feat(k8s): Add nginx instance for oslo.pub redirect

The redirect is currently all that this instance does. It is required because HTTP load balancers in GCP don't support URL rewriting.
2019-09-02 18:19:35 +01:00 · 2019-09-02 18:19:35 +01:00 · 785a5a2997
commit 785a5a2997
parent e6cb12ebfb
3 changed files with 92 additions and 0 deletions
--- a/infra/kubernetes/nginx/nginx.conf
+++ b/infra/kubernetes/nginx/nginx.conf
@ -0,0 +1,36 @@
+daemon off;
+worker_processes  1;
+error_log stderr;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    log_format json_combined escape=json
+    '{'
+        '"time_local":"$time_local",'
+        '"remote_addr":"$remote_addr",'
+        '"remote_user":"$remote_user",'
+        '"request":"$request",'
+        '"status": "$status",'
+        '"body_bytes_sent":"$body_bytes_sent",'
+        '"request_time":"$request_time",'
+        '"http_referrer":"$http_referer",'
+        '"http_user_agent":"$http_user_agent"'
+        '}';
+
+    access_log /dev/stdout json_combined;
+
+    sendfile        on;
+    keepalive_timeout  65;
+
+    server {
+        listen       80;
+        server_name  oslo.pub;
+
+        location / {
+            return 302 https://www.google.com/maps/d/viewer?mid=1pJIYY9cuEdt9DuMTbb4etBVq7hs;
+        }
+    }
+}
--- a/infra/kubernetes/nginx/nginx.yaml
+++ b/infra/kubernetes/nginx/nginx.yaml
@ -0,0 +1,55 @@
+# Deploy an nginx instance which serves ... redirects.
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-conf
+data:
+  nginx.conf: {{ insertFile "nginx.conf" | toJson }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+  labels:
+    app: nginx
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+        config: {{ insertFile "nginx.conf" | sha1sum }}
+    spec:
+      containers:
+        - name: tazblog
+          image: nixery.local/shell/nginx:{{ gitHEAD }}
+          command: ["/bin/bash", "-c"]
+          args:
+            - |
+              echo 'nogroup:x:30000:nobody' >> /etc/group
+              echo 'nobody:x:30000:30000:nobody:/tmp:/bin/bash' >> /etc/passwd
+              exec nginx -c /etc/nginx/nginx.conf
+          volumeMounts:
+            - name: nginx-conf
+              mountPath: /etc/nginx
+      volumes:
+        - name: nginx-conf
+          configMap:
+            name: nginx-conf
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+spec:
+  type: NodePort
+  selector:
+    app: nginx
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
--- a/infra/kubernetes/primary-cluster.yaml
+++ b/infra/kubernetes/primary-cluster.yaml
@ -28,3 +28,4 @@ include:
      repo: ssh://source.developers.google.com:2022/p/tazjins-infrastructure/r/monorepo
  - name: tazblog
  - name: https-lb
+  - name: nginx