2021-04-30 23:09:59 +08:00
|
|
|
---
|
|
|
|
# Source: cilium/templates/hubble-relay-configmap.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: ConfigMap
|
|
|
|
metadata:
|
|
|
|
name: hubble-relay-config
|
|
|
|
namespace: kube-system
|
|
|
|
data:
|
|
|
|
config.yaml: |
|
|
|
|
peer-service: unix:///var/run/cilium/hubble.sock
|
|
|
|
listen-address: :4245
|
|
|
|
dial-timeout:
|
|
|
|
retry-timeout:
|
|
|
|
sort-buffer-len-max:
|
|
|
|
sort-buffer-drain-timeout:
|
|
|
|
tls-client-cert-file: /var/lib/hubble-relay/tls/client.crt
|
|
|
|
tls-client-key-file: /var/lib/hubble-relay/tls/client.key
|
|
|
|
tls-hubble-server-ca-files: /var/lib/hubble-relay/tls/hubble-server-ca.crt
|
2022-11-02 15:14:46 +08:00
|
|
|
disable-server-tls: {% if cilium_hubble_tls_generate %}false{% else %}true{% endif %}
|
|
|
|
disable-client-tls: {% if cilium_hubble_tls_generate %}false{% else %}true{% endif %}
|
2021-04-30 23:09:59 +08:00
|
|
|
---
|
2023-01-31 16:28:48 +08:00
|
|
|
# Source: cilium/templates/hubble-ui/configmap.yaml
|
2021-04-30 23:09:59 +08:00
|
|
|
apiVersion: v1
|
|
|
|
kind: ConfigMap
|
|
|
|
metadata:
|
2023-01-31 16:28:48 +08:00
|
|
|
name: hubble-ui-nginx
|
2021-04-30 23:09:59 +08:00
|
|
|
namespace: kube-system
|
|
|
|
data:
|
2023-01-31 16:28:48 +08:00
|
|
|
nginx.conf: |
|
|
|
|
server {
|
|
|
|
listen 8081;
|
|
|
|
{% if cilium_enable_ipv6 %}
|
|
|
|
listen [::]:8081;
|
|
|
|
{% endif %}
|
|
|
|
server_name localhost;
|
|
|
|
root /app;
|
|
|
|
index index.html;
|
|
|
|
client_max_body_size 1G;
|
|
|
|
|
|
|
|
location / {
|
|
|
|
proxy_set_header Host $host;
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
|
|
|
|
# CORS
|
|
|
|
add_header Access-Control-Allow-Methods "GET, POST, PUT, HEAD, DELETE, OPTIONS";
|
|
|
|
add_header Access-Control-Allow-Origin *;
|
|
|
|
add_header Access-Control-Max-Age 1728000;
|
|
|
|
add_header Access-Control-Expose-Headers content-length,grpc-status,grpc-message;
|
|
|
|
add_header Access-Control-Allow-Headers range,keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout;
|
|
|
|
if ($request_method = OPTIONS) {
|
|
|
|
return 204;
|
|
|
|
}
|
|
|
|
# /CORS
|
|
|
|
|
|
|
|
location /api {
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
proxy_pass_request_headers on;
|
|
|
|
proxy_hide_header Access-Control-Allow-Origin;
|
|
|
|
proxy_pass http://127.0.0.1:8090;
|
|
|
|
}
|
|
|
|
|
|
|
|
location / {
|
|
|
|
try_files $uri $uri/ /index.html;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|