142 lines
3.9 KiB
YAML
142 lines
3.9 KiB
YAML
# https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: cic-user-ussd-server
|
|
namespace: grassroots
|
|
labels:
|
|
app: cic-user-ussd-server
|
|
annotations:
|
|
keel.sh/policy: "glob:master-*"
|
|
keel.sh/trigger: poll
|
|
keel.sh/pollSchedule: "@every 5m"
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: cic-user-ussd-server
|
|
replicas: 1
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 25%
|
|
maxUnavailable: 25%
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: cic-user-ussd-server
|
|
group: cic
|
|
tier: backend
|
|
spec:
|
|
containers:
|
|
- name: cic-user-ussd-server
|
|
#image: registry.gitlab.com/grassrootseconomics/cic-internal-integration/cic-ussd:master-7a3cb7ab-1627053361 # {"$imagepolicy": "flux-system:cic-ussd"}
|
|
image: registry.gitlab.com/grassrootseconomics/cic-internal-integration/cic-ussd:latest
|
|
imagePullPolicy: Always
|
|
command: ["/root/start_cic_user_ussd_server.sh", "-vv"]
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 250Mi
|
|
env:
|
|
- name: APP_PASSWORD_PEPPER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: cic-ussd-secret
|
|
key: app_password_pepper
|
|
- name: DATABASE_USER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: postgresql-conn-common
|
|
key: DATABASE_USER
|
|
- name: DATABASE_HOST
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: postgresql-conn-common
|
|
key: DATABASE_HOST
|
|
- name: DATABASE_PORT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: postgresql-conn-common
|
|
key: DATABASE_PORT
|
|
- name: DATABASE_ENGINE
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: postgresql-conn-common
|
|
key: DATABASE_ENGINE
|
|
- name: DATABASE_DRIVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: postgresql-conn-common
|
|
key: DATABASE_DRIVER
|
|
- name: DATABASE_PASSWORD
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: postgresql-conn-common
|
|
key: DATABASE_PASSWORD
|
|
- name: DATABASE_POOL_SIZE
|
|
value: "0"
|
|
- name: CELERY_BROKER_URL
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: redis-conn-common
|
|
key: CELERY_BROKER_URL
|
|
- name: CELERY_RESULT_URL
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: redis-conn-common
|
|
key: CELERY_RESULT_URL
|
|
- name: REDIS_HOST
|
|
value: redis-master
|
|
- name: REDIS_PORT
|
|
value: "6379"
|
|
- name: REDIS_DATABASE
|
|
value: "0"
|
|
- name: DATABASE_NAME
|
|
value: cic_ussd
|
|
- name: SERVER_PORT
|
|
value: "9000"
|
|
- name: APP_ALLOWED_IP
|
|
value: "0.0.0.0/0"
|
|
- name: CIC_META_URL
|
|
value: http://cic-meta-server:80
|
|
- name: PGP_KEYS_PATH
|
|
value: /tmp/src/keys/
|
|
- name: PGP_EXPORTS_DIR
|
|
value: /tmp/src/keys/
|
|
- name: PGP_PRIVATE_KEYS
|
|
value: privatekey.asc
|
|
- name: PGP_PASSPHRASE
|
|
value: queenmarlena # TODO move to secret
|
|
- name: APP_PASSWORD_PEPPER
|
|
value: "QYbzKff6NhiQzY3ygl2BkiKOpER8RE/Upqs/5aZWW+I="
|
|
volumeMounts:
|
|
- mountPath: /tmp/src/keys
|
|
name: pgp
|
|
ports:
|
|
- containerPort: 9000
|
|
name: server
|
|
volumes:
|
|
- name: pgp
|
|
configMap:
|
|
name: pgp-meta-test
|
|
restartPolicy: Always
|
|
---
|
|
# https://kubernetes.io/docs/concepts/services-networking/service/
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: cic-user-ussd-svc
|
|
namespace: grassroots
|
|
spec:
|
|
selector:
|
|
app: cic-user-ussd-server
|
|
type: ClusterIP
|
|
ports:
|
|
- name: server
|
|
protocol: TCP
|
|
port: 80
|
|
targetPort: 9000
|