зеркало из https://github.com/golang/build.git
deploy, cmd/gomoteserver: add the Kubernetes configuration
This change adds the Kubernetes configuration changes necessary for the gomote server to be deployed in the cluster. It creates a new ingress for the gomote server. It also adds an external IP address for the gomote ssh functionality. Updates golang/go#61912 For golang/go#61772 Change-Id: If821ff368bbd025a566b04f2d9779f2a12ff4cb2 Reviewed-on: https://go-review.googlesource.com/c/build/+/520695 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Heschi Kreinick <heschi@google.com> Run-TryBot: Carlos Amedee <carlos@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
This commit is contained in:
Carlos Amedee
Родитель
ed87657276
Коммит
245708aee1
|
|
@ -0,0 +1,98 @@
|
|||
# Copyright 2023 The Go Authors. All rights reserved.
|
||||
# Use of this source code is governed by a BSD-style
|
||||
# license that can be found in the LICENSE file.
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver-deployment
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: gomoteserver
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: gomoteserver
|
||||
spec:
|
||||
serviceAccountName: gomoteserver
|
||||
containers:
|
||||
- name: gomoteserver
|
||||
image: gcr.io/symbolic-datum-552/gomoteserver:latest
|
||||
imagePullPolicy: Always
|
||||
command: ["/gomoteserver", "-listen-http=:80", "-autocert-bucket=gomote-golang-org-autocert-cache", "-listen-https-selfsigned=:444"]
|
||||
ports:
|
||||
- containerPort: 80
|
||||
- containerPort: 444
|
||||
- containerPort: 2222 # ssh proxy port
|
||||
resources:
|
||||
requests:
|
||||
cpu: "2"
|
||||
memory: "16Gi"
|
||||
limits:
|
||||
cpu: "4"
|
||||
memory: "16Gi"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver
|
||||
spec:
|
||||
ports:
|
||||
- port: 2222
|
||||
targetPort: 2222
|
||||
name: ssh
|
||||
selector:
|
||||
app: gomoteserver
|
||||
type: LoadBalancer
|
||||
loadBalancerIP: 35.232.178.214 # gomote-ssh-golang-org
|
||||
externalTrafficPolicy: Local
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver-internal-iap
|
||||
annotations:
|
||||
cloud.google.com/backend-config: '{"default": "gomoteserver-iap-backend"}'
|
||||
cloud.google.com/neg: '{"ingress": false}'
|
||||
cloud.google.com/app-protocols: '{"https":"HTTP2"}'
|
||||
spec:
|
||||
ports:
|
||||
- port: 444
|
||||
targetPort: 444
|
||||
name: https
|
||||
selector:
|
||||
app: gomoteserver
|
||||
type: NodePort
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver-internal
|
||||
annotations:
|
||||
cloud.google.com/neg: '{"ingress": false}'
|
||||
cloud.google.com/app-protocols: '{"https":"HTTP2"}'
|
||||
spec:
|
||||
ports:
|
||||
- port: 444
|
||||
targetPort: 444
|
||||
name: https
|
||||
selector:
|
||||
app: gomoteserver
|
||||
type: NodePort
|
||||
---
|
||||
apiVersion: cloud.google.com/v1
|
||||
kind: BackendConfig
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver-iap-backend
|
||||
spec:
|
||||
iap:
|
||||
enabled: true
|
||||
oauthclientCredentials:
|
||||
secretName: iap-oauth
|
||||
timeoutSec: 86400 # For long-running gomote RPCs. See https://go.dev/issue/56423.
|
||||
|
|
@ -0,0 +1,52 @@
|
|||
# Copyright 2023 The Go Authors. All rights reserved.
|
||||
# Use of this source code is governed by a BSD-style
|
||||
# license that can be found in the LICENSE file.
|
||||
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver-ingress
|
||||
annotations:
|
||||
kubernetes.io/ingress.global-static-ip-name: gomote-web-golang-org
|
||||
networking.gke.io/managed-certificates: gomoteserver-cert
|
||||
kubernetes.io/ingress.class: "gce"
|
||||
networking.gke.io/v1beta1.FrontendConfig: gomoteserver-ingress-frontend
|
||||
spec:
|
||||
rules:
|
||||
- host: gomote.golang.org
|
||||
http:
|
||||
paths:
|
||||
- pathType: ImplementationSpecific
|
||||
path: /protos.GomoteService/*
|
||||
backend:
|
||||
service:
|
||||
name: gomoteserver-internal-iap
|
||||
port:
|
||||
number: 444
|
||||
- pathType: ImplementationSpecific
|
||||
path: /*
|
||||
backend:
|
||||
service:
|
||||
name: gomoteserver-internal
|
||||
port:
|
||||
number: 444
|
||||
---
|
||||
apiVersion: networking.gke.io/v1beta1
|
||||
kind: FrontendConfig
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver-ingress-frontend
|
||||
spec:
|
||||
redirectToHttps:
|
||||
enabled: true
|
||||
responseCodeName: FOUND
|
||||
---
|
||||
apiVersion: networking.gke.io/v1
|
||||
kind: ManagedCertificate
|
||||
metadata:
|
||||
namespace: prod
|
||||
name: gomoteserver-cert
|
||||
spec:
|
||||
domains:
|
||||
- gomote.golang.org
|
||||
Загрузка…
Ссылка в новой задаче