Gitiles
Code Review Sign In
source.supwisdom.com / institute / deploy-open-platform / dc28f6caf736a118634fe66a302e28bd5d353da6 / . / deploy-manifests / k8s-rancher / open-platfprm / 4.5.developer-center-gateway-zuul.yaml
blob: 1fc0e1a4f7c69d206f8692f457337f0e21706577 [file] [log] [blame]
haojt43c0a962020-10-28 14:30:58 +0800[diff] [blame]1# 4.5.developer-center-gateway-zuul.yaml
2
3---
4apiVersion: v1
5kind: ConfigMap
6metadata:
7 namespace: develop-center-test
8 name: developer-center-gateway-zuul-env
9data:
10 SERVER_PORT: "8080"
11 SSL_ENABLED: "false"
12 #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
13 #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
14
15 SERVER_MAXHTTPHEADERSIZE: "10240"
16
17 # SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
18 # SERVER_TOMCAT_ACCEPT_COUNT: "5000"
19 # SERVER_TOMCAT_MAX_THREADS: "800"
20 # SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
21 # SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
22
23 ZUUL_HOST_MAX_PER_ROUTE_CONNECTIONS: "1000"
24 ZUUL_HOST_MAX_TOTAL_CONNECTIONS: "1000"
25 ZUUL_SEMAPHORE_MAX_SEMAPHORES: "10000"
26
27
28 INFRAS_SECURITY_BASIC_ENABLED: "false"
29 INFRAS_SECURITY_JWT_ENABLED: "true"
30
31 INFRAS_SECURITY_JWT_TOKEN_GENERATE_TYPE: cas
32 INFRAS_SECURITY_JWT_TOKEN_DECRYPT_KEY_PRIVATE_KEY_PEM_PKCS8: ""
33 INFRAS_SECURITY_JWT_TOKEN_SIGNING_KEY_URL: "https://cas-test.paas.newcapec.cn/cas/jwt/publicKey"
34 INFRAS_SECURITY_JWT_PUBLIC_KEY_PEM: ""
35 INFRAS_SECURITY_JWT_PRIVATE_KEY_PEM_PKCS8: ""
36
37
38 INFRAS_SECURITY_CAS_ENABLED: "true"
39 #这里的地址对应ingress配置文件里网关服务的对外地址
40 APP_SERVER_HOST_URL: "https://dev-center-test.paas.newcapec.cn"
41 #APP_LOGIN_URL: "/cas/login"
42 #APP_LOGOUT_URL: "/cas/logout"
43 CAS_SERVER_HOST_URL: "https://cas-test.paas.newcapec.cn/cas"
44
45
46 ##
47 # userDetailsService 的实现配置
48 # memery,基于内存,用户名任意,角色固定,一般用于开发调试
49 # authn, 基于后端管理,采用本地帐号、角色的数据接口
50 # sa, 中台后端服务,建议和cas一起使用
51 #
52 DEVELOPER_CENTER_GATEWAY_ZUUL_SECURITY_USERDETAILS_SERVICE_IMPL: sa
53
54
55 ## 用户授权服务
56 # USER_AUTHORIZATION_SERVICE_APPLICATION_ID: "6"
57
58
59 ZUUL_HTTPCLIENT_CLIENT_AUTH_ENABLED: "false"
60 #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEY_PASSWORD: ""
61 #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
62 #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
63
64 DEVELOPER_CENTER_SA_SERVER_URL: http://developer-center-backend-sa-svc.develop-center-test.svc.cluster.local:8080
65 DEVELOPER_CENTER_SA_CLIENT_AUTH_ENABLED: "false"
66 #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEY_PASSWORD: ""
67 #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
68 #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
69 #DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
70 #DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
71
72 USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service-test.svc.cluster.local:8080
73 USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
74 #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
75 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
76 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
77 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
78 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
79
80 USER_AUTHZ_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service-test.svc.cluster.local:8080
81 USER_AUTHZ_SERVICE_CLIENT_AUTH_ENABLED: "false"
82 #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
83 #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
84 #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
85 #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
86 #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
87
88 ZUUL_ROUTES_BFF_ABILITY_MESSAGE_URL: http://message-manager-test.paas.newcapec.cn/manager/api/v1
89 ZUUL_ROUTES_BFF_ADMIN_URL: http://developer-center-bff-svc.develop-center-test.svc.cluster.local:8080
90 ZUUL_ROUTES_BFF_PORTAL_URL: http://developer-center-bff-svc.develop-center-test.svc.cluster.local:8080
91
92---
93apiVersion: v1
94kind: Secret
95metadata:
96 namespace: develop-center-test
97 name: developer-center-gateway-zuul-env-secret
98type: Opaque
99data:
100 #SSL_KEYSTORE_PASSWORD: ""
101 #SSL_TRUSTSTORE_PASSWORD: ""
102
haojt43c0a962020-10-28 14:30:58 +0800[diff] [blame]103---
104apiVersion: v1
105kind: Service
106metadata:
107 namespace: develop-center-test
108 name: developer-center-gateway-zuul-svc
109 labels:
110 app: developer-center-gateway-zuul
111 needMonitor: 'true'
112spec:
113 ports:
114 - port: 8080
115 targetPort: http
116 protocol: TCP
117 name: http
118 - port: 6060
119 targetPort: http-metrics
120 protocol: TCP
121 name: http-metrics
122 selector:
123 app: developer-center-gateway-zuul
124---
125apiVersion: apps/v1
126kind: Deployment
127metadata:
128 namespace: develop-center-test
129 name: developer-center-gateway-zuul
130spec:
131 selector:
132 matchLabels:
133 app: developer-center-gateway-zuul
134 replicas: 1
135 template:
136 metadata:
137 labels:
138 app: developer-center-gateway-zuul
139 spec:
140 containers:
141 - name: developer-center-gateway-zuul
142 image: harbor.supwisdom.com/developer-center/developer-center-gateway-zuul:1.0.0-SNAPSHOT-DEV
143 imagePullPolicy: Always
144 ports:
145 - containerPort: 8080
146 name: http
147 - containerPort: 6060
148 name: http-metrics
149 envFrom:
150 - configMapRef:
151 name: jvm-env
152 - secretRef:
153 name: datasource-env-secret
154 - secretRef:
155 name: developer-center-gateway-zuul-env-secret
156 - configMapRef:
157 name: developer-center-gateway-zuul-env
158 resources:
159 requests:
160 memory: "400Mi"
161 limits:
162 memory: "400Mi"
163 readinessProbe:
164 httpGet:
165 path: /actuator/health
166 port: 8080
167 initialDelaySeconds: 20
168 periodSeconds: 5
169 timeoutSeconds: 5
170 successThreshold: 1
171 failureThreshold: 10
172 imagePullSecrets:
173 - name: harbor-registry
174