2.1安装sso
sso服务端
pvc
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: sso-logs
namespace: default
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 100Mi
storageClassName: cdtest-storage-classservice
kind: Service
apiVersion: v1
metadata:
name: sso-new-service
namespace: default
labels:
name: sso-new-service
spec:
ports:
- name: http
protocol: TCP
port: 8080
targetPort: 8080
nodePort: 32623
- name: https
protocol: TCP
port: 8443
targetPort: 8443
nodePort: 30410
selector:
app: online-sso-new
type: NodePortdeployment
kind: Deployment
apiVersion: apps/v1
metadata:
name: online-sso-new
namespace: default
labels:
app: online-sso-new
spec:
replicas: 1
selector:
matchLabels:
app: online-sso-new
template:
metadata:
labels:
app: online-sso-new
spec:
volumes:
- name: sso-logs
persistentVolumeClaim:
claimName: sso-logs
containers:
- name: sso
image: registry.cn-chengdu.aliyuncs.com/liuchenyun/online-sso:new
ports:
- containerPort: 8080
protocol: TCP
- containerPort: 8443
protocol: TCP
env:
- name: SITE
value: CHINESE
- name: QY_WECHAT_APP_ID
value: wwe3a5fef3c63e8af9
- name: QY_WECHAT_AGENT_ID
value: '1000002'
- name: QY_WECHAT_SECRET
value: 8yPcZE1HXRErVpBSB1JT02-r0aG-zqpLUT5BgmPedC8
- name: SSL_ENABLED
value: 'false'
- name: CAS_SERVICE
- name: DB_IP
value: 192.168.31.157
- name: DB_PORT
value: '31185'
- name: DB_DBNAME
value: sso_test2
- name: DB_USERNAME
value: root
- name: DB_PASSWORD
value: '123456'
- name: ONLINE_ROOT_URL
value: https://cdtest.liuchenyun.com
- name: SERVICE_DOMAIN
value: https://ssocdtest.liuchenyun.com
- name: TEST_PHONE_LIST
valueFrom:
configMapKeyRef:
name: secret-config
key: sso.test-phone
- name: TEST_EMAIL_LIST
valueFrom:
configMapKeyRef:
name: secret-config
key: sso.test-email
- name: TEST_VERIFYCODE
valueFrom:
configMapKeyRef:
name: secret-config
key: sso.test-code
- name: IPORTAL_MANAGER_ID
value: '944959'
- name: IPORTAL_MANAGER_PASSWORD
value: A1b2c3d4e5f6g7h_
- name: MERGE_APPLY_URL
value: >-
http://useraccount-service:8086/web/user/account/api/merge/apply.json
- name: EMAIL_URL
value: http://public-service-service:8087/service/api/email/send/html
- name: UMASK
value: '0022'
- name: CAS_WHITE_LIST_IP
value: >-
10.244.0.1-10.255.255.255
volumeMounts:
- name: sso-logs
mountPath: /usr/local/tomcat/logs/
imagePullPolicy: Always
restartPolicy: Always
imagePullSecrets:
- name: dockercfg-liuchenyunconfigmap
kind: ConfigMap
apiVersion: v1
metadata:
name: secret-config
namespace: default
data:
email.host: mail.supermap.com
email.password: VZf0OLR)|?gegSz
email.username: online@supermap.com
gishost.iserver-linux-imageid: m-2zeic9ggky8lxzsbeorv
gishost.iserver-win-imageid: m-2ze8jvb8bcz2zaz0up3u
gishost.jdcloud-iserver-win-imageid: c8a614ae-d94c-47de-9784-46b7e205a96e
gishost.manager: '944959'
gishost.online-admin-password: abcdefgh
gishost.online-admin-username: '944959'
gishost.online-token: ''
license-server-ali.url: https://lic2.supermap.com/CloudService/CloudL.asmx
license-server-bj.url: https://lic.supermap.com.cn/CloudService/CloudL.asmx
license-server.password: C?oHlNUxXYd%mI8
license-server.username: GISlab
sso.test-code: '123456'
sso.test-email: >-
10521693851_test@qq.com,10296332424_test@qq.com,10296332459_test@qq.com,10296332424_test@163.com,13000000001@qq.com,13000000002@qq.com,13000000003@qq.com,13000000004@qq.com,13000000004@qq.com,13000000005@qq.com,13000000006@qq.com,13000000007@qq.com,13000000008@qq.com,13000000009@qq.com
sso.test-phone: >-
10521693851,10296332424,10296332459,13000000001,13000000002,13000000003,13000000004,13000000005,13000000006,13000000007,13000000008,13000000009