pomerium Changeset - 290342e75927

Changeset - 290342e75927

Parent rev.

Child rev.

[Not reviewed]

default

0 2 0

drewp@bigasterisk.com - 19 months ago 2023-03-17 01:37:02
drewp@bigasterisk.com

move to ditto

2 files changed with 3 insertions and 1 deletions:

20-kube/20-pom-deploy.yaml

20-kube/21-pom-svc.yaml

0 comments (0 inline, 0 general)

20-kube/20-pom-deploy.yaml

➞

Show inline comments

@@ @@ -46,34 +46,34 @@ spec: @@
             readOnlyRootFilesystem: true
             runAsGroup: 1000
             runAsNonRoot: true
             runAsUser: 1000
           volumeMounts:
             - { mountPath: /tmp, name: tmp }
             - { mountPath: /data/autocert, name: autocert }
             - { mountPath: /.local, name: autocert }
       nodeSelector:
         kubernetes.io/os: linux
       securityContext:
         runAsNonRoot: true
       serviceAccountName: pomerium-controller
       terminationGracePeriodSeconds: 10
       volumes:
         - { name: tmp, emptyDir: {} }
         - { name: autocert, persistentVolumeClaim: { claimName: autocert-data } }
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:
             nodeSelectorTerms:
               - matchExpressions:
                   - key: "kubernetes.io/hostname"
                     operator: In
-                    values: ["bang"]
+                    values: ["ditto"]
 ---
 apiVersion: networking.k8s.io/v1
 kind: IngressClass
 metadata:
   labels:
     app.kubernetes.io/name: pomerium
   name: pomerium
 spec:
   controller: pomerium.io/ingress-controller

20-kube/21-pom-svc.yaml

➞

Show inline comments

@@ @@ -4,28 +4,30 @@ metadata: @@
   labels:
     app.kubernetes.io/name: pomerium
   name: pomerium-metrics
   namespace: pomerium
 spec:
   ports:
     - { name: metrics, port: 9090, protocol: TCP, targetPort: metrics }
   selector: { app.kubernetes.io/name: pomerium }
   type: ClusterIP
 ---
 apiVersion: v1
 kind: Service
 metadata:
   labels:
     app.kubernetes.io/name: pomerium
   name: pomerium-proxy
   namespace: pomerium
 spec:
   ports:
     - { name: https, port: 443, protocol: TCP, targetPort: https }
     - { name: http, port: 80, protocol: TCP, targetPort: http }
   selector: { app.kubernetes.io/name: pomerium }
   type: LoadBalancer
   externalIPs:
   # this would be the fastest if we're running on ditto
     - 10.5.0.7
   # prime forwards to this
     - 10.5.0.1
   # local dns picks this
     - 10.2.0.1
@@ \ No newline at end of file @@

0 comments (0 inline, 0 general)