You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
116 lines
3.8 KiB
116 lines
3.8 KiB
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: csi-iam
|
|
namespace: moh-prod
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: csi-iam
|
|
tier: backend
|
|
track: stable
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: csi-iam
|
|
tier: backend
|
|
track: stable
|
|
spec:
|
|
containers:
|
|
- env:
|
|
- name: PROXY_ADDRESS_FORWARDING
|
|
value: 'true'
|
|
- name: KEYCLOAK_LOGLEVEL
|
|
value: INFO
|
|
#- name: JGROUPS_DISCOVERY_PROTOCOL
|
|
#value: kubernetes.KUBE_PING
|
|
#- name: KUBERNETES_NAMESPACE
|
|
#valueFrom:
|
|
# fieldRef:
|
|
# fieldPath: metadata.namespace
|
|
#- name: KUBERNETES_LABELS
|
|
#value: app=csi-iam
|
|
#- name: JGROUPS_DISCOVERY_PROPERTIES
|
|
#value: 'port_range=0,dump_requests=true'
|
|
- name: KAFKA_BROKERS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: KAFKA_BOOTSTRAP_SERVERS
|
|
name: service-configs
|
|
- name: INFINISPAN_HOST
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.hostIP
|
|
- name: INFINISPAN_PORT
|
|
value: '32123'
|
|
- name: apm_server
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: apm_server
|
|
name: service-configs
|
|
- name: service_name
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: GROUP_ID_CONFIG
|
|
value: register-1
|
|
- name: JAVA_OPTS
|
|
value: >-
|
|
-Xms2g -Xmx4g -XX:MetaspaceSize=96M
|
|
-XX:+UseG1GC -XX:+UseStringDeduplication
|
|
-XX:+HeapDumpOnOutOfMemoryError
|
|
-XX:HeapDumpPath=/opt/jboss/memdump
|
|
-Djava.net.preferIPv4Stack=true
|
|
-Djboss.modules.system.pkgs=$JBOSS_MODULES_SYSTEM_PKGS
|
|
-Djava.awt.headless=true
|
|
-Djavax.net.ssl.trustStore=/etc/pki/ca-trust/extracted/java/cacerts
|
|
-Djavax.net.ssl.trustStorePassword=changeit
|
|
-Delastic.apm.server_urls=$(apm_server) -Delastic.apm.service_name="csi-iam"
|
|
-Delastic.apm.disable_instrumentations="" -Delastic.apm.application_packages=com.afrunt
|
|
-Delastic.apm.environment=$(KUBERNETES_NAMESPACE) -javaagent:/opt/jboss/elastic-apm-agent-1.17.0.jar
|
|
- name: REPORTING_ROUTING_KEY
|
|
value: ''
|
|
envFrom:
|
|
- configMapRef:
|
|
name: iam-service-configs
|
|
- secretRef:
|
|
name: iam-service-secret
|
|
image: harbor.moh.gov.sa/vidamoh/csi-iam:4.2.104.0 #4.2.100.1 #4.2.99.1
|
|
imagePullPolicy: IfNotPresent
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /auth/
|
|
port: http
|
|
initialDelaySeconds: 1200
|
|
failureThreshold: 3
|
|
timeoutSeconds: 10
|
|
name: csi-iam-app
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
- containerPort: 8443
|
|
name: https
|
|
readinessProbe:
|
|
httpGet:
|
|
path: auth/realms/master
|
|
port: http
|
|
initialDelaySeconds: 20
|
|
failureThreshold: 3
|
|
timeoutSeconds: 10
|
|
resources:
|
|
limits:
|
|
memory: 6Gi
|
|
requests:
|
|
cpu: 150m
|
|
memory: 988Mi
|
|
volumeMounts:
|
|
- mountPath: /opt/key_files
|
|
name: cacerts
|
|
imagePullSecrets:
|
|
- name: regcred
|
|
volumes:
|
|
- name: cacerts
|
|
projected:
|
|
sources:
|
|
- secret:
|
|
name: iam-cacerts-secret |