Created
January 14, 2020 12:55
-
-
Save ilackarms/ea07bbdeb2c33ce54032a4e652c2fb91 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Source: gloo/templates/9-gateway-proxy-configmap.yaml | |
# config_map | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: gateway-proxy-envoy-config | |
namespace: gloo-system | |
labels: | |
app: gloo | |
gloo: gateway-proxy | |
gateway-proxy-id: gateway-proxy | |
data: | |
envoy.yaml: | | |
node: | |
cluster: gateway | |
id: "{{.PodName}}.{{.PodNamespace}}" | |
metadata: | |
# role's value is the key for the in-memory xds cache (projects/gloo/pkg/xds/envoy.go) | |
role: "gloo-system~gateway-proxy" | |
stats_sinks: | |
- name: envoy.metrics_service | |
config: | |
grpc_service: | |
envoy_grpc: {cluster_name: gloo.gloo-system.svc.cluster.local:9966} | |
static_resources: | |
listeners: # if or ($spec.stats) ($spec.readConfig) | |
- name: prometheus_listener | |
address: | |
socket_address: | |
address: 0.0.0.0 | |
port_value: 8081 | |
filter_chains: | |
- filters: | |
- name: envoy.http_connection_manager | |
config: | |
codec_type: auto | |
stat_prefix: prometheus | |
route_config: | |
name: prometheus_route | |
virtual_hosts: | |
- name: prometheus_host | |
domains: | |
- "*" | |
routes: | |
- match: | |
path: "/ready" | |
headers: | |
- name: ":method" | |
exact_match: GET | |
route: | |
cluster: admin_port_cluster | |
- match: | |
prefix: "/metrics" | |
headers: | |
- name: ":method" | |
exact_match: GET | |
route: | |
prefix_rewrite: "/stats/prometheus" | |
cluster: admin_port_cluster | |
http_filters: | |
- name: envoy.router | |
config: {} # if $statsConfig.enabled # if $spec.readConfig | |
clusters: | |
- name: gloo.gloo-system.svc.cluster.local:9977 | |
alt_stat_name: xds_cluster | |
connect_timeout: 5.000s | |
load_assignment: | |
cluster_name: gloo.gloo-system.svc.cluster.local:9977 | |
endpoints: | |
- lb_endpoints: | |
- endpoint: | |
address: | |
socket_address: | |
address: gloo.gloo-system.svc.cluster.local | |
port_value: 9977 | |
http2_protocol_options: {} | |
upstream_connection_options: | |
tcp_keepalive: {} | |
type: STRICT_DNS | |
respect_dns_ttl: true | |
- name: wasm-cache | |
connect_timeout: 5.000s | |
load_assignment: | |
cluster_name: wasm-cache | |
endpoints: | |
- lb_endpoints: | |
- endpoint: | |
address: | |
socket_address: | |
address: gloo.gloo-system.svc.cluster.local | |
port_value: 9979 | |
upstream_connection_options: | |
tcp_keepalive: {} | |
type: STRICT_DNS | |
respect_dns_ttl: true | |
- name: gloo.gloo-system.svc.cluster.local:9966 | |
alt_stat_name: metrics_cluster | |
connect_timeout: 5.000s | |
load_assignment: | |
cluster_name: gloo.gloo-system.svc.cluster.local:9966 | |
endpoints: | |
- lb_endpoints: | |
- endpoint: | |
address: | |
socket_address: | |
address: gloo.gloo-system.svc.cluster.local | |
port_value: 9966 | |
http2_protocol_options: {} | |
type: STRICT_DNS # if .Values.accessLogger.enabled # if $spec.tracing | |
- name: admin_port_cluster | |
connect_timeout: 5.000s | |
type: STATIC | |
lb_policy: ROUND_ROBIN | |
load_assignment: | |
cluster_name: admin_port_cluster | |
endpoints: | |
- lb_endpoints: | |
- endpoint: | |
address: | |
socket_address: | |
address: 127.0.0.1 | |
port_value: 19000 # if or $statsConfig.enabled ($spec.readConfig) # if $spec.tracing | |
dynamic_resources: | |
ads_config: | |
api_type: GRPC | |
rate_limit_settings: {} | |
grpc_services: | |
- envoy_grpc: {cluster_name: gloo.gloo-system.svc.cluster.local:9977} | |
cds_config: | |
ads: {} | |
lds_config: | |
ads: {} | |
admin: | |
access_log_path: /dev/null | |
address: | |
socket_address: | |
address: 127.0.0.1 | |
port_value: 19000 | |
--- | |
# Source: gloo/templates/7-gateway-proxy-deployment.yaml | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
labels: | |
app: gloo | |
gloo: gateway-proxy | |
gateway-proxy-id: gateway-proxy | |
name: gateway-proxy | |
namespace: gloo-system | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
gloo: gateway-proxy | |
gateway-proxy-id: gateway-proxy | |
template: | |
metadata: | |
labels: | |
gloo: gateway-proxy | |
gateway-proxy-id: gateway-proxy | |
gateway-proxy: live | |
annotations: | |
prometheus.io/path: /metrics | |
prometheus.io/port: "8081" | |
prometheus.io/scrape: "true" | |
spec: | |
serviceAccountName: gateway-proxy | |
containers: | |
- args: | |
- --disable-hot-restart | |
env: | |
- name: POD_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: POD_NAME | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.name | |
image: quay.io/solo-io/gloo-envoy-wrapper:1.3.1 | |
imagePullPolicy: IfNotPresent | |
name: gateway-proxy | |
securityContext: | |
readOnlyRootFilesystem: true | |
allowPrivilegeEscalation: false | |
capabilities: | |
drop: | |
- ALL | |
add: | |
- NET_BIND_SERVICE | |
ports: | |
- containerPort: 8080 | |
name: http | |
protocol: TCP | |
- containerPort: 8443 | |
name: https | |
protocol: TCP | |
volumeMounts: | |
- mountPath: /etc/envoy | |
name: envoy-config | |
volumes: | |
- configMap: | |
name: gateway-proxy-envoy-config | |
name: envoy-config |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment