This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Data Flow

1 - Overview

Service Overview

Data Flow is a data processing workflow tool that visually creates processing flows for extracting large volumes of data from various data sources and for transforming and transmitting stream/batch data, and it provides the open-source Apache NiFi. Data Flow can be used independently in the Kubernetes Engine cluster environment of Samsung Cloud Platform, or together with other application software.

Diagram
Figure. Data Flow Diagram

Provided features

Data Flow provides the following functions.

  • Convenient Installation and Management: Data Flow can be easily installed in a standard Kubernetes cluster environment via the web-based Samsung Cloud Platform Console. It automatically configures the architecture required for scalable clustering based on the open-source Apache NiFi, automatically installing ZooKeeper, Registry, and management modules. With Data Flow, you can configure and deploy configuration files, NiFi templates, and other assets needed for service integration.
  • Easy Data Flow Management: You can easily create processing flows for stream/batch data in a GUI that matches the user environment, and by authoring data processing flows in a GUI, you can efficiently extract, transmit, and process data between systems.
  • NiFi Template Gallery: You can share/distribute reference NiFi templates. Data Flow provides work files for data processing flows commonly used in the field as a gallery, and users can share the data processing flow work they have created.

Component

Data Flow consists of Manager and Service modules, and is provided packaged with Apache NiFi.

Data Flow Manager

Data Flow Manager provides various management functions to enable more efficient use of NiFi.

  • You can upload the Nar file created by the customer through the Data Flow Manager for use in the Processor, and upload configuration files to share them.
  • Frequently used NiFi templates are packaged as assets and offered in the Gallery, ready for use with a single click.
  • Provides real-time monitoring of multiple services configured for the native NiFi service, as well as resource status monitoring.
  • You can easily provision configuration information for NiFi components within the cluster.

Data Flow Service

  • We provide a data flow management service based on Apache NiFi.
  • Automatically configures the architecture required for scalable clustering based on Apache NiFi, and automatically installs the Nifi, ZooKeeper, and Nifi Registry modules.
  • When providing Nifi, you can set the Description, required resource size, connection ID/PW, and Host Alias.
  • After creating the service, you can modify the Description, required resource size, connection password, Host Alias, and other settings, and apply the changes to the service.

Server spec type

When creating a Data Flow service, check the following.

  • Recommended Service Installation Specifications: CPU 21 core, Memory 57 GB, Storage at least 100 GB
Reference
  • Before creating the Data Flow service, you need to install the Ingress Controller.
  • Only one Ingress Controller can be installed in a Kubernetes cluster.
  • For more details, refer to Ingress Controller Installation.

Provision status by region

Data Flow is available in the environments below.

regionProvision status
Korea West (kr-west1)Provided
Korea East (kr-east1)Provide
South Korea 1 (kr-south1)Not provided
South Korea South 2 (kr-south2)Not provided
South Korea 3 (kr-south3)Not provided
Table. Data Flow regional availability status

Preliminary Service

This is a list of services that must be pre‑configured before creating the service. Please refer to the guide provided for each service and prepare in advance.

Service CategoryserviceDetailed description
StorageFile StorageStorage that enables multiple client servers to share files over a network connection.
ContainerKubernetes EngineKubernetes container orchestration service
Table. Data Flow Pre-service

1.1 - ServiceWatch metric

In ServiceWatch, you can view Kubernetes Engine metrics for the Kubernetes Engine created by Data Flow. As with Kubernetes Engine, the metrics provided by default monitoring are data collected at one‑minute intervals.

Reference
Refer to the ServiceWatch guide for how to view metrics in ServiceWatch.

Basic Metrics

The following are the default metrics for the Kubernetes Engine namespace.

The metrics whose names are displayed in bold below are the key metrics selected from the default metrics provided by Kubernetes Engine. Key metrics are used to build service dashboards that are automatically created for each service in ServiceWatch.

Each metric provides guidance in the user guide on which statistical values are meaningful when querying that metric, and among the meaningful statistics, the values shown in bold are the primary statistics. In the service dashboard, you can view key metrics using primary statistical values.

Indicator nameDetailed descriptionunitmeaningful statistics
cluster_upCluster upCount
  • Total
  • Average
  • Maximum
  • Minimum
cluster_node_countNumber of cluster nodesCount
  • Total
  • Average
  • Max
  • Min
cluster_failed_node_countNumber of failed nodes in the clusterCount
  • Total
  • Average
  • Maximum
  • Minimum
cluster_namespace_phase_countNumber of cluster namespace phasesCount
  • Total
  • Average
  • Maximum
  • Minimum
cluster_pod_phase_countCluster pod phase countCount
  • Total
  • Average
  • Maximum
  • Minimum
node_cpu_allocatableNode CPU allocatable-
  • Total
  • Average
  • Maximum
  • Minimum
node_cpu_capacityNode CPU capacity-
  • Total
  • Average
  • Maximum
  • Minimum
node_cpu_usageNode CPU usage-
  • Total
  • Average
  • Maximum
  • Minimum
node_cpu_utilizationNode CPU usage-
  • Total
  • Average
  • Maximum
  • Minimum
node_memory_allocatableNode memory allocatable amountBytes
  • Total
  • Average
  • Maximum
  • Minimum
node_memory_capacityNode memory capacityBytes
  • Total
  • Average
  • Maximum
  • Minimum
node_memory_usageNode memory usageBytes
  • Total
  • Average
  • Maximum
  • Minimum
node_memory_utilizationNode memory usage rate-
  • Total
  • Average
  • Maximum
  • Minimum
node_network_rx_bytesNode network received bytesBytes/Second
  • Total
  • Average
  • Maximum
  • Minimum
node_network_tx_bytesNode network transmitted bytesBytes/Second
  • Total
  • Average
  • Maximum
  • Minimum
node_network_total_bytesTotal bytes of the node networkBytes/Second
  • Total
  • Average
  • Maximum
  • Minimum
node_number_of_running_podsNumber of pods running on a nodeCount
  • Total
  • Average
  • Maximum
  • Minimum
namespace_number_of_running_podsNumber of running pods in the namespaceCount
  • Total
  • Average
  • Maximum
  • Minimum
namespace_deployment_pod_countNamespace deployment pod countCount
  • Total
  • Average
  • Maximum
  • Minimum
namespace_statefulset_pod_countNamespace StatefulSet pod countCount
  • Total
  • Average
  • Maximum
  • Minimum
namespace_daemonset_pod_countNamespace daemonset pod countCount
  • Total
  • Average
  • Maximum
  • Minimum
namespace_job_active_countActive namespace job countCount
  • Total
  • Average
  • Maximum
  • Minimum
namespace_cronjob_active_countNumber of active namespace cronjobsCount
  • Total
  • Average
  • Maximum
  • Minimum
pod_cpu_usagePod CPU usage-
  • Total
  • Average
  • Maximum
  • Minimum
pod_memory_usagePod memory usageBytes
  • Total
  • Average
  • Maximum
  • Minimum
pod_network_rx_bytesPod network received bytesBytes/Second
  • Total
  • Average
  • Maximum
  • Minimum
pod_network_tx_bytesPod network transmitted bytesBytes/Second
  • Total
  • Average
  • Maximum
  • Minimum
pod_network_total_bytesPod network total bytesCount
  • Total
  • Average
  • Maximum
  • Minimum
container_cpu_usageContainer CPU usage-
  • Total
  • Average
  • Maximum
  • Minimum
container_cpu_limitContainer CPU limit-
  • Total
  • Average
  • Maximum
  • Minimum
container_cpu_utilizationContainer CPU usage-
  • Total
  • Average
  • Maximum
  • Minimum
container_memory_usageContainer memory usageBytes
  • Total
  • Average
  • Maximum
  • Minimum
container_memory_limitContainer memory limitBytes
  • Total
  • Average
  • Maximum
  • Minimum
container_memory_utilizationContainer memory usage-
  • Total
  • Average
  • Maximum
  • Minimum
node_gpu_countNode GPU countCount
  • Total
  • Average
  • Maximum
  • Minimum
gpu_tempGPU temperature-
  • Total
  • Average
  • Maximum
  • Minimum
gpu_power_usageGPU power usage-
  • Total
  • Average
  • Maximum
  • Minimum
gpu_utilGPU utilizationPercent
  • Total
  • Average
  • Maximum
  • Minimum
gpu_sm_clockGPU SM clock-
  • Total
  • Average
  • Maximum
  • Minimum
gpu_fb_usedGPU FB usageMegabytes
  • Total
  • Average
  • Maximum
  • Minimum
gpu_tensor_activeGPU tensor utilization-
  • Total
  • Average
  • Maximum
  • Minimum
pod_gpu_utilPod GPU utilizationPercent
  • Total
  • Average
  • Maximum
  • Minimum
pod_gpu_tensor_activePod GPU Tensor Utilization Rate-
  • Total
  • Average
  • Maximum
  • Minimum
Table. Kubernetes Engine Basic Metrics

2 - How-to guides

Users can create the service by entering the required Data Flow information and selecting detailed options through the Samsung Cloud Platform Console.

Create Data Flow

You can create and use the Data Flow service in the Samsung Cloud Platform Console.

To create a Data Flow, follow these steps.

  1. Click the All Services > Data Analytics > Data Flow menu. Navigate to the Service Home page of Data Flow.

  2. On the Service Home page, click the Create Data Flow button. You will be taken to the Create Data Flow page.

  3. On the Data Flow creation page, enter the information required to create the service and select detailed options.

    • Version selection area, select the required information.
      Category
      Required or optional
      		Detailed description
      Data Flow versionRequiredSelect version of the selected image
      • Provide a list of versions for the provided server image
      Table. Data Flow version selection item
    • Enter or select the required information in the Cluster Selection area. To install Data Flow, you must first create nodes for the Kubernetes cluster and the working environment.
      Category
      Required status
      		Detailed description
      Cluster nameRequiredSelect the cluster to use
      Ingress ControllerRequiredSelect the Ingress Controller installed in the cluster
      • In the Details tab of the installed Ingress Controller, add the following information to the ConfigMap entry.
        • Key: allow-snippet-annotations
        • Value: true
      Table. Data Flow cluster selection options
    • Enter or select the required information in the Service Information Input area.
      Category
      Required
      		Detailed description
      Data Flow nameRequiredEnter Data Flow name
      • starting with a lowercase English letter and not ending with a special character (-), using lowercase English letters, numbers, and special characters (-) to input 3 ~ 30 characters
      Storage ClassRequiredSelect the storage class used by the selected cluster
      descriptionSelectEnter additional information or description about Data Flow within 150 characters.
      Domain SettingsRequiredEnter Data Flow domain
      • Start with a lowercase English letter and ensure it does not end with special characters (-), using lowercase letters, numbers, and special characters (-) to enter 3 ~ 50 characters
      • {Data Flow name}.{configured domain} becomes the Data Flow access URL.
      Node SelectorRequiredTo install on a specific node, enter a distinguishable label among the node’s labels
      • If you enter an incorrect node label, installation errors may occur, so verify the node label in advance
      • Node labels can be found in the node’s yaml file
      accountRequiredEnter Data Flow Manager account
      • ID: Enter a value between 6 and 30 characters, starting with a lowercase English letter and using lowercase letters and numbers
      • Password: Enter 8 to 50 characters, including uppercase letters, lowercase letters, numbers, and special characters (! @ # $ % ^ & *)
      • Confirm Password: Re-enter the password exactly the same
      Host AliasSelectionAdd host information to be linked with Data Flow (up to 20 total, including defaults)
      • Select Use, then click the + button
      • Hostname: Enter a hostname or domain format using lowercase letters, numbers, and special characters (-) with a length of 3 to 63 characters
      • IP: Enter in IP format
      • Click the X button to delete
      • The added host information can be used only if the firewall between the cluster and the server is open
      Table. Data Flow service information entry items
    • In the Additional Information Input area, enter or select the required information.
      Category
      Required status
      		Detailed description
      tagSelectionAdd Tag
      • Add Tag Click the button to create and add a tag, or add an existing tag.
      • You can add up to 50 tags.
      • The newly added tags will be applied after the service creation is completed.
      Table. Data Flow additional information input fields

  4. Summary Check the detailed information and estimated billing amount generated in the panel, and click the Complete button.

    • When creation is complete, check the created resource on the Data Flow List page.

Check detailed information of Data Flow

You can view and edit the full list of resources and detailed information of a Data Flow. The Data Flow Details page consists of Details, Tags, Activity Log tabs.

To view detailed information of the Data Flow, follow these steps.

  1. Click the All Services > Data Analytics > Data Flow menu. Navigate to the Service Home page of Data Flow.
  2. On the Service Home page, click the Data Flow menu. You will be taken to the Data Flow List page.
  3. On the Data Flow List page, click the resource to view detailed information. You will be taken to the Data Flow Detail page.
    • Data Flow Details At the top of the page, status information and additional feature information are displayed.
      CategoryDetailed description
      Status indicatorData Flow status
      • Creating: Creating
      • Running: Running, Data Flow Services can be created
      • Updating: Updating settings
      • Terminating: Terminating
      • Error: error occurred during creation or service abnormal state
      Hosts file configuration informationButton to view and copy the host file information for accessing Data Flow
      Service terminationCancel Service button
      Table. Data Flow status information and additional functions

Detailed Information

On the Data Flow list page, you can view detailed information of the selected resource and edit the information if needed.

CategoryDetailed description
serviceService name
Resource TypeResource Type
SRNUnique resource ID in Samsung Cloud Platform
  • means the cluster SRN
Resource nameresource name
  • means the cluster name
Resource IDUnique resource ID in the service
constructorUser who created the service
Creation date and timeService creation date and time
editorUser who edited the service information
Modification dateDate and time the service information was modified
Cluster nameCluster name of the configured servers
Storage ClassStorage class used by the selected cluster
ExplanationAdditional information or explanation about Data Flow
Domain SettingsData Flow domain name
Node SelectorNode Label
Web UrlData Flow URL
accountData Flow Manager account
Host AliasHost information to be connected with Data Flow
Table. Data Flow Detailed Information Tab Items

tag

Data Flow List page lets you view the tag information of the selected resource, and you can add, modify, or delete it.

CategoryDetailed description
Tag listTag list
  • You can view the Key, Value information of the tag
  • Up to 50 tags can be added per resource
  • When entering a tag, you can search and select from the list of previously created Keys and Values
Table. Data Flow Tag Tab Items

Job History

You can view the operation history of the selected resource on the Data Flow List page.

CategoryDetailed description
Task History ListResource Change History
  • Operation Time, Resource ID, Resource Name, Operation Details, Event Topic, Operation Result, Check operator information
Table. Data Flow Job History Tab Detailed Information Items

Terminate Data Flow

You can cancel unused Data Flow to reduce operating costs. However, if you cancel a service, the running service may be terminated immediately, so you should thoroughly consider the impact of service interruption before proceeding with the cancellation.

To cancel the Data Flow, follow the steps below.

  1. Click the All Services > Data Analytics > Data Flow menu. Navigate to the Service Home page of Data Flow.
  2. On the Service Home page, click the Data Flow menu. You will be taken to the Data Flow List page.
  3. On the Data Flow List page, select the resource to cancel, and click the Cancel Service button.
  4. When termination is complete, check on the Data Flow List page whether the resource has been terminated.
Information
  • Data Flow can be cancelled only after first deleting the associated Data Flow Services.
  • If you cancel Data Flow, the created namespace will also be deleted.

2.1 - Data Flow Services

Users can create the service by entering the required information for Data Flow Services within the Data Flow service through the Samsung Cloud Platform Console and selecting detailed options.

Creating Data Flow Services

Users can add a service by selecting detailed options for Data Flow or by entering configuration values.

Information
When applying for Data Flow Services, the resource size must be secured to be at least the available capacity of the K8s cluster.

To create Data Flow Services, follow these steps.

  1. Click the All Services > Data Analytics > Data Flow menu. You will be taken to the Data Flow Service Home page.

  2. From the Service Home page, click Data Flow Servies. Navigate to the Data Flow Services list page.

  3. On the Data Flow Services List page, click the Data Flow Services Create button. You will be taken to the Data Flow Services Create page.

  4. Data Flow Services Creation page: enter the information required to create the service and select detailed options.

    • Enter or select the required information in the Service Information Input area.
      Category
      Required
      		Detailed description
      Data Flow nameRequiredSelect Data Flow
      Flow Service nameRequiredEnter Data Flow Services name
      • Start with a lowercase English letter and ensure it does not end with a special character (-), using lowercase letters, numbers, and special characters (-) to enter 3 to 30 characters
      Storage ClassRequiredSelect the storage class used by the selected cluster
      descriptionSelectionEnter additional information or description about Data Flow Services within 150 characters.
      Domain SettingsRequiredData Flow Services domain input
      • Start with a lowercase English letter and ensure it does not end with a special character (-), using lowercase letters, numbers, and special characters (-) to enter 3 to 50 characters
      • {Data Flow Services name}.{configured domain} becomes the Data Flow Services access URL.
      Node SelectorRequiredTo install on a specific node, enter a distinguishable label among the node’s Labels
      • If you enter an incorrect node label, installation errors may occur, so verify the node label in advance
      • The node label can be found in the node’s yaml file
      Service WorkloadRequired
      • Nifi: Module that provides Apache Nifi’s services and UI
      • Nifi Registry: Module that configures and deploys Nifi templates
      • Zookeeper: Module that supports proper distributed processing of Nifi across multiple nodes
      accountRequiredEnter Nifi account
      • ID: Enter a value between 6 and 30 characters, starting with a lowercase English letter and using lowercase letters and numbers
      • Password: Enter 8 to 50 characters, including uppercase letters, lowercase letters, numbers, and special characters(!@#$%^&*)
      • Confirm Password: Re-enter the password exactly the same
      Table. Data Flow Services service information input items
    • In the Additional Information Input area, enter or select the required information.
      Category
      Required
      		Detailed description
      Host AliasSelectionAdd host information to be linked with Data Flow (up to 20 total, including defaults)
      • Select Use, then click the + button
      • Hostname: Enter a hostname or domain format using lowercase letters, numbers, and special characters (-) with a length of 3 to 63 characters
      • IP: Enter in IP format
      • To delete, click the X button
      • The added host information can be used only if the firewall between the cluster and the server is open
      tagSelectionAdd Tag
      • Add Tag Click the button to create and add a tag, or add an existing tag.
      • You can add up to 50 tags.
      • The newly added tags will be applied after the service creation is completed.
      Table. Data Flow additional information input fields

  5. Summary Verify the detailed information and estimated billing amount generated in the panel, then click the Complete button.

    • Once creation is complete, check the created resources on the Data Flow Services List page.

Data Flow Services Check detailed information

You can view and edit the complete list of resources and detailed information for Data Flow Services. Data Flow Services Details page consists of Details, Tags, Operation History tabs.

To view detailed information about Data Flow Services, follow these steps.

  1. Click the All Services > Data Analytics > Data Flow menu. Navigate to the Service Home page of Data Flow.
  2. On the Service Home page, click the Data Flow Services menu. You will be taken to the Data Flow Services list page.
  3. On the Data Flow Services List page, click the resource to view detailed information. You will be taken to the Data Flow Services Details page.
    • Data Flow Services Details At the top of the page, status information and additional feature information are displayed.
      CategoryDetailed description
      Status displayData Flow Services status
      • Creating: Creating
      • Running: Running
      • Updating: Updating configuration
      • Terminating: Terminating service
      • Error: Creation failed or service unavailable
      Hosts file configuration informationButton to view and copy the host file information needed to access Data Flow Services
      Delete Data Flow ServicesCancel Service button
      Table. Data Flow Services status information and additional functions

Detailed Information

Data Flow Services List page lets you view detailed information of the selected resource and edit the information if needed.

CategoryDetailed description
serviceService name
Resource TypeResource Type
SRNUnique resource ID in Samsung Cloud Platform
  • refers to the cluster SRN
Resource nameResource name
  • means the cluster name
Resource IDUnique resource ID in the service
constructorUser who created the service
Creation date and timeService creation date and time
editorUser who edited the service information
Modification dateDate and time the service information was modified
Data Flow nameData Flow name
Storage ClassStorage class used by the selected cluster
descriptionAdditional information or explanation about Data Flow Services
Domain SettingsData Flow Services domain name
Node SelectorNode Label
Web UrlData Flow Services URL
accountAirflow account
Host AliasHost information to be connected to Data Flow Services
Table. Data Flow Services detailed information tab items

tag

Data Flow Services List page allows you to view the tag information of the selected resource, and you can add, modify, or delete it.

CategoryDetailed description
Tag listTag list
  • You can view the Key, Value information of the tag
  • Up to 50 tags can be added per resource
  • When entering a tag, you can search and select from the list of previously created Keys and Values
Table. Data Flow Services Tag Tab Items

Job History

Data Flow Services List page lets you view the operation history of the selected resource.

CategoryDetailed description
Task History ListResource Change History
  • Operation Time, Resource ID, Resource Name, Operation Details, Event Topic, Operation Result, Check Operator Information
Table. Data Flow Services Job History Tab Detailed Information Items

Terminate Data Flow Services

You can cancel unused Data Flow Services to reduce operating costs. However, if you cancel the service, the running service may be stopped immediately, so you should thoroughly consider the impact of service interruption before proceeding with the cancellation.

To cancel Data Flow or Data Flow Services, follow the steps below.

  1. Click the All Services > Data Analytics > Data Flow menu. You will be taken to the Service Home page of Data Flow.
  2. On the Service Home page, click the Data Flow Services menu. You will be taken to the Data Flow Services list page.
  3. On the Data Flow Services List page, select the resource to cancel, and click the Data Flow Services Delete button.
  4. When termination is complete, check on the Data Flow Services list page whether the resource has been terminated.
information
  • If you cancel Data Flow Services, the created namespace will also be deleted.

2.2 - Install Ingress Controller

The user must install an Ingress Controller before creating a Data Flow service. Only one Ingress Controller should be installed in the Kubernetes cluster.

Installing Ingress Controller using Container Registry

Follow these steps to install the Ingress Controller using the Container Registry.

For detailed instructions on creating a Container Registry, see the Container > Container Registry > How-to guides guide.
  1. After checking the service domain, download the corresponding Ingress Controller image file.
    Console DomainYaml file
    https://console.kr-west1.e.samsungsdscloud.com/consoleIngressController For Enterprise (KR-WEST1)
    https://console.kr-east1.e.samsungsdscloud.com/consoleIngressController For Enterprise (KR-EAST1)
    https://console.kr-west1.s.samsungsdscloud.com/console/IngressController For Samsung (KR-WEST1)
    https://console.kr-east1.s.samsungsdscloud.com/console/IngressController For Samsung (KR-EAST1)
    Table. Yaml file by domain
  2. Click the All Services > Container > Kubernetes Engine > Workloads > Pods menu. You will be taken to the Pod List page.
  3. Click the Create Object button. The Create Object popup window opens.
  4. After selecting the cluster where you will install Data Flow, copy and paste the contents of the Yaml file.
  5. Click the Confirm button to complete the installation. The installed Ingress Controller can be viewed in the list.
Reference
For detailed object creation methods, refer to Container > Kubernetes Engine > Creating a Deployment.

IngressController For Enterprise (KR-WEST1)

Color mode
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-west1.e.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-west1.e.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
code block. IngressController_west1_e.yaml

IngressController For Enterprise (KR-EAST1)

Color mode
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - 
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-east1.e.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - 
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-east1.e.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
code block. IngressController_east1_e.yaml

IngressController For Samsung (KR-WESTT1)

Color mode
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-west1.s.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-west1.s.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
Code block. IngressController_west1_s.yaml

IngressController For Samsung (KR-EAST1)

Color mode
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - 
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-east1.s.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  name: dss-ingress
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
rules:
- apiGroups:
  - ""
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resourceNames:
  - dss-ingress-nginx-leader
  resources:
  - leases
  verbs:
  - get
  - update
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
rules:
- apiGroups:
  - 
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - list
  - watch
- apiGroups:
  - 
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - 
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - 
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
  namespace: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dss-ingress
subjects:
- kind: ServiceAccount
  name: dss-ingress
  namespace: dss-ingress
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
  annotations-risk-level: Critical
kind: ConfigMap
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 30708
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31416
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-ingress-controller
  namespace: dss-ingress
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: dss-ingress
      app.kubernetes.io/name: dss-ingress
  strategy:
    rollingUpdate:
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: dss-ingress
        app.kubernetes.io/name: dss-ingress
        app.kubernetes.io/part-of: dss-ingress
        app.kubernetes.io/version: 1.12.3
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/dss-ingress-controller
        - --election-id=dss-ingress-nginx-leader
        - --controller-class=k8s.io/dss-ingress-controller
        - --ingress-class=dss-nginx
        - --configmap=$(POD_NAMESPACE)/dss-ingress-controller
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: brightixscr.scr.private.kr-east1.s.samsungsdscloud.com/brightics-df/nginx-ingress-controller:v1.12.3
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 82
          runAsNonRoot: true
          runAsUser: 101
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: dss-ingress
      terminationGracePeriodSeconds: 300
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
  labels:
    app: ingress-controller
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: dss-ingress
    app.kubernetes.io/name: dss-ingress
    app.kubernetes.io/part-of: dss-ingress
    app.kubernetes.io/version: 1.12.3
  name: dss-nginx
spec:
  controller: k8s.io/dss-ingress-controller
Code block. IngressController_east1_s.yaml

3 - API Reference

API Reference

4 - CLI Reference

CLI Reference

5 - Release Note

Data Flow

2025.04.28
NEW Data Flow service official version release
  • The Data Flow service, which extracts, transforms, and transfers data from various sources and automates data processing workflows, has been launched.
  • Provides the open-source Apache NiFi.