This repository has been archived by the owner on Mar 27, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 135
/
Copy pathkong-control-plane-cassandra.yaml
161 lines (160 loc) · 3.77 KB
/
kong-control-plane-cassandra.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: kong
name: kong
labels:
app: kong
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
namespace: kong
name: kong
labels:
app: kong
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
namespace: kong
name: kong
labels:
app: kong
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kong
subjects:
- kind: ServiceAccount
namespace: kong
name: kong
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: kong
name: kong-control-plane
labels:
app: kong-control-plane
spec:
selector:
matchLabels:
app: kong-control-plane
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
annotations:
k8s.konghq.com/sidecar-inject: "false"
prometheus.io/port: "8001"
prometheus.io/scrape: "true"
labels:
app: kong-control-plane
spec:
serviceAccountName: kong
initContainers:
- name: kong-migration
image: kong
imagePullPolicy: IfNotPresent
env:
- name: KONG_DATABASE
value: cassandra
- name: KONG_CASSANDRA_CONTACT_POINTS
value: cassandra.default.svc
- name: KONG_CASSANDRA_KEYSPACE
value: kong
- name: KONG_NGINX_WORKER_PROCESSES
value: "1"
command: [ "kong", "migrations", "bootstrap" ]
- name: kong-migration-up
image: kong
imagePullPolicy: IfNotPresent
env:
- name: KONG_PG_PASSWORD
value: kong
- name: KONG_PG_HOST
value: postgres.kong.svc
command: [ "kong", "migrations", "up" ]
containers:
- name: kong-control-plane
image: kong
imagePullPolicy: IfNotPresent
env:
- name: KONG_DATABASE
value: cassandra
- name: KONG_CASSANDRA_CONTACT_POINTS
value: cassandra.default.svc
- name: KONG_CASSANDRA_KEYSPACE
value: kong
- name: KONG_LOG_LEVEL
value: notice
- name: KONG_ADMIN_ACCESS_LOG
value: /dev/stdout
- name: KONG_PROXY_ERROR_LOG
value: /dev/stderr
- name: KONG_ADMIN_ERROR_LOG
value: /dev/stderr
- name: KONG_ADMIN_LISTEN
value: 0.0.0.0:8001,0.0.0.0:8444 ssl
- name: KONG_PROXY_LISTEN
value: 'off'
- name: KONG_ADMIN_SSL_CERT
value: /api-server-cert/tls.crt
- name: KONG_ADMIN_SSL_CERT_KEY
value: /api-server-cert/tls.key
- name: KONG_NGINX_WORKER_PROCESSES
value: "1"
volumeMounts:
- name: api-server-cert
mountPath: /api-server-cert
ports:
- name: admin-http
containerPort: 8001
- name: admin-https
containerPort: 8444
livenessProbe:
failureThreshold: 3
httpGet:
path: /status
port: 8001
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /status
port: 8001
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
volumes:
- name: api-server-cert
secret:
secretName: kong-control-plane.kong.svc
---
apiVersion: v1
kind: Service
metadata:
namespace: kong
name: kong-control-plane
spec:
type: ClusterIP
ports:
- port: 8001
selector:
app: kong-control-plane