| # cas-server-sa-api.yaml |
| |
| --- |
| apiVersion: v1 |
| kind: ConfigMap |
| metadata: |
| namespace: cas-server |
| name: cas-server-sa-api-env |
| data: |
| SERVER_PORT: "8080" |
| SSL_ENABLED: "false" |
| #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore |
| #SSL_KEYSTORE_PASSWORD: "" |
| #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore |
| #SSL_TRUSTSTORE_PASSWORD: "" |
| |
| SERVER_MAXHTTPHEADERSIZE: "10240" |
| |
| SERVER_TOMCAT_ACCEPT_COUNT: "5000" |
| SERVER_TOMCAT_MAX_CONNECTIONS: "10000" |
| SERVER_TOMCAT_MAX_THREADS: "800" |
| SERVER_TOMCAT_MIN_SPARE_THREADS: "100" |
| |
| |
| SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10" |
| SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20" |
| SPRING_DATASOURCE_DRUID_MIN_IDLE: "10" |
| |
| SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800" |
| SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100" |
| SPRING_REDIS_JEDIS_POOL_MINIDLE: "100" |
| |
| |
| SERVICE_REFRESH_REDIS_TIMER_ENABLED: "true" |
| ACCOUNT_REFRESH_REDIS_TIMER_ENABLED: "false" |
| FEDERATION_REFRESH_REDIS_TIMER_ENABLED: "true" |
| |
| |
| USER_DATA_SERVICE_SA_API_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080 |
| USER_DATA_SERVICE_SA_API_CLIENT_AUTH_ENABLED: "false" |
| #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore |
| #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore |
| |
| |
| --- |
| apiVersion: v1 |
| kind: Secret |
| metadata: |
| namespace: cas-server |
| name: cas-server-sa-api-env-secret |
| type: Opaque |
| data: |
| #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEY_PASSWORD: Y2xpZW50 |
| #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: Y2xpZW50 |
| #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: Y2xpZW50 |
| |
| |
| --- |
| apiVersion: v1 |
| kind: Service |
| metadata: |
| namespace: cas-server |
| name: cas-server-sa-api-svc |
| labels: |
| app: cas-server-sa-api |
| needMonitor: 'true' |
| spec: |
| ports: |
| - port: 8080 |
| targetPort: http |
| protocol: TCP |
| name: http |
| - port: 6060 |
| targetPort: http-metrics |
| protocol: TCP |
| name: http-metrics |
| selector: |
| app: cas-server-sa-api |
| --- |
| apiVersion: apps/v1 |
| kind: Deployment |
| metadata: |
| namespace: cas-server |
| name: cas-server-sa-api |
| spec: |
| selector: |
| matchLabels: |
| app: cas-server-sa-api |
| replicas: 1 |
| template: |
| metadata: |
| labels: |
| app: cas-server-sa-api |
| spec: |
| containers: |
| - name: cas-server-sa-api |
| # 若使用了学校搭设的私有仓库,请修改 |
| image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.1.10-RELEASE |
| imagePullPolicy: Always |
| ports: |
| - containerPort: 8080 |
| name: http |
| - containerPort: 6060 |
| name: http-metrics |
| envFrom: |
| - configMapRef: |
| name: jvm-env |
| - secretRef: |
| name: datasource-env-secret |
| - secretRef: |
| name: redis-env-secret |
| - secretRef: |
| name: rabbitmq-env-secret |
| - configMapRef: |
| name: cas-server-sa-api-env |
| - secretRef: |
| name: cas-server-sa-api-env-secret |
| resources: |
| requests: |
| memory: "512Mi" |
| limits: |
| memory: "512Mi" |
| readinessProbe: |
| httpGet: |
| path: /actuator/health |
| port: 8080 |
| initialDelaySeconds: 20 |
| periodSeconds: 5 |
| timeoutSeconds: 5 |
| successThreshold: 1 |
| failureThreshold: 10 |
| imagePullSecrets: |
| - name: harbor-registry |
| |