refactor: 整理结构和 maker 构建方式
This commit is contained in:
zhaoyupeng
209
pkg/resource/yaml/app.nginx.yaml
Normal file
209
pkg/resource/yaml/app.nginx.yaml
Normal file
@@ -0,0 +1,209 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: nginx-deployment
|
||||
namespace: hsv2
|
||||
spec:
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nginx
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nginx
|
||||
spec:
|
||||
topologySpreadConstraints:
|
||||
- maxSkew: 1
|
||||
topologyKey: kubernetes.io/hostname
|
||||
whenUnsatisfiable: ScheduleAnyway
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
app: nginx
|
||||
containers:
|
||||
- name: nginx
|
||||
image: hub.yizhisec.com/external/nginx:1.29.1-alpine3.22
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumeMounts:
|
||||
- name: nginx-main
|
||||
mountPath: /etc/nginx/nginx.conf
|
||||
subPath: nginx.conf
|
||||
readOnly: true
|
||||
- name: nginx-user
|
||||
mountPath: /etc/nginx/sites-enabled/user.conf
|
||||
subPath: user.conf
|
||||
readOnly: true
|
||||
- name: nginx-gateway
|
||||
mountPath: /etc/nginx/sites-enabled/gateway.conf
|
||||
subPath: gateway.conf
|
||||
readOnly: true
|
||||
- name: nginx-web
|
||||
mountPath: /etc/nginx/sites-enabled/web.conf
|
||||
subPath: web.conf
|
||||
readOnly: true
|
||||
- name: nginx-client
|
||||
mountPath: /etc/nginx/sites-enabled/client.conf
|
||||
subPath: client.conf
|
||||
readOnly: true
|
||||
- name: nginx-common
|
||||
mountPath: /etc/nginx/common/common.conf
|
||||
subPath: common.conf
|
||||
readOnly: true
|
||||
- name: ssl-ffdhe2048
|
||||
mountPath: /etc/nginx/ssl/ffdhe2048.txt
|
||||
subPath: ffdhe2048.txt
|
||||
readOnly: true
|
||||
- name: ssl-ca-crt
|
||||
mountPath: /yizhisec/ssl/ca.crt
|
||||
subPath: ca.crt
|
||||
readOnly: true
|
||||
- name: ssl-server-crt
|
||||
mountPath: /yizhisec/ssl/server.crt
|
||||
subPath: server.crt
|
||||
readOnly: true
|
||||
- name: ssl-server-key
|
||||
mountPath: /yizhisec/ssl/server.key
|
||||
subPath: server.key
|
||||
readOnly: true
|
||||
- name: ssl-mqtt-crt
|
||||
mountPath: /etc/nginx/ssl/mqtt.server.crt
|
||||
subPath: mqtt.server.crt
|
||||
readOnly: true
|
||||
- name: ssl-mqtt-key
|
||||
mountPath: /etc/nginx/ssl/mqtt.server.key
|
||||
subPath: mqtt.server.key
|
||||
readOnly: true
|
||||
- name: ssl-client-server-crt
|
||||
mountPath: /etc/nginx/ssl/client.server.crt
|
||||
subPath: client.server.crt
|
||||
readOnly: true
|
||||
- name: ssl-client-server-key
|
||||
mountPath: /etc/nginx/ssl/client.server.key
|
||||
subPath: client.server.key
|
||||
readOnly: true
|
||||
- name: ssl-web-server-crt
|
||||
mountPath: /etc/nginx/ssl/web.server.crt
|
||||
subPath: web.server.crt
|
||||
readOnly: true
|
||||
- name: ssl-web-server-key
|
||||
mountPath: /etc/nginx/ssl/web.server.key
|
||||
subPath: web.server.key
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: nginx-main
|
||||
configMap:
|
||||
name: nginx-main
|
||||
items:
|
||||
- key: nginx.conf
|
||||
path: nginx.conf
|
||||
- name: nginx-user
|
||||
configMap:
|
||||
name: nginx-user
|
||||
items:
|
||||
- key: user.conf
|
||||
path: user.conf
|
||||
- name: nginx-gateway
|
||||
configMap:
|
||||
name: nginx-gateway
|
||||
items:
|
||||
- key: gateway.conf
|
||||
path: gateway.conf
|
||||
- name: nginx-web
|
||||
configMap:
|
||||
name: nginx-web
|
||||
items:
|
||||
- key: web.conf
|
||||
path: web.conf
|
||||
- name: nginx-client
|
||||
configMap:
|
||||
name: nginx-client
|
||||
items:
|
||||
- key: client.conf
|
||||
path: client.conf
|
||||
- name: nginx-common
|
||||
configMap:
|
||||
name: nginx-common
|
||||
items:
|
||||
- key: common.conf
|
||||
path: common.conf
|
||||
- name: ssl-ffdhe2048
|
||||
configMap:
|
||||
name: ssl-ffdhe2048
|
||||
items:
|
||||
- key: ffdhe2048.txt
|
||||
path: ffdhe2048.txt
|
||||
- name: ssl-ca-crt
|
||||
configMap:
|
||||
name: ssl-ca-crt
|
||||
items:
|
||||
- key: ca.crt
|
||||
path: ca.crt
|
||||
- name: ssl-server-crt
|
||||
configMap:
|
||||
name: ssl-server-crt
|
||||
items:
|
||||
- key: server.crt
|
||||
path: server.crt
|
||||
- name: ssl-server-key
|
||||
configMap:
|
||||
name: ssl-server-key
|
||||
items:
|
||||
- key: server.key
|
||||
path: server.key
|
||||
- name: ssl-mqtt-crt
|
||||
configMap:
|
||||
name: ssl-mqtt-crt
|
||||
items:
|
||||
- key: mqtt.server.crt
|
||||
path: mqtt.server.crt
|
||||
- name: ssl-mqtt-key
|
||||
configMap:
|
||||
name: ssl-mqtt-key
|
||||
items:
|
||||
- key: mqtt.server.key
|
||||
path: mqtt.server.key
|
||||
- name: ssl-client-server-crt
|
||||
configMap:
|
||||
name: ssl-client-server-crt
|
||||
items:
|
||||
- key: client.server.crt
|
||||
path: client.server.crt
|
||||
- name: ssl-client-server-key
|
||||
configMap:
|
||||
name: ssl-client-server-key
|
||||
items:
|
||||
- key: client.server.key
|
||||
path: client.server.key
|
||||
- name: ssl-web-server-crt
|
||||
configMap:
|
||||
name: ssl-web-server-crt
|
||||
items:
|
||||
- key: web.server.crt
|
||||
path: web.server.crt
|
||||
- name: ssl-web-server-key
|
||||
configMap:
|
||||
name: ssl-web-server-key
|
||||
items:
|
||||
- key: web.server.key
|
||||
path: web.server.key
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: nginx-service
|
||||
namespace: hsv2
|
||||
spec:
|
||||
selector:
|
||||
app: nginx
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: o-443
|
||||
port: 443
|
||||
targetPort: 23443
|
||||
nodePort: 31443
|
||||
- protocol: TCP
|
||||
name: o-8443
|
||||
port: 8443
|
||||
targetPort: 8443
|
||||
nodePort: 32443
|
||||
type: NodePort
|
||||
Reference in New Issue
Block a user