Created
January 14, 2020 12:55
-
-
Save ilackarms/ea07bbdeb2c33ce54032a4e652c2fb91 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: gloo/templates/9-gateway-proxy-configmap.yaml | |
| # config_map | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: gateway-proxy-envoy-config | |
| namespace: gloo-system | |
| labels: | |
| app: gloo | |
| gloo: gateway-proxy | |
| gateway-proxy-id: gateway-proxy | |
| data: | |
| envoy.yaml: | | |
| node: | |
| cluster: gateway | |
| id: "{{.PodName}}.{{.PodNamespace}}" | |
| metadata: | |
| # role's value is the key for the in-memory xds cache (projects/gloo/pkg/xds/envoy.go) | |
| role: "gloo-system~gateway-proxy" | |
| stats_sinks: | |
| - name: envoy.metrics_service | |
| config: | |
| grpc_service: | |
| envoy_grpc: {cluster_name: gloo.gloo-system.svc.cluster.local:9966} | |
| static_resources: | |
| listeners: # if or ($spec.stats) ($spec.readConfig) | |
| - name: prometheus_listener | |
| address: | |
| socket_address: | |
| address: 0.0.0.0 | |
| port_value: 8081 | |
| filter_chains: | |
| - filters: | |
| - name: envoy.http_connection_manager | |
| config: | |
| codec_type: auto | |
| stat_prefix: prometheus | |
| route_config: | |
| name: prometheus_route | |
| virtual_hosts: | |
| - name: prometheus_host | |
| domains: | |
| - "*" | |
| routes: | |
| - match: | |
| path: "/ready" | |
| headers: | |
| - name: ":method" | |
| exact_match: GET | |
| route: | |
| cluster: admin_port_cluster | |
| - match: | |
| prefix: "/metrics" | |
| headers: | |
| - name: ":method" | |
| exact_match: GET | |
| route: | |
| prefix_rewrite: "/stats/prometheus" | |
| cluster: admin_port_cluster | |
| http_filters: | |
| - name: envoy.router | |
| config: {} # if $statsConfig.enabled # if $spec.readConfig | |
| clusters: | |
| - name: gloo.gloo-system.svc.cluster.local:9977 | |
| alt_stat_name: xds_cluster | |
| connect_timeout: 5.000s | |
| load_assignment: | |
| cluster_name: gloo.gloo-system.svc.cluster.local:9977 | |
| endpoints: | |
| - lb_endpoints: | |
| - endpoint: | |
| address: | |
| socket_address: | |
| address: gloo.gloo-system.svc.cluster.local | |
| port_value: 9977 | |
| http2_protocol_options: {} | |
| upstream_connection_options: | |
| tcp_keepalive: {} | |
| type: STRICT_DNS | |
| respect_dns_ttl: true | |
| - name: wasm-cache | |
| connect_timeout: 5.000s | |
| load_assignment: | |
| cluster_name: wasm-cache | |
| endpoints: | |
| - lb_endpoints: | |
| - endpoint: | |
| address: | |
| socket_address: | |
| address: gloo.gloo-system.svc.cluster.local | |
| port_value: 9979 | |
| upstream_connection_options: | |
| tcp_keepalive: {} | |
| type: STRICT_DNS | |
| respect_dns_ttl: true | |
| - name: gloo.gloo-system.svc.cluster.local:9966 | |
| alt_stat_name: metrics_cluster | |
| connect_timeout: 5.000s | |
| load_assignment: | |
| cluster_name: gloo.gloo-system.svc.cluster.local:9966 | |
| endpoints: | |
| - lb_endpoints: | |
| - endpoint: | |
| address: | |
| socket_address: | |
| address: gloo.gloo-system.svc.cluster.local | |
| port_value: 9966 | |
| http2_protocol_options: {} | |
| type: STRICT_DNS # if .Values.accessLogger.enabled # if $spec.tracing | |
| - name: admin_port_cluster | |
| connect_timeout: 5.000s | |
| type: STATIC | |
| lb_policy: ROUND_ROBIN | |
| load_assignment: | |
| cluster_name: admin_port_cluster | |
| endpoints: | |
| - lb_endpoints: | |
| - endpoint: | |
| address: | |
| socket_address: | |
| address: 127.0.0.1 | |
| port_value: 19000 # if or $statsConfig.enabled ($spec.readConfig) # if $spec.tracing | |
| dynamic_resources: | |
| ads_config: | |
| api_type: GRPC | |
| rate_limit_settings: {} | |
| grpc_services: | |
| - envoy_grpc: {cluster_name: gloo.gloo-system.svc.cluster.local:9977} | |
| cds_config: | |
| ads: {} | |
| lds_config: | |
| ads: {} | |
| admin: | |
| access_log_path: /dev/null | |
| address: | |
| socket_address: | |
| address: 127.0.0.1 | |
| port_value: 19000 | |
| --- | |
| # Source: gloo/templates/7-gateway-proxy-deployment.yaml | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: gloo | |
| gloo: gateway-proxy | |
| gateway-proxy-id: gateway-proxy | |
| name: gateway-proxy | |
| namespace: gloo-system | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| gloo: gateway-proxy | |
| gateway-proxy-id: gateway-proxy | |
| template: | |
| metadata: | |
| labels: | |
| gloo: gateway-proxy | |
| gateway-proxy-id: gateway-proxy | |
| gateway-proxy: live | |
| annotations: | |
| prometheus.io/path: /metrics | |
| prometheus.io/port: "8081" | |
| prometheus.io/scrape: "true" | |
| spec: | |
| serviceAccountName: gateway-proxy | |
| containers: | |
| - args: | |
| - --disable-hot-restart | |
| env: | |
| - name: POD_NAMESPACE | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: metadata.namespace | |
| - name: POD_NAME | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: metadata.name | |
| image: quay.io/solo-io/gloo-envoy-wrapper:1.3.1 | |
| imagePullPolicy: IfNotPresent | |
| name: gateway-proxy | |
| securityContext: | |
| readOnlyRootFilesystem: true | |
| allowPrivilegeEscalation: false | |
| capabilities: | |
| drop: | |
| - ALL | |
| add: | |
| - NET_BIND_SERVICE | |
| ports: | |
| - containerPort: 8080 | |
| name: http | |
| protocol: TCP | |
| - containerPort: 8443 | |
| name: https | |
| protocol: TCP | |
| volumeMounts: | |
| - mountPath: /etc/envoy | |
| name: envoy-config | |
| volumes: | |
| - configMap: | |
| name: gateway-proxy-envoy-config | |
| name: envoy-config |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment