Fully working oc-k8s
This commit is contained in:
@@ -74,7 +74,7 @@ nats:
|
||||
# if you already created the claim, set existingClaim:
|
||||
existingClaim: nats-pvc
|
||||
# storageClassName: local-path or standard (use the SC in your cluster)
|
||||
storageClassName: ${OC_NATS_STORAGE:-""}
|
||||
storageClassName: ${OC_NATS_STORAGE:-standard}
|
||||
size: ${OC_NATS_SIZE:-50Gi}
|
||||
# name is the volume name used in volumeMounts; keep it simple
|
||||
name: nats-jetstream
|
||||
@@ -96,9 +96,9 @@ openldap:
|
||||
LDAP_BACKEND: "mdb"
|
||||
LDAP_TLS: "${OC_LDAP_TLS:-false}"
|
||||
LDAP_TLS_ENFORCE: "${OC_LDAP_TLS:-false}"
|
||||
LDAP_REMOVE_CONFIG_AFTER_SETUP: "false"
|
||||
adminPassword: "{SSHA}${OC_LDAP_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
|
||||
configPassword: "{SSHA}${OC_LDAP_CONFIG_PWD:-gr70yyCvtQo2zKe5OkvMkbkLRHUsVqOI}"
|
||||
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
|
||||
adminPassword: ${OC_LDAP_ADMIN_PWD:-admin}
|
||||
configPassword: ${OC_LDAP_CONFIG_PWD:-configadmin}
|
||||
phpldapadmin:
|
||||
enabled: false
|
||||
persistence:
|
||||
@@ -112,9 +112,9 @@ openldap:
|
||||
enabled: false
|
||||
externalLDAP:
|
||||
enabled: ${OC_LDAP_EXTERNAL:-false}
|
||||
url: ${OC_LDAP_EXTERNAL_ENDPOINT}
|
||||
bindDN: ${OC_LDAP_EXTERNAL_DN:-cn=admin,dc=opencloud,dc=com}
|
||||
bindPassword: "{SSHA}${OC_LDAP_EXTERNAL_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
|
||||
url: ${OC_LDAP_EXTERNAL_ENDPOINT:-389}
|
||||
bindDN: ${OC_LDAP_EXTERNAL_DN:-uid=admin,dc=opencloud,dc=com}
|
||||
bindPassword: ${OC_LDAP_EXTERNAL_PWD:-admin}
|
||||
customLdifFiles:
|
||||
01-schema.ldif: |-
|
||||
dn: ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
@@ -175,8 +175,8 @@ openldap:
|
||||
cn: Admin
|
||||
sn: Istrator
|
||||
uid: ${OC_LDAP_ADMIN_USER:-admin}
|
||||
userPassword: "{SSHA}${OC_LDAP_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
|
||||
mail: admin@example.com
|
||||
userPassword: {SSHA}${OC_LDAP_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}
|
||||
mail: ${OC_LDAP_ADMIN_MAIL:-morgane.roques@irt-saintexupery.com}
|
||||
ou: ${OC_LDAP_USERS_OU:-users}
|
||||
|
||||
dn: ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
@@ -184,10 +184,10 @@ openldap:
|
||||
ou: AppRoles
|
||||
description: AppRoles
|
||||
|
||||
dn: ou=App1,ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
dn: ou=${OC_LDAP_ORGANISATION:-Opencloud},ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: organizationalunit
|
||||
ou: App1
|
||||
description: App1
|
||||
ou: ${OC_LDAP_ORGANISATION:-Opencloud}
|
||||
description: ${OC_LDAP_ORGANISATION:-Opencloud}
|
||||
|
||||
prometheus:
|
||||
enabled: ${OC_PROMETHEUS_ENABLED:-true}
|
||||
@@ -300,7 +300,7 @@ loki:
|
||||
commonConfig:
|
||||
replication_factor: 1
|
||||
storage:
|
||||
storageClassName: standard
|
||||
storageClassName: ${OC_LOKI_STORAGE:-standard}
|
||||
type: filesystem
|
||||
filesystem:
|
||||
chunks_directory: /var/loki/chunks
|
||||
@@ -339,7 +339,7 @@ loki:
|
||||
enabled: false # Deactivate loki auto provisioning, rely on existing PVC
|
||||
accessMode: ReadWriteOnce
|
||||
size: ${OC_LOKI_SIZE:-1Gi}
|
||||
storageClassName: ${OC_LOKI_STORAGE:-"standard"}
|
||||
storageClassName: ${OC_LOKI_STORAGE:-standard}
|
||||
create: false
|
||||
claimName: ${OC_LOKI_PVC:-loki-pvc}
|
||||
|
||||
@@ -419,16 +419,17 @@ argo-workflows:
|
||||
ocAuth:
|
||||
enabled: ${OC_AUTH_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_AUTH_IMAGE:-oc-auth:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-auth:${OC_AUTH_IMAGE_VERSION:-0.0.1}
|
||||
authType: hydra
|
||||
keto:
|
||||
adminRole: admin
|
||||
hydra:
|
||||
openCloudOauth2ClientSecretName: oc-oauth2-client-secret
|
||||
openCloudOauth2ClientSecretName: opencloud-oauth2-client-secret
|
||||
ldap:
|
||||
bindDn: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,ou=users,dc=opencloud,dc=com}
|
||||
bindDn: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=opencloud,dc=com}
|
||||
binPwd: ${OC_LDAP_ADMIN_PWD:-admin}
|
||||
baseDn: ${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
userBaseDn: ${OC_LDAP_USER_DN:-ou=users,dc=opencloud,dc=com}
|
||||
roleBaseDn: ${OC_LDAP_ROLE_DN:-ou=AppRoles,dc=opencloud,dc=com}
|
||||
resources:
|
||||
limits:
|
||||
@@ -447,7 +448,7 @@ ocAuth:
|
||||
ocFront:
|
||||
enabled: ${OC_FRONT_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_FRONT_IMAGE:-oc-front:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-front:${OC_FRONT_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_FRONT_LIMITS_CPU:-128m}
|
||||
@@ -465,7 +466,7 @@ ocFront:
|
||||
ocWorkspace:
|
||||
enabled: ${OC_WORKSPACE_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_WORKSPACE_IMAGE:-oc-workspace:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-workspace:${OC_WORKSPACE_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_WORKSPACE_LIMITS_CPU:-128m}
|
||||
@@ -484,7 +485,7 @@ ocWorkspace:
|
||||
ocShared:
|
||||
enabled: ${OC_SHARED_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_SHARED_IMAGE:-oc-shared:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-shared:${OC_SHARED_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_SHARED_LIMITS_CPU:-128m}
|
||||
@@ -502,7 +503,7 @@ ocShared:
|
||||
ocWorkflow:
|
||||
enabled: ${OC_WORKFLOW_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_WORKFLOW_IMAGE:-oc-workflow:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-workflow:${OC_WORKFLOW_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_WORKFLOW_LIMITS_CPU:-128m}
|
||||
@@ -520,7 +521,7 @@ ocWorkflow:
|
||||
ocCatalog:
|
||||
enabled: ${OC_CATALOG_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_CATALOG_IMAGE:-oc-catalog:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-catalog:${OC_CATALOG_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_CATALOG_LIMITS_CPU:-128m}
|
||||
@@ -538,7 +539,7 @@ ocCatalog:
|
||||
ocPeer:
|
||||
enabled: ${OC_PEER_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_PEER_IMAGE:-oc-peer:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-peer:${OC_PEER_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_PEER_LIMITS_CPU:-128m}
|
||||
@@ -556,7 +557,7 @@ ocPeer:
|
||||
ocDatacenter:
|
||||
enabled: ${OC_DATACENTER_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_DATACENTER_IMAGE:-oc-datacenter:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-datacenter:${OC_DATACENTER_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_DATACENTER_LIMITS_CPU:-128m}
|
||||
@@ -574,7 +575,7 @@ ocDatacenter:
|
||||
ocSchedulerd:
|
||||
enabled: ${OC_SCHEDULERD_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_SCHEDULERD_IMAGE:-oc-schedulerd:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-schedulerd:${OC_SCHEDULERD_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_SCHEDULERD_LIMITS_CPU:-128m}
|
||||
@@ -592,7 +593,7 @@ ocSchedulerd:
|
||||
ocScheduler:
|
||||
enabled: ${OC_SCHEDULER_ENABLED:-true}
|
||||
enableTraefikProxyIntegration: true
|
||||
image: "${REGISTRY_HOST:-oc}/${OC_SCHEDULER_IMAGE:-oc-scheduler:0.0.1}"
|
||||
image: ${REGISTRY_HOST:-oc}/oc-scheduler:${OC_SCHEDULER_IMAGE_VERSION:-0.0.1}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_SCHEDULER_LIMITS_CPU:-128m}
|
||||
@@ -621,7 +622,6 @@ docker-registry-ui:
|
||||
claimName: docker-registry-pvc
|
||||
persistence:
|
||||
create: false
|
||||
storageClassName: standard
|
||||
existingClaim: docker-registry-pvc
|
||||
accessMode: ReadWriteOnce
|
||||
storage: ${OC_DOCKER_REGISTRY_SIZE:-5Gi}
|
||||
|
||||
Reference in New Issue
Block a user