92 lines
1.8 KiB
YAML
92 lines
1.8 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: whoami
|
|
spec:
|
|
replicas: 1
|
|
revisionHistoryLimit: 0
|
|
selector:
|
|
matchLabels:
|
|
app: whoami
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: whoami
|
|
spec:
|
|
securityContext:
|
|
runAsUser: 65534
|
|
runAsGroup: 65534
|
|
containers:
|
|
- name: whoami
|
|
image: traefik/whoami
|
|
env:
|
|
- name: WHOAMI_PORT_NUMBER
|
|
value: "8080"
|
|
resources:
|
|
limits:
|
|
cpu: 10m
|
|
memory: 15Mi
|
|
requests:
|
|
cpu: 1m
|
|
memory: 2Mi
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
ports:
|
|
- containerPort: 8080
|
|
protocol: TCP
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: whoami
|
|
labels:
|
|
app: whoami
|
|
spec:
|
|
type: ClusterIP
|
|
selector:
|
|
app: whoami
|
|
ports:
|
|
- name: whoami-http
|
|
port: 80
|
|
targetPort: 8080
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: whoami
|
|
annotations:
|
|
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
|
|
kubernetes.io/ingress.class: traefik
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
traefik.ingress.kubernetes.io/router.middlewares: whoami-whoami@kubernetescrd
|
|
spec:
|
|
rules:
|
|
- host: "whoami.k-space.ee"
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
name: whoami
|
|
port:
|
|
number: 80
|
|
tls:
|
|
- hosts:
|
|
- "*.k-space.ee"
|
|
---
|
|
apiVersion: codemowers.cloud/v1beta1
|
|
kind: OIDCMiddlewareClient
|
|
metadata:
|
|
name: whoami
|
|
spec:
|
|
displayName: Who-Am-I
|
|
uri: 'https://whoami.k-space.ee'
|
|
headerMapping:
|
|
email: Remote-Email
|
|
groups: Remote-Groups
|
|
name: Remote-Name
|
|
user: Remote-Username
|