbe:
             failureThreshold: 3
             httpGet:
@@ -262,3 +324,5 @@ spec:
             periodSeconds: 10
             successThreshold: 1
             timeoutSeconds: 1
+
+---

deploy/monitoring/configuration.yaml

@@ -40,3 +40,6 @@ data:
       - source_labels: [__meta_kubernetes_service_name]
         regex: prometheus-server
         action: drop
+
+---
+

deploy/monitoring/grafana.yaml

@@ -24,28 +24,27 @@ spec:
         app.kubernetes.io/part-of: ingress-nginx
     spec:
       containers:
-      - image: grafana/grafana
+        - image: grafana/grafana
-        name: grafana
+          name: grafana
-        ports:
+          ports:
-        - containerPort: 3000
+            - containerPort: 3000
-          protocol: TCP
+              protocol: TCP
-        resources:
+          resources:
-          limits:
+            limits:
-            cpu: 500m
+              cpu: 500m
-            memory: 2500Mi
+              memory: 2500Mi
-          requests:
+            requests:
-            cpu: 100m
+              cpu: 100m
-            memory: 100Mi
+              memory: 100Mi
-        volumeMounts:
+          volumeMounts:
-        - mountPath: /var/lib/grafana
+            - mountPath: /var/lib/grafana
-          name: data
+              name: data
       restartPolicy: Always
       volumes:
-      - emptyDir: {}
+        - emptyDir: {}
-        name: data
+          name: data
 
 ---
-
 apiVersion: v1
 kind: Service
 metadata:
@@ -57,10 +56,13 @@ metadata:
 
 spec:
   ports:
-  - port: 3000
+    - port: 3000
-    protocol: TCP
+      protocol: TCP
-    targetPort: 3000
+      targetPort: 3000
   selector:
     app.kubernetes.io/name: grafana
     app.kubernetes.io/part-of: ingress-nginx
   type: NodePort
+
+---
+

deploy/monitoring/prometheus.yaml

@@ -7,15 +7,14 @@ metadata:
     app.kubernetes.io/name: prometheus
     app.kubernetes.io/part-of: ingress-nginx
 rules:
-- apiGroups: [""]
+  - apiGroups: [""]
-  resources:
+    resources:
-  - services
+      - services
-  - endpoints
+      - endpoints
-  - pods
+      - pods
-  verbs: ["get", "list", "watch"]
+    verbs: ["get", "list", "watch"]
 
 ---
-
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -26,7 +25,6 @@ metadata:
     app.kubernetes.io/part-of: ingress-nginx
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
@@ -41,12 +39,11 @@ roleRef:
   kind: Role
   name: prometheus-server
 subjects:
-- kind: ServiceAccount
+  - kind: ServiceAccount
-  name: prometheus-server
+    name: prometheus-server
-  namespace: ingress-nginx
+    namespace: ingress-nginx
 
 ---
-
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -90,7 +87,6 @@ spec:
           emptyDir: {}
 
 ---
-
 apiVersion: v1
 kind: Service
 metadata:
@@ -108,3 +104,6 @@ spec:
   ports:
     - port: 9090
       targetPort: 9090
+
+---
+

deploy/namespace.yaml

@@ -1,6 +1,7 @@
----
-
 apiVersion: v1
 kind: Namespace
 metadata:
   name: ingress-nginx
+
+---
+

deploy/provider/aws/patch-configmap-l7.yaml

@@ -8,3 +8,6 @@ metadata:
     app.kubernetes.io/part-of: ingress-nginx
 data:
   use-proxy-protocol: "false"
+
+---
+

deploy/provider/aws/service-l4.yaml

@@ -8,20 +8,23 @@ metadata:
     app.kubernetes.io/part-of: ingress-nginx
   annotations:
     # Enable PROXY protocol
-    service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
+    service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
     # Ensure the ELB idle timeout is less than nginx keep-alive timeout. By default,
     # NGINX keep-alive is set to 75s. If using WebSockets, the value will need to be
     # increased to '3600' to avoid any potential issues.
-    service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '60'
+    service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "60"
 spec:
   type: LoadBalancer
   selector:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
   ports:
-  - name: http
+    - name: http
-    port: 80
+      port: 80
-    targetPort: http
+      targetPort: http
-  - name: https
+    - name: https
-    port: 443
+      port: 443
-    targetPort: https
+      targetPort: https
+
+---
+

deploy/provider/aws/service-l7.yaml

@@ -16,16 +16,19 @@ metadata:
     # Ensure the ELB idle timeout is less than nginx keep-alive timeout. By default,
     # NGINX keep-alive is set to 75s. If using WebSockets, the value will need to be
     # increased to '3600' to avoid any potential issues.
-    service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '60'
+    service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "60"
 spec:
   type: LoadBalancer
   selector:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
   ports:
-  - name: http
+    - name: http
-    port: 80
+      port: 80
-    targetPort: http
+      targetPort: http
-  - name: https
+    - name: https
-    port: 443
+      port: 443
-    targetPort: http
+      targetPort: http
+
+---
+

deploy/provider/aws/service-nlb.yaml

@@ -17,9 +17,12 @@ spec:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
   ports:
-  - name: http
+    - name: http
-    port: 80
+      port: 80
-    targetPort: http
+      targetPort: http
-  - name: https
+    - name: https
-    port: 443
+      port: 443
-    targetPort: https
+      targetPort: https
+
+---
+

deploy/provider/baremetal/service-nodeport.yaml

@@ -9,14 +9,17 @@ metadata:
 spec:
   type: NodePort
   ports:
-  - name: http
+    - name: http
-    port: 80
+      port: 80
-    targetPort: 80
+      targetPort: 80
-    protocol: TCP
+      protocol: TCP
-  - name: https
+    - name: https
-    port: 443
+      port: 443
-    targetPort: 443
+      targetPort: 443
-    protocol: TCP
+      protocol: TCP
   selector:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
+
+---
+

deploy/provider/cloud-generic.yaml

@@ -13,9 +13,12 @@ spec:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
   ports:
-  - name: http
+    - name: http
-    port: 80
+      port: 80
-    targetPort: http
+      targetPort: http
-  - name: https
+    - name: https
-    port: 443
+      port: 443
-    targetPort: https
+      targetPort: https
+
+---
+

deploy/rbac.yaml

@@ -1,17 +1,20 @@
----
-
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: nginx-ingress-serviceaccount
   namespace: ingress-nginx
+  labels:
+    app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRole
 metadata:
   name: nginx-ingress-clusterrole
+  labels:
+    app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx
 rules:
   - apiGroups:
       - ""
@@ -49,10 +52,10 @@ rules:
   - apiGroups:
       - ""
     resources:
-        - events
+      - events
     verbs:
-        - create
+      - create
-        - patch
+      - patch
   - apiGroups:
       - "extensions"
     resources:
@@ -61,12 +64,14 @@ rules:
       - update
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: Role
 metadata:
   name: nginx-ingress-role
   namespace: ingress-nginx
+  labels:
+    app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx
 rules:
   - apiGroups:
       - ""
@@ -104,12 +109,14 @@ rules:
       - get
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: RoleBinding
 metadata:
   name: nginx-ingress-role-nisa-binding
   namespace: ingress-nginx
+  labels:
+    app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -120,11 +127,13 @@ subjects:
     namespace: ingress-nginx
 
 ---
-
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
 metadata:
   name: nginx-ingress-clusterrole-nisa-binding
+  labels:
+    app.kubernetes.io/name: ingress-nginx
+    app.kubernetes.io/part-of: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
@@ -133,3 +142,6 @@ subjects:
   - kind: ServiceAccount
     name: nginx-ingress-serviceaccount
     namespace: ingress-nginx
+
+---
+

deploy/tcp-services-configmap.yaml

@@ -1,5 +1,3 @@
----
-
 kind: ConfigMap
 apiVersion: v1
 metadata:
@@ -8,3 +6,6 @@ metadata:
   labels:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
+
+---
+

deploy/udp-services-configmap.yaml

@@ -1,5 +1,3 @@
----
-
 kind: ConfigMap
 apiVersion: v1
 metadata:
@@ -8,3 +6,6 @@ metadata:
   labels:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
+
+---
+

deploy/with-rbac.yaml

@@ -1,5 +1,3 @@
----
-
 apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
@@ -20,8 +18,8 @@ spec:
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
       annotations:
-        prometheus.io/port: '10254'
+        prometheus.io/port: "10254"
-        prometheus.io/scrape: 'true'
+        prometheus.io/scrape: "true"
     spec:
       serviceAccountName: nginx-ingress-serviceaccount
       containers:
@@ -37,9 +35,9 @@ spec:
             - --annotations-prefix=nginx.ingress.kubernetes.io
           securityContext:
             capabilities:
-                drop:
+              drop:
                 - ALL
-                add:
+              add:
                 - NET_BIND_SERVICE
             # www-data -> 33
             runAsUser: 33
@@ -53,10 +51,10 @@ spec:
                 fieldRef:
                   fieldPath: metadata.namespace
           ports:
-          - name: http
+            - name: http
-            containerPort: 80
+              containerPort: 80
-          - name: https
+            - name: https
-            containerPort: 443
+              containerPort: 443
           livenessProbe:
             failureThreshold: 3
             httpGet:
@@ -76,3 +74,6 @@ spec:
             periodSeconds: 10
             successThreshold: 1
             timeoutSeconds: 1
+
+---
+