mirror of
https://github.com/google/nomulus
synced 2026-01-05 04:56:03 +00:00
cea3da01a0
We are required to respond to HTTP(S) requests on port 80/443 on the same domain where we serve port 43 WHOIS requests. The proxy already does this by redirecting to the web WHOIS lookup page on the marketing website. This PR makes it so that requests to port 80/443 can be routed to the proxy for redirect. TESTED=tested on crash and the redirect works.
122 lines
2.5 KiB
YAML
122 lines
2.5 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: pubapi
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
service: pubapi
|
|
template:
|
|
metadata:
|
|
labels:
|
|
service: pubapi
|
|
spec:
|
|
serviceAccountName: nomulus
|
|
containers:
|
|
- name: pubapi
|
|
image: gcr.io/GCP_PROJECT/nomulus
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
resources:
|
|
requests:
|
|
cpu: "500m"
|
|
args: [ENVIRONMENT]
|
|
env:
|
|
- name: POD_ID
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: NAMESPACE_ID
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: CONTAINER_NAME
|
|
value: pubapi
|
|
- name: WHOIS
|
|
image: gcr.io/GCP_PROJECT/proxy
|
|
ports:
|
|
- containerPort: 30001
|
|
name: whois
|
|
- containerPort: 30010
|
|
name: http-whois
|
|
- containerPort: 30011
|
|
name: https-whois
|
|
resources:
|
|
requests:
|
|
cpu: "500m"
|
|
args: [ --env, PROXY_ENV, --log, --local ]
|
|
env:
|
|
- name: POD_ID
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: NAMESPACE_ID
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: CONTAINER_NAME
|
|
value: WHOIS
|
|
---
|
|
apiVersion: autoscaling/v2
|
|
kind: HorizontalPodAutoscaler
|
|
metadata:
|
|
name: pubapi
|
|
spec:
|
|
scaleTargetRef:
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
name: pubapi
|
|
minReplicas: 1
|
|
maxReplicas: 20
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: cpu
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 100
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: pubapi
|
|
spec:
|
|
selector:
|
|
service: pubapi
|
|
ports:
|
|
- port: 80
|
|
targetPort: http
|
|
name: http
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: WHOIS
|
|
annotations:
|
|
cloud.google.com/l4-rbs: enabled
|
|
networking.gke.io/weighted-load-balancing: pods-per-node
|
|
spec:
|
|
type: LoadBalancer
|
|
# Traffic is directly delivered to a node, preserving the original source IP.
|
|
externalTrafficPolicy: Local
|
|
ipFamilies: [IPv4, IPv6]
|
|
ipFamilyPolicy: RequireDualStack
|
|
selector:
|
|
service: pubapi
|
|
ports:
|
|
- port: 43
|
|
targetPort: whois
|
|
name: whois
|
|
- port: 80
|
|
targetPort: http-whois
|
|
name: http-whois
|
|
- port: 443
|
|
targetPort: https-whois
|
|
name: https-whois
|
|
---
|
|
apiVersion: net.gke.io/v1
|
|
kind: ServiceExport
|
|
metadata:
|
|
name: pubapi
|