Blame - project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml - institute/deploy-authx-service

blob: af1e69e300ee14fd7a6d3474b2d18cdcf70d9593 [file] [log] [blame]

刘洪青	a1bab15	2022-03-11 14:30:36 +0800	[diff] [blame]	1	# cas-server-security-engine.yaml
				2
				3	---
				4	apiVersion: v1
				5	kind: Secret
				6	metadata:
				7	namespace: cas-server
				8	name: cas-server-security-engine-env-secret
				9	type: Opaque
				10	data:
				11	#CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: Y2xpZW50
				12	#CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: Y2xpZW50
				13	#CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: Y2xpZW50
				14
				15	---
				16	apiVersion: v1
				17	kind: ConfigMap
				18	metadata:
				19	namespace: cas-server
				20	name: cas-server-security-engine-env
				21	data:
				22	CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080
				23	CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
				24	#CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
				25	#CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
				26
				27
刘洪青	30eaba3	2022-03-14 16:17:16 +0800	[diff] [blame]	28	#ipaddr
				29	IPADDR_API_URL: http://ipaddr.ipaddr.svc.cluster.local:9090/v1/find
				30
				31
刘洪青	a1bab15	2022-03-11 14:30:36 +0800	[diff] [blame]	32	---
				33	apiVersion: v1
				34	kind: Service
				35	metadata:
				36	namespace: cas-server
				37	name: cas-server-security-engine-svc
				38	labels:
				39	app: cas-server-security-engine
				40	needMonitor: 'true'
				41	spec:
				42	ports:
				43	- port: 6060
				44	targetPort: http-metrics
				45	protocol: TCP
				46	name: http-metrics
				47	selector:
				48	app: cas-server-security-engine
				49
				50	---
				51	apiVersion: apps/v1
				52	kind: Deployment
				53	metadata:
				54	namespace: cas-server
				55	name: cas-server-security-engine
				56	spec:
				57	selector:
				58	matchLabels:
				59	app: cas-server-security-engine
				60	replicas: 1
				61	template:
				62	metadata:
				63	labels:
				64	app: cas-server-security-engine
				65	spec:
				66	containers:
				67	- name: cas-server-security-engine
				68	# 若使用了学校搭设的私有仓库，请修改
刘洪青	f69336e	2022-03-15 13:50:11 +0800	[diff] [blame]	69	image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-security-engine:1.4.4-SNAPSHOT
刘洪青	a1bab15	2022-03-11 14:30:36 +0800	[diff] [blame]	70	imagePullPolicy: Always
				71	ports:
				72	- containerPort: 6060
				73	name: http-metrics
				74	envFrom:
				75	- configMapRef:
				76	name: jvm-env
				77	- secretRef:
				78	name: datasource-env-secret
				79	- secretRef:
				80	name: rabbitmq-env-secret
				81	- configMapRef:
				82	name: cas-server-security-engine-env
				83	- secretRef:
				84	name: cas-server-security-engine-env-secret
				85	resources:
				86	requests:
				87	memory: "512Mi"
				88	limits:
				89	memory: "512Mi"
				90	imagePullSecrets:
				91	- name: harbor-registry
				92