Skip to content

Commit

Permalink
using volumes for secrets and PropertySource fro configMaps to showca…
Browse files Browse the repository at this point in the history 
…se both. Left placeholders to mount configMaps as volumes for now until we finalize decision on use of PropertySource
  • Loading branch information
@AndriyKalashnykov
AndriyKalashnykov committed Mar 30, 2020
1 parent fc527e1 commit 1225722
Show file tree
Hide file tree
Showing 6 changed files with 112 additions and 12 deletions.
23 changes: 22 additions & 1 deletion department-service/src/main/resources/bootstrap.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,26 @@ spring:
name: department
cloud:
kubernetes:
config:
enableApi: true
# # default is true
# enabled: true
# # load from path
# # configs must be mounted as single file
# # there is no recursion support, see:
# # https://github.com/spring-cloud/spring-cloud-kubernetes/issues/327#issuecomment-522538916
# # file must be referenced here
# paths:
# - /etc/appconfig/application.properties
# enableApi: false
secrets:
enableApi: true
# default is true
enabled: true
# secret location
# this is loaded in with normal k/v in a Kubernetes secret
# and not a application.properties file
# spring will handle looking up the credentials in each k/v's directory
paths:
- /etc/secretspot
# default is false
enableApi: false
24 changes: 23 additions & 1 deletion employee-service/src/main/resources/bootstrap.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,30 @@ spring:
name: employee
cloud:
kubernetes:
secrets:
config:
enableApi: true
# # default is true
# enabled: true
# # load from path
# # configs must be mounted as single file
# # there is no recursion support, see:
# # https://github.com/spring-cloud/spring-cloud-kubernetes/issues/327#issuecomment-522538916
# # file must be referenced here
# paths:
# - /etc/appconfig/application.properties
# enableApi: false
secrets:
# default is true
enabled: true
# secret location
# this is loaded in with normal k/v in a Kubernetes secret
# and not a application.properties file
# spring will handle looking up the credentials in each k/v's directory
paths:
- /etc/secretspot
# default is false
enableApi: false

# client:
# masterUrl: ${minikube ip}:8443
# masterUrl: kubernetes.default.svc:8443
Expand Down
30 changes: 21 additions & 9 deletions k8s/department-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,33 +15,45 @@ spec:
app: department
spec:
containers:
- name: department
image: vmware/department:1.1
ports:
- containerPort: 8080
resources:
- name: department
image: vmware/department:1.1
ports:
- containerPort: 8080
resources:
requests:
cpu: "0.2"
memory: 300Mi
limits:
cpu: "1.0"
memory: 300Mi
readinessProbe:
readinessProbe:
httpGet:
port: 8080
path: /actuator/health
initialDelaySeconds: 60
timeoutSeconds: 2
periodSeconds: 20
failureThreshold: 5
livenessProbe:
livenessProbe:
httpGet:
port: 8080
path: /actuator/info
initialDelaySeconds: 60
timeoutSeconds: 2
periodSeconds: 20
failureThreshold: 5
volumeMounts:
- name: mongodb
mountPath: /etc/secretspot
# - name: config
# mountPath: /etc/appconfig
volumes:
- name: mongodb
secret:
secretName: department
# - name: config
# configMap:
# name: department
serviceAccountName: api-service-account
---
apiVersion: v1
Expand All @@ -52,8 +64,8 @@ metadata:
app: department
spec:
ports:
- port: 8080
protocol: TCP
- port: 8080
protocol: TCP
selector:
app: department
type: NodePort
12 changes: 12 additions & 0 deletions k8s/employee-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,18 @@ spec:
timeoutSeconds: 10
periodSeconds: 20
failureThreshold: 10
volumeMounts:
- name: mongodb
mountPath: /etc/secretspot
# - name: config
# mountPath: /etc/appconfig
volumes:
- name: mongodb
secret:
secretName: employee
# - name: config
# configMap:
# name: employee
serviceAccountName: api-service-account
---
apiVersion: v1
Expand Down
12 changes: 12 additions & 0 deletions k8s/organization-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,18 @@ spec:
timeoutSeconds: 2
periodSeconds: 20
failureThreshold: 5
volumeMounts:
- name: mongodb
mountPath: /etc/secretspot
# - name: config
# mountPath: /etc/appconfig
volumes:
- name: mongodb
secret:
secretName: organization
# - name: config
# configMap:
# name: organization
serviceAccountName: api-service-account
---
apiVersion: v1
Expand Down
23 changes: 22 additions & 1 deletion organization-service/src/main/resources/bootstrap.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,26 @@ spring:
name: organization
cloud:
kubernetes:
config:
enableApi: true
# # default is true
# enabled: true
# # load from path
# # configs must be mounted as single file
# # there is no recursion support, see:
# # https://github.com/spring-cloud/spring-cloud-kubernetes/issues/327#issuecomment-522538916
# # file must be referenced here
# paths:
# - /etc/appconfig/application.properties
# enableApi: false
secrets:
enableApi: true
# default is true
enabled: true
# secret location
# this is loaded in with normal k/v in a Kubernetes secret
# and not a application.properties file
# spring will handle looking up the credentials in each k/v's directory
paths:
- /etc/secretspot
# default is false
enableApi: false

0 comments on commit 1225722

Please sign in to comment.