Skip to content

Instantly share code, notes, and snippets.

@marshall007

marshall007/deployment.yaml

Last active July 21, 2021 15:44
Show Gist options
  • Save marshall007/ebaaea553c69d20395ffdc926a3f1d00 to your computer and use it in GitHub Desktop.
Save marshall007/ebaaea553c69d20395ffdc926a3f1d00 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: app
annotations:
k8s.appdat.jsc.nasa.gov/gatekeeper: enabled
spec:
selector:
matchLabels:
app.kubernetes.io/component: app
template:
metadata:
labels:
app.kubernetes.io/component: app
spec:
containers:
- name: app
image: ghcr.io/stefanprodan/podinfo:6.0.0
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 9898
protocol: TCP
- name: http-metrics
containerPort: 9797
protocol: TCP
- name: grpc
containerPort: 9999
protocol: TCP
Raw
kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
patches:
- target:
group: apps
annotationSelector: |
k8s.appdat.jsc.nasa.gov/gatekeeper=enabled
patch: |
- op: add
path: /spec/template/spec/containers/-
value:
name: keycloak-gatekeeper
image: quay.io/gogatekeeper/gatekeeper:1.1.0
imagePullPolicy: IfNotPresent
ports:
- name: http-proxy
containerPort: 8081
args:
- --listen=0.0.0.0:$(LISTEN_PORT)
- --upstream-url=0.0.0.0:$(UPSTREAM_PORT)
- --config=/keycloak/gatekeeper-config.yaml
replacements:
- source:
group: apps
# annotationSelector: |
# k8s.appdat.jsc.nasa.gov/gatekeeper=enabled
fieldPath: spec.template.spec.containers.[name=keycloak-gatekeeper].ports.[name=http-proxy].containerPort
targets:
- select:
group: apps
# annotationSelector: |
# k8s.appdat.jsc.nasa.gov/gatekeeper=enabled
fieldPaths:
- spec.template.spec.containers.[name=keycloak-gatekeeper].env.[name=LISTEN_PORT].value
options:
create: true
- select:
kind: Service
fieldPaths:
- spec.ports.[name=http].targetPort
- source:
group: apps
# annotationSelector: |
# k8s.appdat.jsc.nasa.gov/gatekeeper=enabled
fieldPath: spec.template.spec.containers.[name=app].ports.[name=http].containerPort
targets:
- select:
group: apps
# annotationSelector: |
# k8s.appdat.jsc.nasa.gov/gatekeeper=enabled
fieldPaths:
- spec.template.spec.containers.[name=keycloak-gatekeeper].env.[name=UPSTREAM_PORT].value
options:
create: true
Raw
output.yaml
apiVersion: v1
kind: Service
metadata:
annotations:
k8s.appdat.jsc.nasa.gov/gatekeeper: enabled
name: app
spec:
ports:
- name: http
port: 9898
protocol: TCP
targetPort: 8081
- name: grpc
port: 9999
protocol: TCP
targetPort: 9999
selector:
app.kubernetes.io/component: app
type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
k8s.appdat.jsc.nasa.gov/gatekeeper: enabled
name: app
spec:
selector:
matchLabels:
app.kubernetes.io/component: app
template:
metadata:
labels:
app.kubernetes.io/component: app
spec:
containers:
- args:
- --listen=0.0.0.0:$(LISTEN_PORT)
- --upstream-url=0.0.0.0:$(UPSTREAM_PORT)
- --config=/keycloak/gatekeeper-config.yaml
env:
- name: LISTEN_PORT
value: 8081
- name: UPSTREAM_PORT
value: 9898
image: quay.io/gogatekeeper/gatekeeper:1.1.0
imagePullPolicy: IfNotPresent
name: keycloak-gatekeeper
ports:
- containerPort: 8081
name: http-proxy
- image: ghcr.io/stefanprodan/podinfo:6.0.0
imagePullPolicy: IfNotPresent
name: app
ports:
- containerPort: 9898
name: http
protocol: TCP
- containerPort: 9797
name: http-metrics
protocol: TCP
- containerPort: 9999
name: grpc
protocol: TCP
Raw
service.yaml
apiVersion: v1
kind: Service
metadata:
name: app
annotations:
k8s.appdat.jsc.nasa.gov/gatekeeper: enabled
spec:
selector:
app.kubernetes.io/component: app
ports:
- name: http
port: 9898
targetPort: 9898
protocol: TCP
- port: 9999
targetPort: 9999
protocol: TCP
name: grpc
type: ClusterIP
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment