phoenix-oss/tenant-demo
1
0
Fork 0
generated from phoenix-oss/tenant-tpl
Code Issues 1 Pull requests 3 Projects Releases Packages Wiki Activity Actions

Compare commits

base: phoenix-oss:c0ee377b215f052a93efb9a4510cb71196f49cff
Branches Tags
phoenix-oss:main
phoenix-oss:renovate/nginx-21.x
phoenix-oss:renovate/quay.io-containerdisks-ubuntu-24.x
phoenix-oss:renovate/helmrelease-2.x
..
compare: phoenix-oss:36ecc280d091ea1e9745b125eb85f43306ccbdfe
Branches Tags
phoenix-oss:main
phoenix-oss:renovate/nginx-21.x
phoenix-oss:renovate/quay.io-containerdisks-ubuntu-24.x
phoenix-oss:renovate/helmrelease-2.x

6 commits
c0ee377b21 ... 36ecc280d0

Author SHA1 Message Date
Renovate Bot
36ecc280d0 feat(docker-image)!: Update nginx Docker tag to v21 2025-07-09 11:16:25 +00:00
maximilian.bartz
9980d50b07 test with masq 2025-07-09 12:34:37 +02:00
maximilian.bartz
6a719ccdc8 set SB to false 2025-07-09 12:08:25 +02:00
maximilian.bartz
516c1bd034 added secure boot again 2025-07-09 12:07:05 +02:00
maximilian.bartz
da7f7f73c1 added object 2025-07-09 12:02:58 +02:00
maximilian.bartz
410cb99173 change port and add lb 2025-07-09 12:00:51 +02:00
3 changed files with 40 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

23
firewall-s3/vm/fortigate.yaml
View file

@ -3,6 +3,8 @@ kind: VirtualMachine
metadata: metadata:
name: fortigate-s3 name: fortigate-s3
namespace: ${TENANT_NAMESPACE} namespace: ${TENANT_NAMESPACE}
annotations:
#kubevirt.io/allow-pod-bridge-network-live-migration:
spec: spec:
dataVolumeTemplates: dataVolumeTemplates:
- metadata: - metadata:
@ -29,26 +31,23 @@ spec:
guest: 4Gi guest: 4Gi
features: features:
acpi: {} acpi: {}
smm: smm:
enabled: true enabled: true
firmware: firmware:
bootloader: bootloader:
efi: efi:
secureBoot: true secureBoot: false
devices: devices:
rng: {} rng: {}
networkInterfaceMultiqueue: true networkInterfaceMultiqueue: true
interfaces: interfaces:
- name: internal - name: external
masquerade: {} masquerade: {}
ports: ports:
- port: 500 - port: 4500
- port: 4500 - port: 443
#- name: external - port: 22
# masquerade: {} - port: 500
# ports:
# - port: 500
# - port: 4500
disks: disks:
- disk: - disk:
bus: sata bus: sata
@ -61,9 +60,7 @@ spec:
memory: 4Gi memory: 4Gi
cpu: 2 cpu: 2
networks: networks:
#- name: external - name: external
# pod: {}
- name: internal
pod: {} pod: {}
terminationGracePeriodSeconds: 180 terminationGracePeriodSeconds: 180
volumes: volumes:

2
network/ks-lb.yaml
View file

@ -1,7 +1,7 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1 apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization kind: Kustomization
metadata: metadata:
name: &app windows-lb name: &app lb
namespace: ${TENANT_NAMESPACE} namespace: ${TENANT_NAMESPACE}
spec: spec:
commonMetadata: commonMetadata:

29
network/loadbalancers/fortigate-lb.yaml Normal file
View file

@ -0,0 +1,29 @@
---
apiVersion: v1
kind: Service
metadata:
name: fortigate-lb
namespace: ${TENANT_NAMESPACE}
labels:
app.kubernetes.io/component: fortigate-lb
spec:
type: LoadBalancer
ports:
- port: 4500
name: ipsec-nat
targetPort: 4500
protocol: UDP
- port: 500
name: key-management
targetPort: 500
protocol: UDP
- port: 22
name: ssh
targetPort: 22
protocol: TCP
- port: 443
name: https
targetPort: 443
protocol: TCP
selector:
kubevirt.io/domain: fortigate-s3