-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy path05-netmaker-backend.yaml
136 lines (130 loc) · 3.17 KB
/
05-netmaker-backend.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: netmaker-backend
namespace: netmaker
labels:
app: netmaker-backend
spec:
selector:
matchLabels:
app: netmaker-backend
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: netmaker-backend
networking/allow-internet-access: "true"
spec:
containers:
- name: netmaker-backend
image: gravitl/netmaker:v0.15.1
imagePullPolicy: Always
ports:
- containerPort: 8081
securityContext:
privileged: true
capabilities:
add:
- NET_ADMIN
env:
- name: SERVER_NAME
value: "broker.BASE_DOMAIN"
- name: DISPLAY_KEYS
value: "on"
- name: MANAGE_IPTABLES
value: "off"
- name: RCE
value: "on"
- name: NODE_ID
value: "netmaker-server-1"
- name: DATABASE
value: "sqlite"
- name: MQ_HOST
value: netmaker-mq
- name: MQ_PORT
value: "443"
- name: SERVER_API_CONN_STRING
value: "api.BASE_DOMAIN:443"
- name: COREDNS_ADDR
value: "127.0.0.1"
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: SERVER_HTTP_HOST
value: "api.BASE_DOMAIN"
- name: API_PORT
value: "8081"
- name: CLIENT_MODE
value: "on"
- name: MASTER_KEY
value: "Unkn0wn!"
- name: PLATFORM
value: "Kubernetes"
- name: CORS_ALLOWED_ORIGIN
value: "*"
volumeMounts:
- name: nm-pvc-dnsconfig-backend
mountPath: /root/config/dnsconfig
- name: nm-pvc-sqldata
mountPath: /root/data
- name: nm-pvc-mq-certs-nm
mountPath: /etc/netmaker
- name: netmaker-dns
imagePullPolicy: Always
image: coredns/coredns
args:
- -conf
- /root/dnsconfig/Corefile
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
volumeMounts:
- mountPath: /root/dnsconfig
name: nm-pvc-dnsconfig-coredns
readOnly: true
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
volumes:
- name: nm-pvc-dnsconfig-backend
persistentVolumeClaim:
claimName: nm-pvc-dnsconfig-backend
- name: nm-pvc-sqldata
persistentVolumeClaim:
claimName: nm-pvc-sqldata
- name: nm-pvc-mq-certs-nm
persistentVolumeClaim:
claimName: nm-pvc-mq-certs-nm
- name: nm-pvc-dnsconfig-coredns
persistentVolumeClaim:
claimName: nm-pvc-dnsconfig-coredns
---
apiVersion: v1
kind: Service
metadata:
namespace: netmaker
labels:
app: netmaker-backend
name: netmaker-api
spec:
ports:
- port: 8081
protocol: TCP
targetPort: 8081
selector:
app: netmaker-backend
sessionAffinity: None
type: ClusterIP