Google Git
Sign in
apache / dubbo-go-pixiu / 2602fe763665f2864b69150d1fdfa1056f298c45 / . / samples / addons / kiali.yaml
blob: 1c25cf65b52789f3cbb924918286a419e5171e5d [file] [log] [blame]
---
# Source: kiali-server/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: kiali
namespace: dubbo-system
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
...
---
# Source: kiali-server/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: kiali
namespace: dubbo-system
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
data:
config.yaml: |
auth:
openid: {}
openshift:
client_id_prefix: kiali
strategy: anonymous
deployment:
accessible_namespaces:
- '**'
additional_service_yaml: {}
affinity:
node: {}
pod: {}
pod_anti: {}
configmap_annotations: {}
custom_secrets: []
host_aliases: []
hpa:
api_version: autoscaling/v2beta2
spec: {}
image_digest: ""
image_name: quay.io/kiali/kiali
image_pull_policy: Always
image_pull_secrets: []
image_version: v1.50
ingress:
additional_labels: {}
class_name: nginx
override_yaml:
metadata: {}
ingress_enabled: false
instance_name: kiali
logger:
log_format: text
log_level: info
sampler_rate: "1"
time_field_format: 2006-01-02T15:04:05Z07:00
namespace: dubbo-system
node_selector: {}
pod_annotations: {}
pod_labels:
sidecar.istio.io/inject: "false"
priority_class_name: ""
replicas: 1
resources:
limits:
memory: 1Gi
requests:
cpu: 10m
memory: 64Mi
secret_name: kiali
service_annotations: {}
service_type: ""
tolerations: []
version_label: v1.50.0
view_only_mode: false
external_services:
custom_dashboards:
enabled: true
istio:
root_namespace: dubbo-system
identity:
cert_file: ""
private_key_file: ""
istio_namespace: dubbo-system
kiali_feature_flags:
certificates_information_indicators:
enabled: true
secrets:
- cacerts
- istio-ca-secret
clustering:
enabled: true
disabled_features: []
validations:
ignore:
- KIA1201
login_token:
signing_key: CHANGEME00000000
server:
metrics_enabled: true
metrics_port: 9090
port: 20001
web_root: /kiali
...
---
# Source: kiali-server/templates/role-viewer.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kiali-viewer
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
rules:
- apiGroups: [""]
resources:
- configmaps
- endpoints
- pods/log
verbs:
- get
- list
- watch
- apiGroups: [""]
resources:
- namespaces
- pods
- replicationcontrollers
- services
verbs:
- get
- list
- watch
- apiGroups: [""]
resources:
- pods/portforward
verbs:
- create
- post
- apiGroups: ["extensions", "apps"]
resources:
- daemonsets
- deployments
- replicasets
- statefulsets
verbs:
- get
- list
- watch
- apiGroups: ["batch"]
resources:
- cronjobs
- jobs
verbs:
- get
- list
- watch
- apiGroups:
- networking.istio.io
- security.istio.io
resources: ["*"]
verbs:
- get
- list
- watch
- apiGroups: ["apps.openshift.io"]
resources:
- deploymentconfigs
verbs:
- get
- list
- watch
- apiGroups: ["project.openshift.io"]
resources:
- projects
verbs:
- get
- apiGroups: ["route.openshift.io"]
resources:
- routes
verbs:
- get
- apiGroups: ["authentication.k8s.io"]
resources:
- tokenreviews
verbs:
- create
...
---
# Source: kiali-server/templates/role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kiali
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
rules:
- apiGroups: [""]
resources:
- configmaps
- endpoints
- pods/log
verbs:
- get
- list
- watch
- apiGroups: [""]
resources:
- namespaces
- pods
- replicationcontrollers
- services
verbs:
- get
- list
- watch
- patch
- apiGroups: [""]
resources:
- pods/portforward
verbs:
- create
- post
- apiGroups: ["extensions", "apps"]
resources:
- daemonsets
- deployments
- replicasets
- statefulsets
verbs:
- get
- list
- watch
- patch
- apiGroups: ["batch"]
resources:
- cronjobs
- jobs
verbs:
- get
- list
- watch
- patch
- apiGroups:
- networking.istio.io
- security.istio.io
resources: ["*"]
verbs:
- get
- list
- watch
- create
- delete
- patch
- apiGroups: ["apps.openshift.io"]
resources:
- deploymentconfigs
verbs:
- get
- list
- watch
- patch
- apiGroups: ["project.openshift.io"]
resources:
- projects
verbs:
- get
- apiGroups: ["route.openshift.io"]
resources:
- routes
verbs:
- get
- apiGroups: ["authentication.k8s.io"]
resources:
- tokenreviews
verbs:
- create
...
---
# Source: kiali-server/templates/rolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kiali
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kiali
subjects:
- kind: ServiceAccount
name: kiali
namespace: dubbo-system
...
---
# Source: kiali-server/templates/role-controlplane.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kiali-controlplane
namespace: dubbo-system
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
rules:
- apiGroups: [""]
resources:
- secrets
verbs:
- list
- apiGroups: [""]
resourceNames:
- cacerts
- istio-ca-secret
resources:
- secrets
verbs:
- get
- list
- watch
...
---
# Source: kiali-server/templates/rolebinding-controlplane.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kiali-controlplane
namespace: dubbo-system
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kiali-controlplane
subjects:
- kind: ServiceAccount
name: kiali
namespace: dubbo-system
...
---
# Source: kiali-server/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: kiali
namespace: dubbo-system
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
annotations:
spec:
ports:
- name: http
protocol: TCP
port: 20001
- name: http-metrics
protocol: TCP
port: 9090
selector:
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
...
---
# Source: kiali-server/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: kiali
namespace: dubbo-system
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
name: kiali
labels:
helm.sh/chart: kiali-server-1.50.0
app: kiali
app.kubernetes.io/name: kiali
app.kubernetes.io/instance: kiali
version: "v1.50.0"
app.kubernetes.io/version: "v1.50.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "kiali"
sidecar.istio.io/inject: "false"
annotations:
checksum/config: 03a5118048208a4375d255f2e6119911359cbdf0bbbea7a66012cf2648b41d52
prometheus.io/scrape: "true"
prometheus.io/port: "9090"
kiali.io/dashboards: go,kiali
spec:
serviceAccountName: kiali
containers:
- image: "quay.io/kiali/kiali:v1.50"
imagePullPolicy: Always
name: kiali
command:
- "/opt/kiali/kiali"
- "-config"
- "/kiali-configuration/config.yaml"
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
ports:
- name: api-port
containerPort: 20001
- name: http-metrics
containerPort: 9090
readinessProbe:
httpGet:
path: /kiali/healthz
port: api-port
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 30
livenessProbe:
httpGet:
path: /kiali/healthz
port: api-port
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 30
env:
- name: ACTIVE_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: LOG_LEVEL
value: "info"
- name: LOG_FORMAT
value: "text"
- name: LOG_TIME_FIELD_FORMAT
value: "2006-01-02T15:04:05Z07:00"
- name: LOG_SAMPLER_RATE
value: "1"
volumeMounts:
- name: kiali-configuration
mountPath: "/kiali-configuration"
- name: kiali-cert
mountPath: "/kiali-cert"
- name: kiali-secret
mountPath: "/kiali-secret"
- name: kiali-cabundle
mountPath: "/kiali-cabundle"
resources:
limits:
memory: 1Gi
requests:
cpu: 10m
memory: 64Mi
volumes:
- name: kiali-configuration
configMap:
name: kiali
- name: kiali-cert
secret:
secretName: istio.kiali-service-account
optional: true
- name: kiali-secret
secret:
secretName: kiali
optional: true
- name: kiali-cabundle
configMap:
name: kiali-cabundle
optional: true
...