apiVersion: v1 kind: ReplicationController metadata: name: nginx-ingress-3rdpartycfg labels: k8s-app: nginx-ingress-lb spec: replicas: 1 selector: k8s-app: nginx-ingress-lb template: metadata: labels: k8s-app: nginx-ingress-lb name: nginx-ingress-lb spec: # A secret for each nginx host that requires SSL. These secrets need to # exist before hand, see README. # The secret must contains 2 variables: cert and key. # Follow this https://github.com/bprashanth/Ingress/blob/master/examples/sni/nginx/test.sh # as a guide on how to generate secrets containing SSL certificates. volumes: - name: secret-echoheaders-1 secret: secretName: echoheaders - name: dhparam-example secret: secretName: dhparam-example containers: - image: gcr.io/google_containers/nginx-third-party:0.3 name: nginx-ingress-lb imagePullPolicy: Always livenessProbe: httpGet: path: /healthz port: 10249 scheme: HTTP initialDelaySeconds: 30 timeoutSeconds: 5 # use downward API env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace ports: - containerPort: 80 hostPort: 80 - containerPort: 443 hostPort: 4444 - containerPort: 8080 hostPort: 9000 volumeMounts: - mountPath: /etc/nginx-ssl/secret-echoheaders-1 name: secret-echoheaders-1 - mountPath: /etc/nginx-ssl/dhparam name: dhparam-example # the flags tcp-services is required because Ingress do not support TCP rules # if no namespace is specified "default" is used. Example: nodefaultns/example-go:8080 # containerPort 8080 is mapped to 9000 in the node. args: - /nginx-third-party-lb - --tcp-services=default/example-go:8080 - --default-backend-service=default/default-http-backend - --custom-error-service=default/default-error-backend