test

2022-08-04 15:16:24 +08:00 · 2022-08-04 15:16:24 +08:00 · f2d06c7161
commit f2d06c7161
parent d49e5507f1
4 changed files with 79 additions and 8 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -50,6 +50,7 @@ docker_deploy:
    entrypoint: [""]
  script:
    # - kubectl run console-${POD_VERSION} --image=reg.sre.victor-core.top/cobalt-strike/console:${PACKAGE_VERSION} --kubeconfig=.kube/config --certificate-authority=.kube/ca.pem
+    - kubectl apply -f traefik-config.yaml
    - kubectl apply -f deploy.yaml  
  tags:
    - cluster
--- a/deploy.yaml
+++ b/deploy.yaml
@ -1,12 +1,60 @@
-apiVersion: apps/v1
-kind: Deployment
+kind: Pod
+apiVersion: v1
 metadata:
  name: console
-  labels: 
+  namespace: sangge
+  labels:
    app: console
-sepc: 
+spec:
+  volumes:
+    - name: kube-api-access-zj4cn
+      projected:
+        sources:
+          - serviceAccountToken:
+              expirationSeconds: 3607
+              path: token
+          - configMap:
+              name: kube-root-ca.crt
+              items:
+                - key: ca.crt
+                  path: ca.crt
+          - downwardAPI:
+              items:
+                - path: namespace
+                  fieldRef:
+                    apiVersion: v1
+                    fieldPath: metadata.namespace
+        defaultMode: 420
  containers:
-      - name: console
-        image: reg.sre.victor-core.top/cobalt-strike/console:1.3.0
-        ports:
-        - containerPort: 4444
+    - name: container-ezl95t
+      image: 'reg.sre.victor-core.top/cobalt-strike/console:1.3.0'
+      resources:
+        requests:
+          cpu: 10m
+      volumeMounts:
+        - name: kube-api-access-zj4cn
+          readOnly: true
+          mountPath: /var/run/secrets/kubernetes.io/serviceaccount
+      terminationMessagePath: /dev/termination-log
+      terminationMessagePolicy: File
+      imagePullPolicy: IfNotPresent
+  restartPolicy: Always
+  terminationGracePeriodSeconds: 30
+  dnsPolicy: ClusterFirst
+  serviceAccountName: default
+  serviceAccount: default
+  nodeName: 172.22.161.246
+  securityContext: {}
+  schedulerName: default-scheduler
+  tolerations:
+    - key: node.kubernetes.io/not-ready
+      operator: Exists
+      effect: NoExecute
+      tolerationSeconds: 300
+    - key: node.kubernetes.io/unreachable
+      operator: Exists
+      effect: NoExecute
+      tolerationSeconds: 300
+  priority: 0
+  enableServiceLinks: true
+  preemptionPolicy: PreemptLowerPriority
--- a/1
+++ b/1
@ -1,4 +1,5 @@
 from golang:latest
 copy . /go
 run go build -o console console.go
+expose 4444
 entrypoint ./console
--- a/traefik-config.yaml
+++ b/traefik-config.yaml
@ -0,0 +1,21 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: console
+  namespace: sangge
+  labels:
+    app: console
+  annotations:
+    kubenetes.io/ingress.class: traefik
+spec:
+  rules:
+  - host: sangge.sre.victor-core.top
+    http:
+      paths: 
+      - path: /
+        pathType: Prefix
+        backend:
+          service: 
+            name: console
+            port: 
+              number: 4444