-
Notifications
You must be signed in to change notification settings - Fork 1
/
service.yaml.template
88 lines (83 loc) · 2.2 KB
/
service.yaml.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
apiVersion: scone/5.8
kind: genservice
# define environment variables
# - local ones are only visible for this service
# - global ones are defined for all services in a mesh
environment:
local:
- name: SCONE_ALLOW_DLOPEN
value: 1
- name: SCONE_HEAP
value: 760M
- name: SCONE_LOG
value: debug
- name: INIT_CONTAINER1_ENABLE
value: "false"
- name: INIT_CONTAINER1
value: "{{REDIS_HOST}}"
- name: INIT_CONTAINER1_PORT
value: "{{REDIS_PORT}}"
global: # values defined/overwritten in Meshfile
- name: REDIS_HOST # get value from Meshfile
- name: REDIS_PORT # get value from Meshfile
- name: api_host
- name: CLUSTER_DNS_IP
- name: K8sNAMESPACE
injection_files:
- path: /tls/client.crt
content: $$SCONE::redis_client_cert.crt$$
- path: /tls/client.key
content: $$SCONE::redis_client_cert.key$$
- path: /tls/redis-ca.crt
content: $$SCONE::redis_ca_cert.chain$$
- path: /tls/flask.crt
content: $$SCONE::flask.crt$$
- path: /tls/flask.key
content: $$SCONE::flask.key$$
# Network files
- path: /etc/resolv.conf
content: |
nameserver {{CLUSTER_DNS_IP}}
search {{K8sNAMESPACE}}.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
- path: /etc/hosts
content: |
# Kubernetes-managed hosts file.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
fe00::0 ip6-mcastprefix
fe00::1 ip6-allnodes
fe00::2 ip6-allrouters
- path: /etc/hostname
content: |
{{api_host}}
# define secrets that are managed by CAS
secrets:
import:
- redis_client_cert
- redis_ca_cert
global:
- name: api_ca_key
kind: private-key
- name: api_ca_cert
kind: x509-ca
private_key: api_ca_key
- name: flask_key
kind: private-key
- name: flask
kind: x509
private_key: flask_key
issuer: api_ca_cert
dns:
- api
build:
name: python-flask-redis
kind: python
to: $APP_IMAGE_REPO/python_flask_redis:latest
pwd: /python
requirements: requirments.txt
# command: python3 -c 'print("hw")'
command: python3 /python/api.py
copy:
- api.py