summaryrefslogtreecommitdiffstats
path: root/docs/sections/resources
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2023-04-21 14:21:37 +0200
committerAndreas Geissler <andreas-geissler@telekom.de>2023-06-01 15:44:40 +0200
commite08eee030fd379fa7253e99626c314d021b1eacd (patch)
treee5cf7bd85d6ea82d3de72e9f6fd802e3b7faa409 /docs/sections/resources
parent1a76edf1159156d832e62c268b54fd727f82057f (diff)
[DOC] Update London OOM documentation
Add information: - new Deployment options (Production, Development) - move Istio deployment to base installation - add Gateway-API and Keycloak Installation instructions - split and rename of a few files for updated structure - changed rst section formatting as suggested in sphinx rtd theme - add London Release Notes Issue-ID: OOM-3159 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I98b8541d51daba982fd6c8be0c85fae676d53c13
Diffstat (limited to 'docs/sections/resources')
-rw-r--r--docs/sections/resources/yaml/istiod.yaml21
-rw-r--r--docs/sections/resources/yaml/keycloak-db-values.yaml7
-rw-r--r--docs/sections/resources/yaml/keycloak-server-values.yaml53
3 files changed, 81 insertions, 0 deletions
diff --git a/docs/sections/resources/yaml/istiod.yaml b/docs/sections/resources/yaml/istiod.yaml
new file mode 100644
index 0000000000..47380125b8
--- /dev/null
+++ b/docs/sections/resources/yaml/istiod.yaml
@@ -0,0 +1,21 @@
+global:
+ proxy:
+ # Controls if sidecar is injected at the front of the container list and blocks the start of the other containers until the proxy is ready
+ holdApplicationUntilProxyStarts: true
+ #logging:
+ # level: "default:debug"
+meshConfig:
+ rootNamespace: istio-config
+ extensionProviders:
+ - name: oauth2-proxy
+ envoyExtAuthzHttp:
+ service: oauth2-proxy.default.svc.cluster.local
+ port: 80
+ timeout: 1.5s
+ includeHeadersInCheck: ["authorization", "cookie"]
+ headersToUpstreamOnAllow: ["x-forwarded-access-token", "authorization", "path", "x-auth-request-user", "x-auth-request-email", "x-auth-request-access-token"]
+ headersToDownstreamOnDeny: ["content-type", "set-cookie"]
+pilot:
+ env:
+ PILOT_ENABLE_MYSQL_FILTER: true
+ PILOT_HTTP10: true \ No newline at end of file
diff --git a/docs/sections/resources/yaml/keycloak-db-values.yaml b/docs/sections/resources/yaml/keycloak-db-values.yaml
new file mode 100644
index 0000000000..ae1459bea7
--- /dev/null
+++ b/docs/sections/resources/yaml/keycloak-db-values.yaml
@@ -0,0 +1,7 @@
+# See https://github.com/bitnami/charts/tree/master/bitnami/postgresql
+global:
+ postgresql:
+ auth:
+ username: dbusername
+ password: dbpassword
+ database: keycloak \ No newline at end of file
diff --git a/docs/sections/resources/yaml/keycloak-server-values.yaml b/docs/sections/resources/yaml/keycloak-server-values.yaml
new file mode 100644
index 0000000000..7eaecbedfc
--- /dev/null
+++ b/docs/sections/resources/yaml/keycloak-server-values.yaml
@@ -0,0 +1,53 @@
+image:
+ # The Keycloak image repository
+ repository: quay.io/keycloak/keycloak
+ # Overrides the Keycloak image tag whose default is the chart appVersion
+ tag: "19.0.3-legacy"
+
+postgresql:
+ # If `true`, the Postgresql dependency is enabled
+ enabled: false
+
+extraEnv: |
+ - name: KEYCLOAK_USER
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "keycloak.fullname" . }}-admin-creds
+ key: user
+ - name: KEYCLOAK_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "keycloak.fullname" . }}-admin-creds
+ key: password
+ - name: DB_VENDOR
+ value: postgres
+ - name: DB_ADDR
+ value: keycloak-db-postgresql
+ - name: DB_PORT
+ value: "5432"
+ - name: DB_DATABASE
+ value: keycloak
+ - name: DB_USER
+ value: dbusername
+ - name: DB_PASSWORD_FILE
+ value: /secrets/db-creds/password
+ - name: PROXY_ADDRESS_FORWARDING
+ value: "true"
+
+extraVolumeMounts: |
+ - name: db-creds
+ mountPath: /secrets/db-creds
+ readOnly: true
+
+extraVolumes: |
+ - name: db-creds
+ secret:
+ secretName: keycloak-db-postgresql
+
+secrets:
+ admin-creds:
+ annotations:
+ my-test-annotation: Test secret for {{ include "keycloak.fullname" . }}
+ stringData:
+ user: admin
+ password: secret \ No newline at end of file