update k8s config so auth traffic is only directed to web pods
This commit is contained in:
dandds
parent
50f0843caf
commit
51aff4578e
@ -12,6 +12,9 @@ metadata:
|
|||||||
name: atst
|
name: atst
|
||||||
namespace: atat
|
namespace: atat
|
||||||
spec:
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
role: web
|
||||||
replicas: 2
|
replicas: 2
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
@ -19,12 +22,13 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: atst
|
app: atst
|
||||||
|
role: web
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 101
|
fsGroup: 101
|
||||||
containers:
|
containers:
|
||||||
- name: atst
|
- name: atst
|
||||||
image: registry.atat.codes:443/atst-prod:5550eed2
|
image: registry.atat.codes:443/atst-prod:50f0843c
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "2500Mi"
|
memory: "2500Mi"
|
||||||
@ -133,6 +137,9 @@ metadata:
|
|||||||
name: atst-worker
|
name: atst-worker
|
||||||
namespace: atat
|
namespace: atat
|
||||||
spec:
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
role: worker
|
||||||
replicas: 1
|
replicas: 1
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
@ -140,12 +147,13 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: atst
|
app: atst
|
||||||
|
role: worker
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 101
|
fsGroup: 101
|
||||||
containers:
|
containers:
|
||||||
- name: atst-worker
|
- name: atst-worker
|
||||||
image: registry.atat.codes:443/atst-prod:5550eed2
|
image: registry.atat.codes:443/atst-prod:50f0843c
|
||||||
args: ["/bin/bash", "-c", "/opt/atat/atst/script/rq_worker"]
|
args: ["/bin/bash", "-c", "/opt/atat/atst/script/rq_worker"]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@ -183,7 +191,7 @@ spec:
|
|||||||
port: 80
|
port: 80
|
||||||
targetPort: 8442
|
targetPort: 8442
|
||||||
selector:
|
selector:
|
||||||
app: atst
|
role: web
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
@ -200,7 +208,7 @@ spec:
|
|||||||
nodePort: 32751
|
nodePort: 32751
|
||||||
port: 8443
|
port: 8443
|
||||||
selector:
|
selector:
|
||||||
app: atst
|
role: web
|
||||||
---
|
---
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
|
|||||||
@ -12,6 +12,9 @@ metadata:
|
|||||||
name: atst
|
name: atst
|
||||||
namespace: atat-test
|
namespace: atat-test
|
||||||
spec:
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
role: web
|
||||||
replicas: 1
|
replicas: 1
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
@ -19,12 +22,13 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: atst
|
app: atst
|
||||||
|
role: web
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 101
|
fsGroup: 101
|
||||||
containers:
|
containers:
|
||||||
- name: atst
|
- name: atst
|
||||||
image: registry.atat.codes:443/atst-prod:24b2543c
|
image: registry.atat.codes:443/atst-prod:50f0843c
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "2500Mi"
|
memory: "2500Mi"
|
||||||
@ -130,6 +134,9 @@ metadata:
|
|||||||
name: atst-worker
|
name: atst-worker
|
||||||
namespace: atat-test
|
namespace: atat-test
|
||||||
spec:
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
role: worker
|
||||||
replicas: 1
|
replicas: 1
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
@ -137,12 +144,13 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: atst
|
app: atst
|
||||||
|
role: worker
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 101
|
fsGroup: 101
|
||||||
containers:
|
containers:
|
||||||
- name: atst-worker
|
- name: atst-worker
|
||||||
image: registry.atat.codes:443/atst-prod:24b2543c
|
image: registry.atat.codes:443/atst-prod:50f0843c
|
||||||
args: ["/bin/bash", "-c", "/opt/atat/atst/script/rq_worker"]
|
args: ["/bin/bash", "-c", "/opt/atat/atst/script/rq_worker"]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@ -180,7 +188,7 @@ spec:
|
|||||||
port: 80
|
port: 80
|
||||||
targetPort: 8442
|
targetPort: 8442
|
||||||
selector:
|
selector:
|
||||||
app: atst
|
role: web
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
@ -197,7 +205,7 @@ spec:
|
|||||||
nodePort: 32711
|
nodePort: 32711
|
||||||
port: 8443
|
port: 8443
|
||||||
selector:
|
selector:
|
||||||
app: atst
|
role: web
|
||||||
---
|
---
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
|
|||||||
@ -12,6 +12,9 @@ metadata:
|
|||||||
name: atst
|
name: atst
|
||||||
namespace: atat-uat
|
namespace: atat-uat
|
||||||
spec:
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
role: web
|
||||||
replicas: 1
|
replicas: 1
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
@ -19,12 +22,13 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: atst
|
app: atst
|
||||||
|
role: web
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 101
|
fsGroup: 101
|
||||||
containers:
|
containers:
|
||||||
- name: atst
|
- name: atst
|
||||||
image: registry.atat.codes:443/atst-prod:a9fc2bd2
|
image: registry.atat.codes:443/atst-prod:50f0843c
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "2500Mi"
|
memory: "2500Mi"
|
||||||
@ -133,6 +137,9 @@ metadata:
|
|||||||
name: atst-worker
|
name: atst-worker
|
||||||
namespace: atat-uat
|
namespace: atat-uat
|
||||||
spec:
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
role: worker
|
||||||
replicas: 1
|
replicas: 1
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
@ -140,12 +147,13 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: atst
|
app: atst
|
||||||
|
role: worker
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 101
|
fsGroup: 101
|
||||||
containers:
|
containers:
|
||||||
- name: atst-worker
|
- name: atst-worker
|
||||||
image: registry.atat.codes:443/atst-prod:a9fc2bd2
|
image: registry.atat.codes:443/atst-prod:50f0843c
|
||||||
args: ["/bin/bash", "-c", "/opt/atat/atst/script/rq_worker"]
|
args: ["/bin/bash", "-c", "/opt/atat/atst/script/rq_worker"]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@ -183,7 +191,7 @@ spec:
|
|||||||
port: 80
|
port: 80
|
||||||
targetPort: 8442
|
targetPort: 8442
|
||||||
selector:
|
selector:
|
||||||
app: atst
|
role: web
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
@ -200,7 +208,7 @@ spec:
|
|||||||
nodePort: 32701
|
nodePort: 32701
|
||||||
port: 8443
|
port: 8443
|
||||||
selector:
|
selector:
|
||||||
app: atst
|
role: web
|
||||||
---
|
---
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user