apiVersion: v1 kind: Namespace metadata: name: vnc labels: workload.edge.ncr.com: platform platform.edge.ncr.com/component: novnc annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: novnc pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a --- apiVersion: v1 kind: ServiceAccount metadata: name: novnc-client namespace: vnc labels: platform.edge.ncr.com/component: novnc annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: novnc pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a --- apiVersion: v1 kind: ConfigMap metadata: name: novnc-nginx-templates namespace: vnc labels: platform.edge.ncr.com/component: novnc annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: novnc pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a data: novnc.conf.template: | server { listen 80; listen [::]:80; server_name localhost; add_header Cache-Control no-cache; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location / { root /usr/share/nginx/html/novnc; index vnc_lite.html; } location /ws { resolver daemonsetdns.daemonsetdns.svc.cluster.local valid=1s ipv6=off; # blacklist all headers by default proxy_pass_request_headers off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header Connection ""; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Header whitelist proxy_set_header Origin $http_origin; proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions; if ($arg_token !~ "^[a-z0-9-.]+$") { return 400 "Unacceptable Node Name"; } proxy_read_timeout 900s; proxy_pass http://${arg_token}.vncserver.${NAMESPACE}.pod-locator:5900; # Disable proxy buffering proxy_buffering off; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } --- apiVersion: v1 kind: Service metadata: name: novnc namespace: vnc labels: platform.edge.ncr.com/component: novnc annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: novnc pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: type: ClusterIP selector: app: novnc platform.edge.ncr.com/component: novnc ports: - name: novnc protocol: TCP port: 80 targetPort: novnc-http-port --- apiVersion: apps/v1 kind: Deployment metadata: name: novnc labels: app: novnc platform.edge.ncr.com/component: novnc namespace: vnc annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: novnc pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: selector: matchLabels: app: novnc platform.edge.ncr.com/component: novnc template: metadata: labels: app: novnc platform.edge.ncr.com/component: novnc annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: novnc pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: serviceAccountName: novnc-client automountServiceAccountToken: true containers: - name: novnc image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/novnc@sha256:65bea0cada2942c6ca588625c33c83c707a4c9f191711331f54fa681e20df93c command: ["/bin/sh"] args: ["-c", "envsubst '$NAMESPACE' < /etc/nginx/templates/novnc.conf.template > /etc/nginx/conf.d/novnc.conf && nginx -g 'daemon off;'"] ports: - name: novnc-http-port containerPort: 80 env: - name: NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace resources: limits: cpu: "1m" memory: "4Mi" requests: cpu: "1m" memory: "2Mi" volumeMounts: - name: novnc-nginx-templates mountPath: /etc/nginx/templates imagePullPolicy: IfNotPresent volumes: - name: novnc-nginx-templates configMap: name: novnc-nginx-templates imagePullSecrets: - name: edge-docker-pull-secret