feat: kubernetes basic integration
This commit is contained in:
@ -38,3 +38,9 @@ logger:
|
||||
bootstrap:
|
||||
dir: /etc/bouncer/bootstrap.d
|
||||
lockTimeout: 30s
|
||||
|
||||
integrations:
|
||||
kubernetes:
|
||||
enabled: true
|
||||
writerTokenSecret: ${BOUNCER_WRITER_TOKEN_SECRET}
|
||||
readerTokenSecret: ${BOUNCER_READER_TOKEN_SECRET}
|
||||
|
||||
@ -4,6 +4,7 @@ kind: Kustomization
|
||||
resources:
|
||||
- ./resources/service.yaml
|
||||
- ./resources/deployment.yaml
|
||||
- ./resources/serviceaccount.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: bouncer-admin-config
|
||||
@ -14,3 +15,5 @@ configMapGenerator:
|
||||
- name: bouncer-admin-env
|
||||
literals:
|
||||
- BOUNCER_LOG_LEVEL=2
|
||||
- BOUNCER_WRITER_TOKEN_SECRET=bouncer-admin-writer-token
|
||||
- BOUNCER_READER_TOKEN_SECRET=bouncer-admin-reader-token
|
||||
|
||||
@ -4,7 +4,8 @@ metadata:
|
||||
name: bouncer-admin
|
||||
labels:
|
||||
app: bouncer-admin
|
||||
io.kompose.service: bouncer-admin
|
||||
app.kubernetes.io/name: bouncer-admin
|
||||
app.kubernetes.io/part-of: bouncer
|
||||
spec:
|
||||
replicas: 3
|
||||
selector:
|
||||
@ -14,8 +15,11 @@ spec:
|
||||
metadata:
|
||||
labels:
|
||||
app: bouncer-admin
|
||||
io.kompose.service: bouncer-admin
|
||||
app.kubernetes.io/name: bouncer-admin
|
||||
app.kubernetes.io/part-of: bouncer
|
||||
spec:
|
||||
restartPolicy: Always
|
||||
serviceAccountName: bouncer-admin
|
||||
containers:
|
||||
- name: bouncer-admin
|
||||
image: bouncer
|
||||
|
||||
@ -2,13 +2,14 @@ apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: bouncer-admin
|
||||
app.kubernetes.io/name: bouncer-admin
|
||||
app.kubernetes.io/part-of: bouncer
|
||||
name: bouncer-admin
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: bouncer-admin
|
||||
port: 8081
|
||||
targetPort: bouncer-admin
|
||||
- name: bouncer-admin
|
||||
port: 8081
|
||||
targetPort: bouncer-admin
|
||||
selector:
|
||||
io.kompose.service: bouncer-admin
|
||||
app.kubernetes.io/name: bouncer-admin
|
||||
|
||||
@ -0,0 +1,32 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: bouncer-admin
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: bouncer-admin
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: bouncer-admin
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: bouncer-admin
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: bouncer-admin
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
- v1
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- update
|
||||
@ -4,7 +4,8 @@ metadata:
|
||||
name: bouncer-server
|
||||
labels:
|
||||
app: bouncer-server
|
||||
io.kompose.service: bouncer-server
|
||||
app.kubernetes.io/name: bouncer-server
|
||||
app.kubernetes.io/part-of: bouncer
|
||||
spec:
|
||||
replicas: 3
|
||||
selector:
|
||||
@ -14,7 +15,8 @@ spec:
|
||||
metadata:
|
||||
labels:
|
||||
app: bouncer-server
|
||||
io.kompose.service: bouncer-server
|
||||
app.kubernetes.io/name: bouncer-server
|
||||
app.kubernetes.io/part-of: bouncer
|
||||
spec:
|
||||
containers:
|
||||
- name: bouncer-server
|
||||
|
||||
@ -2,13 +2,14 @@ apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: bouncer-server
|
||||
app.kubernetes.io/name: bouncer-server
|
||||
app.kubernetes.io/part-of: bouncer
|
||||
name: bouncer-server
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: bouncer-server
|
||||
port: 8080
|
||||
targetPort: bouncer-server
|
||||
- name: bouncer-server
|
||||
port: 8080
|
||||
targetPort: bouncer-server
|
||||
selector:
|
||||
io.kompose.service: bouncer-server
|
||||
app.kubernetes.io/name: bouncer-server
|
||||
|
||||
Reference in New Issue
Block a user