Gitiles
Code Review Sign In
source.supwisdom.com / institute / deploy-authx-service / 61f18c2800ff0722864f05d7fb9e537b17b0a801 / . / deploy-manifests / k8s-rancher / 1.authx-service / 0.authx-service / 4.4.authx-service-bff.yaml
blob: c535c4622ab2fd0ca1bca138516e1990f179571b [file] [log] [blame]
刘洪青c04a9b52021-01-18 22:12:09 +0800[diff] [blame]1# 4.4.authx-service-bff.yaml
2
3---
4apiVersion: v1
5kind: ConfigMap
6metadata:
7 namespace: authx-service
8 name: authx-service-bff-env
9data:
10 SERVER_PORT: "8080"
11 SSL_ENABLED: "false"
12 #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
13 #SSL_KEYSTORE_PASSWORD: ""
14 #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
15 #SSL_TRUSTSTORE_PASSWORD: ""
16
17 SERVER_MAXHTTPHEADERSIZE: "10240"
18
19 SERVER_TOMCAT_ACCEPT_COUNT: "5000"
20 SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
21 SERVER_TOMCAT_MAX_THREADS: "800"
22 SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
23
24 LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_AUTHX_SERVICE_BFF: INFO
25
26
27 SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
28 SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
29 SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
30
31
刘洪青eaacb622021-08-19 15:31:41 +0800[diff] [blame]32 UNIAUTH_BASIC_AUTH_USERNAME: saadmin
33 UNIAUTH_BASIC_AUTH_PASSWORD: saadminfoobar
34
35
刘洪青c04a9b52021-01-18 22:12:09 +0800[diff] [blame]36 CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080
37 CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
38 #CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
39 #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
40 #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
41 #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
42 #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
43
44 USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
45 USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
46 #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
47 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
48 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
49 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
50 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
51
52 USER_AUTHZ_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service.svc.cluster.local:8080
53 USER_AUTHZ_SERVICE_CLIENT_AUTH_ENABLED: "false"
54 #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
55 #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
56 #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
57 #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
58 #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
59
刘洪青eaacb622021-08-19 15:31:41 +0800[diff] [blame]60 UNIAUTH_SERVER_SA_API_SERVER_URL: http://uniauth-prod-backend.uniauth.svc.cluster.local:9090
61 UNIAUTH_SERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
62 #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
63 #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
64 #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
65 #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
66 #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
67
刘洪青c04a9b52021-01-18 22:12:09 +0800[diff] [blame]68
69 TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
70 TPAS_CLIENT_AUTH_ENABLED: "false"
71 #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
72 #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
73 #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
74 #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
75 #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
76
刘洪青42b5b062021-09-18 11:21:41 +0800[diff] [blame]77
78 AUTHX_LOG_ENABLED: "true"
79 AUTHX_LOG_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local
80 AUTHX_LOG_RABBITMQ_PORT: "5672"
81 AUTHX_LOG_RABBITMQ_USERNAME: guest
82 AUTHX_LOG_RABBITMQ_PASSWORD: guest
83
84
刘洪青c04a9b52021-01-18 22:12:09 +0800[diff] [blame]85---
86apiVersion: v1
87kind: Service
88metadata:
89 namespace: authx-service
90 name: authx-service-bff-svc
91 labels:
92 app: authx-service-bff
93 needMonitor: 'true'
94spec:
95 ports:
96 - port: 8080
97 targetPort: http
98 protocol: TCP
99 name: http
100 - port: 6060
101 targetPort: http-metrics
102 protocol: TCP
103 name: http-metrics
104 selector:
105 app: authx-service-bff
106
107---
108apiVersion: apps/v1
109kind: Deployment
110metadata:
111 namespace: authx-service
112 name: authx-service-bff
113spec:
114 selector:
115 matchLabels:
116 app: authx-service-bff
117 replicas: 1
118 template:
119 metadata:
120 labels:
121 app: authx-service-bff
122 spec:
123 containers:
124 - name: authx-service-bff
刘洪青42b5b062021-09-18 11:21:41 +0800[diff] [blame]125 image: harbor.supwisdom.com/authx-service/authx-service-bff:1.4.0-RELEASE
刘洪青c04a9b52021-01-18 22:12:09 +0800[diff] [blame]126 imagePullPolicy: Always
127 ports:
128 - containerPort: 8080
129 name: http
130 - containerPort: 6060
131 name: http-metrics
132 envFrom:
133 - configMapRef:
134 name: jvm-env
135 - secretRef:
136 name: redis-env-secret
137 - configMapRef:
138 name: authx-service-bff-env
139 resources:
140 requests:
刘洪青9d7b2022021-06-26 11:41:43 +0800[diff] [blame]141 memory: "1024Mi"
刘洪青c04a9b52021-01-18 22:12:09 +0800[diff] [blame]142 limits:
刘洪青9d7b2022021-06-26 11:41:43 +0800[diff] [blame]143 memory: "1024Mi"
刘洪青c04a9b52021-01-18 22:12:09 +0800[diff] [blame]144 readinessProbe:
145 httpGet:
146 path: /actuator/health
147 port: 8080
148 initialDelaySeconds: 20
149 periodSeconds: 5
150 timeoutSeconds: 5
151 successThreshold: 1
152 failureThreshold: 10
153 imagePullSecrets:
154 - name: harbor-registry