Text file src/edge-infra.dev/config/pallets/edge/device-registrar/d-edge/emissary.yaml

Documentation: edge-infra.dev/config/pallets/edge/device-registrar/d-edge

     1apiVersion: getambassador.io/v3alpha1
     2kind: Mapping
     3metadata:
     4  name: bootstrap-mapping
     5  labels:
     6    gateway.edge.ncr.com: store-host
     7    platform.edge.ncr.com/component: device-registrar
     8spec:
     9  service: device-registrar-svc.device-registrar
    10  hostname: edge-bootstrap.store.ncr.corp
    11  prefix: /bootstrap
    12  rewrite: /bootstrap
    13---
    14apiVersion: getambassador.io/v3alpha1
    15kind: Mapping
    16metadata:
    17  name: connect-mapping
    18  labels:
    19    gateway.edge.ncr.com: store-host
    20    platform.edge.ncr.com/component: device-registrar
    21spec:
    22  service: device-registrar-svc.device-registrar
    23  hostname: edge-bootstrap.store.ncr.corp
    24  prefix: /connect
    25  rewrite: /connect
    26---
    27apiVersion: getambassador.io/v3alpha1
    28kind: Mapping
    29metadata:
    30  name: discover-mapping
    31  labels:
    32    gateway.edge.ncr.com: store-host
    33    platform.edge.ncr.com/component: device-registrar
    34spec:
    35  service: device-registrar-svc.device-registrar
    36  hostname: edge.store.ncr.corp
    37  prefix: /discover
    38  add_request_headers:
    39    X-Client-DN:
    40      value: "%DOWNSTREAM_PEER_SUBJECT%"
    41  rewrite: /discover
    42---
    43apiVersion: cert-manager.io/v1
    44kind: Certificate
    45metadata:
    46  name: device-registrar-ca
    47  namespace: emissary
    48  labels:
    49    platform.edge.ncr.com/component: device-registrar
    50spec:
    51  commonName: device-registrar-ca
    52  duration: 17520h0m0s
    53  isCA: true
    54  issuerRef:
    55    name: selfsigned-issuer
    56    kind: ClusterIssuer
    57    group: cert-manager.io
    58  privateKey:
    59    algorithm: ECDSA
    60    size: 256
    61  renewBefore: 4380h0m0s
    62  secretName: device-registrar-ca
    63---
    64apiVersion: cert-manager.io/v1
    65kind: Issuer
    66metadata:
    67  name: device-registrar-ca-issuer
    68  namespace: emissary
    69  labels:
    70    platform.edge.ncr.com/component: device-registrar
    71spec:
    72  ca:
    73    secretName: device-registrar-ca
    74---
    75apiVersion: getambassador.io/v3alpha1
    76kind: TLSContext
    77metadata:
    78  name: device-registrar-tlscontext
    79  namespace: emissary
    80  labels:
    81    platform.edge.ncr.com/component: device-registrar
    82spec:
    83  alpn_protocols: h2
    84  ca_secret: device-registrar-ca
    85  cert_required: true
    86  hosts:
    87  - edge.store.ncr.corp
    88  min_tls_version: v1.3
    89  secret: gateway-tls-cert
    90---
    91apiVersion: getambassador.io/v3alpha1
    92kind: Host
    93metadata:
    94  name: device-registrar-host
    95  namespace: emissary
    96  labels:
    97    platform.edge.ncr.com/component: device-registrar
    98spec:
    99  hostname: edge.store.ncr.corp
   100  acmeProvider:
   101    authority: none
   102  tlsContext:
   103    name: device-registrar-tlscontext
   104  tlsSecret:
   105    name: gateway-tls-cert

View as plain text