This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind: ClusterRole | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
metadata: | |
name: bigip-ctlr-clusterrole | |
rules: | |
- apiGroups: ["", "extensions"] | |
resources: ["nodes", "services", "endpoints", "namespaces", "ingresses", "pods"] | |
verbs: ["get", "list", "watch"] | |
- apiGroups: ["", "extensions"] | |
resources: ["configmaps", "events", "ingresses/status"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: k8s-bigip-ctlr-deployment | |
namespace: kube-system | |
spec: | |
# DO NOT INCREASE REPLICA COUNT | |
replicas: 1 | |
template: | |
metadata: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apps/v1beta1 | |
kind: Deployment | |
metadata: | |
name: f5-nginx | |
spec: | |
replicas: 1 | |
template: | |
metadata: | |
labels: | |
run: f5-nginx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: k8s-bigip-ctlr-deployment | |
namespace: kube-system | |
spec: | |
# DO NOT INCREASE REPLICA COUNT | |
replicas: 1 | |
template: | |
metadata: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: contour.heptio.com/v1beta1 | |
kind: IngressRoute | |
metadata: | |
name: root-blog | |
namespace: default | |
spec: | |
virtualhost: | |
fqdn: test.syspks.com | |
#tls: | |
#secretName: containersteve-com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#nginx/ingress.yaml | |
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
name: nginx-ingress | |
spec: | |
rules: | |
- host: [replace-with-your-fqdn] | |
http: | |
paths: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl -k https://nsxmgr.syspks.com/api/v1/loadbalancer/virtual-servers/{virtual-server-id} \ | |
-X PUT -u admin:VMware1! -i -H "X-Allow-Overwrite:true" -H "Content-Type:application/json" \ | |
-H "Accept:application/json" \ | |
-d '{ | |
"resource_type" : "LbVirtualServer", | |
"id" : "03af0505-3db4-4a31-b619-7b0ff72d6f0f", | |
"display_name" : "pks-4cb3e155-a084-4af2-8513-34077fde1a17-http", | |
"tags" : [ { | |
"scope" : "ncp/version", | |
"tag" : "1.2.0" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind: Role | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
metadata: | |
namespace: default | |
name: namespace-admin | |
rules: | |
- apiGroups: ["*"] # 空字符串""表明使用core API group | |
resources: ["*"] | |
verbs: ["*"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# sa-admin.yaml | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: gimbal-sa | |
--- | |
kind: ClusterRoleBinding | |
metadata: | |
creationTimestamp: null | |
name: gimbal-admin-cb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
context=$1 #後端K8S Cluster的名稱 | |
kubectl apply -f ./sa-admin.yaml # 執行 | |
name=$(kubectl describe sa gimbal-sa --context=$context | grep Tokens | awk '{print $2}') | |
ca=$(kubectl get secret/$name -o jsonpath='{.data.ca\.crt}' --context=$context) | |
token=$(kubectl get secret/$name -o jsonpath='{.data.token}' --context=$context | base64 --decode) | |
namespace=$(kubectl get secret/$name -o jsonpath='{.data.namespace}' --context=$context | base64 --decode) | |
echo " | |
apiVersion: v1 |
OlderNewer