apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/name: pomerium
  name: pomerium-metrics
  namespace: pomerium
spec:
  ports:
    - { name: metrics, port: 9090, protocol: TCP, targetPort: metrics }
  selector: { app.kubernetes.io/name: pomerium }
  type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/name: pomerium
  name: pomerium-proxy
  namespace: pomerium
spec:
  ports:
    - { name: https, port: 443, protocol: TCP, targetPort: https }
    - { name: http, port: 80, protocol: TCP, targetPort: http }
  selector: { app.kubernetes.io/name: pomerium }
  type: LoadBalancer
  externalIPs:
  # this would be the fastest if we're running on ditto
    - 10.5.0.7
  # prime forwards to this
    - 10.5.0.1
  # local dns picks this
    - 10.2.0.1