Blame - project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml - institute/deploy-authx-service

blob: 18160d3a8c9c292af1562ab7b01adca74f891823 [file] [log] [blame]

刘洪青	a1bab15	2022-03-11 14:30:36 +0800	[diff] [blame]	1	# 4.4.authx-service-bff.yaml
				2
				3	---
				4	apiVersion: v1
				5	kind: ConfigMap
				6	metadata:
				7	namespace: authx-service
				8	name: authx-service-bff-env
				9	data:
				10	SERVER_PORT: "8080"
				11	SSL_ENABLED: "false"
				12	#SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
				13	#SSL_KEYSTORE_PASSWORD: ""
				14	#SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
				15	#SSL_TRUSTSTORE_PASSWORD: ""
				16
				17	SERVER_MAXHTTPHEADERSIZE: "10240"
				18
				19	SERVER_TOMCAT_ACCEPT_COUNT: "5000"
				20	SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
				21	SERVER_TOMCAT_MAX_THREADS: "800"
				22	SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
				23
				24	LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_AUTHX_SERVICE_BFF: INFO
				25
				26
				27	SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
				28	SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
				29	SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
				30
				31
				32	CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080
				33	CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
				34	#CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
				35	#CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
				36	#CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
				37	#CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
				38	#CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
				39
				40	USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
				41	USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
				42	#USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
				43	#USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
				44	#USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
				45	#USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
				46	#USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
				47
				48	USER_AUTHZ_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service.svc.cluster.local:8080
				49	USER_AUTHZ_SERVICE_CLIENT_AUTH_ENABLED: "false"
				50	#USER_AUTHZ_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
				51	#USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
				52	#USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
				53	#USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
				54	#USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
				55
				56
				57	TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
				58	TPAS_CLIENT_AUTH_ENABLED: "false"
				59	#TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
				60	#TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
				61	#TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
				62	#TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
				63	#TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
				64
刘洪青	f69336e	2022-03-15 13:50:11 +0800	[diff] [blame^]	65
				66	AUTHX_LOG_ENABLED: "true"
				67	AUTHX_LOG_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local
				68	AUTHX_LOG_RABBITMQ_PORT: "5672"
				69	AUTHX_LOG_RABBITMQ_USERNAME: guest
				70	AUTHX_LOG_RABBITMQ_PASSWORD: guest
				71
				72
刘洪青	a1bab15	2022-03-11 14:30:36 +0800	[diff] [blame]	73	---
				74	apiVersion: v1
				75	kind: Service
				76	metadata:
				77	namespace: authx-service
				78	name: authx-service-bff-svc
				79	labels:
				80	app: authx-service-bff
				81	needMonitor: 'true'
				82	spec:
				83	ports:
				84	- port: 8080
				85	targetPort: http
				86	protocol: TCP
				87	name: http
				88	- port: 6060
				89	targetPort: http-metrics
				90	protocol: TCP
				91	name: http-metrics
				92	selector:
				93	app: authx-service-bff
				94
				95	---
				96	apiVersion: apps/v1
				97	kind: Deployment
				98	metadata:
				99	namespace: authx-service
				100	name: authx-service-bff
				101	spec:
				102	selector:
				103	matchLabels:
				104	app: authx-service-bff
				105	replicas: 1
				106	template:
				107	metadata:
				108	labels:
				109	app: authx-service-bff
				110	spec:
				111	containers:
				112	- name: authx-service-bff
刘洪青	f69336e	2022-03-15 13:50:11 +0800	[diff] [blame^]	113	image: paas.harbor.nwpu.edu.cn/authx-service/authx-service-bff:1.4.4-RELEASE
刘洪青	a1bab15	2022-03-11 14:30:36 +0800	[diff] [blame]	114	imagePullPolicy: Always
				115	ports:
				116	- containerPort: 8080
				117	name: http
				118	- containerPort: 6060
				119	name: http-metrics
				120	envFrom:
				121	- configMapRef:
				122	name: jvm-env
				123	- secretRef:
				124	name: redis-env-secret
				125	- configMapRef:
				126	name: authx-service-bff-env
				127	resources:
				128	requests:
				129	memory: "1024Mi"
				130	limits:
				131	memory: "1024Mi"
				132	readinessProbe:
				133	httpGet:
				134	path: /actuator/health
				135	port: 8080
				136	initialDelaySeconds: 20
				137	periodSeconds: 5
				138	timeoutSeconds: 5
				139	successThreshold: 1
				140	failureThreshold: 10
				141	imagePullSecrets:
				142	- name: harbor-registry