Modification des deployements pour le passage à Caddy #36
|
@ -51,9 +51,9 @@ spec:
|
||||||
runAsGroup: 1000
|
runAsGroup: 1000
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
|
|
||||||
- image: reg.cadoles.com/cadoles/hydra-oidc-base:2024.4.2-develop.1349.c4711f6
|
- name: hydra-oidc-caddy
|
||||||
|
image: reg.cadoles.com/cadoles/hydra-oidc-base:2024.4.2-develop.1349.c4711f6
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
name: hydra-oidc-caddy
|
|
||||||
args:
|
args:
|
||||||
[
|
[
|
||||||
"/usr/sbin/caddy",
|
"/usr/sbin/caddy",
|
||||||
|
@ -79,6 +79,7 @@ spec:
|
||||||
periodSeconds: 15
|
periodSeconds: 15
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8080
|
- containerPort: 8080
|
||||||
|
name: http
|
||||||
envFrom:
|
envFrom:
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
name: hydra-oidc-env
|
name: hydra-oidc-env
|
||||||
|
|
|
@ -6,8 +6,9 @@ metadata:
|
||||||
name: hydra-oidc
|
name: hydra-oidc
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: hydra-oidc
|
- name: http
|
||||||
wpetit marked this conversation as resolved
Outdated
|
|||||||
port: 8080
|
port: 80
|
||||||
|
targetPort: http
|
||||||
selector:
|
selector:
|
||||||
app.kubernetes.io/name: hydra-oidc
|
app.kubernetes.io/name: hydra-oidc
|
||||||
status:
|
status:
|
||||||
|
|
|
@ -104,6 +104,7 @@ spec:
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8080
|
- containerPort: 8080
|
||||||
|
name: http
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: sql-login-config
|
- name: sql-login-config
|
||||||
mountPath: "/app/config/sql_login_configuration/sql_login.yaml"
|
mountPath: "/app/config/sql_login_configuration/sql_login.yaml"
|
||||||
|
|
|
@ -6,8 +6,9 @@ metadata:
|
||||||
name: hydra-sql
|
name: hydra-sql
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: hydra-sql
|
- name: http
|
||||||
port: 8080
|
port: 80
|
||||||
|
targetPort: http
|
||||||
selector:
|
selector:
|
||||||
app.kubernetes.io/name: hydra-sql
|
app.kubernetes.io/name: hydra-sql
|
||||||
status:
|
status:
|
||||||
|
|
|
@ -52,9 +52,9 @@ spec:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
runAsGroup: 1000
|
runAsGroup: 1000
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
- image: reg.cadoles.com/cadoles/hydra-dispatcher-base:2024.4.2-develop.1411.74a9f16
|
- name: hydra-dispatcher-caddy
|
||||||
|
image: reg.cadoles.com/cadoles/hydra-dispatcher-base:2024.4.2-develop.1411.74a9f16
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
name: hydra-dispatcher-caddy
|
|
||||||
args:
|
args:
|
||||||
[
|
[
|
||||||
"/usr/sbin/caddy",
|
"/usr/sbin/caddy",
|
||||||
|
@ -67,14 +67,14 @@ spec:
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
path: /health
|
path: /health
|
||||||
port: 80
|
port: 8080
|
||||||
initialDelaySeconds: 5
|
initialDelaySeconds: 5
|
||||||
timeoutSeconds: 5
|
timeoutSeconds: 5
|
||||||
periodSeconds: 10
|
periodSeconds: 10
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
path: /health
|
path: /health
|
||||||
port: 80
|
port: 8080
|
||||||
initialDelaySeconds: 15
|
initialDelaySeconds: 15
|
||||||
timeoutSeconds: 5
|
timeoutSeconds: 5
|
||||||
periodSeconds: 15
|
periodSeconds: 15
|
||||||
|
@ -87,13 +87,14 @@ spec:
|
||||||
- name: CADDY_HTTPS_PORT
|
- name: CADDY_HTTPS_PORT
|
||||||
value: "8443"
|
value: "8443"
|
||||||
- name: CADDY_HTTP_PORT
|
- name: CADDY_HTTP_PORT
|
||||||
value: "80"
|
value: "8080"
|
||||||
- name: CADDY_DATA_FS
|
- name: CADDY_DATA_FS
|
||||||
value: "/tmp/caddy"
|
value: "/tmp/caddy"
|
||||||
- name: CADDY_APP_ROOT_PUBLIC
|
- name: CADDY_APP_ROOT_PUBLIC
|
||||||
value: "/app/public/"
|
value: "/app/public/"
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 8080
|
||||||
wpetit marked this conversation as resolved
Outdated
pcaseiro
commented
Le conteneur étant "non root", je penses qu'il n'est pas possible d'écouter sur le port 80, je n'ai pas encore testé mais il semble que ce puisse être un problème. Le port doit avoir un "nom", c'est plus simple pour le référencer ailleurs (dans les services par exemple). Le conteneur étant "non root", je penses qu'il n'est pas possible d'écouter sur le port 80, je n'ai pas encore testé mais il semble que ce puisse être un problème.
Le port doit avoir un "nom", c'est plus simple pour le référencer ailleurs (dans les services par exemple).
|
|||||||
|
name: http
|
||||||
resources: {}
|
resources: {}
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
|
|
|
@ -8,6 +8,7 @@ spec:
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
port: 80
|
port: 80
|
||||||
|
targetPort: http
|
||||||
selector:
|
selector:
|
||||||
app.kubernetes.io/name: hydra-dispatcher
|
app.kubernetes.io/name: hydra-dispatcher
|
||||||
status:
|
status:
|
||||||
|
|
Loading…
Reference in New Issue
L'indentation n'est pas bonne, les listes doivent commencer au même niveau que la première lettre du "parent".