core/oc-k8s
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: core:oc-auth
Branches Tags
core:main core:oc-front core:oc-auth core:openldap core:oryhydra core:mongo core:nats core:bootstraping
...
compare: core:5b90f637e342c6e93d11269ad6196d1acce42029
Branches Tags
core:main core:oc-front core:oc-auth core:openldap core:oryhydra core:mongo core:nats core:bootstraping

7 Commits
oc-auth ... 5b90f637e3

Author SHA1 Message Date
plm
5b90f637e3 Fix typo in name 2025-01-14 18:35:47 +01:00
plm
93e2d809cf Configuring loki as simpleBinary, deploying, configuring and integrating schedulerd 2025-01-14 18:35:12 +01:00
plm
7d5931045d Adding datacenter and peer support in k8s 2025-01-10 21:20:16 +01:00
plm
0b362983a3 Integrating catalog 2025-01-10 16:41:41 +01:00
plm
fb5aed882f Integrating workflow microservice 2025-01-10 11:43:01 +01:00
plm
5825c89a23 Adding collaborative area support 2025-01-09 16:24:43 +01:00
plm
f868400b7a Integrating front and workspace service 2025-01-08 23:05:38 +01:00
29 changed files with 859 additions and 40 deletions
Expand all files Collapse all files

197
opencloud/dev-values.yaml
View File

@@ -1,5 +1,6 @@
env: dev # For storage class provisioning
host: localhost # For reverse proxy rule
host: beta.opencloud.com # For reverse proxy rule
scheme: http # For reverse proxy rule
mongo-express:
enabled: true
@@ -237,6 +238,108 @@ keto:
name: open-cloud
dsn: memory
loki:
enabled: true
loki:
auth_enabled: false
commonConfig:
replication_factor: 1
storage:
type: filesystem
filesystem:
chunks_directory: /var/loki/chunks
rules_directory: /var/loki/rules
admin_api_directory: /var/loki/admin
storage_config:
boltdb_shipper:
active_index_directory: /var/loki/index
filesystem:
directory: /var/loki/chunks
limits_config:
allow_structured_metadata: false
schemaConfig:
configs:
- from: "2020-01-01"
store: boltdb-shipper
object_store: filesystem
schema: v11
index:
prefix: index_
period: 24h
ingester:
chunk_encoding: snappy
tracing:
enabled: true
querier:
max_concurrent: 2
deploymentMode: SingleBinary
singleBinary:
extraVolumes:
- name: loki-storage
persistentVolumeClaim:
claimName: loki-pvc
persistence:
enabled: false # Deactivate loki auto provisioning, rely on existing PVC
accessMode: ReadWriteOnce
size: 1Gi
storageClassName: kind-sc
claimName: loki-pvc
extraVolumeMounts:
- name: loki-storage
mountPath: /var/loki
replicas: 1
resources:
limits:
cpu: 3
memory: 4Gi
requests:
cpu: 1
memory: 0.5Gi
extraEnv:
- name: GOMEMLIMIT
value: 3750MiB
chunksCache:
# default is 500MB, with limited memory keep this smaller
writebackSizeLimit: 10MB
# Enable minio for storage
minio:
enabled: false
# Zero out replica counts of other deployment modes
backend:
replicas: 0
read:
replicas: 0
write:
replicas: 0
ingester:
replicas: 0
querier:
replicas: 0
queryFrontend:
replicas: 0
queryScheduler:
replicas: 0
distributor:
replicas: 0
compactor:
replicas: 0
indexGateway:
replicas: 0
bloomCompactor:
replicas: 0
bloomGateway:
replicas: 0
grafana:
enabled: false
ocAuth:
enabled: true
image: oc/oc-auth:0.0.1
@@ -253,13 +356,95 @@ ocAuth:
resources:
limits:
cpu: "128m"
memory: "128Mi"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
loki:
enabled: false
ocFront:
enabled: true
image: oc/oc-front:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
grafana:
enabled: false
ocWorkspace:
enabled: true
image: oc/oc-workspace:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocShared:
enabled: true
image: oc/oc-shared:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocWorkflow:
enabled: true
image: oc/oc-workflow:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocCatalog:
enabled: true
image: oc/oc-catalog:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocPeer:
enabled: true
image: oc/oc-peer:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocDatacenter:
enabled: true
image: oc/oc-datacenter:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocSchedulerd:
enabled: true
image: oc/oc-schedulerd:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"

16
opencloud/templates/loki.yaml Normal file
View File

@@ -0,0 +1,16 @@
{{- if index .Values.loki.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ .Values.loki.singleBinary.persistence.claimName }}
namespace: {{ .Release.Namespace }}
annotations:
helm.sh/resource-policy: keep
spec:
accessModes:
- {{ .Values.loki.singleBinary.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.loki.singleBinary.persistence.size }}
storageClassName: {{ .Values.loki.singleBinary.persistence.storageClassName }}
{{- end }}

10
opencloud/templates/oc-auth/deployment.yaml
View File

@@ -39,13 +39,13 @@ spec:
name: opencloud-config
ports:
- name: http
containerPort: 80
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ldapUserManager.resources.limits.cpu }}"
memory: "{{ .Values.ldapUserManager.resources.limits.memory }}"
cpu: "{{ .Values.ocFront.resources.limits.cpu }}"
memory: "{{ .Values.ocFront.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ldapUserManager.resources.requests.cpu }}"
memory: "{{ .Values.ldapUserManager.resources.requests.memory }}"
cpu: "{{ .Values.ocFront.resources.requests.cpu }}"
memory: "{{ .Values.ocFront.resources.requests.memory }}"
{{- end }}

13
opencloud/templates/oc-auth/ingress.yaml
View File

@@ -13,8 +13,15 @@ spec:
services:
- kind: Service
name: oc-auth-svc
passHostHeader: true
port: 8094
middlewares:
- name: forwardauth
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-auth-prefix
spec:
stripPrefix:
prefixes:
- "/auth"
{{- end }}

35
opencloud/templates/oc-catalog/deployment.yaml Normal file
View File

@@ -0,0 +1,35 @@
{{- if index .Values.ocCatalog.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-catalog
name: {{ .Release.Name }}-oc-catalog
spec:
replicas: 1
selector:
matchLabels:
app: oc-catalog
template:
metadata:
labels:
app: oc-catalog
spec:
containers:
- image: "{{ .Values.ocCatalog.image }}"
name: oc-catalog
envFrom:
- configMapRef:
name: opencloud-config
ports:
- name: http
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ocCatalog.resources.limits.cpu }}"
memory: "{{ .Values.ocCatalog.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocCatalog.resources.requests.cpu }}"
memory: "{{ .Values.ocCatalog.resources.requests.memory }}"
{{- end }}

29
opencloud/templates/oc-catalog/ingress.yaml Normal file
View File

@@ -0,0 +1,29 @@
{{- if index .Values.ocCatalog.enabled }}
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: oc-catalog-ingress
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`{{ .Values.host }}`) && PathPrefix(`/catalog`)
priority: 10
services:
- kind: Service
name: oc-catalog-svc
port: 8080
middlewares:
- name: strip-catalog-prefix
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-catalog-prefix
spec:
stripPrefix:
prefixes:
- "/catalog"
{{- end }}

17
opencloud/templates/oc-catalog/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocCatalog.enabled }}
apiVersion: v1
kind: Service
metadata:
name: oc-catalog-svc
labels:
app: oc-catalog-svc
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: oc-catalog
type: ClusterIP
{{- end }}

35
opencloud/templates/oc-datacenter/deployment.yaml Normal file
View File

@@ -0,0 +1,35 @@
{{- if index .Values.ocDatacenter.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-datacenter
name: {{ .Release.Name }}-oc-datacenter
spec:
replicas: 1
selector:
matchLabels:
app: oc-datacenter
template:
metadata:
labels:
app: oc-datacenter
spec:
containers:
- image: "{{ .Values.ocDatacenter.image }}"
name: oc-datacenter
envFrom:
- configMapRef:
name: opencloud-config
ports:
- name: http
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ocDatacenter.resources.limits.cpu }}"
memory: "{{ .Values.ocDatacenter.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocDatacenter.resources.requests.cpu }}"
memory: "{{ .Values.ocDatacenter.resources.requests.memory }}"
{{- end }}

29
opencloud/templates/oc-datacenter/ingress.yaml Normal file
View File

@@ -0,0 +1,29 @@
{{- if index .Values.ocDatacenter.enabled }}
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: oc-datacenter-ingress
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`{{ .Values.host }}`) && PathPrefix(`/datacenter`)
priority: 10
services:
- kind: Service
name: oc-datacenter-svc
port: 8080
middlewares:
- name: strip-datacenter-prefix
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-datacenter-prefix
spec:
stripPrefix:
prefixes:
- "/datacenter"
{{- end }}

17
opencloud/templates/oc-datacenter/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocDatacenter.enabled }}
apiVersion: v1
kind: Service
metadata:
name: oc-datacenter-svc
labels:
app: oc-datacenter-svc
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: oc-datacenter
type: ClusterIP
{{- end }}

20
opencloud/templates/oc-front/config.yaml Normal file
View File

@@ -0,0 +1,20 @@
{{- if index .Values.ocFront.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: front-config
data:
config.json: |
{
"WORKSPACE_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/workspace/oc",
"WORKFLOW_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/workflow/oc",
"ITEM_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/catalog/oc",
"SCHEDULER_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/scheduler/oc",
"LOGS_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/logs",
"PEER_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/peers/oc",
"DATACENTER_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/datacenter/oc",
"COLLABORATIVE_AREA_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/shared/oc",
"HOST": "{{ .Values.scheme }}://{{ .Values.host }}/oc",
"AUTH_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/auth/oc"
}
{{- end }}

40
opencloud/templates/oc-front/deployment.yaml Normal file
View File

@@ -0,0 +1,40 @@
{{- if index .Values.ocFront.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-front
name: {{ .Release.Name }}-oc-front
spec:
replicas: 1
selector:
matchLabels:
app: oc-front
template:
metadata:
labels:
app: oc-front
spec:
volumes:
- name: config-volume
configMap:
name: front-config
containers:
- image: "{{ .Values.ocFront.image }}"
name: oc-front
ports:
- name: http
containerPort: 80
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ocFront.resources.limits.cpu }}"
memory: "{{ .Values.ocFront.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocFront.resources.requests.cpu }}"
memory: "{{ .Values.ocFront.resources.requests.memory }}"
volumeMounts:
- name: config-volume
mountPath: /usr/share/nginx/html/assets/assets/config/front.json
subPath: config.json
{{- end }}

17
opencloud/templates/oc-front/ingress.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocFront.enabled }}
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: oc-front-ingress
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`{{ .Values.host }}`) && PathPrefix(`/`)
priority: 5
services:
- kind: Service
name: oc-front-svc
port: 8080
{{- end }}

17
opencloud/templates/oc-front/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocFront.enabled }}
apiVersion: v1
kind: Service
metadata:
name: oc-front-svc
labels:
app: oc-front-svc
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 80
selector:
app: oc-front
type: ClusterIP
{{- end }}

35
opencloud/templates/oc-peer/deployment.yaml Normal file
View File

@@ -0,0 +1,35 @@
{{- if index .Values.ocPeer.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-peer
name: {{ .Release.Name }}-oc-peer
spec:
replicas: 1
selector:
matchLabels:
app: oc-peer
template:
metadata:
labels:
app: oc-peer
spec:
containers:
- image: "{{ .Values.ocPeer.image }}"
name: oc-peer
envFrom:
- configMapRef:
name: opencloud-config
ports:
- name: http
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ocPeer.resources.limits.cpu }}"
memory: "{{ .Values.ocPeer.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocPeer.resources.requests.cpu }}"
memory: "{{ .Values.ocPeer.resources.requests.memory }}"
{{- end }}

29
opencloud/templates/oc-peer/ingress.yaml Normal file
View File

@@ -0,0 +1,29 @@
{{- if index .Values.ocPeer.enabled }}
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: oc-peer-ingress
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`{{ .Values.host }}`) && PathPrefix(`/peers`)
priority: 10
services:
- kind: Service
name: oc-peer-svc
port: 8080
middlewares:
- name: strip-peer-prefix
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-peer-prefix
spec:
stripPrefix:
prefixes:
- "/peers"
{{- end }}

17
opencloud/templates/oc-peer/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocPeer.enabled }}
apiVersion: v1
kind: Service
metadata:
name: oc-peer-svc
labels:
app: oc-peer-svc
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: oc-peer
type: ClusterIP
{{- end }}

31
opencloud/templates/oc-schedulerd/deployment.yaml Normal file
View File

@@ -0,0 +1,31 @@
{{- if index .Values.ocSchedulerd.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-schedulerd
name: {{ .Release.Name }}-oc-schedulerd
spec:
replicas: 1
selector:
matchLabels:
app: oc-schedulerd
template:
metadata:
labels:
app: oc-schedulerd
spec:
containers:
- image: "{{ .Values.ocSchedulerd.image }}"
name: oc-schedulerd
envFrom:
- configMapRef:
name: opencloud-config
resources:
limits:
cpu: "{{ .Values.ocSchedulerd.resources.limits.cpu }}"
memory: "{{ .Values.ocSchedulerd.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocSchedulerd.resources.requests.cpu }}"
memory: "{{ .Values.ocSchedulerd.resources.requests.memory }}"
{{- end }}

35
opencloud/templates/oc-shared/deployment.yaml Normal file
View File

@@ -0,0 +1,35 @@
{{- if index .Values.ocShared.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-shared
name: {{ .Release.Name }}-oc-shared
spec:
replicas: 1
selector:
matchLabels:
app: oc-shared
template:
metadata:
labels:
app: oc-shared
spec:
containers:
- image: "{{ .Values.ocShared.image }}"
name: oc-shared
envFrom:
- configMapRef:
name: opencloud-config
ports:
- name: http
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ocShared.resources.limits.cpu }}"
memory: "{{ .Values.ocShared.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocShared.resources.requests.cpu }}"
memory: "{{ .Values.ocShared.resources.requests.memory }}"
{{- end }}

29
opencloud/templates/oc-shared/ingress.yaml Normal file
View File

@@ -0,0 +1,29 @@
{{- if index .Values.ocShared.enabled }}
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: oc-shared-ingress
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`{{ .Values.host }}`) && PathPrefix(`/shared`)
priority: 10
services:
- kind: Service
name: oc-shared-svc
port: 8080
middlewares:
- name: strip-shared-prefix
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-shared-prefix
spec:
stripPrefix:
prefixes:
- "/shared"
{{- end }}

17
opencloud/templates/oc-shared/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocShared.enabled }}
apiVersion: v1
kind: Service
metadata:
name: oc-shared-svc
labels:
app: oc-shared-svc
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: oc-shared
type: ClusterIP
{{- end }}

35
opencloud/templates/oc-workflow/deployment.yaml Normal file
View File

@@ -0,0 +1,35 @@
{{- if index .Values.ocWorkflow.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-workflow
name: {{ .Release.Name }}-oc-workflow
spec:
replicas: 1
selector:
matchLabels:
app: oc-workflow
template:
metadata:
labels:
app: oc-workflow
spec:
containers:
- image: "{{ .Values.ocWorkflow.image }}"
name: oc-shared
envFrom:
- configMapRef:
name: opencloud-config
ports:
- name: http
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ocWorkflow.resources.limits.cpu }}"
memory: "{{ .Values.ocWorkflow.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocWorkflow.resources.requests.cpu }}"
memory: "{{ .Values.ocWorkflow.resources.requests.memory }}"
{{- end }}

29
opencloud/templates/oc-workflow/ingress.yaml Normal file
View File

@@ -0,0 +1,29 @@
{{- if index .Values.ocWorkflow.enabled }}
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: oc-workflow-ingress
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`{{ .Values.host }}`) && PathPrefix(`/workflow`)
priority: 10
services:
- kind: Service
name: oc-workflow-svc
port: 8080
middlewares:
- name: strip-workflow-prefix
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-workflow-prefix
spec:
stripPrefix:
prefixes:
- "/workflow"
{{- end }}

17
opencloud/templates/oc-workflow/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocWorkflow.enabled }}
apiVersion: v1
kind: Service
metadata:
name: oc-workflow-svc
labels:
app: oc-workflow-svc
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: oc-workflow
type: ClusterIP
{{- end }}

35
opencloud/templates/oc-workspace/deployment.yaml Normal file
View File

@@ -0,0 +1,35 @@
{{- if index .Values.ocWorkspace.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oc-workspace
name: {{ .Release.Name }}-oc-workspace
spec:
replicas: 1
selector:
matchLabels:
app: oc-workspace
template:
metadata:
labels:
app: oc-workspace
spec:
containers:
- image: "{{ .Values.ocWorkspace.image }}"
name: oc-workspace
envFrom:
- configMapRef:
name: opencloud-config
ports:
- name: http
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "{{ .Values.ocWorkspace.resources.limits.cpu }}"
memory: "{{ .Values.ocWorkspace.resources.limits.memory }}"
requests:
cpu: "{{ .Values.ocWorkspace.resources.requests.cpu }}"
memory: "{{ .Values.ocWorkspace.resources.requests.memory }}"
{{- end }}

29
opencloud/templates/oc-workspace/ingress.yaml Normal file
View File

@@ -0,0 +1,29 @@
{{- if index .Values.ocWorkspace.enabled }}
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: oc-workspace-ingress
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`{{ .Values.host }}`) && PathPrefix(`/workspace`)
priority: 10
services:
- kind: Service
name: oc-workspace-svc
port: 8080
middlewares:
- name: strip-workspace-prefix
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-workspace-prefix
spec:
stripPrefix:
prefixes:
- "/workspace"
{{- end }}

17
opencloud/templates/oc-workspace/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if index .Values.ocWorkspace.enabled }}
apiVersion: v1
kind: Service
metadata:
name: oc-workspace-svc
labels:
app: oc-workspace-svc
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: oc-workspace
type: ClusterIP
{{- end }}

25
opencloud/templates/openCLoudConf.yaml
View File

@@ -1,25 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: opencloud-config
data:
OCAUTH_ADMIN_ROLE: "{{ .Values.ocAuth.keto.adminRole }}"
OCAUTH_PUBLIC_KEY_PATH: "/keys/public/public.pem"
OCAUTH_PRIVATE_KEY_PATH: "/keys/private/private.pem"
OCAUTH_CLIENT_SECRET: "{{ .Values.ocAuth.hydra.openCloudOauth2ClientSecretName }}"
OCAUTH_AUTH: "{{ .Values.ocAuth.authType }}"
OCAUTH_AUTH_CONNECTOR_HOST: "{{ .Release.Name }}-hydra-admin.{{ .Release.Namespace }}"
OCAUTH_AUTH_CONNECTOR_PORT: "4444"
OCAUTH_AUTH_CONNECTOR_ADMIN_PORT: "4445"
OCAUTH_PERMISSION_CONNECTOR_HOST: "{{ .Release.Name }}-keto-write.{{ .Release.Namespace }}"
OCAUTH_PERMISSION_CONNECTOR_PORT: "80"
OCAUTH_PERMISSION_CONNECTOR_ADMIN_PORT: "80"
OCAUTH_LDAP_ENDPOINTS: "{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local:389"
OCAUTH_LDAP_BINDDN: "{{ index .Values.ocAuth.ldap.bindDn }}"
OCAUTH_LDAP_BINDPW: "{{ index .Values.ocAuth.ldap.binPwd }}"
OCAUTH_LDAP_BASEDN: "{{ index .Values.ocAuth.ldap.baseDn }}"
OCAUTH_LDAP_ROLE_BASEDN: "{{ index .Values.ocAuth.ldap.roleBaseDn }}"
OCAUTH_MONGO_URL: "mongodb://{{ index .Values.mongodb.auth.usernames 0 }}:{{ index .Values.mongodb.auth.passwords 0 }}@{{ .Release.Name }}-mongodb.{{ .Release.Namespace }}:27017/{{ index .Values.mongodb.auth.databases 0 }}"
OCAUTH_MONGO_DATABASE: "{{ index .Values.mongodb.auth.databases 0 }}"
OCAUTH_NATS_URL: "nats://dev-nats.{{ .Release.Namespace }}.svc.cluster.local:4222"
OCAUTH_LOKI_URL: "{{ .Values.SERVER_PATH }}"

25
opencloud/templates/openCloudConf.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: opencloud-config
data:
OC_ADMIN_ROLE: "{{ .Values.ocAuth.keto.adminRole }}"
OC_PUBLIC_KEY_PATH: "/keys/public/public.pem"
OC_PRIVATE_KEY_PATH: "/keys/private/private.pem"
OC_CLIENT_SECRET: "{{ .Values.ocAuth.hydra.openCloudOauth2ClientSecretName }}"
OC_AUTH: "{{ .Values.ocAuth.authType }}"
OC_AUTH_CONNECTOR_HOST: "{{ .Release.Name }}-hydra-admin.{{ .Release.Namespace }}"
OC_AUTH_CONNECTOR_PORT: "4444"
OC_AUTH_CONNECTOR_ADMIN_PORT: "4445"
OC_PERMISSION_CONNECTOR_HOST: "{{ .Release.Name }}-keto-write.{{ .Release.Namespace }}"
OC_PERMISSION_CONNECTOR_PORT: "80"
OC_PERMISSION_CONNECTOR_ADMIN_PORT: "80"
OC_LDAP_ENDPOINTS: "{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local:389"
OC_LDAP_BINDDN: "{{ index .Values.ocAuth.ldap.bindDn }}"
OC_LDAP_BINDPW: "{{ index .Values.ocAuth.ldap.binPwd }}"
OC_LDAP_BASEDN: "{{ index .Values.ocAuth.ldap.baseDn }}"
OC_LDAP_ROLE_BASEDN: "{{ index .Values.ocAuth.ldap.roleBaseDn }}"
OC_MONGO_URL: "mongodb://{{ index .Values.mongodb.auth.usernames 0 }}:{{ index .Values.mongodb.auth.passwords 0 }}@{{ .Release.Name }}-mongodb.{{ .Release.Namespace }}:27017/{{ index .Values.mongodb.auth.databases 0 }}"
OC_MONGO_DATABASE: "{{ index .Values.mongodb.auth.databases 0 }}"
OC_NATS_URL: "nats://dev-nats.{{ .Release.Namespace }}:4222"
OC_LOKI_URL: "http://{{ .Release.Name }}-loki.{{ .Release.Namespace }}:3100"