디렉토리 구조 및 각 서비스 추가

2024-01-03 17:29:11 +09:00
parent 98de2a7627
commit d601d0f259
1632 changed files with 207616 additions and 1 deletions
--- a/helm/nfs-provisioner-nas/test/configmap.yaml
+++ b/helm/nfs-provisioner-nas/test/configmap.yaml
@@ -0,0 +1,52 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: dsk-vault-agent-config
+data:
+  server.tmpl: |
+    {{ with secret "tls/data/server" }}{{ toJSON .Data.data }}
+    {{ end }}
+
+  client.tmpl: |
+    {{ with secret "tls/data/client" }}{{ toJSON .Data.data }}
+    {{ end }}
+
+  agent.hcl: |
+    pid_file = "./pidfile"
+
+    vault {
+      address="http://vault-ui.dsk-middle:8200"
+    }
+
+    auto_auth {
+      method {
+        type = "approle"
+        config = {
+          role_id_file_path = "/vault-agent/role-id"
+          secret_id_file_path = "/vault-agent/secret-id"
+          remove_secret_id_file_after_reading = false
+        }
+      }
+
+      sink {
+        type = "file"
+        config = {
+          path = "/vault-agent/.vault-token"
+          mode = 0644
+        }
+      }
+    }
+
+    template_config {
+      static_secret_render_interval = "10s"
+    }
+
+    template {
+      source = "/vault-agent/conf/server.tmpl"
+      destination = "/vault-agent/serverTls"
+    }
+
+    template {
+      source = "/vault-agent/conf/client.tmpl"
+      destination = "/vault-agent/clientTls"
+    }
--- a/helm/nfs-provisioner-nas/test/deployment.yaml
+++ b/helm/nfs-provisioner-nas/test/deployment.yaml
@@ -0,0 +1,42 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: dsk-vault-agent
+  labels:
+    app: dsk-vault-agent
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: dsk-vault-agent
+  template:
+    metadata:
+      labels:
+        app: dsk-vault-agent
+    spec:
+      containers:
+      - name: vault-agent
+        image: vault
+        volumeMounts:
+        - name: vault-volume
+          mountPath: /vault-agent
+        - name: config
+          mountPath: /vault-agent/conf
+        command: [ "vault" ]
+        args: [ "agent", "-config=/vault-agent/conf/agent.hcl" ] 
+      volumes:
+      - name: vault-volume
+        persistentVolumeClaim:
+          claimName: dsk-vault-test
+      - name: config
+        configMap:
+          name: dsk-vault-agent-config
+          items:
+            - key: agent.hcl
+              path: agent.hcl
+            - key: server.tmpl
+              path: server.tmpl
+            - key: client.tmpl
+              path: client.tmpl
+
+
--- a/helm/nfs-provisioner-nas/test/pvc.yaml
+++ b/helm/nfs-provisioner-nas/test/pvc.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: dsk-vault-test
+spec:
+  storageClassName: nfs-client-test
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 1Gi