antorobin

#!/bin/sh
#

set -e
ENV_FILE="/tmp/env_vars.txt"

# Check if the file exists
if [ -f "$ENV_FILE" ]; then
    # Read the file line by line
    while IFS= read -r line; do

antorobin

vault {
  address = "http://vault.vault-namespace.svc.cluster.local:8200"
  token   = "<renewable-token-generated-from-the-vault>"
  
  ssl {
    enabled = false
    verify  = false    
  }
}

antorobin

apiVersion: apps/v1
kind: Deployment
metadata:
  name: demoapp
  labels:
    app: demoapp
spec:
  selector:
    matchLabels:
      app: demoapp      

antorobin

apiVersion: apps/v1
kind: Deployment
metadata:
  name: kafdrop
  labels:
    app: kafdrop
spec:
  replicas: 1
  selector:
    matchLabels:

antorobin

apiVersion: v1
kind: ConfigMap
metadata:
  name: kafka-config-0
data:
  kafka.properties: |
    process.roles=controller,broker
    controller.quorum.voters=0@kafka-0.kafka-service.kafka-demo.svc.cluster.local:9093,1@kafka-1.kafka-service.kafka-demo.svc.cluster.local:9093,2@kafka-2.kafka-service.kafka-demo.svc.cluster.local:9093
    node.id=0
    broker.id=0

antorobin

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: kafka
spec:
  replicas: 3
  serviceName: kafka-service
  selector:
    matchLabels:
      app: kafka

antorobin

apiVersion: v1
kind: Service
metadata:
  name: vault-service-lb    
  labels:
    app: vault
spec:
  ports:
  - protocol: TCP
    port: 8208

antorobin

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: vault-autoscaler
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: vault
  minReplicas: 1

antorobin

apiVersion: v1
kind: Service
metadata:
  name: vault
spec:
  selector:
    app: vault
  ports:
    - protocol: TCP
      port: 8200

antorobin

apiVersion: v1
kind: ServiceAccount
metadata:
  name: vault
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: vault-role
rules: