gitea-admin/ab-initio-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial render: k3s-dev environment

Browse Source
This commit is contained in:
gitea-admin
2026-03-07 15:00:05 +00:00
commit a787720f2a
306 changed files with 75879 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

310
rendered/manifests/k3s-dev/abinitio-platform/portal/apps_v1_deployment_cafe.yaml Normal file
View File

@@ -0,0 +1,310 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
abinitio/deployment: portal
app.kubernetes.io/instance: cafe
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: cafe
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: cafe-2.4.3-a
name: cafe
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: cafe
app.kubernetes.io/name: cafe
template:
metadata:
labels:
abinitio/deployment: portal
app.kubernetes.io/instance: cafe
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: cafe
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: cafe-2.4.3-a
name: cafe
spec:
containers:
- env:
- name: AB_CONFIG_PROVIDER_URL
value: file://localhost/config
- name: AB_IPV4_ONLY
value: "true"
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: CATALINA_TMPDIR
value: /tmp
- name: DEPLOY_NAME
value: portal
- name: LOAD_PHYSOBJECTS
value: "true"
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: cafe, abinitio/deployment: portal'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: cafe
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/cafe:4.4.1.1-1
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- ${CATALINA_HOME}/bin/catalina.sh stop
livenessProbe:
failureThreshold: 3
httpGet:
path: /portal/api/abwebinternal/health/k8s/liveness
port: 8080
initialDelaySeconds: 15
periodSeconds: 30
name: cafe-app
readinessProbe:
failureThreshold: 3
httpGet:
path: /portal/api/abwebinternal/health/k8s/readiness
port: 8080
initialDelaySeconds: 15
periodSeconds: 30
resources:
limits:
ephemeral-storage: 2Gi
memory: 4Gi
requests:
cpu: 100m
ephemeral-storage: 2Gi
memory: 4Gi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
startupProbe:
failureThreshold: 3
httpGet:
path: /portal/api/abwebinternal/health/k8s/startup
port: 8080
initialDelaySeconds: 15
periodSeconds: 30
volumeMounts:
- mountPath: /config/portal
name: app-external-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /tmp
name: tmp-volume
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
hostname: cafe
initContainers: null
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: abinitio-sa
terminationGracePeriodSeconds: 30
volumes:
- emptyDir: {}
name: abinitio-local
- configMap:
defaultMode: 511
name: cafe-external-config
name: app-external-config
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file

326
rendered/manifests/k3s-dev/abinitio-platform/portal/apps_v1_deployment_portal-nginx.yaml Normal file
View File

@@ -0,0 +1,326 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
abinitio/deployment: portal-nginx
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: portal-nginx
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: portal-nginx-2.4.3-a
name: portal-nginx
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/name: portal-nginx
template:
metadata:
labels:
abinitio/deployment: portal-nginx
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: portal-nginx
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: portal-nginx-2.4.3-a
name: portal-nginx
spec:
containers:
- env:
- name: AB_CONFIG_PROVIDER_URL
value: file://localhost/config
- name: AB_IPV4_ONLY
value: "true"
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: CATALINA_TMPDIR
value: /tmp
- name: DEPLOY_NAME
value: portal-nginx
- name: LOAD_PHYSOBJECTS
value: "true"
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: portal-nginx, abinitio/deployment: portal-nginx'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: portal-nginx
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/portal-nginx:4.4.1.1-1
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /bin/sh
- -c
- curl -k https://localhost:8443/portal/app/index.html
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 30
name: portal-nginx-app
readinessProbe:
exec:
command:
- /bin/sh
- -c
- curl -k https://localhost:8443/portal/app/index.html
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 30
resources:
limits:
ephemeral-storage: 2Gi
memory: 4Gi
requests:
cpu: 100m
ephemeral-storage: 2Gi
memory: 4Gi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
startupProbe:
exec:
command:
- /bin/sh
- -c
- curl -k https://localhost:8443/portal/app/index.html
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 30
volumeMounts:
- mountPath: /config/portal-nginx
name: app-external-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /tmp
name: tmp-volume
- mountPath: /etc/nginx/nginx.conf
name: nginx-config
readOnly: true
subPath: nginx.conf
- mountPath: /usr/share/nginx/html/platform
name: platform-data
readOnly: true
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
hostname: portal-nginx
initContainers: null
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: abinitio-sa
terminationGracePeriodSeconds: 30
volumes:
- emptyDir: {}
name: abinitio-local
- configMap:
defaultMode: 511
name: portal-nginx-external-config
name: app-external-config
- configMap:
items:
- key: nginx.conf
path: nginx.conf
name: portal-nginx-external-config
name: nginx-config
- configMap:
defaultMode: 420
name: portal-nginx-platform-data
name: platform-data
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file

57
rendered/manifests/k3s-dev/abinitio-platform/portal/networking.k8s.io_v1_ingress_portal-nginx-ingress.yaml Normal file
View File

@@ -0,0 +1,57 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/affinity: cookie
nginx.ingress.kubernetes.io/affinity-mode: persistent
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/proxy-body-size: 1000m
nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
nginx.ingress.kubernetes.io/session-cookie-expires: "172800"
nginx.ingress.kubernetes.io/session-cookie-max-age: "172800"
nginx.ingress.kubernetes.io/session-cookie-name: portal-nginx
nginx.ingress.kubernetes.io/session-cookie-samesite: Strict
nginx.org/ssl-services: portal-nginx
labels:
abinitio/deployment: portal-nginx
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: portal-nginx
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: portal-nginx-2.4.3-a
name: portal-nginx-ingress
namespace: abinitio
spec:
ingressClassName: nginx
rules:
- host: aidp.k3s.sg.ic.cloudguild.gcp.abinitio.com
http:
paths:
- backend:
service:
name: runtime-locator
port:
number: 8888
path: /runtime-locator/
pathType: Prefix
- backend:
service:
name: runtime-locator
port:
number: 8443
path: /bridge/
pathType: Prefix
- backend:
service:
name: portal-nginx
port:
number: 8443
path: /
pathType: Prefix
tls:
- hosts:
- aidp.k3s.sg.ic.cloudguild.gcp.abinitio.com
secretName: abinitio-tls

58
rendered/manifests/k3s-dev/abinitio-platform/portal/v1_configmap_cafe-external-config.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: v1
data:
cafe.yaml: |
externalConfig:
cafe:
allowDrillDown: true
appIdentifier: expressit
appserverType: tomcat
authentication:
type: ag
authorization:
type: ag
authorizationGateway:
password: file=/secrets/cafe_join_user/password
productIdentifier: Cafe
productName: Cafe
url: http://authgateway:8080/authgateway
username: cafe_join_user
bridgeConnection:
encryptionType: aes128-gcm
rpcSecret: file=/secrets/bridge/password
securityConfig: container-bridge-security
url: http://expressit-bridge:7070
cluster:
autoConfig:
hosts: cafe-jgroup
port: 7800
protocol: tcp
channelName: ch01
enabled: true
emeTR:
useAgCredentials: true
interop:
dataCatalogServices:
url: http://datacatalog:8080/datacatalog
expressIt:
agProductName: Express>It
url: http://expressit:8080/expressit
logging:
directoryPath: /abinitio/webapp/logs
maxBackups: 3
packageForSupport:
encrypted: EncryptForNonAdmins
urlFromBrowser: https://aidp.k3s.sg.ic.cloudguild.gcp.abinitio.com/portal
websockets:
forceDisable: false
kind: ConfigMap
metadata:
labels:
abinitio/deployment: portal
app.kubernetes.io/instance: cafe
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: cafe
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: cafe-2.4.3-a
name: cafe-external-config
namespace: abinitio

192
rendered/manifests/k3s-dev/abinitio-platform/portal/v1_configmap_portal-nginx-external-config.yaml Normal file
View File

@@ -0,0 +1,192 @@
apiVersion: v1
data:
nginx.conf: |
worker_processes auto;
error_log /abinitio/webapp/logs/error.log;
# When running containing as non-root user (1001)
# TODO: when switch is made to using abinitio nginx,
# will this change?
pid /tmp/nginx.pid;
events {
worker_connections 1024;
}
http {
# When running as non root user, set *temp* paths to /tmp/*
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_host" "$http_x_forwarded_for" [$http_cookie]';
access_log /abinitio/webapp/logs/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_intercept_errors on;
client_max_body_size 100m;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Enable gzip compression
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml text/javascript application/json application/javascript application/xml+rss application/rss+xml font/truetype font/opentype application/vnd.ms-fontobject image/svg+xml;
gzip_disable "msie6";
gzip_min_length 256;
# we might need to strip the CSRF token cookie when the portal is using "direct" proxies,
# so capture it here
map $http_cookie $cookie_without_csrfToken {
default $http_cookie;
# This regex captures any content before and after the csrfToken cookie.
# Only csrfToken present
"~*^csrfToken=[^;]+$" "";
# csrfToken at the start
"~*^csrfToken=[^;]+;\s*(.*)" "$1";
# csrfToken in the middle
"~*(.*);\s*csrfToken=[^;]+;\s*(.*)" "$1; $2";
# csrfToken at the end
"~*(.*);\s*csrfToken=[^;]+$" "$1";
}
# if the referer header contains "/portal/",
# we want to use the filtered cookie for any location the portal might use for direct proxies
map $http_referer $final_cookie {
default $http_cookie;
"~*/portal/" $cookie_without_csrfToken;
}
server {
listen 8443 ssl;
server_name _;
root /usr/share/nginx/html;
ssl_certificate /var/run/secrets/abinitio/cert/server.crt;
ssl_certificate_key /var/run/secrets/abinitio/cert/server.key;
ssl_protocols TLSv1.2 TLSv1.3; # Adjust as necessary
ssl_ciphers HIGH:!aNULL:!MD5; # Ensure strong ciphers
location / {
}
location /portal/app/ {
index index.html;
}
location /portal/app/webapp/app/assets/platform-portal/ {
alias /usr/share/nginx/html/platform/;
}
rewrite ^/$ $scheme://$http_host/portal/app/ redirect;
location /portal {
client_max_body_size 1000M;
proxy_pass http://cafe:8080/portal;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /authgateway {
client_max_body_size 1000M;
proxy_pass http://authgateway:8080/authgateway;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# CPT-748: handling of chucked downloads
proxy_buffering off;
}
location /expressit {
client_max_body_size 1000M;
proxy_pass http://expressit:8080/expressit;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /metadatahub {
client_max_body_size 1000M;
proxy_pass http://metadatahub:8080/metadatahub;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# requests originating from the portal should use the csrf-trimmed version of the cookie header
proxy_set_header Cookie $final_cookie;
# CPT-748: handling of chucked downloads
proxy_buffering off;
}
location /controlcenter {
client_max_body_size 1000M;
proxy_pass http://controlcenter:8080/controlcenter;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /datacatalog {
client_max_body_size 1000M;
proxy_pass http://datacatalog:8080/datacatalog;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /qiadmin {
client_max_body_size 1000M;
proxy_pass http://queryit-admin:8080/qiadmin;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /trw {
client_max_body_size 1000M;
proxy_pass http://trw:8080/trw;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
}
kind: ConfigMap
metadata:
labels:
abinitio/deployment: portal-nginx
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: portal-nginx
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: portal-nginx-2.4.3-a
name: portal-nginx-external-config
namespace: abinitio

108
rendered/manifests/k3s-dev/abinitio-platform/portal/v1_configmap_portal-nginx-platform-data.yaml Normal file
View File

@@ -0,0 +1,108 @@
apiVersion: v1
data:
40x.html: |
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>404 Not Found</title>
<style>
body {
background-color: #f8f9fa;
color: #343a40;
font-family: Arial, sans-serif;
text-align: center;
padding: 50px;
}
h1 {
font-size: 50px;
margin-bottom: 20px;
}
p {
font-size: 20px;
margin-bottom: 30px;
}
a {
text-decoration: none;
color: #007bff;
font-size: 18px;
}
a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<h1>404 Not Found</h1>
<p>Sorry, the page you are looking for does not exist.</p>
<p><a href="/">Go to Homepage</a></p>
</body>
</html>
50x.html: |
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>500 Internal Server Error</title>
<style>
body {
background-color: #f8f9fa;
color: #343a40;
font-family: Arial, sans-serif;
text-align: center;
padding: 50px;
}
h1 {
font-size: 50px;
margin-bottom: 20px;
}
p {
font-size: 20px;
margin-bottom: 30px;
}
a {
text-decoration: none;
color: #007bff;
font-size: 18px;
}
a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<h1>500 Internal Server Error</h1>
<p>Oops! Something went wrong on our end.</p>
<p>Please try refreshing the page, or come back later.</p>
<p><a href="/">Go to Homepage</a></p>
</body>
</html>
abinitio-environment.json: |
{
"isKeyed": true
}
abinitio-platform.json: |
{
"platform": {
"name": "Ab Initio Data Platform",
"version": "4.4.1.1-1"
},
"content": {
"tutorials": false
},
"products": []
}
kind: ConfigMap
metadata:
labels:
abinitio/deployment: portal-nginx
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: portal-nginx
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: portal-nginx-2.4.3-a
name: portal-nginx-platform-data
namespace: abinitio

25
rendered/manifests/k3s-dev/abinitio-platform/portal/v1_service_cafe-jgroup.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: Service
metadata:
labels:
abinitio/deployment: portal
app.kubernetes.io/instance: cafe
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: cafe
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: cafe-2.4.3-a
name: cafe-jgroup
namespace: abinitio
spec:
clusterIP: None
ports:
- name: jgroup-channel
port: 7800
protocol: TCP
targetPort: 7800
publishNotReadyAddresses: true
selector:
app.kubernetes.io/instance: cafe
app.kubernetes.io/name: cafe
type: ClusterIP

27
rendered/manifests/k3s-dev/abinitio-platform/portal/v1_service_cafe.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: v1
kind: Service
metadata:
labels:
abinitio/deployment: portal
app.kubernetes.io/instance: cafe
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: cafe
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: cafe-2.4.3-a
name: cafe
namespace: abinitio
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app.kubernetes.io/instance: cafe
app.kubernetes.io/name: cafe
sessionAffinity: ClientIP
sessionAffinityConfig:
clientIP:
timeoutSeconds: 86400
type: ClusterIP

27
rendered/manifests/k3s-dev/abinitio-platform/portal/v1_service_portal-nginx.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: v1
kind: Service
metadata:
labels:
abinitio/deployment: portal-nginx
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: portal-nginx
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: portal-nginx-2.4.3-a
name: portal-nginx
namespace: abinitio
spec:
ports:
- name: http
port: 8443
protocol: TCP
targetPort: 8443
selector:
app.kubernetes.io/instance: portal-nginx
app.kubernetes.io/name: portal-nginx
sessionAffinity: ClientIP
sessionAffinityConfig:
clientIP:
timeoutSeconds: 86400
type: ClusterIP