diff --git a/compose/def-ts/7.0/2009/xp0/.env-example b/compose/def-ts/7.0/2009/xp0/.env-example new file mode 100644 index 0000000..ba34161 --- /dev/null +++ b/compose/def-ts/7.0/2009/xp0/.env-example @@ -0,0 +1,16 @@ +#Add the following environment variables to the Sitecore Platform .env file + +#The host for the Tenant service website, for example, ts.localhost +TENANT_SERVICE_HOST= + +#The version tag for the Tenant service image +MODULE_VERSION= + +#The Tenant Id after it is created in Sitecore CM +SITECORE_TENANT_ID= + +#The Client Id of Sitecore Identity Server +SITECORE_CLIENT_ID= + +#The Client Secret of Sitecore Identity Server +SITECORE_CLIENT_SECRET= \ No newline at end of file diff --git a/compose/def-ts/7.0/2009/xp0/tenant-service.override.yml b/compose/def-ts/7.0/2009/xp0/tenant-service.override.yml new file mode 100644 index 0000000..b4703f8 --- /dev/null +++ b/compose/def-ts/7.0/2009/xp0/tenant-service.override.yml @@ -0,0 +1,24 @@ +services: + tenant-service: + isolation: ${ISOLATION} + image: scr.sitecore.com/sxp/modules/sitecore-tenant-service:${MODULE_VERSION} + depends_on: + id: + condition: service_healthy + cm: + condition: service_healthy + environment: + TenantService_ConnectionStrings_sitecore: database=master;tenant id=${SITECORE_TENANT_ID};host=http://cm;timeout=20;auth endpoint=http://id/;client secret=${SITECORE_CLIENT_SECRET};client id=${SITECORE_CLIENT_ID} + TenantService_ConnectionStrings_xconnect.collection: http://sitecore_xconnect + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.force-STS-Header.headers.forceSTSHeader=true" + - "traefik.http.middlewares.force-STS-Header.headers.stsSeconds=31536000" + - "traefik.http.routers.ts-secure.entrypoints=websecure" + - "traefik.http.routers.ts-secure.rule=Host(`${TENANT_SERVICE_HOST}`)" + - "traefik.http.routers.ts-secure.tls=true" + - "traefik.http.routers.ts-secure.middlewares=force-STS-Header" + - "traefik.http.services.ts.loadbalancer.server.port=80" \ No newline at end of file diff --git a/compose/def-ts/7.0/2009/xp1/.env-example b/compose/def-ts/7.0/2009/xp1/.env-example new file mode 100644 index 0000000..ba34161 --- /dev/null +++ b/compose/def-ts/7.0/2009/xp1/.env-example @@ -0,0 +1,16 @@ +#Add the following environment variables to the Sitecore Platform .env file + +#The host for the Tenant service website, for example, ts.localhost +TENANT_SERVICE_HOST= + +#The version tag for the Tenant service image +MODULE_VERSION= + +#The Tenant Id after it is created in Sitecore CM +SITECORE_TENANT_ID= + +#The Client Id of Sitecore Identity Server +SITECORE_CLIENT_ID= + +#The Client Secret of Sitecore Identity Server +SITECORE_CLIENT_SECRET= \ No newline at end of file diff --git a/compose/def-ts/7.0/2009/xp1/tenant-service.override.yml b/compose/def-ts/7.0/2009/xp1/tenant-service.override.yml new file mode 100644 index 0000000..b4703f8 --- /dev/null +++ b/compose/def-ts/7.0/2009/xp1/tenant-service.override.yml @@ -0,0 +1,24 @@ +services: + tenant-service: + isolation: ${ISOLATION} + image: scr.sitecore.com/sxp/modules/sitecore-tenant-service:${MODULE_VERSION} + depends_on: + id: + condition: service_healthy + cm: + condition: service_healthy + environment: + TenantService_ConnectionStrings_sitecore: database=master;tenant id=${SITECORE_TENANT_ID};host=http://cm;timeout=20;auth endpoint=http://id/;client secret=${SITECORE_CLIENT_SECRET};client id=${SITECORE_CLIENT_ID} + TenantService_ConnectionStrings_xconnect.collection: http://sitecore_xconnect + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.force-STS-Header.headers.forceSTSHeader=true" + - "traefik.http.middlewares.force-STS-Header.headers.stsSeconds=31536000" + - "traefik.http.routers.ts-secure.entrypoints=websecure" + - "traefik.http.routers.ts-secure.rule=Host(`${TENANT_SERVICE_HOST}`)" + - "traefik.http.routers.ts-secure.tls=true" + - "traefik.http.routers.ts-secure.middlewares=force-STS-Header" + - "traefik.http.services.ts.loadbalancer.server.port=80" \ No newline at end of file diff --git a/compose/def-ts/7.0/ltsc2019/xp0/.env-example b/compose/def-ts/7.0/ltsc2019/xp0/.env-example new file mode 100644 index 0000000..ba34161 --- /dev/null +++ b/compose/def-ts/7.0/ltsc2019/xp0/.env-example @@ -0,0 +1,16 @@ +#Add the following environment variables to the Sitecore Platform .env file + +#The host for the Tenant service website, for example, ts.localhost +TENANT_SERVICE_HOST= + +#The version tag for the Tenant service image +MODULE_VERSION= + +#The Tenant Id after it is created in Sitecore CM +SITECORE_TENANT_ID= + +#The Client Id of Sitecore Identity Server +SITECORE_CLIENT_ID= + +#The Client Secret of Sitecore Identity Server +SITECORE_CLIENT_SECRET= \ No newline at end of file diff --git a/compose/def-ts/7.0/ltsc2019/xp0/tenant-service.override.yml b/compose/def-ts/7.0/ltsc2019/xp0/tenant-service.override.yml new file mode 100644 index 0000000..b4703f8 --- /dev/null +++ b/compose/def-ts/7.0/ltsc2019/xp0/tenant-service.override.yml @@ -0,0 +1,24 @@ +services: + tenant-service: + isolation: ${ISOLATION} + image: scr.sitecore.com/sxp/modules/sitecore-tenant-service:${MODULE_VERSION} + depends_on: + id: + condition: service_healthy + cm: + condition: service_healthy + environment: + TenantService_ConnectionStrings_sitecore: database=master;tenant id=${SITECORE_TENANT_ID};host=http://cm;timeout=20;auth endpoint=http://id/;client secret=${SITECORE_CLIENT_SECRET};client id=${SITECORE_CLIENT_ID} + TenantService_ConnectionStrings_xconnect.collection: http://sitecore_xconnect + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.force-STS-Header.headers.forceSTSHeader=true" + - "traefik.http.middlewares.force-STS-Header.headers.stsSeconds=31536000" + - "traefik.http.routers.ts-secure.entrypoints=websecure" + - "traefik.http.routers.ts-secure.rule=Host(`${TENANT_SERVICE_HOST}`)" + - "traefik.http.routers.ts-secure.tls=true" + - "traefik.http.routers.ts-secure.middlewares=force-STS-Header" + - "traefik.http.services.ts.loadbalancer.server.port=80" \ No newline at end of file diff --git a/compose/def-ts/7.0/ltsc2019/xp1/.env-example b/compose/def-ts/7.0/ltsc2019/xp1/.env-example new file mode 100644 index 0000000..ba34161 --- /dev/null +++ b/compose/def-ts/7.0/ltsc2019/xp1/.env-example @@ -0,0 +1,16 @@ +#Add the following environment variables to the Sitecore Platform .env file + +#The host for the Tenant service website, for example, ts.localhost +TENANT_SERVICE_HOST= + +#The version tag for the Tenant service image +MODULE_VERSION= + +#The Tenant Id after it is created in Sitecore CM +SITECORE_TENANT_ID= + +#The Client Id of Sitecore Identity Server +SITECORE_CLIENT_ID= + +#The Client Secret of Sitecore Identity Server +SITECORE_CLIENT_SECRET= \ No newline at end of file diff --git a/compose/def-ts/7.0/ltsc2019/xp1/tenant-service.override.yml b/compose/def-ts/7.0/ltsc2019/xp1/tenant-service.override.yml new file mode 100644 index 0000000..b4703f8 --- /dev/null +++ b/compose/def-ts/7.0/ltsc2019/xp1/tenant-service.override.yml @@ -0,0 +1,24 @@ +services: + tenant-service: + isolation: ${ISOLATION} + image: scr.sitecore.com/sxp/modules/sitecore-tenant-service:${MODULE_VERSION} + depends_on: + id: + condition: service_healthy + cm: + condition: service_healthy + environment: + TenantService_ConnectionStrings_sitecore: database=master;tenant id=${SITECORE_TENANT_ID};host=http://cm;timeout=20;auth endpoint=http://id/;client secret=${SITECORE_CLIENT_SECRET};client id=${SITECORE_CLIENT_ID} + TenantService_ConnectionStrings_xconnect.collection: http://sitecore_xconnect + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.force-STS-Header.headers.forceSTSHeader=true" + - "traefik.http.middlewares.force-STS-Header.headers.stsSeconds=31536000" + - "traefik.http.routers.ts-secure.entrypoints=websecure" + - "traefik.http.routers.ts-secure.rule=Host(`${TENANT_SERVICE_HOST}`)" + - "traefik.http.routers.ts-secure.tls=true" + - "traefik.http.routers.ts-secure.middlewares=force-STS-Header" + - "traefik.http.services.ts.loadbalancer.server.port=80" \ No newline at end of file diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ingress-nginx/kustomization.yaml b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ingress-nginx/kustomization.yaml new file mode 100644 index 0000000..1943f57 --- /dev/null +++ b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ingress-nginx/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +bases: + - ../../../xp1/ingress-nginx + +patchesJson6902: + - path: patch-ingress.yaml + target: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 \ No newline at end of file diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ingress-nginx/patch-ingress.yaml b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ingress-nginx/patch-ingress.yaml new file mode 100644 index 0000000..37b3525 --- /dev/null +++ b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ingress-nginx/patch-ingress.yaml @@ -0,0 +1,19 @@ +- op: add + path: "/spec/rules/0" + value: + host: ts.globalhost + http: + paths: + - path: "/" + pathType: Prefix + backend: + service: + name: ts + port: + number: 80 +- op: add + path: "/spec/tls/0" + value: + secretName: global-ts-tls + hosts: + - ts.globalhost \ No newline at end of file diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/kustomization.yaml b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/kustomization.yaml new file mode 100644 index 0000000..27d1952 --- /dev/null +++ b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +bases: + - ../xp1 + +images: +- name: sitecore-ts + newName: scr.sitecore.com/sxp/sitecore-tenant-service + newTag: 7.0.0-ltsc2019 + +resources: +- ts.yaml \ No newline at end of file diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/kustomization.yaml b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/kustomization.yaml new file mode 100644 index 0000000..d846935 --- /dev/null +++ b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/kustomization.yaml @@ -0,0 +1,21 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +bases: + - ../../xp1/secrets + +generatorOptions: + disableNameSuffixHash: true + +secretGenerator: +- name: tenant-service-sitecore-connection + files: + - tenant-service-sitecore-connection.txt +- name: tenant-service-xconnect-collection + files: + - tenant-service-xconnect-collection.txt +- name: global-ts-tls + files: + - tls/global-ts/tls.key + - tls/global-ts/tls.crt + type: kubernetes.io/tls diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tenant-service-sitecore-connection.txt b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tenant-service-sitecore-connection.txt new file mode 100644 index 0000000..4f33ece --- /dev/null +++ b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tenant-service-sitecore-connection.txt @@ -0,0 +1 @@ +database=master;tenant id=[tenant id];host=[cm endpoint];timeout=20;auth endpoint=[id endpoint];client secret=[client secret];client id=[client id] \ No newline at end of file diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tenant-service-xconnect-collection.txt b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tenant-service-xconnect-collection.txt new file mode 100644 index 0000000..0aea1d8 --- /dev/null +++ b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tenant-service-xconnect-collection.txt @@ -0,0 +1 @@ +[xconnect collection endpoint] \ No newline at end of file diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tls/global-ts/readme.md b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/secrets/tls/global-ts/readme.md new file mode 100644 index 0000000..e69de29 diff --git a/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ts.yaml b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ts.yaml new file mode 100644 index 0000000..727878e --- /dev/null +++ b/k8s/def-ts/7.0/ltsc2019/overrides/xp1/ts.yaml @@ -0,0 +1,82 @@ +apiVersion: v1 +kind: Service +metadata: + name: ts +spec: + selector: + app: ts + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ts + labels: + app: ts +spec: + replicas: 1 + selector: + matchLabels: + app: ts + template: + metadata: + labels: + app: ts + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-ts + image: sitecore-ts + ports: + - containerPort: 80 + env: + - name: TenantService_ConnectionStrings_sitecore + valueFrom: + secretKeyRef: + name: tenant-service-sitecore-connection + key: tenant-service-sitecore-connection.txt + - name: TenantService_ConnectionStrings_xconnect.collection + valueFrom: + secretKeyRef: + name: tenant-service-xconnect-collection + key: tenant-service-xconnect-collection.txt + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: ts + resources: + requests: + memory: 500Mi + cpu: 150m + limits: + memory: 1Gi + cpu: 350m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry