direktil/config
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
de5971961c63a9dde898ae64eaf13b6ffc464cea
config/addons/novit/kubernetes-dashboard.yaml
Guillaume de5971961c Update to v1.32
2025-11-02 18:31:13 +01:00

1383 lines
44 KiB
YAML
Raw Blame History

---
# Source: kubernetes-dashboard/charts/kong/templates/service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: kubernetes-dashboard-kong
namespace: kube-system
labels:
app.kubernetes.io/name: kong
helm.sh/chart: kong-2.46.0
app.kubernetes.io/instance: "kubernetes-dashboard"
app.kubernetes.io/managed-by: "Helm"
app.kubernetes.io/version: "3.8"
---
# Source: kubernetes-dashboard/templates/rbac/api/serviceaccount.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-api
---
# Source: kubernetes-dashboard/templates/rbac/metrics-scraper/serviceaccount.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-metrics-scraper
---
# Source: kubernetes-dashboard/templates/rbac/web/serviceaccount.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-web
---
# Source: kubernetes-dashboard/templates/secrets/csrf.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Secret
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-csrf
data:
private.key: "QlB1S0ZHTEIvcW53emNUYmxpNU16dnhVc0ZVWTh0NDQrSGRyUEpUN2dKMnZmM2I2eGwzWTdxRlBBK0p0RlNVSUFSazV1ZGxiSUE0REMzRmdGbjI0ZENLaSthMTBnZjZEZTA3R3Y2K1o5T2RtRmtDdDQ5aUc3QzdRekNTTGQvS05kaDFvRzYvakVLRUt1Y3o4ZGhqZkJHRE9aQVRaK0RnQlluVGV3VExDUldTWFU1OXpkK09ORU16U3NGS3RVM2ZvbFpFdGVkTEI3bndLWWhGeGJZaGZxa2s1Q2xpb1MrNGlybDkvQ1lodCtXeTROK3JURnVQbkhKeU5UNzl5VXUxOHdFUktZeGdjS3hHUGpLTWhtc1ZwZlkxK1o5dzRrWkNIU2pSQUxDYUdlU3JWYWRYaytwbkJOUkNPZEV2Wmo3VEk2Q0FKamJvOC90ak9KbURSVmU3U1FnPT0="
---
# Source: kubernetes-dashboard/templates/config/gateway.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: ConfigMap
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kong-dbless-config
data:
kong.yml: |
_format_version: "3.0"
services:
- name: auth
host: kubernetes-dashboard-auth
port: 8000
protocol: http
routes:
- name: authLogin
paths:
- /api/v1/login
strip_path: false
- name: authCsrf
paths:
- /api/v1/csrftoken/login
strip_path: false
- name: authMe
paths:
- /api/v1/me
strip_path: false
- name: api
host: kubernetes-dashboard-api
port: 8000
protocol: http
routes:
- name: api
paths:
- /api
strip_path: false
- name: metrics
paths:
- /metrics
strip_path: false
- name: web
host: kubernetes-dashboard-web
port: 8000
protocol: http
routes:
- name: root
paths:
- /
strip_path: false
---
# Source: kubernetes-dashboard/templates/config/settings.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: ConfigMap
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-web-settings
data:
---
# Source: kubernetes-dashboard/templates/rbac/metrics-scraper/clusterrole.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
name: kubernetes-dashboard-metrics-scraper
rules:
# Allow Metrics Scraper to get metrics from the Metrics server
- apiGroups: [ "metrics.k8s.io" ]
resources: [ "pods", "nodes" ]
verbs: [ "get", "list", "watch" ]
---
# Source: kubernetes-dashboard/templates/rbac/metrics-scraper/clusterrolebinding.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
name: kubernetes-dashboard-metrics-scraper
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubernetes-dashboard-metrics-scraper
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard-metrics-scraper
namespace: kube-system
---
# Source: kubernetes-dashboard/templates/rbac/api/role.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-api
rules:
# Allow Dashboard API to get metrics from metrics-scraper.
- apiGroups: [ "" ]
resources: [ "services/proxy" ]
resourceNames: [ "kubernetes-dashboard-metrics-scraper", "http:kubernetes-dashboard-metrics-scraper" ]
verbs: [ "get" ]
---
# Source: kubernetes-dashboard/templates/rbac/web/role.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-web
rules:
# Allow Dashboard Web to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [ "" ]
resources: [ "configmaps" ]
resourceNames: [ "kubernetes-dashboard-web-settings" ]
verbs: [ "get", "update" ]
---
# Source: kubernetes-dashboard/templates/rbac/api/rolebinding.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-api
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard-api
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard-api
---
# Source: kubernetes-dashboard/templates/rbac/web/rolebinding.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
namespace: kube-system
name: kubernetes-dashboard-web
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard-web
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard-web
---
# Source: kubernetes-dashboard/charts/kong/templates/service-kong-proxy.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard-kong-proxy
namespace: kube-system
labels:
app.kubernetes.io/name: kong
helm.sh/chart: kong-2.46.0
app.kubernetes.io/instance: "kubernetes-dashboard"
app.kubernetes.io/managed-by: "Helm"
app.kubernetes.io/version: "3.8"
enable-metrics: "true"
spec:
type: ClusterIP
ports:
- name: kong-proxy-tls
port: 443
targetPort: 8443
protocol: TCP
selector:
app.kubernetes.io/name: kong
app.kubernetes.io/component: app
app.kubernetes.io/instance: "kubernetes-dashboard"
---
# Source: kubernetes-dashboard/templates/services/api.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Service
apiVersion: v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-api
app.kubernetes.io/version: 1.13.0
app.kubernetes.io/component: api
namespace: kube-system
name: kubernetes-dashboard-api
spec:
type: ClusterIP
ports:
- name: api
port: 8000
protocol: TCP
selector:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-api
---
# Source: kubernetes-dashboard/templates/services/auth.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Service
apiVersion: v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-auth
app.kubernetes.io/version: 1.3.0
app.kubernetes.io/component: auth
namespace: kube-system
name: kubernetes-dashboard-auth
spec:
type: ClusterIP
ports:
- name: auth
port: 8000
protocol: TCP
selector:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-auth
---
# Source: kubernetes-dashboard/templates/services/metrics-scraper.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Service
apiVersion: v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper
app.kubernetes.io/version: 1.2.2
app.kubernetes.io/component: metrics-scraper
namespace: kube-system
name: kubernetes-dashboard-metrics-scraper
spec:
type: ClusterIP
ports:
# Name is intentionally not used here as it breaks the connection between API <-> Scraper
# Named ports have an issue when trying to connect through in-cluster service proxy.
- port: 8000
protocol: TCP
selector:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper
---
# Source: kubernetes-dashboard/templates/services/web.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Service
apiVersion: v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-web
app.kubernetes.io/version: 1.7.0
app.kubernetes.io/component: web
namespace: kube-system
name: kubernetes-dashboard-web
spec:
type: ClusterIP
ports:
- name: web
port: 8000
protocol: TCP
selector:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-web
---
# Source: kubernetes-dashboard/charts/kong/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubernetes-dashboard-kong
namespace: kube-system
labels:
app.kubernetes.io/name: kong
helm.sh/chart: kong-2.46.0
app.kubernetes.io/instance: "kubernetes-dashboard"
app.kubernetes.io/managed-by: "Helm"
app.kubernetes.io/version: "3.8"
app.kubernetes.io/component: app
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: kong
app.kubernetes.io/component: app
app.kubernetes.io/instance: "kubernetes-dashboard"
template:
metadata:
annotations:
kuma.io/service-account-token-volume: kubernetes-dashboard-kong-token
kuma.io/gateway: "enabled"
traffic.sidecar.istio.io/includeInboundPorts: ""
labels:
app.kubernetes.io/name: kong
helm.sh/chart: kong-2.46.0
app.kubernetes.io/instance: "kubernetes-dashboard"
app.kubernetes.io/managed-by: "Helm"
app.kubernetes.io/version: "3.8"
app.kubernetes.io/component: app
app: kubernetes-dashboard-kong
version: "3.8"
spec:
serviceAccountName: kubernetes-dashboard-kong
automountServiceAccountToken: false
initContainers:
- name: clear-stale-pid
image: kong:3.8
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
resources:
{}
command:
- "rm"
- "-vrf"
- "$KONG_PREFIX/pids"
env:
- name: KONG_ADMIN_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_GUI_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_GUI_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_LISTEN
value: "127.0.0.1:8444 http2 ssl, [::1]:8444 http2 ssl"
- name: KONG_CLUSTER_LISTEN
value: "off"
- name: KONG_DATABASE
value: "off"
- name: KONG_DECLARATIVE_CONFIG
value: "/kong_dbless/kong.yml"
- name: KONG_DNS_ORDER
value: "LAST,A,CNAME,AAAA,SRV"
- name: KONG_LUA_PACKAGE_PATH
value: "/opt/?.lua;/opt/?/init.lua;;"
- name: KONG_NGINX_WORKER_PROCESSES
value: "1"
- name: KONG_PLUGINS
value: "off"
- name: KONG_PORTAL_API_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_PORTAL_API_ERROR_LOG
value: "/dev/stderr"
- name: KONG_PORT_MAPS
value: "443:8443"
- name: KONG_PREFIX
value: "/kong_prefix/"
- name: KONG_PROXY_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_PROXY_ERROR_LOG
value: "/dev/stderr"
- name: KONG_PROXY_LISTEN
value: "0.0.0.0:8443 http2 ssl, [::]:8443 http2 ssl"
- name: KONG_PROXY_STREAM_ACCESS_LOG
value: "/dev/stdout basic"
- name: KONG_PROXY_STREAM_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ROUTER_FLAVOR
value: "traditional"
- name: KONG_STATUS_ACCESS_LOG
value: "off"
- name: KONG_STATUS_ERROR_LOG
value: "/dev/stderr"
- name: KONG_STATUS_LISTEN
value: "0.0.0.0:8100, [::]:8100"
- name: KONG_STREAM_LISTEN
value: "off"
volumeMounts:
- name: kubernetes-dashboard-kong-prefix-dir
mountPath: /kong_prefix/
- name: kubernetes-dashboard-kong-tmp
mountPath: /tmp
- name: kong-custom-dbless-config-volume
mountPath: /kong_dbless/
containers:
- name: "proxy"
image: kong:3.8
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
env:
- name: KONG_ADMIN_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_GUI_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_GUI_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_LISTEN
value: "127.0.0.1:8444 http2 ssl, [::1]:8444 http2 ssl"
- name: KONG_CLUSTER_LISTEN
value: "off"
- name: KONG_DATABASE
value: "off"
- name: KONG_DECLARATIVE_CONFIG
value: "/kong_dbless/kong.yml"
- name: KONG_DNS_ORDER
value: "LAST,A,CNAME,AAAA,SRV"
- name: KONG_LUA_PACKAGE_PATH
value: "/opt/?.lua;/opt/?/init.lua;;"
- name: KONG_NGINX_WORKER_PROCESSES
value: "1"
- name: KONG_PLUGINS
value: "off"
- name: KONG_PORTAL_API_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_PORTAL_API_ERROR_LOG
value: "/dev/stderr"
- name: KONG_PORT_MAPS
value: "443:8443"
- name: KONG_PREFIX
value: "/kong_prefix/"
- name: KONG_PROXY_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_PROXY_ERROR_LOG
value: "/dev/stderr"
- name: KONG_PROXY_LISTEN
value: "0.0.0.0:8443 http2 ssl, [::]:8443 http2 ssl"
- name: KONG_PROXY_STREAM_ACCESS_LOG
value: "/dev/stdout basic"
- name: KONG_PROXY_STREAM_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ROUTER_FLAVOR
value: "traditional"
- name: KONG_STATUS_ACCESS_LOG
value: "off"
- name: KONG_STATUS_ERROR_LOG
value: "/dev/stderr"
- name: KONG_STATUS_LISTEN
value: "0.0.0.0:8100, [::]:8100"
- name: KONG_STREAM_LISTEN
value: "off"
- name: KONG_NGINX_DAEMON
value: "off"
lifecycle:
preStop:
exec:
command:
- kong
- quit
- --wait=15
ports:
- name: proxy-tls
containerPort: 8443
protocol: TCP
- name: status
containerPort: 8100
protocol: TCP
volumeMounts:
- name: kubernetes-dashboard-kong-prefix-dir
mountPath: /kong_prefix/
- name: kubernetes-dashboard-kong-tmp
mountPath: /tmp
- name: kong-custom-dbless-config-volume
mountPath: /kong_dbless/
readinessProbe:
failureThreshold: 3
httpGet:
path: /status/ready
port: status
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
livenessProbe:
failureThreshold: 3
httpGet:
path: /status
port: status
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources:
{}
securityContext:
{}
terminationGracePeriodSeconds: 30
volumes:
- name: kubernetes-dashboard-kong-prefix-dir
emptyDir:
sizeLimit: 256Mi
- name: kubernetes-dashboard-kong-tmp
emptyDir:
sizeLimit: 1Gi
- name: kubernetes-dashboard-kong-token
projected:
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
- name: kong-custom-dbless-config-volume
configMap:
name: kong-dbless-config
---
# Source: kubernetes-dashboard/templates/deployments/api.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-api
app.kubernetes.io/version: 1.13.0
app.kubernetes.io/component: api
namespace: kube-system
name: kubernetes-dashboard-api
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-api
template:
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-api
app.kubernetes.io/version: 1.13.0
app.kubernetes.io/component: api
annotations:
checksum/config: 13efa95070d54d0c131cd2913fa3156f0b16e97ff2c0b3cc6287930ef2b4fd4e
spec:
containers:
- name: kubernetes-dashboard-api
image: "docker.io/kubernetesui/dashboard-api:1.13.0"
imagePullPolicy: IfNotPresent
args:
- --namespace=kube-system
- --metrics-scraper-service-name=kubernetes-dashboard-metrics-scraper
env:
- name: CSRF_KEY
valueFrom:
secretKeyRef:
name: kubernetes-dashboard-csrf
key: private.key
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
resource: limits.cpu
divisor: "1"
- name: GOMEMLIMIT
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: "1"
ports:
- containerPort: 8000
name: api
protocol: TCP
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 2001
runAsUser: 1001
resources:
limits:
cpu: 250m
memory: 400Mi
requests:
cpu: 100m
memory: 200Mi
automountServiceAccountToken: true
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumes:
- emptyDir: {}
name: tmp-volume
serviceAccountName: kubernetes-dashboard-api
---
# Source: kubernetes-dashboard/templates/deployments/auth.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-auth
app.kubernetes.io/version: 1.13.0
app.kubernetes.io/component: auth
namespace: kube-system
name: kubernetes-dashboard-auth
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-auth
template:
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-auth
app.kubernetes.io/version: 1.3.0
app.kubernetes.io/component: auth
annotations:
checksum/config: 2565e7fbe96533bcb4fda0b38425014e3847adaa9844b4d6bb64cf8007269886
spec:
containers:
- name: kubernetes-dashboard-auth
image: "docker.io/kubernetesui/dashboard-auth:1.3.0"
imagePullPolicy: IfNotPresent
args:
env:
- name: CSRF_KEY
valueFrom:
secretKeyRef:
name: kubernetes-dashboard-csrf
key: private.key
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
resource: limits.cpu
divisor: "1"
- name: GOMEMLIMIT
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: "1"
ports:
- containerPort: 8000
name: auth
protocol: TCP
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 2001
runAsUser: 1001
resources:
limits:
cpu: 250m
memory: 400Mi
requests:
cpu: 100m
memory: 200Mi
automountServiceAccountToken: true
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumes:
- emptyDir: {}
name: tmp-volume
---
# Source: kubernetes-dashboard/templates/deployments/metrics-scraper.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper
app.kubernetes.io/version: 1.2.2
app.kubernetes.io/component: metrics-scraper
namespace: kube-system
name: kubernetes-dashboard-metrics-scraper
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper
template:
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper
app.kubernetes.io/version: 1.2.2
app.kubernetes.io/component: metrics-scraper
spec:
containers:
- name: kubernetes-dashboard-metrics-scraper
image: "docker.io/kubernetesui/dashboard-metrics-scraper:1.2.2"
imagePullPolicy: IfNotPresent
env:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
resource: limits.cpu
divisor: "1"
- name: GOMEMLIMIT
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: "1"
ports:
- containerPort: 8000
protocol: TCP
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 2001
runAsUser: 1001
resources:
limits:
cpu: 250m
memory: 400Mi
requests:
cpu: 100m
memory: 200Mi
livenessProbe:
httpGet:
path: /
port: 8000
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 30
automountServiceAccountToken: true
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumes:
- emptyDir: {}
name: tmp-volume
serviceAccountName: kubernetes-dashboard-metrics-scraper
---
# Source: kubernetes-dashboard/templates/deployments/web.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-web
app.kubernetes.io/version: 1.7.0
app.kubernetes.io/component: web
namespace: kube-system
name: kubernetes-dashboard-web
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-web
template:
metadata:
labels:
helm.sh/chart: kubernetes-dashboard-7.13.0
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard-web
app.kubernetes.io/version: 1.7.0
app.kubernetes.io/component: web
spec:
containers:
- name: kubernetes-dashboard-web
image: "docker.io/kubernetesui/dashboard-web:1.7.0"
imagePullPolicy: IfNotPresent
args:
- --namespace=kube-system
- --settings-config-map-name=kubernetes-dashboard-web-settings
env:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
resource: limits.cpu
divisor: "1"
- name: GOMEMLIMIT
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: "1"
ports:
- containerPort: 8000
name: web
protocol: TCP
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 2001
runAsUser: 1001
resources:
limits:
cpu: 250m
memory: 400Mi
requests:
cpu: 100m
memory: 200Mi
automountServiceAccountToken: true
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumes:
- emptyDir: {}
name: tmp-volume
serviceAccountName: kubernetes-dashboard-web
---
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: kubernetes-dashboard
helm.sh/chart: kubernetes-dashboard-7.13.0
name: kong-dbless-config
namespace: kube-system
data:
kong.yml: |
_format_version: "3.0"
services:
- name: auth
host: kubernetes-dashboard-auth
port: 8000
protocol: http
routes:
- name: authLogin
paths:
- /api/v1/login
strip_path: false
- name: authCsrf
paths:
- /api/v1/csrftoken/login
strip_path: false
- name: authMe
paths:
- /api/v1/me
strip_path: false
- name: api
host: kubernetes-dashboard-api
port: 8000
protocol: http
routes:
- name: api
paths:
- /api
strip_path: false
- name: metrics
paths:
- /metrics
strip_path: false
- name: web
host: kubernetes-dashboard-web
port: 8000
protocol: http
routes:
- name: root
paths:
- /
strip_path: false
Reference in New Issue View Git Blame Copy Permalink