talexander/kubernetes_ip_demo
1
0
Fork 0
Code Issues Pull Requests Releases Activity
kubernetes_ip_demo/terraform/modules/nginx_ingress_controller/ingress-nginx-controller-v1.12.0.tf
Tom Alexander 91dd7095da
Fix support for the nginx ingress controller.
2025-03-22 16:48:21 -04:00

1029 lines
29 KiB
HCL
Raw Permalink Blame History

resource "kubernetes_manifest" "namespace_ingress_nginx" {
manifest = {
"apiVersion" = "v1"
"kind" = "Namespace"
"metadata" = {
"labels" = {
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
}
"name" = "ingress-nginx"
}
}
}
resource "kubernetes_manifest" "serviceaccount_ingress_nginx_ingress_nginx" {
manifest = {
"apiVersion" = "v1"
"automountServiceAccountToken" = true
"kind" = "ServiceAccount"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
}
}
resource "kubernetes_manifest" "serviceaccount_ingress_nginx_ingress_nginx_admission" {
manifest = {
"apiVersion" = "v1"
"automountServiceAccountToken" = true
"kind" = "ServiceAccount"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
}
}
resource "kubernetes_manifest" "role_ingress_nginx_ingress_nginx" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "Role"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"rules" = [
{
"apiGroups" = [
"",
]
"resources" = [
"namespaces",
]
"verbs" = [
"get",
]
},
{
"apiGroups" = [
"",
]
"resources" = [
"configmaps",
"pods",
"secrets",
"endpoints",
]
"verbs" = [
"get",
"list",
"watch",
]
},
{
"apiGroups" = [
"",
]
"resources" = [
"services",
]
"verbs" = [
"get",
"list",
"watch",
]
},
{
"apiGroups" = [
"networking.k8s.io",
]
"resources" = [
"ingresses",
]
"verbs" = [
"get",
"list",
"watch",
]
},
{
"apiGroups" = [
"networking.k8s.io",
]
"resources" = [
"ingresses/status",
]
"verbs" = [
"update",
]
},
{
"apiGroups" = [
"networking.k8s.io",
]
"resources" = [
"ingressclasses",
]
"verbs" = [
"get",
"list",
"watch",
]
},
{
"apiGroups" = [
"coordination.k8s.io",
]
"resourceNames" = [
"ingress-nginx-leader",
]
"resources" = [
"leases",
]
"verbs" = [
"get",
"update",
]
},
{
"apiGroups" = [
"coordination.k8s.io",
]
"resources" = [
"leases",
]
"verbs" = [
"create",
]
},
{
"apiGroups" = [
"",
]
"resources" = [
"events",
]
"verbs" = [
"create",
"patch",
]
},
{
"apiGroups" = [
"discovery.k8s.io",
]
"resources" = [
"endpointslices",
]
"verbs" = [
"list",
"watch",
"get",
]
},
]
}
}
resource "kubernetes_manifest" "role_ingress_nginx_ingress_nginx_admission" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "Role"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"rules" = [
{
"apiGroups" = [
"",
]
"resources" = [
"secrets",
]
"verbs" = [
"get",
"create",
]
},
]
}
}
resource "kubernetes_manifest" "clusterrole_ingress_nginx" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "ClusterRole"
"metadata" = {
"labels" = {
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx"
}
"rules" = [
{
"apiGroups" = [
"",
]
"resources" = [
"configmaps",
"endpoints",
"nodes",
"pods",
"secrets",
"namespaces",
]
"verbs" = [
"list",
"watch",
]
},
{
"apiGroups" = [
"coordination.k8s.io",
]
"resources" = [
"leases",
]
"verbs" = [
"list",
"watch",
]
},
{
"apiGroups" = [
"",
]
"resources" = [
"nodes",
]
"verbs" = [
"get",
]
},
{
"apiGroups" = [
"",
]
"resources" = [
"services",
]
"verbs" = [
"get",
"list",
"watch",
]
},
{
"apiGroups" = [
"networking.k8s.io",
]
"resources" = [
"ingresses",
]
"verbs" = [
"get",
"list",
"watch",
]
},
{
"apiGroups" = [
"",
]
"resources" = [
"events",
]
"verbs" = [
"create",
"patch",
]
},
{
"apiGroups" = [
"networking.k8s.io",
]
"resources" = [
"ingresses/status",
]
"verbs" = [
"update",
]
},
{
"apiGroups" = [
"networking.k8s.io",
]
"resources" = [
"ingressclasses",
]
"verbs" = [
"get",
"list",
"watch",
]
},
{
"apiGroups" = [
"discovery.k8s.io",
]
"resources" = [
"endpointslices",
]
"verbs" = [
"list",
"watch",
"get",
]
},
]
}
}
resource "kubernetes_manifest" "clusterrole_ingress_nginx_admission" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "ClusterRole"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission"
}
"rules" = [
{
"apiGroups" = [
"admissionregistration.k8s.io",
]
"resources" = [
"validatingwebhookconfigurations",
]
"verbs" = [
"get",
"update",
]
},
]
}
}
resource "kubernetes_manifest" "rolebinding_ingress_nginx_ingress_nginx" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "RoleBinding"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"roleRef" = {
"apiGroup" = "rbac.authorization.k8s.io"
"kind" = "Role"
"name" = "ingress-nginx"
}
"subjects" = [
{
"kind" = "ServiceAccount"
"name" = "ingress-nginx"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
},
]
}
}
resource "kubernetes_manifest" "rolebinding_ingress_nginx_ingress_nginx_admission" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "RoleBinding"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"roleRef" = {
"apiGroup" = "rbac.authorization.k8s.io"
"kind" = "Role"
"name" = "ingress-nginx-admission"
}
"subjects" = [
{
"kind" = "ServiceAccount"
"name" = "ingress-nginx-admission"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
},
]
}
}
resource "kubernetes_manifest" "clusterrolebinding_ingress_nginx" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "ClusterRoleBinding"
"metadata" = {
"labels" = {
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx"
}
"roleRef" = {
"apiGroup" = "rbac.authorization.k8s.io"
"kind" = "ClusterRole"
"name" = "ingress-nginx"
}
"subjects" = [
{
"kind" = "ServiceAccount"
"name" = "ingress-nginx"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
},
]
}
}
resource "kubernetes_manifest" "clusterrolebinding_ingress_nginx_admission" {
manifest = {
"apiVersion" = "rbac.authorization.k8s.io/v1"
"kind" = "ClusterRoleBinding"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission"
}
"roleRef" = {
"apiGroup" = "rbac.authorization.k8s.io"
"kind" = "ClusterRole"
"name" = "ingress-nginx-admission"
}
"subjects" = [
{
"kind" = "ServiceAccount"
"name" = "ingress-nginx-admission"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
},
]
}
}
resource "kubernetes_manifest" "configmap_ingress_nginx_ingress_nginx_controller" {
manifest = {
"apiVersion" = "v1"
"kind" = "ConfigMap"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-controller"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
}
}
resource "kubernetes_manifest" "service_ingress_nginx_ingress_nginx_controller" {
manifest = {
"apiVersion" = "v1"
"kind" = "Service"
"metadata" = {
"annotations" = {
"networking.gke.io/load-balancer-type" = var.public_ingress ? "External" : "Internal"
}
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-controller"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"spec" = {
"externalTrafficPolicy" = "Local"
"ipFamilies" = [
"IPv4",
]
"ipFamilyPolicy" = "SingleStack"
"ports" = [
{
"appProtocol" = "http"
"name" = "http"
"port" = 80
"protocol" = "TCP"
"targetPort" = "http"
},
{
"appProtocol" = "https"
"name" = "https"
"port" = 443
"protocol" = "TCP"
"targetPort" = "https"
},
]
"selector" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
}
"type" = "LoadBalancer"
}
}
}
resource "kubernetes_manifest" "service_ingress_nginx_ingress_nginx_controller_admission" {
manifest = {
"apiVersion" = "v1"
"kind" = "Service"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-controller-admission"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"spec" = {
"ports" = [
{
"appProtocol" = "https"
"name" = "https-webhook"
"port" = 443
"targetPort" = "webhook"
},
]
"selector" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
}
"type" = "ClusterIP"
}
}
}
resource "kubernetes_manifest" "deployment_ingress_nginx_ingress_nginx_controller" {
computed_fields = ["metadata.annotations", "metadata.labels", "spec.template.metadata.labels"]
manifest = {
"apiVersion" = "apps/v1"
"kind" = "Deployment"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-controller"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"spec" = {
"revisionHistoryLimit" = 10
"selector" = {
"matchLabels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
}
}
"strategy" = {
"rollingUpdate" = {
"maxUnavailable" = 1
}
"type" = "RollingUpdate"
}
"template" = {
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
}
"spec" = {
"containers" = [
{
"args" = [
"/nginx-ingress-controller",
"--publish-service=$(POD_NAMESPACE)/ingress-nginx-controller",
"--election-id=ingress-nginx-leader",
"--controller-class=k8s.io/ingress-nginx",
"--ingress-class=nginx",
"--configmap=$(POD_NAMESPACE)/ingress-nginx-controller",
"--validating-webhook=:8443",
"--validating-webhook-certificate=/usr/local/certificates/cert",
"--validating-webhook-key=/usr/local/certificates/key",
]
"env" = [
{
"name" = "POD_NAME"
"valueFrom" = {
"fieldRef" = {
"fieldPath" = "metadata.name"
}
}
},
{
"name" = "POD_NAMESPACE"
"valueFrom" = {
"fieldRef" = {
"fieldPath" = "metadata.namespace"
}
}
},
{
"name" = "LD_PRELOAD"
"value" = "/usr/local/lib/libmimalloc.so"
},
]
"image" = "registry.k8s.io/ingress-nginx/controller:v1.12.0@sha256:e6b8de175acda6ca913891f0f727bca4527e797d52688cbe9fec9040d6f6b6fa"
"imagePullPolicy" = "IfNotPresent"
"lifecycle" = {
"preStop" = {
"exec" = {
"command" = [
"/wait-shutdown",
]
}
}
}
"livenessProbe" = {
"failureThreshold" = 5
"httpGet" = {
"path" = "/healthz"
"port" = 10254
"scheme" = "HTTP"
}
"initialDelaySeconds" = 10
"periodSeconds" = 10
"successThreshold" = 1
"timeoutSeconds" = 1
}
"name" = "controller"
"ports" = [
{
"containerPort" = 80
"name" = "http"
"protocol" = "TCP"
},
{
"containerPort" = 443
"name" = "https"
"protocol" = "TCP"
},
{
"containerPort" = 8443
"name" = "webhook"
"protocol" = "TCP"
},
]
"readinessProbe" = {
"failureThreshold" = 3
"httpGet" = {
"path" = "/healthz"
"port" = 10254
"scheme" = "HTTP"
}
"initialDelaySeconds" = 10
"periodSeconds" = 10
"successThreshold" = 1
"timeoutSeconds" = 1
}
"resources" = {
"requests" = {
"cpu" = "100m"
"memory" = "90Mi"
}
}
"securityContext" = {
"allowPrivilegeEscalation" = false
"capabilities" = {
"add" = [
"NET_BIND_SERVICE",
]
"drop" = [
"ALL",
]
}
"readOnlyRootFilesystem" = false
"runAsGroup" = 82
"runAsNonRoot" = true
"runAsUser" = 101
"seccompProfile" = {
"type" = "RuntimeDefault"
}
}
"volumeMounts" = [
{
"mountPath" = "/usr/local/certificates/"
"name" = "webhook-cert"
"readOnly" = true
},
]
},
]
"dnsPolicy" = "ClusterFirst"
"nodeSelector" = {
"kubernetes.io/os" = "linux"
}
"serviceAccountName" = "ingress-nginx"
"terminationGracePeriodSeconds" = 300
"volumes" = [
{
"name" = "webhook-cert"
"secret" = {
"secretName" = "ingress-nginx-admission"
}
},
]
}
}
}
}
}
resource "kubernetes_manifest" "job_ingress_nginx_ingress_nginx_admission_create" {
computed_fields = ["metadata.annotations", "metadata.labels", "spec.template.metadata.labels"]
manifest = {
"apiVersion" = "batch/v1"
"kind" = "Job"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission-create"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"spec" = {
"template" = {
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission-create"
}
"spec" = {
"containers" = [
{
"args" = [
"create",
"--host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc",
"--namespace=$(POD_NAMESPACE)",
"--secret-name=ingress-nginx-admission",
]
"env" = [
{
"name" = "POD_NAMESPACE"
"valueFrom" = {
"fieldRef" = {
"fieldPath" = "metadata.namespace"
}
}
},
]
"image" = "registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.0@sha256:aaafd456bda110628b2d4ca6296f38731a3aaf0bf7581efae824a41c770a8fc4"
"imagePullPolicy" = "IfNotPresent"
"name" = "create"
"securityContext" = {
"allowPrivilegeEscalation" = false
"capabilities" = {
"drop" = [
"ALL",
]
}
"readOnlyRootFilesystem" = true
"runAsGroup" = 65532
"runAsNonRoot" = true
"runAsUser" = 65532
"seccompProfile" = {
"type" = "RuntimeDefault"
}
}
},
]
"nodeSelector" = {
"kubernetes.io/os" = "linux"
}
"restartPolicy" = "OnFailure"
"serviceAccountName" = "ingress-nginx-admission"
}
}
}
}
}
resource "kubernetes_manifest" "job_ingress_nginx_ingress_nginx_admission_patch" {
computed_fields = ["metadata.annotations", "metadata.labels", "spec.template.metadata.labels"]
manifest = {
"apiVersion" = "batch/v1"
"kind" = "Job"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission-patch"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
}
"spec" = {
"template" = {
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission-patch"
}
"spec" = {
"containers" = [
{
"args" = [
"patch",
"--webhook-name=ingress-nginx-admission",
"--namespace=$(POD_NAMESPACE)",
"--patch-mutating=false",
"--secret-name=ingress-nginx-admission",
"--patch-failure-policy=Fail",
]
"env" = [
{
"name" = "POD_NAMESPACE"
"valueFrom" = {
"fieldRef" = {
"fieldPath" = "metadata.namespace"
}
}
},
]
"image" = "registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.0@sha256:aaafd456bda110628b2d4ca6296f38731a3aaf0bf7581efae824a41c770a8fc4"
"imagePullPolicy" = "IfNotPresent"
"name" = "patch"
"securityContext" = {
"allowPrivilegeEscalation" = false
"capabilities" = {
"drop" = [
"ALL",
]
}
"readOnlyRootFilesystem" = true
"runAsGroup" = 65532
"runAsNonRoot" = true
"runAsUser" = 65532
"seccompProfile" = {
"type" = "RuntimeDefault"
}
}
},
]
"nodeSelector" = {
"kubernetes.io/os" = "linux"
}
"restartPolicy" = "OnFailure"
"serviceAccountName" = "ingress-nginx-admission"
}
}
}
}
}
resource "kubernetes_manifest" "ingressclass_nginx" {
manifest = {
"apiVersion" = "networking.k8s.io/v1"
"kind" = "IngressClass"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "nginx"
}
"spec" = {
"controller" = "k8s.io/ingress-nginx"
}
}
}
resource "kubernetes_manifest" "validatingwebhookconfiguration_ingress_nginx_admission" {
manifest = {
"apiVersion" = "admissionregistration.k8s.io/v1"
"kind" = "ValidatingWebhookConfiguration"
"metadata" = {
"labels" = {
"app.kubernetes.io/component" = "admission-webhook"
"app.kubernetes.io/instance" = "ingress-nginx"
"app.kubernetes.io/name" = "ingress-nginx"
"app.kubernetes.io/part-of" = "ingress-nginx"
"app.kubernetes.io/version" = "1.12.0"
}
"name" = "ingress-nginx-admission"
}
"webhooks" = [
{
"admissionReviewVersions" = [
"v1",
]
"clientConfig" = {
"service" = {
"name" = "ingress-nginx-controller-admission"
"namespace" = kubernetes_manifest.namespace_ingress_nginx.manifest.metadata.name
"path" = "/networking/v1/ingresses"
"port" = 443
}
}
"failurePolicy" = "Fail"
"matchPolicy" = "Equivalent"
"name" = "validate.nginx.ingress.kubernetes.io"
"rules" = [
{
"apiGroups" = [
"networking.k8s.io",
]
"apiVersions" = [
"v1",
]
"operations" = [
"CREATE",
"UPDATE",
]
"resources" = [
"ingresses",
]
},
]
"sideEffects" = "None"
},
]
}
}
Reference in New Issue View Git Blame Copy Permalink