blob: 65d48e3647536687c7978e5663d5bcdee51e6472 [file] [log] [blame]
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: prod
name: maintnerd-deployment
spec:
replicas: 1 # MUST BE 1 FOR NOW
selector:
matchLabels:
app: maintnerd
strategy:
type: Recreate
template:
metadata:
labels:
app: maintnerd
annotations:
container.seccomp.security.alpha.kubernetes.io/maintnerd: docker/default
container.apparmor.security.beta.kubernetes.io/maintnerd: runtime/default
spec:
serviceAccountName: maintnerd
volumes:
- name: maintner-cache
persistentVolumeClaim:
claimName: maintner-cache-claim
containers:
- name: maintnerd
image: gcr.io/symbolic-datum-552/maintnerd:latest
imagePullPolicy: Always
command: ["/usr/bin/tini", "--", "/maintnerd", "--config=go", "--bucket=golang-maintner-log", "--verbose", "--data-dir=/cache", "-listen-https-selfsigned=:444"]
volumeMounts:
- mountPath: /cache
name: maintner-cache
ports:
- containerPort: 444
resources:
requests:
cpu: "1"
memory: "12Gi"
limits:
memory: "16Gi"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: prod
name: maintner-cache-claim
spec:
storageClassName: standard-rwo
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Gi
---
apiVersion: v1
kind: Service
metadata:
namespace: prod
name: maintnerd-internal
annotations:
cloud.google.com/neg: '{"ingress": false}'
cloud.google.com/app-protocols: '{"https":"HTTP2"}'
spec:
ports:
- port: 444
targetPort: 444
name: https
selector:
app: maintnerd
type: NodePort