1.0.7 • Published 3 years ago
@rugal/pulumi-stratus v1.0.7
stratus component resource
Usage
install dependency
yarn add @dep/gke @rugal/pulumi-istio
create k8s namespace along with Istio gateway
import * as stratus from "@rugal/pulumi-stratus"; import { clusterProvider, gcpServiceAccount, hosts, namespace, } from "./config"; export const ns = new stratus.kubernetes.Namespace(namespace, { hosts, }, { provider: clusterProvider }); export const k8sServiceAccount = new stratus.kubernetes.ServiceAccount("service-account-name", { email: gcpServiceAccount, namespace: ns.namespace.metadata.name, }, { provider: clusterProvider });
use
Service
ComponentResource Create a minimum service that the container is using port80
. Remember the Kubernetes service created internally will always listen on 80, irregardless of the container port.new stratus.kubernetes.Service("minimum", { containerPort: 8000, hosts: ["example.com"], image: "gcr.io/istio-testing/ext-authz:0.7", namespace, }, { provider: clusterProvider });
Create a service that use
ConfigMap
as environment variable source.const configMapName = "springprofile"; export const configMap = new k8s.core.v1.ConfigMap(configMapName, { data: { "SPRING_PROFILES_ACTIVE": "development", }, metadata: { name: configMapName, namespace, }, }, { provider: clusterProvider }); new stratus.kubernetes.Service("", { configMap: configMap.metadata.name, containerPort: 8000, hosts: ["example.com"], image: "gcr.io/istio-testing/ext-authz:0.7", namespace, }, { provider: clusterProvider });
Create a service that configured with
AuthorizationPolicy
new stratus.kubernetes.Service("helloserver", { authorizationPolicy: { action: "CUSTOM", provider: { name: "validation-proxy", }, rules: [ { to: [ { operation: { paths: ["/test"], }, }, ], }, ], selector: { matchLabels: { "mealary/require-jws": "true" }, }, }, configMap: configMapName, hosts: ["test.com"], image: "gcr.io/google-samples/istio/helloserver:v0.0.1", namespace, }, { provider: clusterProvider });
use
ServiceAccount
ComponentResourceimport Account from "@dep/gke"; const serviceAccount = new ServiceAccount("stratus", { });
Release new version
yarn build && yarn publish bin --access public