Global ConfigMap and Secret
This commit is contained in:
parent
fe0bd625dc
commit
7208310111
|
@ -2,29 +2,18 @@
|
|||
# This YAML file desribes a ConfigMap for the cluster #
|
||||
#######################################################
|
||||
|
||||
## Common Env Variables For This Node
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: mdb-mon
|
||||
name: vars
|
||||
namespace: default
|
||||
data:
|
||||
api-key: "<api key here>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: mdb-backup
|
||||
namespace: default
|
||||
data:
|
||||
api-key: "<api key here>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: mdb-fqdn
|
||||
namespace: default
|
||||
data:
|
||||
fqdn: mdb-instance-0
|
||||
mdb-instance-name: "<name of the mdb instance>"
|
||||
bdb-instance-name: "<name of the bdb instance>"
|
||||
ngx-instance-name: "<name of the ngx instance>"
|
||||
mdb-mon-instance-name: "<name of the mdb monitoring agent instance>"
|
||||
mdb-bak-instance-name: "<name of the mdb backup agent instance>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
|
@ -32,5 +21,21 @@ metadata:
|
|||
name: mongodb-whitelist
|
||||
namespace: default
|
||||
data:
|
||||
# We support only 'all' currently
|
||||
allowed-hosts: "all"
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: bdb-keyring
|
||||
namespace: default
|
||||
data:
|
||||
bdb-keyring: "<b64 encoded, ':' separated list of public keys>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: bdb-public-key
|
||||
namespace: default
|
||||
data:
|
||||
bdb-public-key: "<b64 encoded public key>"
|
||||
|
|
|
@ -0,0 +1,91 @@
|
|||
# All secret data should be base64 encoded before embedding them here by
|
||||
# using `echo "secret string" | base64 -w 0 > secret.string.b64` and then
|
||||
# copy the resulting value here.
|
||||
# Ref: https://kubernetes.io/docs/concepts/configuration/secret/
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mdb-agent-api-key
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
api-key: "<b64 encoded api key>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: bdb-private-key
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
private.key: "<b64 encoded private key>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mdb-certs
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
mdb-instance.pem: "<b64 encoded, concatanated public and private keys>"
|
||||
ca.pem: "<b64 encoded CA public key>"
|
||||
mdb-crl.pem: "<b64 encoded CRL data>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mdb-mon-certs
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
mdb-mon-instance.pem: "<b64 encoded, concatanated public and private keys>"
|
||||
ca.pem: "<b64 encoded CA public key>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mdb-bak-certs
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
mdb-bak-instance.pem: "<b64 encoded, concatanated public and private keys>"
|
||||
ca.pem: "<b64 encoded CA public key>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: bdb-certs
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
bdb-instance.pem: "<b64 encoded, concatanated public and private keys>"
|
||||
ca.pem: "<b64 encoded CA public key>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: https-certs
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
cert.pem: "<b64 encoded HTTPS key>"
|
||||
cert.key: "<b64 encoded HTTPS Signed Certificate or Certificate Chain>"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: threescale-credentials
|
||||
namespace: default
|
||||
type: Opaque
|
||||
data:
|
||||
secret-token: "<b64 encoded 3scale secret-token>"
|
||||
service-id: "<b64 encoded 3scale service-id>"
|
||||
version-header: "<b64 encoded 3scale version-header>"
|
||||
provider-key: "<b64 encoded 3scale provider-key>"
|
||||
# The frontend-api-dns-name will be DNS name registered for your HTTPS
|
||||
# certificate.
|
||||
frontend-api-dns-name: "<b64 encoded DNS/FQDN>"
|
||||
# The upstream-api-port can be set to any port other than 9984, 9985, 443,
|
||||
# 8888 and 27017. We usually use port '9999', which is 'OTk5OQo=' in base 64.
|
||||
upstream-api-port: "OTk5OQo="
|
Loading…
Reference in New Issue