-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathkube-gateway.yaml
69 lines (69 loc) · 1.79 KB
/
kube-gateway.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
---
apiVersion: v1
kind: Service
metadata:
annotations:
service.alpha.openshift.io/serving-cert-secret-name: kube-gateway-secrets
labels:
app: kube-gateway
name: kube-gateway-svc
namespace: kube-gateway
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
app: kube-gateway
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: kube-gateway
name: kube-gateway
namespace: kube-gateway
spec:
replicas: 1
selector:
matchLabels:
app: kube-gateway
template:
metadata:
labels:
app: kube-gateway
spec:
containers:
- command:
- ./kube-gateway
- -api-server=$(API_URL)
- -client-path=$(CLIENT_URL)
- -gateway-listen=$(LISTEN)
- -api-server-ca-file=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
- -api-server-bearer-token-file=/var/run/secrets/kubernetes.io/serviceaccount/token
- -gateway-key-file=/var/run/secrets/serving-cert/tls.key
- -gateway-cert-file=/var/run/secrets/serving-cert/tls.crt
- -jwt-public-key-name=kube-gateway-jwt
- -jwt-request-enable=true
- -jwt-private-key-name=kube-gateway-jwt-private
env:
- name: API_URL
value: https://kubernetes.default.svc
- name: CLIENT_URL
value: /noVNC/vnc_lite.html
- name: LISTEN
value: https://0.0.0.0:8080
image: quay.io/kubevirt-ui/kube-gateway
name: kube-gateway
ports:
- containerPort: 8080
name: https
volumeMounts:
- mountPath: /var/run/secrets/serving-cert
name: serving-cert
serviceAccountName: kube-gateway-sa
volumes:
- name: serving-cert
secret:
secretName: kube-gateway-secrets