Gitiles
Code Review Sign In
source.supwisdom.com / institute / deploy-authx-service / 8cbef0e258aa0a72a9a80c14976f55aed3d05e0e / . / project / nwpu / k8s-rancher / 1.authx-service / 4.cas-server / 4.2.cas-server-sa-api.yaml
blob: 48b67339cba82db21aa3f53ac687466e614c6f50 [file] [log] [blame]
刘洪青a1bab152022-03-11 14:30:36 +0800[diff] [blame]1# cas-server-sa-api.yaml
2
3---
4apiVersion: v1
5kind: ConfigMap
6metadata:
7 namespace: cas-server
8 name: cas-server-sa-api-env
9data:
10 SERVER_PORT: "8080"
11 SSL_ENABLED: "false"
12 #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
13 #SSL_KEYSTORE_PASSWORD: ""
14 #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
15 #SSL_TRUSTSTORE_PASSWORD: ""
16
17 SERVER_MAXHTTPHEADERSIZE: "10240"
18
19 SERVER_TOMCAT_ACCEPT_COUNT: "5000"
20 SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
21 SERVER_TOMCAT_MAX_THREADS: "800"
22 SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
23
24
25 SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
26 SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
27 SPRING_DATASOURCE_DRUID_MIN_IDLE: "10"
28
29 SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
30 SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
31 SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
32
33
34 SERVICE_REFRESH_REDIS_TIMER_ENABLED: "true"
35 ACCOUNT_REFRESH_REDIS_TIMER_ENABLED: "false"
36 FEDERATION_REFRESH_REDIS_TIMER_ENABLED: "true"
37
38
39 USER_DATA_SERVICE_SA_API_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
40 USER_DATA_SERVICE_SA_API_CLIENT_AUTH_ENABLED: "false"
41 #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
42 #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
43
44
刘洪青f69336e2022-03-15 13:50:11 +0800[diff] [blame]45 AUTHX_LOG_ENABLED: "true"
46 AUTHX_LOG_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local
47 AUTHX_LOG_RABBITMQ_PORT: "5672"
48 AUTHX_LOG_RABBITMQ_USERNAME: guest
49 AUTHX_LOG_RABBITMQ_PASSWORD: guest
50
51
刘洪青a1bab152022-03-11 14:30:36 +0800[diff] [blame]52---
53apiVersion: v1
54kind: Secret
55metadata:
56 namespace: cas-server
57 name: cas-server-sa-api-env-secret
58type: Opaque
59data:
60 #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEY_PASSWORD: Y2xpZW50
61 #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: Y2xpZW50
62 #USER_DATA_SERVICE_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: Y2xpZW50
63
64
65---
66apiVersion: v1
67kind: Service
68metadata:
69 namespace: cas-server
70 name: cas-server-sa-api-svc
71 labels:
72 app: cas-server-sa-api
73 needMonitor: 'true'
74spec:
75 ports:
76 - port: 8080
77 targetPort: http
78 protocol: TCP
79 name: http
80 - port: 6060
81 targetPort: http-metrics
82 protocol: TCP
83 name: http-metrics
84 selector:
85 app: cas-server-sa-api
86---
87apiVersion: apps/v1
88kind: Deployment
89metadata:
90 namespace: cas-server
91 name: cas-server-sa-api
92spec:
93 selector:
94 matchLabels:
95 app: cas-server-sa-api
96 replicas: 1
97 template:
98 metadata:
99 labels:
100 app: cas-server-sa-api
101 spec:
102 containers:
103 - name: cas-server-sa-api
104 # 若使用了学校搭设的私有仓库,请修改
刘洪青f69336e2022-03-15 13:50:11 +0800[diff] [blame]105 image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-sa-api:1.4.4-SNAPSHOT
刘洪青a1bab152022-03-11 14:30:36 +0800[diff] [blame]106 imagePullPolicy: Always
107 ports:
108 - containerPort: 8080
109 name: http
110 - containerPort: 6060
111 name: http-metrics
112 envFrom:
113 - configMapRef:
114 name: jvm-env
115 - secretRef:
116 name: datasource-env-secret
117 - secretRef:
118 name: redis-env-secret
119 - secretRef:
120 name: rabbitmq-env-secret
121 - configMapRef:
122 name: cas-server-sa-api-env
123 - secretRef:
124 name: cas-server-sa-api-env-secret
125 resources:
126 requests:
127 memory: "512Mi"
128 limits:
129 memory: "512Mi"
130 readinessProbe:
131 httpGet:
132 path: /actuator/health
133 port: 8080
134 initialDelaySeconds: 20
135 periodSeconds: 5
136 timeoutSeconds: 5
137 successThreshold: 1
138 failureThreshold: 10
139 imagePullSecrets:
140 - name: harbor-registry
141