markeee-e commented on issue #10005:
URL: https://github.com/apache/apisix/issues/10005#issuecomment-1679744100
hi Revolyssup, below my k8s manifests
```
configmap & secret
---
apiVersion: v1
kind: ConfigMap
metadata:
name: apisix-configmap-custom
data:
etcd-root-username: "root"
etcd-timeout: "30"
etcd-host: "http://mk-etcd.temp.svc.cluster.local:2379";
etcd-prefix: "/apisix"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: apisix-data-configmap
labels:
app.kubernetes.io/name: apisix
app.kubernetes.io/instance: apisix
app.kubernetes.io/component: data-plane
data:
config.yaml: |-
nginx_config:
error_log: /dev/stderr
stream:
access_log: /dev/stdout
http:
access_log: /dev/stdout
http_configuration_snippet: |
proxy_buffering off;
apisix:
node_listen: 9080
enable_admin: false
ssl:
enable: true
listen:
- port: 9443
enable_http2: true
ssl_trusted_certificate: /usr/local/apisix/certs/ca.crt
control:
ip: 0.0.0.0
port: 9090
deployment:
role: data_plane
role_data_plane:
config_provider: control_plane
control_plane:
host:
- https://apisix-control-plane:9280
prefix: /apisix
timeout: 30
certs:
cert: /usr/local/apisix/certs/tls.crt
cert_key: /usr/local/apisix/certs/tls.key
trusted_ca_cert: /usr/local/apisix/certs/ca.crt
:
---
apiVersion: v1
kind: Secret
metadata:
name: apisix-secret
labels:
app.kubernetes.io/name: apisix
app.kubernetes.io/instance: apisix
app.kubernetes.io/component: apisix-custom
type: Opaque
data:
apisix-admin-key: YXBpc2l4LWFkbWluLWtleQ== #"apisix-admin-key"
apisix-viewer-key: YXBpc2l4LXZpZXdlci1rZXk= #"apisix-viewer-key"
etcd-root-password: MYPASSENCOREDBASE^$
```
```
deployment
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: apisix-data-plane
labels:
app.kubernetes.io/name: apisix
app.kubernetes.io/instance: apisix
app.kubernetes.io/version: "3.4.0"
app.kubernetes.io/component: data-plane
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: apisix
app.kubernetes.io/instance: apisix
app.kubernetes.io/component: data-plane
template:
metadata:
annotations:
labels:
app.kubernetes.io/name: apisix
app.kubernetes.io/instance: apisix
app.kubernetes.io/component: data-plane
spec:
serviceAccountName: default
containers:
- name: apisix
image: "apache/apisix:3.4.0-debian"
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: true
runAsNonRoot: false
runAsUser: 1001
env:
- name: APISIX_ADMIN_KEY
valueFrom:
secretKeyRef:
name: apisix-secret
key: apisix-admin-key
- name: APISIX_VIEWER_KEY
valueFrom:
secretKeyRef:
name: apisix-secret
key: apisix-viewer-key
- name: APISIX_ETCD_PASSWORD
valueFrom:
secretKeyRef:
name: apisix-secret
key: etcd-root-password
- name: APISIX_ETCD_HOST
valueFrom:
configMapKeyRef:
name: apisix-configmap-custom
key: etcd-host
- name: APISIX_ETCD_PREFIX
valueFrom:
configMapKeyRef:
name: apisix-configmap-custom
key: etcd-prefix
- name: APISIX_ETCD_TIMEOUT
valueFrom:
configMapKeyRef:
name: apisix-configmap-custom
key: etcd-timeout
- name: APISIX_ETCD_USER
valueFrom:
configMapKeyRef:
name: apisix-configmap-custom
key: etcd-root-username
ports:
- name: http
containerPort: 9080
- name: https
containerPort: 9443
- name: http-control
containerPort: 9090
- name: http-metrics
containerPort: 9091
readinessProbe:
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
httpGet:
path: /v1/healthcheck
port: http-control
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- "sleep 30"
volumeMounts:
- mountPath: /usr/local/apisix/conf/config.yaml
name: apisix-config
subPath: config.yaml
- mountPath: /usr/local/apisix/certs
name: certs
- name: control-plane-certs
mountPath: /etc/ssl/certs/ca.crt
subPath: ca.crt
resources:
{}
hostNetwork: false
initContainers:
volumes:
- configMap:
name: apisix-data-configmap
name: apisix-config
- secret:
secretName: apisix-data-plane-tls
name: certs
- secret:
secretName: apisix-control-plane-tls
name: control-plane-certs
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
