Skip to content

K
k8syml
Commit 91247767 by 王昆
Options

Merge branch 'master' of gitlab.gongsibao.com:jiangyong/k8syml

parents 09f1723d 5fc638e7
Showing with 448 additions and 448 deletions
yamls/kong/kong-ingress-dbless.yaml
......@@ -2,456 +2,456 @@
#kind: Namespace
#metadata:
# name: kong
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: kongconsumers.configuration.konghq.com
spec:
additionalPrinterColumns:
- JSONPath: .username
description: Username of a Kong Consumer
name: Username
type: string
- JSONPath: .metadata.creationTimestamp
description: Age
name: Age
type: date
group: configuration.konghq.com
names:
kind: KongConsumer
plural: kongconsumers
shortNames:
- kc
scope: Namespaced
validation:
openAPIV3Schema:
properties:
credentials:
items:
type: string
type: array
custom_id:
type: string
username:
type: string
version: v1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: kongcredentials.configuration.konghq.com
spec:
additionalPrinterColumns:
- JSONPath: .type
description: Type of credential
name: Credential-type
type: string
- JSONPath: .metadata.creationTimestamp
description: Age
name: Age
type: date
- JSONPath: .consumerRef
description: Owner of the credential
name: Consumer-Ref
type: string
group: configuration.konghq.com
names:
kind: KongCredential
plural: kongcredentials
scope: Namespaced
validation:
openAPIV3Schema:
properties:
consumerRef:
type: string
type:
type: string
required:
- consumerRef
- type
version: v1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: kongingresses.configuration.konghq.com
spec:
group: configuration.konghq.com
names:
kind: KongIngress
plural: kongingresses
shortNames:
- ki
scope: Namespaced
validation:
openAPIV3Schema:
properties:
proxy:
properties:
connect_timeout:
minimum: 0
type: integer
path:
pattern: ^/.*$
type: string
protocol:
enum:
- http
- https
- grpc
- grpcs
type: string
read_timeout:
minimum: 0
type: integer
retries:
minimum: 0
type: integer
write_timeout:
minimum: 0
type: integer
type: object
route:
properties:
headers:
additionalProperties:
items:
type: string
type: array
type: object
https_redirect_status_code:
type: integer
methods:
items:
type: string
type: array
preserve_host:
type: boolean
protocols:
items:
enum:
- http
- https
- grpc
- grpcs
type: string
type: array
regex_priority:
type: integer
strip_path:
type: boolean
upstream:
properties:
algorithm:
enum:
- round-robin
- consistent-hashing
- least-connections
type: string
hash_fallback:
type: string
hash_fallback_header:
type: string
hash_on:
type: string
hash_on_cookie:
type: string
hash_on_cookie_path:
type: string
hash_on_header:
type: string
healthchecks:
properties:
active:
properties:
concurrency:
minimum: 1
type: integer
healthy:
properties:
http_statuses:
items:
type: integer
type: array
interval:
minimum: 0
type: integer
successes:
minimum: 0
type: integer
type: object
http_path:
pattern: ^/.*$
type: string
timeout:
minimum: 0
type: integer
unhealthy:
properties:
http_failures:
minimum: 0
type: integer
http_statuses:
items:
type: integer
type: array
interval:
minimum: 0
type: integer
tcp_failures:
minimum: 0
type: integer
timeout:
minimum: 0
type: integer
type: object
type: object
passive:
properties:
healthy:
properties:
http_statuses:
items:
type: integer
type: array
interval:
minimum: 0
type: integer
successes:
minimum: 0
type: integer
type: object
unhealthy:
properties:
http_failures:
minimum: 0
type: integer
http_statuses:
items:
type: integer
type: array
interval:
minimum: 0
type: integer
tcp_failures:
minimum: 0
type: integer
timeout:
minimum: 0
type: integer
type: object
type: object
type: object
slots:
minimum: 10
type: integer
type: object
version: v1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: kongplugins.configuration.konghq.com
spec:
additionalPrinterColumns:
- JSONPath: .plugin
description: Name of the plugin
name: Plugin-Type
type: string
- JSONPath: .metadata.creationTimestamp
description: Age
name: Age
type: date
- JSONPath: .disabled
description: Indicates if the plugin is disabled
name: Disabled
priority: 1
type: boolean
- JSONPath: .config
description: Configuration of the plugin
name: Config
priority: 1
type: string
group: configuration.konghq.com
names:
kind: KongPlugin
plural: kongplugins
shortNames:
- kp
scope: Namespaced
validation:
openAPIV3Schema:
properties:
config:
type: object
disabled:
type: boolean
plugin:
type: string
protocols:
items:
enum:
- http
- https
- tcp
- tls
type: string
type: array
run_on:
enum:
- first
- second
- all
type: string
required:
- plugin
version: v1
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kong-serviceaccount
namespace: kong
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: kong-ingress-clusterrole
rules:
- apiGroups:
- ""
resources:
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- networking.k8s.io
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- networking.k8s.io
- extensions
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- configuration.konghq.com
resources:
- kongplugins
- kongcredentials
- kongconsumers
- kongingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resourceNames:
- ingress-controller-leader-kong
resources:
- configmaps
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kong-ingress-clusterrole-nisa-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kong-ingress-clusterrole
subjects:
- kind: ServiceAccount
name: kong-serviceaccount
namespace: kong
---
apiVersion: v1
data:
servers.conf: |
# Prometheus metrics server
server {
server_name kong_prometheus_exporter;
listen 0.0.0.0:9542; # can be any other port as well
access_log off;
# ---
# apiVersion: apiextensions.k8s.io/v1beta1
# kind: CustomResourceDefinition
# metadata:
# name: kongconsumers.configuration.konghq.com
# spec:
# additionalPrinterColumns:
# - JSONPath: .username
# description: Username of a Kong Consumer
# name: Username
# type: string
# - JSONPath: .metadata.creationTimestamp
# description: Age
# name: Age
# type: date
# group: configuration.konghq.com
# names:
# kind: KongConsumer
# plural: kongconsumers
# shortNames:
# - kc
# scope: Namespaced
# validation:
# openAPIV3Schema:
# properties:
# credentials:
# items:
# type: string
# type: array
# custom_id:
# type: string
# username:
# type: string
# version: v1
# ---
# apiVersion: apiextensions.k8s.io/v1beta1
# kind: CustomResourceDefinition
# metadata:
# name: kongcredentials.configuration.konghq.com
# spec:
# additionalPrinterColumns:
# - JSONPath: .type
# description: Type of credential
# name: Credential-type
# type: string
# - JSONPath: .metadata.creationTimestamp
# description: Age
# name: Age
# type: date
# - JSONPath: .consumerRef
# description: Owner of the credential
# name: Consumer-Ref
# type: string
# group: configuration.konghq.com
# names:
# kind: KongCredential
# plural: kongcredentials
# scope: Namespaced
# validation:
# openAPIV3Schema:
# properties:
# consumerRef:
# type: string
# type:
# type: string
# required:
# - consumerRef
# - type
# version: v1
# ---
# apiVersion: apiextensions.k8s.io/v1beta1
# kind: CustomResourceDefinition
# metadata:
# name: kongingresses.configuration.konghq.com
# spec:
# group: configuration.konghq.com
# names:
# kind: KongIngress
# plural: kongingresses
# shortNames:
# - ki
# scope: Namespaced
# validation:
# openAPIV3Schema:
# properties:
# proxy:
# properties:
# connect_timeout:
# minimum: 0
# type: integer
# path:
# pattern: ^/.*$
# type: string
# protocol:
# enum:
# - http
# - https
# - grpc
# - grpcs
# type: string
# read_timeout:
# minimum: 0
# type: integer
# retries:
# minimum: 0
# type: integer
# write_timeout:
# minimum: 0
# type: integer
# type: object
# route:
# properties:
# headers:
# additionalProperties:
# items:
# type: string
# type: array
# type: object
# https_redirect_status_code:
# type: integer
# methods:
# items:
# type: string
# type: array
# preserve_host:
# type: boolean
# protocols:
# items:
# enum:
# - http
# - https
# - grpc
# - grpcs
# type: string
# type: array
# regex_priority:
# type: integer
# strip_path:
# type: boolean
# upstream:
# properties:
# algorithm:
# enum:
# - round-robin
# - consistent-hashing
# - least-connections
# type: string
# hash_fallback:
# type: string
# hash_fallback_header:
# type: string
# hash_on:
# type: string
# hash_on_cookie:
# type: string
# hash_on_cookie_path:
# type: string
# hash_on_header:
# type: string
# healthchecks:
# properties:
# active:
# properties:
# concurrency:
# minimum: 1
# type: integer
# healthy:
# properties:
# http_statuses:
# items:
# type: integer
# type: array
# interval:
# minimum: 0
# type: integer
# successes:
# minimum: 0
# type: integer
# type: object
# http_path:
# pattern: ^/.*$
# type: string
# timeout:
# minimum: 0
# type: integer
# unhealthy:
# properties:
# http_failures:
# minimum: 0
# type: integer
# http_statuses:
# items:
# type: integer
# type: array
# interval:
# minimum: 0
# type: integer
# tcp_failures:
# minimum: 0
# type: integer
# timeout:
# minimum: 0
# type: integer
# type: object
# type: object
# passive:
# properties:
# healthy:
# properties:
# http_statuses:
# items:
# type: integer
# type: array
# interval:
# minimum: 0
# type: integer
# successes:
# minimum: 0
# type: integer
# type: object
# unhealthy:
# properties:
# http_failures:
# minimum: 0
# type: integer
# http_statuses:
# items:
# type: integer
# type: array
# interval:
# minimum: 0
# type: integer
# tcp_failures:
# minimum: 0
# type: integer
# timeout:
# minimum: 0
# type: integer
# type: object
# type: object
# type: object
# slots:
# minimum: 10
# type: integer
# type: object
# version: v1
# ---
# apiVersion: apiextensions.k8s.io/v1beta1
# kind: CustomResourceDefinition
# metadata:
# name: kongplugins.configuration.konghq.com
# spec:
# additionalPrinterColumns:
# - JSONPath: .plugin
# description: Name of the plugin
# name: Plugin-Type
# type: string
# - JSONPath: .metadata.creationTimestamp
# description: Age
# name: Age
# type: date
# - JSONPath: .disabled
# description: Indicates if the plugin is disabled
# name: Disabled
# priority: 1
# type: boolean
# - JSONPath: .config
# description: Configuration of the plugin
# name: Config
# priority: 1
# type: string
# group: configuration.konghq.com
# names:
# kind: KongPlugin
# plural: kongplugins
# shortNames:
# - kp
# scope: Namespaced
# validation:
# openAPIV3Schema:
# properties:
# config:
# type: object
# disabled:
# type: boolean
# plugin:
# type: string
# protocols:
# items:
# enum:
# - http
# - https
# - tcp
# - tls
# type: string
# type: array
# run_on:
# enum:
# - first
# - second
# - all
# type: string
# required:
# - plugin
# version: v1
# ---
# apiVersion: v1
# kind: ServiceAccount
# metadata:
# name: kong-serviceaccount
# namespace: kong
# ---
# apiVersion: rbac.authorization.k8s.io/v1beta1
# kind: ClusterRole
# metadata:
# name: kong-ingress-clusterrole
# rules:
# - apiGroups:
# - ""
# resources:
# - endpoints
# - nodes
# - pods
# - secrets
# verbs:
# - list
# - watch
# - apiGroups:
# - ""
# resources:
# - nodes
# verbs:
# - get
# - apiGroups:
# - ""
# resources:
# - services
# verbs:
# - get
# - list
# - watch
# - apiGroups:
# - networking.k8s.io
# - extensions
# resources:
# - ingresses
# verbs:
# - get
# - list
# - watch
# - apiGroups:
# - ""
# resources:
# - events
# verbs:
# - create
# - patch
# - apiGroups:
# - networking.k8s.io
# - extensions
# resources:
# - ingresses/status
# verbs:
# - update
# - apiGroups:
# - configuration.konghq.com
# resources:
# - kongplugins
# - kongcredentials
# - kongconsumers
# - kongingresses
# verbs:
# - get
# - list
# - watch
# - apiGroups:
# - ""
# resourceNames:
# - ingress-controller-leader-kong
# resources:
# - configmaps
# verbs:
# - get
# - update
# - apiGroups:
# - ""
# resources:
# - configmaps
# verbs:
# - create
# ---
# apiVersion: rbac.authorization.k8s.io/v1beta1
# kind: ClusterRoleBinding
# metadata:
# name: kong-ingress-clusterrole-nisa-binding
# roleRef:
# apiGroup: rbac.authorization.k8s.io
# kind: ClusterRole
# name: kong-ingress-clusterrole
# subjects:
# - kind: ServiceAccount
# name: kong-serviceaccount
# namespace: kong
# ---
# apiVersion: v1
# data:
# servers.conf: |
# # Prometheus metrics server
# server {
# server_name kong_prometheus_exporter;
# listen 0.0.0.0:9542; # can be any other port as well
# access_log off;
location /metrics {
default_type text/plain;
content_by_lua_block {
local prometheus = require "kong.plugins.prometheus.exporter"
prometheus:collect()
}
}
# location /metrics {
# default_type text/plain;
# content_by_lua_block {
# local prometheus = require "kong.plugins.prometheus.exporter"
# prometheus:collect()
# }
# }
location /nginx_status {
internal;
stub_status;
}
}
# Health check server
server {
server_name kong_health_check;
listen 0.0.0.0:9001; # can be any other port as well
# location /nginx_status {
# internal;
# stub_status;
# }
# }
# # Health check server
# server {
# server_name kong_health_check;
# listen 0.0.0.0:9001; # can be any other port as well
access_log off;
location /health {
return 200;
}
}
kong.yml: |
_format_version: "1.1"
services:
- name: chaolai.igirl-service.80
host: czhd.gongsibao.com
plugins:
- name: prometheus
service: chaolai.igirl-service.80
kind: ConfigMap
metadata:
name: kong-server-blocks
namespace: kong
# access_log off;
# location /health {
# return 200;
# }
# }
# kong.yml: |
# _format_version: "1.1"
# services:
# - name: chaolai.igirl-service.80
# host: czhd.gongsibao.com
# plugins:
# - name: prometheus
# service: chaolai.igirl-service.80
# kind: ConfigMap
# metadata:
# name: kong-server-blocks
# namespace: kong
---
# ---
apiVersion: v1
kind: Service
metadata:
......
yamls/kong/kong-proxy-db.yaml
......@@ -13,7 +13,7 @@ spec:
port: 80
protocol: TCP
targetPort: 8000
nodePort: 12345
nodePort: 26981
- name: proxy-ssl
port: 443
protocol: TCP
......@@ -91,7 +91,7 @@ spec:
value: 0.0.0.0:8001, 0.0.0.0:8444 ssl
- name: KONG_PROXY_LISTEN
value: 0.0.0.0:8000, 0.0.0.0:8443 ssl http2
image: kong:2.0
image: registry.cn-beijing.aliyuncs.com/hantang2/imgshare:777.77.10
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment