# # Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: org2-ca-tls-cert spec: isCA: false privateKey: algorithm: ECDSA size: 256 dnsNames: - localhost - org2-ca - org2-ca.test-network.svc.cluster.local ipAddresses: - 127.0.0.1 secretName: org2-ca-tls-cert issuerRef: name: org2-tls-cert-issuer --- apiVersion: apps/v1 kind: Deployment metadata: name: org2-ca spec: replicas: 1 selector: matchLabels: app: org2-ca template: metadata: labels: app: org2-ca spec: containers: - name: main image: {{FABRIC_CONTAINER_REGISTRY}}/fabric-ca:{{FABRIC_CA_VERSION}} imagePullPolicy: IfNotPresent env: - name: FABRIC_CA_SERVER_CA_NAME value: "org2-ca" - name: FABRIC_CA_SERVER_DEBUG value: "false" - name: FABRIC_CA_SERVER_HOME value: "/var/hyperledger/fabric-ca-server" - name: FABRIC_CA_SERVER_TLS_CERTFILE value: "/var/hyperledger/fabric/config/tls/tls.crt" - name: FABRIC_CA_SERVER_TLS_KEYFILE value: "/var/hyperledger/fabric/config/tls/tls.key" - name: FABRIC_CA_CLIENT_HOME value: "/var/hyperledger/fabric-ca-client" ports: - containerPort: 443 volumeMounts: - name: fabric-volume mountPath: /var/hyperledger - name: fabric-config mountPath: /var/hyperledger/fabric-ca-server/fabric-ca-server-config.yaml subPath: fabric-ca-server-config.yaml - name: tls-cert-volume mountPath: /var/hyperledger/fabric/config/tls readOnly: true readinessProbe: tcpSocket: port: 443 initialDelaySeconds: 2 periodSeconds: 5 volumes: - name: fabric-volume persistentVolumeClaim: claimName: fabric-org2 - name: fabric-config configMap: name: org2-config - name: tls-cert-volume secret: secretName: org2-ca-tls-cert --- apiVersion: v1 kind: Service metadata: name: org2-ca spec: ports: - name: tls port: 443 protocol: TCP selector: app: org2-ca