Gitiles
Code Review Sign In
source.supwisdom.com / institute / deploy-authx-service / ee2e56fd7e43815fc009a54dba30b2b60570d3f3 / . / deploy-manifests / k8s-rancher / 1.authx-service / 0.authx-service / 2.authx-service-minio.yaml
blob: 5c882123bb120b9c93193a72c52c36d7aec8b95f [file] [log] [blame]
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]1# 2.authx-service-minio.yaml
2
3####################################################
4# minio
5# 文件服务器,对象存储
6####################################################
7
刘洪青a43a0082020-09-28 16:25:27 +0800[diff] [blame]8# 手动初始化默认的图片
9#
刘洪青fa0a5a22020-10-14 16:11:43 +0800[diff] [blame]10# 访问 https://authx-minio.paas.xxx.edu.cn
刘洪青a43a0082020-09-28 16:25:27 +0800[diff] [blame]11# 登录 1y8N@8R@a_2u , 8pxlIe9#lN7Q
12# 创建 bucket:portrait,cas-server-site-ui
13# 将 portrait 目录下的 图片,上传到 portrait 中(此为用户的默认头像)
14# 将 cas-server-site-ui 目录下的 图片,上传到 cas-server-site-ui 中(此为认证登录界面上使用的图片,实际项目中,由UI进行设计后,替换)
15
刘洪青ee2e56f2020-10-21 16:18:12 +0800[diff] [blame^]16# 创建 bucket: security-center-ui ,并设置访问策略 * Read Only
17# 将 security-center-ui 目录下的 图片,上传到 security-center-ui 中(此为安全中心界面上使用的图片,由UI进行设计后,替换)
18
19
刘洪青a43a0082020-09-28 16:25:27 +0800[diff] [blame]20---
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]21apiVersion: v1
22kind: PersistentVolumeClaim
23metadata:
24 name: minio-data-pvc
25 namespace: authx-service
26spec:
27 accessModes:
28 - ReadWriteMany
29 # 根据情况修改
30 storageClassName: nfs-client
31 resources:
32 requests:
33 storage: 50Gi
34
35---
36apiVersion: v1
37kind: Secret
38metadata:
39 name: minio-env-secret
40 namespace: authx-service
41type: Opaque
42data:
43 # 修改 access_key,并使用 base64 工具进行编码
44 # 默认值:1y8N@8R@a_2u
45 MINIO_ACCESS_KEY: MXk4TkA4UkBhXzJ1
46 # 修改 secret_key,并使用 base64 工具进行编码
47 # 默认至:8pxlIe9#lN7Q
48 MINIO_SECRET_KEY: OHB4bEllOSNsTjdR
49
50
51---
52apiVersion: v1
53kind: Service
54metadata:
55 namespace: authx-service
56 name: minio-svc
57 labels:
58 app: minio
59spec:
60 ports:
61 - port: 9000
62 targetPort: http
63 protocol: TCP
64 name: http
65 selector:
66 app: minio
67---
68apiVersion: apps/v1
69kind: Deployment
70metadata:
71 namespace: authx-service
72 name: minio
73spec:
74 selector:
75 matchLabels:
76 app: minio
77 replicas: 1
78 template:
79 metadata:
80 labels:
81 app: minio
82 spec:
83 containers:
84 - name: minio
85 image: minio/minio:RELEASE.2020-04-23T00-58-49Z
86 imagePullPolicy: Always
87 args:
88 - "server"
89 - "/data"
90 ports:
91 - containerPort: 9000
92 name: http
93 envFrom:
94 - secretRef:
95 name: minio-env-secret
96 volumeMounts:
97 - mountPath: /data
98 name: minio-data
99 resources:
100 requests:
101 memory: "256Mi"
102 limits:
103 memory: "256Mi"
104 volumes:
105 - name: minio-data
106 persistentVolumeClaim:
107 claimName: minio-data-pvc
108
109
110# 该 ingress 配置可选,主要用于实施调试用
刘洪青d288d9c2020-09-07 12:21:47 +0800[diff] [blame]111---
112apiVersion: extensions/v1beta1
113kind: Ingress
114metadata:
115 name: minio-ingress
116 namespace: authx-service
刘洪青f3498be2020-10-12 16:22:44 +0800[diff] [blame]117 annotations:
118 nginx.ingress.kubernetes.io/proxy-body-size: 8m
刘洪青d288d9c2020-09-07 12:21:47 +0800[diff] [blame]119spec:
120 rules:
121 # 修改为学校的根域名
刘洪青fa0a5a22020-10-14 16:11:43 +0800[diff] [blame]122 - host: authx-minio.paas.xxx.edu.cn
刘洪青d288d9c2020-09-07 12:21:47 +0800[diff] [blame]123 http:
124 paths:
125 - path: /
126 backend:
127 serviceName: minio-svc
128 servicePort: http