--- # Source: kubernetes-dashboard/charts/kong/templates/service-account.yaml apiVersion: v1 kind: ServiceAccount metadata: name: kubernetes-dashboard-kong namespace: kubernetes-dashboard labels: app.kubernetes.io/name: kong helm.sh/chart: kong-2.38.0 app.kubernetes.io/instance: "kubernetes-dashboard" app.kubernetes.io/managed-by: "Helm" app.kubernetes.io/version: "3.6" --- # Source: kubernetes-dashboard/templates/rbac/api/serviceaccount.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: ServiceAccount metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-api --- # Source: kubernetes-dashboard/templates/rbac/metrics-scraper/serviceaccount.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: ServiceAccount metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-metrics-scraper --- # Source: kubernetes-dashboard/templates/rbac/web/serviceaccount.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: ServiceAccount metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-web --- # Source: kubernetes-dashboard/templates/secrets/csrf.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: Secret metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-csrf data: private.key: "YVhKRTJOK3RSSGwxZTg4RmliMzc2ZG1ybUJHV2c2RVVvYnNmVEorRytabVVuVEtaWVNRL2JIS0NnTnl3ZFBRRTNESnYzNDBrYzNtUWVBZzNQbFAxVmpVUVA5SnFwUVl1RHdhV3RLQUF5ZGpsdzI4anV2YWxReVJPcGlvTVk2SnkyVmhnaFNKbk9uRmM2NnNqa2JoS2k4VGtybDJOamZjYnVYRW5BaHlpMXY1VFFVeHMxUEhhcFRnSUYrSWExbzgwZ2c3aUFtL08xMmpVeXUybk50MGlQQzdKMFlnaDFnTklrY0JUSko4MGhYWk5neGVmN01JSE9JL2g1ZGxDRDZYSUZvWkQycUNPWjhsY0JSbnJkRVZCMFRLaS94QWRuai9VWVUzKy85a3EzZERBVFozZFRwU1R3WXNEZndmdHM1eHRUNEhWVU9OejBpem5CMVNZQlJ6WHZ3PT0=" --- # Source: kubernetes-dashboard/templates/config/gateway.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: ConfigMap metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kong-dbless-config data: kong.yml: | _format_version: "3.0" services: - name: auth host: kubernetes-dashboard-auth port: 8000 protocol: http routes: - name: authLogin paths: - /api/v1/login strip_path: false - name: authCsrf paths: - /api/v1/csrftoken/login strip_path: false - name: authMe paths: - /api/v1/me strip_path: false - name: api host: kubernetes-dashboard-api port: 8000 protocol: http routes: - name: api paths: - /api strip_path: false - name: metrics paths: - /metrics strip_path: false - name: web host: kubernetes-dashboard-web port: 8000 protocol: http routes: - name: root paths: - / strip_path: false --- # Source: kubernetes-dashboard/templates/config/settings.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: ConfigMap metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-web-settings data: --- # Source: kubernetes-dashboard/templates/rbac/metrics-scraper/clusterrole.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-metrics-scraper rules: # Allow Metrics Scraper to get metrics from the Metrics server - apiGroups: [ "metrics.k8s.io" ] resources: [ "pods", "nodes" ] verbs: [ "get", "list", "watch" ] --- # Source: kubernetes-dashboard/templates/rbac/metrics-scraper/clusterrolebinding.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-metrics-scraper roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kubernetes-dashboard-metrics-scraper subjects: - kind: ServiceAccount name: kubernetes-dashboard-metrics-scraper namespace: kubernetes-dashboard --- # Source: kubernetes-dashboard/templates/rbac/api/role.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-api rules: # Allow Dashboard API to get metrics from metrics-scraper. - apiGroups: [ "" ] resources: [ "services/proxy" ] resourceNames: [ "kubernetes-dashboard-metrics-scraper", "http:kubernetes-dashboard-metrics-scraper" ] verbs: [ "get" ] --- # Source: kubernetes-dashboard/templates/rbac/web/role.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-web rules: # Allow Dashboard Web to get and update 'kubernetes-dashboard-settings' config map. - apiGroups: [ "" ] resources: [ "configmaps" ] resourceNames: [ "kubernetes-dashboard-web-settings" ] verbs: [ "get", "update" ] --- # Source: kubernetes-dashboard/templates/rbac/api/rolebinding.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-api roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubernetes-dashboard-api subjects: - kind: ServiceAccount name: kubernetes-dashboard-api --- # Source: kubernetes-dashboard/templates/rbac/web/rolebinding.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard name: kubernetes-dashboard-web roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubernetes-dashboard-web subjects: - kind: ServiceAccount name: kubernetes-dashboard-web --- # Source: kubernetes-dashboard/charts/kong/templates/service-kong-manager.yaml apiVersion: v1 kind: Service metadata: name: kubernetes-dashboard-kong-manager namespace: kubernetes-dashboard labels: app.kubernetes.io/name: kong helm.sh/chart: kong-2.38.0 app.kubernetes.io/instance: "kubernetes-dashboard" app.kubernetes.io/managed-by: "Helm" app.kubernetes.io/version: "3.6" spec: type: NodePort ports: - name: kong-manager port: 8002 targetPort: 8002 protocol: TCP - name: kong-manager-tls port: 8445 targetPort: 8445 protocol: TCP selector: app.kubernetes.io/name: kong app.kubernetes.io/component: app app.kubernetes.io/instance: "kubernetes-dashboard" --- # Source: kubernetes-dashboard/charts/kong/templates/service-kong-proxy.yaml apiVersion: v1 kind: Service metadata: name: kubernetes-dashboard-kong-proxy namespace: kubernetes-dashboard labels: app.kubernetes.io/name: kong helm.sh/chart: kong-2.38.0 app.kubernetes.io/instance: "kubernetes-dashboard" app.kubernetes.io/managed-by: "Helm" app.kubernetes.io/version: "3.6" enable-metrics: "true" spec: type: ClusterIP ports: - name: kong-proxy-tls port: 443 targetPort: 8443 protocol: TCP selector: app.kubernetes.io/name: kong app.kubernetes.io/component: app app.kubernetes.io/instance: "kubernetes-dashboard" --- # Source: kubernetes-dashboard/templates/services/api.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Service apiVersion: v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-api app.kubernetes.io/version: 1.3.0 app.kubernetes.io/component: api name: kubernetes-dashboard-api spec: ports: - name: api port: 8000 selector: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-api --- # Source: kubernetes-dashboard/templates/services/auth.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Service apiVersion: v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-auth app.kubernetes.io/version: 1.1.1 app.kubernetes.io/component: auth name: kubernetes-dashboard-auth spec: ports: - name: auth port: 8000 selector: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-auth --- # Source: kubernetes-dashboard/templates/services/metrics-scraper.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Service apiVersion: v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper app.kubernetes.io/version: 1.1.1 app.kubernetes.io/component: metrics-scraper name: kubernetes-dashboard-metrics-scraper spec: ports: - port: 8000 selector: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper --- # Source: kubernetes-dashboard/templates/services/web.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Service apiVersion: v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-web app.kubernetes.io/version: 1.2.2 app.kubernetes.io/component: web name: kubernetes-dashboard-web spec: ports: - name: web port: 8000 selector: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-web --- # Source: kubernetes-dashboard/charts/kong/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: kubernetes-dashboard-kong namespace: kubernetes-dashboard labels: app.kubernetes.io/name: kong helm.sh/chart: kong-2.38.0 app.kubernetes.io/instance: "kubernetes-dashboard" app.kubernetes.io/managed-by: "Helm" app.kubernetes.io/version: "3.6" app.kubernetes.io/component: app spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: kong app.kubernetes.io/component: app app.kubernetes.io/instance: "kubernetes-dashboard" template: metadata: annotations: kuma.io/service-account-token-volume: kubernetes-dashboard-kong-token kuma.io/gateway: "enabled" traffic.sidecar.istio.io/includeInboundPorts: "" labels: app.kubernetes.io/name: kong helm.sh/chart: kong-2.38.0 app.kubernetes.io/instance: "kubernetes-dashboard" app.kubernetes.io/managed-by: "Helm" app.kubernetes.io/version: "3.6" app.kubernetes.io/component: app app: kubernetes-dashboard-kong version: "3.6" spec: serviceAccountName: kubernetes-dashboard-kong automountServiceAccountToken: false initContainers: - name: clear-stale-pid image: kong:3.6 imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 seccompProfile: type: RuntimeDefault resources: {} command: - "rm" - "-vrf" - "$KONG_PREFIX/pids" env: - name: KONG_ADMIN_ACCESS_LOG value: "/dev/stdout" - name: KONG_ADMIN_ERROR_LOG value: "/dev/stderr" - name: KONG_ADMIN_GUI_ACCESS_LOG value: "/dev/stdout" - name: KONG_ADMIN_GUI_ERROR_LOG value: "/dev/stderr" - name: KONG_ADMIN_LISTEN value: "127.0.0.1:8444 http2 ssl, [::1]:8444 http2 ssl" - name: KONG_CLUSTER_LISTEN value: "off" - name: KONG_DATABASE value: "off" - name: KONG_DECLARATIVE_CONFIG value: "/kong_dbless/kong.yml" - name: KONG_DNS_ORDER value: "LAST,A,SRV,CNAME" - name: KONG_LUA_PACKAGE_PATH value: "/opt/?.lua;/opt/?/init.lua;;" - name: KONG_NGINX_WORKER_PROCESSES value: "2" - name: KONG_PORTAL_API_ACCESS_LOG value: "/dev/stdout" - name: KONG_PORTAL_API_ERROR_LOG value: "/dev/stderr" - name: KONG_PORT_MAPS value: "443:8443" - name: KONG_PREFIX value: "/kong_prefix/" - name: KONG_PROXY_ACCESS_LOG value: "/dev/stdout" - name: KONG_PROXY_ERROR_LOG value: "/dev/stderr" - name: KONG_PROXY_LISTEN value: "0.0.0.0:8443 http2 ssl, [::]:8443 http2 ssl" - name: KONG_PROXY_STREAM_ACCESS_LOG value: "/dev/stdout basic" - name: KONG_PROXY_STREAM_ERROR_LOG value: "/dev/stderr" - name: KONG_ROUTER_FLAVOR value: "traditional" - name: KONG_STATUS_ACCESS_LOG value: "off" - name: KONG_STATUS_ERROR_LOG value: "/dev/stderr" - name: KONG_STATUS_LISTEN value: "0.0.0.0:8100, [::]:8100" - name: KONG_STREAM_LISTEN value: "off" volumeMounts: - name: kubernetes-dashboard-kong-prefix-dir mountPath: /kong_prefix/ - name: kubernetes-dashboard-kong-tmp mountPath: /tmp - name: kong-custom-dbless-config-volume mountPath: /kong_dbless/ containers: - name: "proxy" image: kong:3.6 imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 seccompProfile: type: RuntimeDefault env: - name: KONG_ADMIN_ACCESS_LOG value: "/dev/stdout" - name: KONG_ADMIN_ERROR_LOG value: "/dev/stderr" - name: KONG_ADMIN_GUI_ACCESS_LOG value: "/dev/stdout" - name: KONG_ADMIN_GUI_ERROR_LOG value: "/dev/stderr" - name: KONG_ADMIN_LISTEN value: "127.0.0.1:8444 http2 ssl, [::1]:8444 http2 ssl" - name: KONG_CLUSTER_LISTEN value: "off" - name: KONG_DATABASE value: "off" - name: KONG_DECLARATIVE_CONFIG value: "/kong_dbless/kong.yml" - name: KONG_DNS_ORDER value: "LAST,A,SRV,CNAME" - name: KONG_LUA_PACKAGE_PATH value: "/opt/?.lua;/opt/?/init.lua;;" - name: KONG_NGINX_WORKER_PROCESSES value: "2" - name: KONG_PORTAL_API_ACCESS_LOG value: "/dev/stdout" - name: KONG_PORTAL_API_ERROR_LOG value: "/dev/stderr" - name: KONG_PORT_MAPS value: "443:8443" - name: KONG_PREFIX value: "/kong_prefix/" - name: KONG_PROXY_ACCESS_LOG value: "/dev/stdout" - name: KONG_PROXY_ERROR_LOG value: "/dev/stderr" - name: KONG_PROXY_LISTEN value: "0.0.0.0:8443 http2 ssl, [::]:8443 http2 ssl" - name: KONG_PROXY_STREAM_ACCESS_LOG value: "/dev/stdout basic" - name: KONG_PROXY_STREAM_ERROR_LOG value: "/dev/stderr" - name: KONG_ROUTER_FLAVOR value: "traditional" - name: KONG_STATUS_ACCESS_LOG value: "off" - name: KONG_STATUS_ERROR_LOG value: "/dev/stderr" - name: KONG_STATUS_LISTEN value: "0.0.0.0:8100, [::]:8100" - name: KONG_STREAM_LISTEN value: "off" - name: KONG_NGINX_DAEMON value: "off" lifecycle: preStop: exec: command: - kong - quit - --wait=15 ports: - name: proxy-tls containerPort: 8443 protocol: TCP - name: status containerPort: 8100 protocol: TCP volumeMounts: - name: kubernetes-dashboard-kong-prefix-dir mountPath: /kong_prefix/ - name: kubernetes-dashboard-kong-tmp mountPath: /tmp - name: kong-custom-dbless-config-volume mountPath: /kong_dbless/ readinessProbe: failureThreshold: 3 httpGet: path: /status/ready port: status scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 livenessProbe: failureThreshold: 3 httpGet: path: /status port: status scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: {} securityContext: {} terminationGracePeriodSeconds: 30 volumes: - name: kubernetes-dashboard-kong-prefix-dir emptyDir: sizeLimit: 256Mi - name: kubernetes-dashboard-kong-tmp emptyDir: sizeLimit: 1Gi - name: kubernetes-dashboard-kong-token projected: sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - name: kong-custom-dbless-config-volume configMap: name: kong-dbless-config --- # Source: kubernetes-dashboard/templates/deployments/api.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Deployment apiVersion: apps/v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-api app.kubernetes.io/version: 1.3.0 app.kubernetes.io/component: api annotations: name: kubernetes-dashboard-api spec: replicas: 3 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-api template: metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-api app.kubernetes.io/version: 1.3.0 app.kubernetes.io/component: api annotations: rollme: "I64Dw" spec: containers: - name: kubernetes-dashboard-api image: "docker.io/kubernetesui/dashboard-api:1.3.0" imagePullPolicy: IfNotPresent args: - --namespace=kubernetes-dashboard - --metrics-scraper-service-name=kubernetes-dashboard-metrics-scraper env: - name: CSRF_KEY valueFrom: secretKeyRef: name: kubernetes-dashboard-csrf key: private.key ports: - containerPort: 8000 name: api protocol: TCP volumeMounts: - mountPath: /tmp name: tmp-volume securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 2001 runAsUser: 1001 resources: limits: cpu: 250m memory: 400Mi requests: cpu: 100m memory: 200Mi securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault volumes: - emptyDir: {} name: tmp-volume serviceAccountName: kubernetes-dashboard-api --- # Source: kubernetes-dashboard/templates/deployments/auth.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Deployment apiVersion: apps/v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-auth app.kubernetes.io/version: 1.3.0 app.kubernetes.io/component: auth annotations: name: kubernetes-dashboard-auth spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-auth template: metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-auth app.kubernetes.io/version: 1.1.1 app.kubernetes.io/component: auth annotations: rollme: "n03zR" spec: containers: - name: kubernetes-dashboard-auth image: "docker.io/kubernetesui/dashboard-auth:1.1.1" imagePullPolicy: IfNotPresent args: env: - name: CSRF_KEY valueFrom: secretKeyRef: name: kubernetes-dashboard-csrf key: private.key ports: - containerPort: 8000 name: auth protocol: TCP volumeMounts: - mountPath: /tmp name: tmp-volume securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 2001 runAsUser: 1001 resources: limits: cpu: 250m memory: 400Mi requests: cpu: 100m memory: 200Mi securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault volumes: - emptyDir: {} name: tmp-volume --- # Source: kubernetes-dashboard/templates/deployments/metrics-scraper.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Deployment apiVersion: apps/v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper app.kubernetes.io/version: 1.1.1 app.kubernetes.io/component: metrics-scraper annotations: name: kubernetes-dashboard-metrics-scraper spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper template: metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-metrics-scraper app.kubernetes.io/version: 1.1.1 app.kubernetes.io/component: metrics-scraper annotations: spec: containers: - name: kubernetes-dashboard-metrics-scraper image: "docker.io/kubernetesui/dashboard-metrics-scraper:1.1.1" imagePullPolicy: IfNotPresent ports: - containerPort: 8000 protocol: TCP volumeMounts: - mountPath: /tmp name: tmp-volume securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 2001 runAsUser: 1001 resources: limits: cpu: 250m memory: 400Mi requests: cpu: 100m memory: 200Mi livenessProbe: httpGet: path: / port: 8000 scheme: HTTP initialDelaySeconds: 30 timeoutSeconds: 30 securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault volumes: - emptyDir: {} name: tmp-volume serviceAccountName: kubernetes-dashboard-metrics-scraper --- # Source: kubernetes-dashboard/templates/deployments/web.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. kind: Deployment apiVersion: apps/v1 metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-web app.kubernetes.io/version: 1.2.2 app.kubernetes.io/component: web annotations: name: kubernetes-dashboard-web spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-web template: metadata: labels: helm.sh/chart: kubernetes-dashboard-7.1.2 app.kubernetes.io/instance: kubernetes-dashboard app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: kubernetes-dashboard app.kubernetes.io/name: kubernetes-dashboard-web app.kubernetes.io/version: 1.2.2 app.kubernetes.io/component: web annotations: spec: containers: - name: kubernetes-dashboard-web image: "docker.io/kubernetesui/dashboard-web:1.2.2" imagePullPolicy: IfNotPresent args: - --namespace=kubernetes-dashboard - --settings-config-map-name=kubernetes-dashboard-web-settings ports: - containerPort: 8000 name: web protocol: TCP volumeMounts: - mountPath: /tmp name: tmp-volume securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 2001 runAsUser: 1001 resources: limits: cpu: 250m memory: 400Mi requests: cpu: 100m memory: 200Mi securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault volumes: - emptyDir: {} name: tmp-volume serviceAccountName: kubernetes-dashboard-web --- # Source: kubernetes-dashboard/templates/extras/manifests.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- # Source: kubernetes-dashboard/templates/extras/servicemonitor.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- # Source: kubernetes-dashboard/templates/networking/ingress.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- # Source: kubernetes-dashboard/templates/security/networkpolicy.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- # Source: kubernetes-dashboard/templates/security/pdb.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License.