# Application Load Balancer (ALB) Ingress Controller Deployment Manifest.
# This manifest details sensible defaults for deploying an ALB Ingress Controller.
# GitHub: https://github.com/coreos/alb-ingress-controller
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: alb-ingress-controller
  name: alb-ingress-controller
  # Namespace the ALB Ingress Controller should run in. Does not impact which
  # namespaces it's able to resolve ingress resource for. For limiting ingress
  # namespace scope, see --watch-namespace.
  namespace: kube-system
spec:
  replicas: 1
  selector:
    matchLabels:
      app: alb-ingress-controller
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: alb-ingress-controller
    spec:
      containers:
      - args:
        - /server
        # Ingress controllers must have a default backend deployment where
        # all unknown locations can be routed to. Often this is a 404 page. The
        # default backend is not particularly helpful to the ALB Ingress Controller
        # but is still required. The default backend and its respective service
        # must be running Kubernetes for this controller to start.
        - --default-backend-service=kube-system/default-http-backend
        # Limit the namespace where this ALB Ingress Controller deployment will
        # resolve ingress resources. If left commented, all namespaces are used.
        #- --watch-namespace=your-k8s-namespace
        # Setting the ingress-class flag below will ensure that only ingress resources with the
        # annotation kubernetes.io/ingress.class: "alb" are respected by the controller. You may
        # choose any class you'd like for this controller to respect.
        #- --ingress-class=alb
        env:
          # AWS region this ingress controller will operate in.
          # List of regions:
          # http://docs.aws.amazon.com/general/latest/gr/rande.html#vpc_region
        - name: AWS_REGION
          value: us-east-1
          # Name of your cluster. Used when naming resources created
          # by the ALB Ingress Controller, providing distinction between
          # clusters.
        - name: CLUSTER_NAME
          value: cluster.k8s.local
          # AWS key id for authenticating with the AWS API.
          # This is only here for examples. It's recommended you instead use
          # a project like kube2iam for granting access.
        #- name: AWS_ACCESS_KEY_ID
           #value: KEYVALUE
          # AWS key secret for authenticating with the AWS API.
          # This is only here for examples. It's recommended you instead use
          # a project like kube2iam for granting access.
        #- name: AWS_SECRET_ACCESS_KEY
           #value: SECRETVALUE
          # Enables logging on all outbound requests sent to the AWS API.
          # If logging is desired, set to true.
        - name: AWS_DEBUG
          value: "false"
        - name: POD_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        # Repository location of the ALB Ingress Controller.
        image: quay.io/coreos/alb-ingress-controller:1.0-alpha.3
        imagePullPolicy: Always
        name: server
        resources: {}
        terminationMessagePath: /dev/termination-log
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      securityContext: {}
      terminationGracePeriodSeconds: 30