commit d0187d0aad431504515d724f0d75a0e731c2bddc
author 刘洪青 <loie.engine@gmail.com> 周三 8月 19 14:55:05 2020 +0800
committer 刘洪青 <loie.engine@gmail.com> 周三 8月 19 14:55:05 2020 +0800
tree ff93974861a146b835300d3cebc99a68fb37fe9a
parent 592c6b3c9834af4a2fe1aa1c06654b158fd20ed7

chore: 新增新开普郑州测试环境的部署脚本

project/newcapec-test/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml

diff --git a/project/newcapec-test/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml b/project/newcapec-test/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
new file mode 100644
index 0000000..bf0ba41
--- /dev/null
+++ b/project/newcapec-test/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml
@@ -0,0 +1,88 @@
+# cas-server-security-engine.yaml
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  namespace: cas-server-test
+  name: cas-server-security-engine-env-secret
+type: Opaque
+data:
+  #CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: Y2xpZW50
+  #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: Y2xpZW50
+  #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: Y2xpZW50
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: cas-server-test
+  name: cas-server-security-engine-env
+data:
+  CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server-test.svc.cluster.local:8080
+  CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
+  #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+  #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  namespace: cas-server-test
+  name: cas-server-security-engine-svc
+  labels:
+    app: cas-server-security-engine
+    needMonitor: 'true'
+spec:
+  ports:
+    - port: 6060
+      targetPort: http-metrics
+      protocol: TCP
+      name: http-metrics
+  selector:
+    app: cas-server-security-engine
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: cas-server-test
+  name: cas-server-security-engine
+spec:
+  selector:
+    matchLabels:
+      app: cas-server-security-engine
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: cas-server-security-engine
+    spec:
+      containers:
+      - name: cas-server-security-engine
+        # 若使用了学校搭设的私有仓库，请修改
+        image: harbor.supwisdom.com/cas-server/cas-server-security-engine:1.0.0-SNAPSHOT
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 6060
+          name: http-metrics
+        envFrom:
+        - configMapRef:
+            name: jvm-env
+        - secretRef:
+            name: datasource-env-secret
+        - secretRef:
+            name: rabbitmq-env-secret
+        - configMapRef:
+            name: cas-server-security-engine-env
+        - secretRef:
+            name: cas-server-security-engine-env-secret
+        resources:
+          requests:
+            memory: "400Mi"
+          limits:
+            memory: "400Mi"
+      imagePullSecrets:
+        - name: harbor-registry
+