apiVersion: extensions/v1beta1 kind: Deployment metadata: labels: k8s-app: example-app name: example-app namespace: default spec: progressDeadlineSeconds: 600 replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: example-app strategy: type: Recreate template: metadata: creationTimestamp: null labels: k8s-app: example-app name: example-app spec: containers: - command: - /example-app - --issuer=https://x201:32000 - --listen=http://0.0.0.0:5555 - --redirect-uri=http://example-app.ieevee.com/callback - --issuer-root-ca=/etc/ca/ca.pem image: silenceshell/example-app:latest imagePullPolicy: IfNotPresent name: example-app securityContext: privileged: false terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/ca name: ca readOnly: true dnsPolicy: ClusterFirst hostAliases: - hostnames: - x201 ip: 192.168.1.19 restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 volumes: - name: ca secret: defaultMode: 420 secretName: dex.ca.pem --- apiVersion: v1 kind: Service metadata: labels: k8s-app: example-app name: example-app namespace: default spec: ports: - name: tcp port: 5555 protocol: TCP targetPort: 5555 selector: k8s-app: example-app type: ClusterIP --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: example-app-ingress namespace: default annotations: nginx.ingress.kubernetes.io/rewrite-target: / nginx.ingress.kubernetes.io/secure-backends: "false" ingress.kubernetes.io/ssl-redirect: "False" spec: rules: - http: paths: - path: / backend: serviceName: example-app servicePort: 5555 host: example-app.ieevee.com