epistemophiliac/fabric-samples
1
0
Fork 0
mirror of https://github.com/hyperledger/fabric-samples.git synced 2026-06-17 15:35:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
fabric-samples/test-network-k8s/kube/org2/org2-ca.yaml
jkneubuh a3ae179efb
test-network-k8s : Connect to Fabric services via Nginx Ingress - READY FOR MERGE (#692) 
* Access the test network services via a local Nginx ingress controller.

Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>

* Run E2E / CI test suite against the Ingress based k8s test network

Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>

* Improved wait for Nginx Ingress - this was causing some test flakes

Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>
2022-03-31 17:12:51 +01:00

124 lines
No EOL
3 KiB
YAML
Raw Blame History

#
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: org2-ca-tls-cert
spec:
isCA: false
privateKey:
algorithm: ECDSA
size: 256
dnsNames:
- localhost
- org2-ca
- org2-ca.test-network.svc.cluster.local
- org2-ca.${DOMAIN}
ipAddresses:
- 127.0.0.1
secretName: org2-ca-tls-cert
issuerRef:
name: org2-tls-cert-issuer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: org2-ca
spec:
replicas: 1
selector:
matchLabels:
app: org2-ca
template:
metadata:
labels:
app: org2-ca
spec:
containers:
- name: main
image: ${FABRIC_CONTAINER_REGISTRY}/fabric-ca:${FABRIC_CA_VERSION}
imagePullPolicy: IfNotPresent
env:
- name: FABRIC_CA_SERVER_CA_NAME
value: "org2-ca"
- name: FABRIC_CA_SERVER_DEBUG
value: "false"
- name: FABRIC_CA_SERVER_HOME
value: "/var/hyperledger/fabric-ca-server"
- name: FABRIC_CA_SERVER_TLS_CERTFILE
value: "/var/hyperledger/fabric/config/tls/tls.crt"
- name: FABRIC_CA_SERVER_TLS_KEYFILE
value: "/var/hyperledger/fabric/config/tls/tls.key"
- name: FABRIC_CA_CLIENT_HOME
value: "/var/hyperledger/fabric-ca-client"
ports:
- containerPort: 443
volumeMounts:
- name: fabric-volume
mountPath: /var/hyperledger
- name: fabric-config
mountPath: /var/hyperledger/fabric-ca-server/fabric-ca-server-config.yaml
subPath: fabric-ca-server-config.yaml
- name: tls-cert-volume
mountPath: /var/hyperledger/fabric/config/tls
readOnly: true
readinessProbe:
tcpSocket:
port: 443
initialDelaySeconds: 2
periodSeconds: 5
volumes:
- name: fabric-volume
persistentVolumeClaim:
claimName: fabric-org2
- name: fabric-config
configMap:
name: org2-config
- name: tls-cert-volume
secret:
secretName: org2-ca-tls-cert
---
apiVersion: v1
kind: Service
metadata:
name: org2-ca
spec:
ports:
- name: https
port: 443
protocol: TCP
selector:
app: org2-ca
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
labels:
app: org2-ca
name: org2-ca
spec:
ingressClassName: nginx
rules:
- host: org2-ca.${DOMAIN}
http:
paths:
- backend:
service:
name: org2-ca
port:
name: https
path: /
pathType: ImplementationSpecific
tls:
- hosts:
- org2-ca.${DOMAIN}
Reference in a new issue View git blame Copy permalink