#----#
FILE: keycloak-mysql-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak-mysql-deployment
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
tier: backend
template:
metadata:
labels:
app: keycloak
tier: backend
spec:
containers:
- name: keycloak
image: bitnami/keycloak-quarkus
env:
- name: DB_VENDOR
value: MYSQL
- name: PROXY_ADDRESS_FORWARDING
value: "true"
ports:
- containerPort: 8080
volumeMounts:
- name: keycloak-data
mountPath: /bitnami/keycloak
volumes:
- name: keycloak-data
emptyDir: {}
#----#
FILE: mysql-persistent-volume.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: mysql-pv-volume
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
hostPath:
path: "/mnt/data"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pv-claim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
#----#
FILE: mysql-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql-deployment
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: bitnami/mysql
env:
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
ports:
- containerPort: 3306
volumeMounts:
- name: mysql-data
mountPath: /bitnami/mysql
volumes:
- name: mysql-data
persistentVolumeClaim:
claimName: mysql-pv-claim
#----#
FILE: keycloak-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak-ingress
spec:
rules:
- host: mykeycloak.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: keycloak
port:
number: 8080
tls:
- hosts:
- mykeycloak.com
secretName: tls-secret
#----#
FILE: self-signed-tls-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: tls-secret
type: kubernetes.io/tls
data:
tls.crt: base64encodedtls.crt
tls.key: base64encodedtls.key
#----#
https://www.cnblogs.com/dudu/p/18030425
