| # 4.5.developer-center-gateway-zuul.yaml |
| |
| --- |
| apiVersion: v1 |
| kind: ConfigMap |
| metadata: |
| namespace: develop-center-test |
| name: developer-center-gateway-zuul-env |
| data: |
| SERVER_PORT: "8080" |
| SSL_ENABLED: "false" |
| #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore |
| #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore |
| |
| SERVER_MAXHTTPHEADERSIZE: "10240" |
| |
| # SERVER_TOMCAT_MAX_CONNECTIONS: "10000" |
| # SERVER_TOMCAT_ACCEPT_COUNT: "5000" |
| # SERVER_TOMCAT_MAX_THREADS: "800" |
| # SERVER_TOMCAT_MIN_SPARE_THREADS: "100" |
| # SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800" |
| |
| ZUUL_HOST_MAX_PER_ROUTE_CONNECTIONS: "1000" |
| ZUUL_HOST_MAX_TOTAL_CONNECTIONS: "1000" |
| ZUUL_SEMAPHORE_MAX_SEMAPHORES: "10000" |
| |
| |
| INFRAS_SECURITY_BASIC_ENABLED: "false" |
| INFRAS_SECURITY_JWT_ENABLED: "true" |
| |
| INFRAS_SECURITY_JWT_TOKEN_GENERATE_TYPE: cas |
| INFRAS_SECURITY_JWT_TOKEN_DECRYPT_KEY_PRIVATE_KEY_PEM_PKCS8: "" |
| INFRAS_SECURITY_JWT_TOKEN_SIGNING_KEY_URL: "https://cas-test.paas.newcapec.cn/cas/jwt/publicKey" |
| INFRAS_SECURITY_JWT_PUBLIC_KEY_PEM: "" |
| INFRAS_SECURITY_JWT_PRIVATE_KEY_PEM_PKCS8: "" |
| |
| |
| INFRAS_SECURITY_CAS_ENABLED: "true" |
| #这里的地址对应ingress配置文件里网关服务的对外地址 |
| APP_SERVER_HOST_URL: "https://dev-center-test.paas.newcapec.cn" |
| #APP_LOGIN_URL: "/cas/login" |
| #APP_LOGOUT_URL: "/cas/logout" |
| CAS_SERVER_HOST_URL: "https://cas-test.paas.newcapec.cn/cas" |
| |
| |
| ## |
| # userDetailsService 的实现配置 |
| # memery,基于内存,用户名任意,角色固定,一般用于开发调试 |
| # authn, 基于后端管理,采用本地帐号、角色的数据接口 |
| # sa, 中台后端服务,建议和cas一起使用 |
| # |
| DEVELOPER_CENTER_GATEWAY_ZUUL_SECURITY_USERDETAILS_SERVICE_IMPL: sa |
| |
| |
| ## 用户授权服务 |
| # USER_AUTHORIZATION_SERVICE_APPLICATION_ID: "6" |
| |
| |
| ZUUL_HTTPCLIENT_CLIENT_AUTH_ENABLED: "false" |
| #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEY_PASSWORD: "" |
| #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore |
| #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEYSTORE_PASSWORD: "" |
| |
| DEVELOPER_CENTER_SA_SERVER_URL: http://developer-center-backend-sa-svc.develop-center-test.svc.cluster.local:8080 |
| DEVELOPER_CENTER_SA_CLIENT_AUTH_ENABLED: "false" |
| #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEY_PASSWORD: "" |
| #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore |
| #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: "" |
| #DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore |
| #DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: "" |
| |
| USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service-test.svc.cluster.local:8080 |
| USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false" |
| #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: "" |
| #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore |
| #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: "" |
| #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore |
| #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: "" |
| |
| USER_AUTHZ_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service-test.svc.cluster.local:8080 |
| USER_AUTHZ_SERVICE_CLIENT_AUTH_ENABLED: "false" |
| #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEY_PASSWORD: "" |
| #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore |
| #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: "" |
| #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore |
| #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: "" |
| |
| ZUUL_ROUTES_BFF_ABILITY_MESSAGE_URL: http://message-manager-test.paas.newcapec.cn/manager/api/v1 |
| ZUUL_ROUTES_BFF_ADMIN_URL: http://developer-center-bff-svc.develop-center-test.svc.cluster.local:8080 |
| ZUUL_ROUTES_BFF_PORTAL_URL: http://developer-center-bff-svc.develop-center-test.svc.cluster.local:8080 |
| |
| --- |
| apiVersion: v1 |
| kind: Secret |
| metadata: |
| namespace: develop-center-test |
| name: developer-center-gateway-zuul-env-secret |
| type: Opaque |
| data: |
| #SSL_KEYSTORE_PASSWORD: "" |
| #SSL_TRUSTSTORE_PASSWORD: "" |
| |
| --- |
| apiVersion: v1 |
| kind: Service |
| metadata: |
| namespace: develop-center-test |
| name: developer-center-gateway-zuul-svc |
| labels: |
| app: developer-center-gateway-zuul |
| needMonitor: 'true' |
| spec: |
| ports: |
| - port: 8080 |
| targetPort: http |
| protocol: TCP |
| name: http |
| - port: 6060 |
| targetPort: http-metrics |
| protocol: TCP |
| name: http-metrics |
| selector: |
| app: developer-center-gateway-zuul |
| --- |
| apiVersion: apps/v1 |
| kind: Deployment |
| metadata: |
| namespace: develop-center-test |
| name: developer-center-gateway-zuul |
| spec: |
| selector: |
| matchLabels: |
| app: developer-center-gateway-zuul |
| replicas: 1 |
| template: |
| metadata: |
| labels: |
| app: developer-center-gateway-zuul |
| spec: |
| containers: |
| - name: developer-center-gateway-zuul |
| image: harbor.supwisdom.com/developer-center/developer-center-gateway-zuul:1.0.0-SNAPSHOT-DEV |
| imagePullPolicy: Always |
| ports: |
| - containerPort: 8080 |
| name: http |
| - containerPort: 6060 |
| name: http-metrics |
| envFrom: |
| - configMapRef: |
| name: jvm-env |
| - secretRef: |
| name: datasource-env-secret |
| - secretRef: |
| name: developer-center-gateway-zuul-env-secret |
| - configMapRef: |
| name: developer-center-gateway-zuul-env |
| resources: |
| requests: |
| memory: "400Mi" |
| limits: |
| memory: "400Mi" |
| readinessProbe: |
| httpGet: |
| path: /actuator/health |
| port: 8080 |
| initialDelaySeconds: 20 |
| periodSeconds: 5 |
| timeoutSeconds: 5 |
| successThreshold: 1 |
| failureThreshold: 10 |
| imagePullSecrets: |
| - name: harbor-registry |
| |