Gitiles
Code Review Sign In
source.supwisdom.com / institute / deploy-authx-service / a1bab1565f58809f97ac44ab6e9b931e51ae4718 / . / project / nwpu / k8s-rancher / 1.authx-service / 0.authx-service / 0.authx-service-base.yaml
blob: b37330a92a77b6935d2a09aece554f4a2fb9252d [file] [log] [blame]
刘洪青a1bab152022-03-11 14:30:36 +0800[diff] [blame^]1# 0.authx-service-base.yaml
2
3####################################################
4# supwisdom harbor private docker registry
5####################################################
6---
7apiVersion: v1
8kind: Secret
9type: kubernetes.io/dockerconfigjson
10metadata:
11 namespace: authx-service
12 name: harbor-registry
13data:
14 # 修改harbor仓库配置,并使用 base64 工具进行编码
15 # {"auths":{"harbor.supwisdom.com":{"password":"PWMgP85qiLFC","username":"rancher.devops"}}}
16 .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3Iuc3Vwd2lzZG9tLmNvbSI6eyJwYXNzd29yZCI6IlBXTWdQODVxaUxGQyIsInVzZXJuYW1lIjoicmFuY2hlci5kZXZvcHMifX19
17
18
19
20####################################################
21# redis-server
22####################################################
23
24---
25apiVersion: v1
26kind: PersistentVolumeClaim
27metadata:
28 namespace: authx-service
29 name: redis-data-pvc
30spec:
31 accessModes:
32 - ReadWriteMany
33 # 根据情况修改
34 storageClassName: nfs-client
35 resources:
36 requests:
37 storage: 10Gi
38
39---
40apiVersion: v1
41kind: Secret
42metadata:
43 namespace: authx-service
44 name: redis-server
45 labels:
46 app: redis
47 release: redis-server
48type: Opaque
49data:
50 REDIS_PASSWORD: OEt1d29zbE9pdXc3SA==
51---
52apiVersion: v1
53kind: Service
54metadata:
55 namespace: authx-service
56 name: redis-server
57 labels:
58 app: redis
59 release: redis-server
60spec:
61 ports:
62 - name: redis
63 port: 6379
64 protocol: TCP
65 targetPort: redis
66 selector:
67 app: redis
68 release: redis-server
69 role: master
70 type: ClusterIP
71---
72apiVersion: apps/v1
73kind: StatefulSet
74metadata:
75 namespace: authx-service
76 name: redis-server
77 labels:
78 app: redis
79 release: redis-server
80spec:
81 podManagementPolicy: OrderedReady
82 replicas: 1
83 revisionHistoryLimit: 10
84 selector:
85 matchLabels:
86 app: redis
87 release: redis-server
88 role: master
89 serviceName: redis-master
90 template:
91 metadata:
92 labels:
93 app: redis
94 release: redis-server
95 role: master
96 spec:
97 # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可,注意这里的缩进,imagePullSecrets要对齐到本行#符号)
98 # imagePullSecrets:
99 # - name: harbor-registry
100 containers:
101 - name: redis-server
102 env:
103 - name: REDIS_DISABLE_COMMANDS
104 value: FLUSHDB,FLUSHALL
105 - name: REDIS_REPLICATION_MODE
106 value: master
107 - name: REDIS_PASSWORD
108 valueFrom:
109 secretKeyRef:
110 name: redis-server
111 key: REDIS_PASSWORD
112 # 若使用了学校搭设的私有仓库,请修改
113 image: paas.harbor.nwpu.edu.cn/bitnami/redis:4.0
114 # 若使用了学校搭设的私有仓库,请修改 为 Always
115 imagePullPolicy: IfNotPresent
116 # imagePullPolicy: Always
117 livenessProbe:
118 exec:
119 command:
120 - redis-cli
121 - ping
122 failureThreshold: 5
123 initialDelaySeconds: 30
124 periodSeconds: 10
125 successThreshold: 1
126 timeoutSeconds: 5
127 ports:
128 - containerPort: 6379
129 name: redis
130 protocol: TCP
131 readinessProbe:
132 exec:
133 command:
134 - redis-cli
135 - ping
136 failureThreshold: 5
137 initialDelaySeconds: 5
138 periodSeconds: 10
139 successThreshold: 1
140 timeoutSeconds: 1
141 resources:
142 requests:
143 memory: "1024Mi"
144 limits:
145 memory: "1024Mi"
146 volumeMounts:
147 - mountPath: /bitnami/redis/data
148 name: redis-data
149 dnsPolicy: ClusterFirst
150 restartPolicy: Always
151 securityContext:
152 fsGroup: 0
153 # runAsUser: 1001
154 # https://github.com/bitnami/bitnami-docker-redis/issues/106#issuecomment-388884372
155 # runAsUser: 0
156 terminationGracePeriodSeconds: 30
157 volumes:
158 # - name: redis-data
159 # emptyDir: {}
160 - name: redis-data
161 persistentVolumeClaim:
162 claimName: redis-data-pvc
163 updateStrategy:
164 rollingUpdate:
165 partition: 0
166 type: RollingUpdate
167
168
169
170####################################################
171# rabbitmq-server
172####################################################
173---
174apiVersion: v1
175kind: Secret
176metadata:
177 namespace: authx-service
178 name: rabbitmq-server
179 labels:
180 app: rabbitmq
181 release: rabbitmq-server
182type: Opaque
183data:
184 RABBITMQ_USERNAME: Z3Vlc3Q=
185 RABBITMQ_PASSWORD: Z3Vlc3Q=
186---
187apiVersion: v1
188kind: Service
189metadata:
190 namespace: authx-service
191 name: rabbitmq-server
192 labels:
193 app: rabbitmq-server
194spec:
195 ports:
196 - port: 5672
197 targetPort: tcp-1
198 protocol: TCP
199 name: tcp-1
200 - port: 15672
201 targetPort: tcp-2
202 protocol: TCP
203 name: tcp-2
204 selector:
205 app: rabbitmq-server
206---
207apiVersion: apps/v1
208kind: Deployment
209metadata:
210 namespace: authx-service
211 name: rabbitmq-server
212spec:
213 selector:
214 matchLabels:
215 app: rabbitmq-server
216 replicas: 1
217 template:
218 metadata:
219 labels:
220 app: rabbitmq-server
221 annotations:
222 sidecar.istio.io/inject: "false"
223 spec:
224 # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可,注意对齐、缩进)
225 # imagePullSecrets:
226 # - name: harbor-registry
227 containers:
228 - name: rabbitmq-server
229 # 若使用了学校搭设的私有仓库,请修改
230 image: paas.harbor.nwpu.edu.cn/library/rabbitmq:management
231 # 若使用了学校搭设的私有仓库,请修改 为 Always
232 imagePullPolicy: IfNotPresent
233 # imagePullPolicy: Always
234 ports:
235 - containerPort: 5672
236 name: tcp-1
237 - containerPort: 15672
238 name: tcp-2
239 resources:
240 requests:
241 memory: "1024Mi"
242 limits:
243 memory: "1024Mi"