deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml - institute/deploy-authx-service - Gitiles

 # cas-server-sa-api.yaml

 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: cas-server
   name: cas-server-sa-api-env
 data:
   SERVER_PORT: "8080"
   SSL_ENABLED: "false"
   #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
   #SSL_KEYSTORE_PASSWORD: ""
   #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
   #SSL_TRUSTSTORE_PASSWORD: ""

   SERVER_MAXHTTPHEADERSIZE: "10240"


   # SERVER_TOMCAT_ACCEPT_COUNT: "100"
   # SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
   # SERVER_TOMCAT_MAX_THREADS: "200"
   # SERVER_TOMCAT_MIN_SPARE_THREADS: "10"

   SERVICE_REFRESH_REDIS_TIMER_ENABLED: "true"
   ACCOUNT_REFRESH_REDIS_TIMER_ENABLED: "false"
   FEDERATION_REFRESH_REDIS_TIMER_ENABLED: "true"


   USER_DATA_SERVICE_SA_API_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
   USER_DATA_SERVICE_SA_API_CLIENT_AUTH_ENABLED: "false"
   #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
   #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore


 ---
 apiVersion: v1
 kind: Secret
 metadata:
   namespace: cas-server
   name: cas-server-sa-api-env-secret
 type: Opaque
 data:
   #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEY_PASSWORD: Y2xpZW50
   #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: Y2xpZW50
   #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: Y2xpZW50


 ---
 apiVersion: v1
 kind: Service
 metadata:
   namespace: cas-server
   name: cas-server-sa-api-svc
   labels:
     app: cas-server-sa-api
     needMonitor: 'true'
 spec:
   ports:
     - port: 8080
       targetPort: http
       protocol: TCP
       name: http
     - port: 6060
       targetPort: http-metrics
       protocol: TCP
       name: http-metrics
   selector:
     app: cas-server-sa-api
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: cas-server
   name: cas-server-sa-api
 spec:
   selector:
     matchLabels:
       app: cas-server-sa-api
   replicas: 1
   template:
     metadata:
       labels:
         app: cas-server-sa-api
     spec:
       containers:
       - name: cas-server-sa-api
         # 若使用了学校搭设的私有仓库，请修改
         image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.0.1-SNAPSHOT
         imagePullPolicy: Always
         ports:
         - containerPort: 8080
           name: http
         - containerPort: 6060
           name: http-metrics
         envFrom:
         - configMapRef:
             name: jvm-env
         - secretRef:
             name: datasource-env-secret
         - secretRef:
             name: redis-env-secret
         - secretRef:
             name: rabbitmq-env-secret
         - configMapRef:
             name: cas-server-sa-api-env
         - secretRef:
             name: cas-server-sa-api-env-secret
         resources:
           requests:
             memory: "512Mi"
           limits:
             memory: "512Mi"
         readinessProbe:
           httpGet:
             path: /actuator/health
             port: 8080
           initialDelaySeconds: 20
           periodSeconds: 5
           timeoutSeconds: 5
           successThreshold: 1
           failureThreshold: 10
       imagePullSecrets:
         - name: harbor-registry
	# cas-server-sa-api.yaml

	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	namespace: cas-server
	name: cas-server-sa-api-env
	data:
	SERVER_PORT: "8080"
	SSL_ENABLED: "false"
	#SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
	#SSL_KEYSTORE_PASSWORD: ""
	#SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
	#SSL_TRUSTSTORE_PASSWORD: ""

	SERVER_MAXHTTPHEADERSIZE: "10240"


	# SERVER_TOMCAT_ACCEPT_COUNT: "100"
	# SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
	# SERVER_TOMCAT_MAX_THREADS: "200"
	# SERVER_TOMCAT_MIN_SPARE_THREADS: "10"

	SERVICE_REFRESH_REDIS_TIMER_ENABLED: "true"
	ACCOUNT_REFRESH_REDIS_TIMER_ENABLED: "false"
	FEDERATION_REFRESH_REDIS_TIMER_ENABLED: "true"


	USER_DATA_SERVICE_SA_API_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
	USER_DATA_SERVICE_SA_API_CLIENT_AUTH_ENABLED: "false"
	#USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
	#USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore


	---
	apiVersion: v1
	kind: Secret
	metadata:
	namespace: cas-server
	name: cas-server-sa-api-env-secret
	type: Opaque
	data:
	#USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEY_PASSWORD: Y2xpZW50
	#USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: Y2xpZW50
	#USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: Y2xpZW50


	---
	apiVersion: v1
	kind: Service
	metadata:
	namespace: cas-server
	name: cas-server-sa-api-svc
	labels:
	app: cas-server-sa-api
	needMonitor: 'true'
	spec:
	ports:
	- port: 8080
	targetPort: http
	protocol: TCP
	name: http
	- port: 6060
	targetPort: http-metrics
	protocol: TCP
	name: http-metrics
	selector:
	app: cas-server-sa-api
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	namespace: cas-server
	name: cas-server-sa-api
	spec:
	selector:
	matchLabels:
	app: cas-server-sa-api
	replicas: 1
	template:
	metadata:
	labels:
	app: cas-server-sa-api
	spec:
	containers:
	- name: cas-server-sa-api
	# 若使用了学校搭设的私有仓库，请修改
	image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.0.1-SNAPSHOT
	imagePullPolicy: Always
	ports:
	- containerPort: 8080
	name: http
	- containerPort: 6060
	name: http-metrics
	envFrom:
	- configMapRef:
	name: jvm-env
	- secretRef:
	name: datasource-env-secret
	- secretRef:
	name: redis-env-secret
	- secretRef:
	name: rabbitmq-env-secret
	- configMapRef:
	name: cas-server-sa-api-env
	- secretRef:
	name: cas-server-sa-api-env-secret
	resources:
	requests:
	memory: "512Mi"
	limits:
	memory: "512Mi"
	readinessProbe:
	httpGet:
	path: /actuator/health
	port: 8080
	initialDelaySeconds: 20
	periodSeconds: 5
	timeoutSeconds: 5
	successThreshold: 1
	failureThreshold: 10
	imagePullSecrets:
	- name: harbor-registry