Identity Manager 元件使用多個連接埠來相互通訊。防火牆中預設已開啟這些連接埠。若要查看 Identity Manager 元件使用的連接埠,請參閱《NetIQ Identity Manager Security Guide》(NetIQ Identity Manager 安全性指南) 中的「Understanding Identity Manager Communication」(瞭解 Identity Manager 通訊)。
kind: PersistentVolume
apiVersion: v1
metadata:
name: task-pv-volume
labels:
type: nfs
spec:
storageClassName: manual
capacity:
storage: 3Gi
accessModes:
- ReadWriteMany
hostPath:
path: '/mnt'
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: task-pv-claim1
spec:
storageClassName: manual
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Pod
metadata:
labels:
name: identity-engine
name: identity-engine
spec:
nodeSelector:
kubernetes.io/hostname:
hostNetwork: true
containers:
-
image: <image name>
name: identity-engine-container
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: "1"
memory: 1Gi
volumeMounts:
- name: data
mountPath: /config
env:
- name: UPGRADE_IDM
value:
- name: IS_ADVANCED_EDITION
value:
- name: INSTALL_ENGINE
value:
- name: INSTALL_IDVAULT
value:
- name: IS_COMMON_PASSWORD
value:
- name: COMMON_PASSWORD
value:
- name: TREE_CONFIG
value:
- name: ID_VAULT_PASSWORD
value:
- name: ID_VAULT_EXISTING_SERVER
value:
- name: ID_VAULT_EXISTING_NCP_PORT
value:
- name: ID_VAULT_EXISTING_LDAPS_PORT
value:
- name: ID_VAULT_EXISTING_CONTEXTDN
value:
- name: ID_VAULT_TREENAME
value:
- name: ID_VAULT_ADMIN_LDAP
value:
- name: ID_VAULT_ADMIN
value:
- name: ID_VAULT_PASSWORD
value:
- name: ID_VAULT_VARDIR
value:
- name: ID_VAULT_DIB
value: '
- name: ID_VAULT_NCP_PORT
value:
- name: ID_VAULT_LDAP_PORT
value:
- name: ID_VAULT_LDAPS_PORT
value:
- name: ID_VAULT_HTTP_PORT
value:
- name: ID_VAULT_HTTPS_PORT
value:
- name: ID_VAULT_CONF
value:
- name: ID_VAULT_DRIVER_SET
value:
- name: ID_VAULT_DEPLOY_CTX
value:
- name: ID_VAULT_SERVER_CONTEXT
value:
volumes:
- name: data
persistentVolumeClaim:
claimName: task-pv-claim1