-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
51f202c
commit db85e6f
Showing
10 changed files
with
147 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,7 +4,7 @@ tag_owner = "[email protected]" | |
| tag_resource_type = "big-ip" | ||
| tag_environment = "lab" | ||
| bigip_ready = "300s" | ||
| bigip_runtime_init_package_url = "https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.5.2/dist/f5-bigip-runtime-init-1.5.2-1.gz.run" | ||
| bigip_runtime_init_package_url = "https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.6.2/dist/f5-bigip-runtime-init-1.6.2.gz.run" | ||
|
|
||
| allowed_ips = ["208.100.170.10/32", "66.175.245.6/32"] | ||
| # Pull from https://api.github.com/meta | ||
|
|
||
11 changes: 0 additions & 11 deletions
11
kubernetes/terraform/configuration/files/manifests/argo/argo-repo-onlineboutique.yaml
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 0 additions & 28 deletions
28
services/argo/terraform/files/manifests/app-onlineboutique.skip
This file was deleted.
Oops, something went wrong.
21 changes: 21 additions & 0 deletions
21
services/argo/terraform/files/manifests/app-transport-calalang-net.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| apiVersion: argoproj.io/v1alpha1 | ||
| kind: Application | ||
| metadata: | ||
| name: 'transport-calalang-net' | ||
| namespace: argocd | ||
| spec: | ||
| project: default | ||
| source: | ||
| repoURL: 'https://github.com/jmcalalang/lab' | ||
| path: services/transport-calalang-net | ||
| targetRevision: HEAD | ||
| destination: | ||
| server: 'https://kubernetes.default.svc' | ||
| namespace: transport | ||
| syncPolicy: | ||
| automated: | ||
| prune: true | ||
| selfHeal: true | ||
| syncOptions: | ||
| - Replace=true | ||
| - CreateNamespace=true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: www-nginx-org-externalname | ||
| spec: | ||
| type: ExternalName | ||
| externalName: nginx.org |
61 changes: 61 additions & 0 deletions
61
services/transport-calalang-net/transport-calalang-net-application.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,61 @@ | ||
| apiVersion: apps/v1 | ||
| kind: Deployment | ||
| metadata: | ||
| name: secure-app | ||
| spec: | ||
| replicas: 3 | ||
| selector: | ||
| matchLabels: | ||
| app: secure-app | ||
| template: | ||
| metadata: | ||
| labels: | ||
| app: secure-app | ||
| spec: | ||
| containers: | ||
| - name: secure-app | ||
| image: nginxdemos/nginx-hello:plain-text | ||
| ports: | ||
| - containerPort: 8443 | ||
| volumeMounts: | ||
| - name: secret | ||
| mountPath: /etc/nginx/ssl | ||
| readOnly: true | ||
| - name: config-volume | ||
| mountPath: /etc/nginx/conf.d | ||
| volumes: | ||
| - name: secret | ||
| secret: | ||
| secretName: app-tls-secret | ||
| - name: config-volume | ||
| configMap: | ||
| name: secure-config | ||
| --- | ||
| apiVersion: v1 | ||
| kind: ConfigMap | ||
| metadata: | ||
| name: secure-config | ||
| data: | ||
| app.conf: |- | ||
| server { | ||
| listen 8443 ssl; | ||
| server_name transport.calalang.net; | ||
| ssl_certificate /etc/nginx/ssl/tls.crt; | ||
| ssl_certificate_key /etc/nginx/ssl/tls.key; | ||
| default_type text/plain; | ||
| location / { | ||
| return 200 "Welcome to TLS server name $ssl_server_name, you reached pod $hostname. You got here at $date_local!\n" ; | ||
| } | ||
| } | ||
| --- | ||
| apiVersion: v1 | ||
| kind: Secret | ||
| metadata: | ||
| name: app-tls-secret | ||
| stringData: | ||
| tls.crt: "-----BEGIN CERTIFICATE-----\nMIIFLzCCBBegAwIBAgISBBEZZ+e9K/LP4+Rp5ZxRG5kfMA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMjAxMjcwMzU5NTZaFw0yMjA0MjcwMzU5NTVaMCAxHjAcBgNVBAMT\nFW5ldHNrb3BlLmNhbGFsYW5nLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\nAQoCggEBAMpOXO03nKPVx5pDl3FTG+7UqeRBiqrSPwKQIP+7LezAUCgD6pBGBqH2\nePZQhwCEebYwpnu2FgOokCLbnHvQH5IS23H4e+smw8KBZvscZmYkMkS2KJmCdWvk\n7h3/56j/OojyAx+vGWVBRogOmM/PUN/bHM23ERjOVdf2NV46I9Y0b7aYqAQlHjrE\n44lId4ALtLc1CDMhZFwXmieyV9/0Tp2VUPPOJ96iQncVRltGbEcj5tRs6NTceGM6\nUoaZb5gGI3K7BjqL+/y2rYPNVUGNiNVRd69qm74NIkF91+iLbi8zhN2uArYfDPV5\nvHC91DP52ML3SY3aa+OH54mEoqT1pCUCAwEAAaOCAk8wggJLMA4GA1UdDwEB/wQE\nAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw\nADAdBgNVHQ4EFgQUWyZZ8WSg1oUTPqaXUw/EKEldIH0wHwYDVR0jBBgwFoAUFC6z\nF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo\ndHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl\nbmNyLm9yZy8wIAYDVR0RBBkwF4IVbmV0c2tvcGUuY2FsYWxhbmcubmV0MEwGA1Ud\nIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0\ndHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv\nAHUA36Veq2iCTx9sre64X04+WurNohKkal6OOxLAIERcKnMAAAF+meeO3gAABAMA\nRjBEAiBLBMVf9CUIB4MtxslHvJr/QiaPB4+D+4bqroRYFXZplwIgJrnNidUKOBq8\n0xVxmBzEyexLmoNVoDMPCvHgsR09TbEAdgApeb7wnjk5IfBWc59jpXflvld9nGAK\n+PlNXSZcJV3HhAAAAX6Z547nAAAEAwBHMEUCIQDmOh+1spgSd/zsCEWmgpidVhOA\nC2AYLd7J9//CiPS2wgIgG80pEuGGhG8u0ZWFn3unC28zkYyU0Q5Pdto7kHYnH/Mw\nDQYJKoZIhvcNAQELBQADggEBAGTZmVTyA+iNKPjg8ZKOri8f3ub2oSUbTbyyax7Y\nMrAJKPAccWGoXouBYvIbaDdEJSZD2iNJr9LMbzdqdvK27xaO2GPiy+rmjUvCgd1c\nuO4jzq7K6dLtARkWHqeLMWX9U/1zouqtVkiTbpamidmOZrXzPGB1nmph/Yk+ca1l\nnnV+2Ms68alC5kBy6dmnQQKrwUV89/4v5U9BmqDFZ7shStLpGFPC76VME1dMLa0H\n1O26c0RXE+IlpsiITixw42lMDM6DnGow9Szm5p3hkymD0gCqTJqk6r6p9rHm17Cf\nlb19MCWjWrQNCWPoTzWJ0UZkqtxT5BaB2iKr8hYmWjtN+M4=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC\nov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL\nwYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D\nLtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK\n4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5\nbHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y\nsR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ\nXmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4\nFQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc\nSLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql\nPRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND\nTwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\nSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1\nc3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx\n+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB\nATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu\nb3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E\nU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu\nMA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC\n5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW\n9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG\nWCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O\nhe8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n" | ||
| tls.key: "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDKTlztN5yj1cea\nQ5dxUxvu1KnkQYqq0j8CkCD/uy3swFAoA+qQRgah9nj2UIcAhHm2MKZ7thYDqJAi\n25x70B+SEttx+HvrJsPCgWb7HGZmJDJEtiiZgnVr5O4d/+eo/zqI8gMfrxllQUaI\nDpjPz1Df2xzNtxEYzlXX9jVeOiPWNG+2mKgEJR46xOOJSHeAC7S3NQgzIWRcF5on\nslff9E6dlVDzzifeokJ3FUZbRmxHI+bUbOjU3HhjOlKGmW+YBiNyuwY6i/v8tq2D\nzVVBjYjVUXevapu+DSJBfdfoi24vM4TdrgK2Hwz1ebxwvdQz+djC90mN2mvjh+eJ\nhKKk9aQlAgMBAAECggEASxa87RtYG4Nsu7hczKZBVus+R8d/9Zll48ilRuYtzJMw\n7TlO5c/oBFOcYChRg4KoPlReZsqV7zOwlA+ZTGdaYHh5VRsau5Q+0sH+/DN1WnIS\n6mgGN7wxYyOsshva22IoUs4pFKiEL44D5NouI+vaI8yLK1vIj8F+IVN0SY4g4Q8a\nV1Q+AzM+H27t4Es9ZuUQhEJAyg1EXe1qL3gNWSQ1kgn6Mp/X0IhPUjOjbr2skvxW\nWVCeDqDSZVAqosJQpDl/GkshJJppKg3l9NLrS2WCPl1BSPd0FS4SUZj0yqfAey1Q\ntTkApKANYz1ybfh+3zXID2hOFO4UxSgq6JTLNO8IvQKBgQDtGj3ez4Nf8FS4iJHi\nPnEBfJNLSDC6TubZhNtbz9KWFX4E4FAPsPmD5ZlMY7VF4LSxl6ZI+wjPNLCroX7y\nflDiX8V23E2AWNwq29P8QtrpNtkLjyFNH/iShP/A601AUtDaqIhTc+NNgRzv54Ol\ngn/i64aBRvN9pwXl/ivSaqfSzwKBgQDabiXATCk/uF92gC422musgt865i696Jb4\n7lZpuP8UDrsypLm1isPYe+Dtjhp0jlp7fWJN5ZAANxEejin528sBEYEjI/ywPCB5\njkEZnXpKoJdNzb+I74kfKbWUXhdHywszKctxAHM7JwBOQJnT2hUNSZI2YM+R9UU/\n2ZYr4q1mywKBgQCdYiPbeEcuMasq6oxbbzM312c2O28M3D7j+ApbgTG5qf6CYhsC\nr2iQoqEFUdIL1kJa99zK6MdKMyFqa8KGWE58VTIP2eAf59wNHuoxsnb5Aw1DXPiv\n5x7qsxnJBue6YL59xgznyC8DTUbWAAkkneEh0VDxExWhPHLv3a1c+Kr5hQKBgHW4\nFzBj23cz7n725fE6Ff2LKrObimVfDL5r9LZVtWMh7VGF5XApsRLi8H4Wr7tRXQJg\nuLIynkD/bIKDK6w1AFs7C9XcdzqjrPzV5c/gRyAhHGoaELfEIKpi2DF15CYVD5wr\nUjE8hN3ETy3dMwox5laa5+nWkweeoAuhQIW2TK2xAoGAF8rF4stB4ugLRtFMgAJx\npv5PR/YjMvGcz0iwvhsCnMt2AOEsRviw7woBkYgVc3SkUCIQhqP+fgrP+qnZRP+U\nlo3hNU4uag/MU13rUTw8Sx37TPyInK+q8JfVkY8B8gFW4zRsymCqkCUsD3k4IpKQ\nufxrsNDKrJuRpksOJzfIo7w=\n-----END PRIVATE KEY-----\n" |
27 changes: 27 additions & 0 deletions
27
services/transport-calalang-net/transport-calalang-net-transportserver.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| apiVersion: k8s.nginx.org/v1alpha1 | ||
| kind: TransportServer | ||
| metadata: | ||
| name: transport.calalang.net | ||
| spec: | ||
| listener: | ||
| name: tls-passthrough | ||
| protocol: TLS_PASSTHROUGH | ||
| host: transport.calalang.net | ||
| streamSnippets: limit_conn_zone $binary_remote_addr zone=addr:10m; | ||
| serverSnippets: | | ||
| deny 192.168.1.1; | ||
| allow 168.63.129.16; | ||
| limit_conn addr 5; | ||
| upstreams: | ||
| - name: www-nginx-org-externalname | ||
| service: www-nginx-org-externalname | ||
| port: 443 | ||
| healthCheck: | ||
| enable: true | ||
| port: 443 | ||
| interval: 20s | ||
| jitter: 3s | ||
| fails: 5 | ||
| passes: 5 | ||
| action: | ||
| pass: www-nginx-org-externalname |