apiVersion: apps/v1
kind: Deployment
metadata:
name: foobar
labels: {}
# Make sure keel.sh pulls updates for this deployment
annotations:
keel.sh/policy: force
keel.sh/trigger: poll
spec:
replicas: 1
# Make sure we do not congest the network during rollout
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
selector:
matchLabels:
app: foobar
template:
prometheus.io/scrape: 'true'
prometheus.io/port: '5000'
labels:
component: camdetect
containers:
- name: camdetect
image: harbor.k-space.ee/k-space/camera-motion-detect:latest
ports:
- containerPort: 5000
name: "http"
resources:
requests:
memory: "64Mi"
cpu: "200m"
limits:
memory: "128Mi"
cpu: "1"
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
command:
- /app/camdetect.py
env:
- name: SOURCE_NAME
value: foobar
- name: S3_ENDPOINT_URL
value: http://minio:9000
- name: MJPEGSTREAMER_CREDENTIALS
valueFrom:
secretKeyRef:
name: application-secrets
key: MJPEGSTREAMER_CREDENTIALS
- name: MONGO_URI
name: mongodb-application-application
key: connectionString.standard
- name: AWS_SECRET_ACCESS_KEY
name: minio-secret
key: accesskey
- name: AWS_ACCESS_KEY_ID
key: secretkey
# Make sure 2+ pods of same camera are scheduled on different hosts
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- foobar
topologyKey: kubernetes.io/hostname
# Make sure camera deployments are spread over workers
topologySpreadConstraints:
- maxSkew: 1
whenUnsatisfiable: DoNotSchedule
labelSelector: