From 2ea21b1908c89aa8d83785bad2f3b4206d9234a7 Mon Sep 17 00:00:00 2001 From: Paul Meyer <49727155+katexochen@users.noreply.github.com> Date: Tue, 2 Apr 2024 15:56:23 +0200 Subject: [PATCH] deployments: remove openssl This is now generated using resourcegen. Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> --- deployments/openssl/coordinator.yml | 53 ----------------- deployments/openssl/ns.yml | 4 -- deployments/openssl/openssl-backend.yml | 71 ----------------------- deployments/openssl/openssl-client.yml | 54 ------------------ deployments/openssl/openssl-frontend.yml | 73 ------------------------ deployments/openssl/portforwarder.yml | 59 ------------------- 6 files changed, 314 deletions(-) delete mode 100644 deployments/openssl/coordinator.yml delete mode 100644 deployments/openssl/ns.yml delete mode 100644 deployments/openssl/openssl-backend.yml delete mode 100644 deployments/openssl/openssl-client.yml delete mode 100644 deployments/openssl/openssl-frontend.yml delete mode 100644 deployments/openssl/portforwarder.yml diff --git a/deployments/openssl/coordinator.yml b/deployments/openssl/coordinator.yml deleted file mode 100644 index 4c9b1ae65..000000000 --- a/deployments/openssl/coordinator.yml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: coordinator - namespace: edg-default -spec: - selector: - matchLabels: - app.kubernetes.io/name: coordinator - replicas: 1 - template: - metadata: - labels: - app.kubernetes.io/name: coordinator - annotations: - contrast.edgeless.systems/pod-role: coordinator - spec: - runtimeClassName: kata-cc-isolation - containers: - - name: coordinator - image: "ghcr.io/edgelesssys/contrast/coordinator:latest" - ports: - - containerPort: 7777 - - containerPort: 1313 - env: - - name: CONTRAST_LOG_LEVEL - value: "debug" - resources: - requests: - memory: 100Mi - limits: - memory: 100Mi - readinessProbe: - tcpSocket: - port: 1313 - initialDelaySeconds: 1 - periodSeconds: 5 ---- -apiVersion: v1 -kind: Service -metadata: - name: coordinator - namespace: edg-default -spec: - ports: - - name: meshapi - port: 7777 - protocol: TCP - - name: userapi - port: 1313 - protocol: TCP - selector: - app.kubernetes.io/name: coordinator diff --git a/deployments/openssl/ns.yml b/deployments/openssl/ns.yml deleted file mode 100644 index ed2712cc8..000000000 --- a/deployments/openssl/ns.yml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: edg-default diff --git a/deployments/openssl/openssl-backend.yml b/deployments/openssl/openssl-backend.yml deleted file mode 100644 index 19e053f06..000000000 --- a/deployments/openssl/openssl-backend.yml +++ /dev/null @@ -1,71 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: openssl-backend - namespace: edg-default -spec: - selector: - matchLabels: - app.kubernetes.io/name: openssl-backend - replicas: 1 - template: - metadata: - labels: - app.kubernetes.io/name: openssl-backend - spec: - runtimeClassName: kata-cc-isolation - initContainers: - - name: initializer - image: "ghcr.io/edgelesssys/contrast/initializer:latest" - env: - - name: COORDINATOR_HOST - value: coordinator - volumeMounts: - - name: tls-certs - mountPath: /tls-config - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi - containers: - - name: openssl-backend - image: ghcr.io/edgelesssys/contrast/openssl:latest - command: - - /bin/bash - - "-c" - - | - echo Workload started - openssl s_server -port 443 -Verify 2 -CAfile /tls-config/MeshCACert.pem -cert /tls-config/certChain.pem -key /tls-config/key.pem - volumeMounts: - - name: tls-certs - mountPath: /tls-config - ports: - - containerPort: 443 - name: openssl - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi - readinessProbe: - tcpSocket: - port: 443 - initialDelaySeconds: 1 - periodSeconds: 5 - volumes: - - name: tls-certs - emptyDir: {} ---- -apiVersion: v1 -kind: Service -metadata: - name: openssl-backend - namespace: edg-default -spec: - selector: - app.kubernetes.io/name: openssl-backend - ports: - - name: openssl - port: 443 - targetPort: 443 diff --git a/deployments/openssl/openssl-client.yml b/deployments/openssl/openssl-client.yml deleted file mode 100644 index 414c98f8b..000000000 --- a/deployments/openssl/openssl-client.yml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: openssl-client - namespace: edg-default -spec: - selector: - matchLabels: - app.kubernetes.io/name: openssl-client - replicas: 1 - template: - metadata: - labels: - app.kubernetes.io/name: openssl-client - spec: - runtimeClassName: kata-cc-isolation - initContainers: - - name: initializer - image: "ghcr.io/edgelesssys/contrast/initializer:latest" - env: - - name: COORDINATOR_HOST - value: coordinator - volumeMounts: - - name: tls-certs - mountPath: /tls-config - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi - containers: - - name: openssl-client - image: ghcr.io/edgelesssys/contrast/openssl:latest - command: - - /bin/bash - - "-c" - - | - echo Workload started - while true; do - echo "THIS IS A TEST MESSAGE" | - openssl s_client -connect openssl-frontend:443 -verify_return_error -CAfile /tls-config/RootCACert.pem - sleep 30 - done - volumeMounts: - - name: tls-certs - mountPath: /tls-config - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi - volumes: - - name: tls-certs - emptyDir: {} diff --git a/deployments/openssl/openssl-frontend.yml b/deployments/openssl/openssl-frontend.yml deleted file mode 100644 index e293f392e..000000000 --- a/deployments/openssl/openssl-frontend.yml +++ /dev/null @@ -1,73 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: openssl-frontend - namespace: edg-default -spec: - selector: - matchLabels: - app.kubernetes.io/name: openssl-frontend - replicas: 1 - template: - metadata: - labels: - app.kubernetes.io/name: openssl-frontend - spec: - runtimeClassName: kata-cc-isolation - initContainers: - - name: initializer - image: "ghcr.io/edgelesssys/contrast/initializer:latest" - env: - - name: COORDINATOR_HOST - value: coordinator - volumeMounts: - - name: tls-certs - mountPath: /tls-config - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi - containers: - - name: openssl-frontend - image: ghcr.io/edgelesssys/contrast/openssl:latest - command: - - /bin/bash - - "-c" - - | - echo Workload started - openssl s_server -www -port 443 -cert /tls-config/certChain.pem -key /tls-config/key.pem -cert_chain /tls-config/certChain.pem & - while true; do - echo \"THIS IS A TEST MESSAGE\" | - openssl s_client -connect openssl-backend:443 -verify_return_error -CAfile /tls-config/MeshCACert.pem -cert /tls-config/certChain.pem -key /tls-config/key.pem - sleep 10 - done - volumeMounts: - - name: tls-certs - mountPath: /tls-config - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi - readinessProbe: - tcpSocket: - port: 443 - initialDelaySeconds: 1 - periodSeconds: 5 - volumes: - - name: tls-certs - emptyDir: {} ---- -apiVersion: v1 -kind: Service -metadata: - name: openssl-frontend - namespace: edg-default -spec: - selector: - app.kubernetes.io/name: openssl-frontend - ports: - - name: openssl - port: 443 - targetPort: 443 diff --git a/deployments/openssl/portforwarder.yml b/deployments/openssl/portforwarder.yml deleted file mode 100644 index 367b0da21..000000000 --- a/deployments/openssl/portforwarder.yml +++ /dev/null @@ -1,59 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: port-forwarder-coordinator - namespace: edg-default - labels: - app.kubernetes.io/name: port-forwarder-coordinator -spec: - containers: - - name: port-forwarder - image: "ghcr.io/edgelesssys/contrast/port-forwarder:latest" - env: - - name: LISTEN_PORT - value: "1313" - - name: FORWARD_HOST - value: coordinator - - name: FORWARD_PORT - value: "1313" - command: - - /bin/bash - - "-c" - - echo Starting port-forward with socat; exec socat -d -d TCP-LISTEN:${LISTEN_PORT},fork TCP:${FORWARD_HOST}:${FORWARD_PORT} - ports: - - containerPort: 1313 - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi ---- -apiVersion: v1 -kind: Pod -metadata: - name: port-forwarder-openssl-frontend - namespace: edg-default - labels: - app.kubernetes.io/name: port-forwarder-openssl-frontend -spec: - containers: - - name: port-forwarder - image: "ghcr.io/edgelesssys/contrast/port-forwarder:latest" - env: - - name: LISTEN_PORT - value: "443" - - name: FORWARD_HOST - value: openssl-frontend - - name: FORWARD_PORT - value: "443" - command: - - /bin/bash - - "-c" - - echo Starting port-forward with socat; exec socat -d -d TCP-LISTEN:${LISTEN_PORT},fork TCP:${FORWARD_HOST}:${FORWARD_PORT} - ports: - - containerPort: 443 - resources: - requests: - memory: 50Mi - limits: - memory: 50Mi