107 lines
2.9 KiB
YAML
107 lines
2.9 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: foobar
|
|
labels: {}
|
|
|
|
# Make sure keel.sh pulls updates for this deployment
|
|
annotations:
|
|
keel.sh/policy: force
|
|
keel.sh/trigger: poll
|
|
spec:
|
|
replicas: 1
|
|
|
|
# Make sure we do not congest the network during rollout
|
|
strategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
maxSurge: 0
|
|
maxUnavailable: 1
|
|
selector:
|
|
matchLabels:
|
|
app: foobar
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
prometheus.io/scrape: 'true'
|
|
prometheus.io/port: '5000'
|
|
labels:
|
|
app: foobar
|
|
component: camdetect
|
|
spec:
|
|
containers:
|
|
- name: camdetect
|
|
image: harbor.k-space.ee/k-space/camera-motion-detect:latest
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /readyz
|
|
port: 5000
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 180
|
|
timeoutSeconds: 60
|
|
ports:
|
|
- containerPort: 5000
|
|
name: "http"
|
|
resources:
|
|
requests:
|
|
memory: "64Mi"
|
|
cpu: "200m"
|
|
limits:
|
|
memory: "128Mi"
|
|
cpu: "1"
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
command:
|
|
- /app/camdetect.py
|
|
env:
|
|
- name: SOURCE_NAME
|
|
value: foobar
|
|
- name: S3_BUCKET_NAME
|
|
value: application
|
|
- name: S3_ENDPOINT_URL
|
|
value: http://minio
|
|
- name: MJPEGSTREAMER_CREDENTIALS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: application-secrets
|
|
key: MJPEGSTREAMER_CREDENTIALS
|
|
- name: MONGO_URI
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: mongodb-application-readwrite
|
|
key: connectionString.standard
|
|
- name: AWS_SECRET_ACCESS_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: minio-secret
|
|
key: secretkey
|
|
- name: AWS_ACCESS_KEY_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: minio-secret
|
|
key: accesskey
|
|
|
|
# Make sure 2+ pods of same camera are scheduled on different hosts
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchExpressions:
|
|
- key: app
|
|
operator: In
|
|
values:
|
|
- foobar
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# Make sure camera deployments are spread over workers
|
|
topologySpreadConstraints:
|
|
- maxSkew: 1
|
|
topologyKey: kubernetes.io/hostname
|
|
whenUnsatisfiable: DoNotSchedule
|
|
labelSelector:
|
|
matchLabels:
|
|
app: foobar
|
|
component: camdetect
|