[nginx] Add versioned RC

nginx/nginx-rc.yaml

@@ -6,16 +6,18 @@ metadata:
   labels:
     app: nginx
     version: 1.9.11
-    spec: v1
+    spec: v2
 spec:
   replicas: 2
   selector:
     app: nginx
+    rcv: v2
   template:
     metadata:
       labels:
         app: nginx
         lb-target: nginx
+        rcv: v2
     spec:
       containers:
         - image: nginx:1.9.11
@@ -27,6 +29,8 @@ spec:
               mountPath: /etc/nginx/ssl/dhparam
             - name: nginx-config
               mountPath: /etc/nginx/conf.d
+            - name: nginx-logs
+              mountPath: /var/log/nginx
           ports:
             - containerPort: 80
             - containerPort: 443
@@ -40,3 +44,5 @@ spec:
         - name: nginx-config
           secret:
             secretName: nginx-config
+        - name: nginx-logs
+          emptyDir: {}

nginx/server.conf

@@ -6,6 +6,8 @@ log_format logstash '$http_host '
 '$request_time '
 '$upstream_response_time';
 
+access_log   /var/log/nginx/access.log  logstash;
+
 # Modern SSL config
 ssl_protocols TLSv1.2;
 ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
@@ -25,7 +27,6 @@ add_header Strict-Transport-Security max-age=15768000;
 server {
     listen       80;
     server_name  *.tazj.in tazj.in;
-    access_log   /var/log/nginx/tls_redirect.log  logstash;
     return       301 https://$server_name$request_uri;
 }