-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathk8s-deployment.yml
88 lines (87 loc) · 2.97 KB
/
k8s-deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
apiVersion: apps/v1
kind: Deployment
metadata:
name: puma
labels:
component: app-server
spec:
replicas: 3 # do not set lower than 2 otherwise pod disruption budget will prevent maintenance
revisionHistoryLimit: 5
selector:
matchLabels:
component: app-server
template:
metadata:
labels:
component: app-server
spec:
containers:
- name: puma
image: skillstream/ssnext:latest
imagePullPolicy: Always
ports:
- containerPort: 3000
resources:
requests:
cpu: 100m
memory: 400Mi
limits:
cpu: 1000m
memory: 1Gi
startupProbe:
httpGet:
path: /ready
port: 3000
periodSeconds: 5
failureThreshold: 12
env:
- name: RAILS_ENV
value: production
- name: RUBY_YJIT_ENABLE
value: "1"
- name: RAILS_MASTER_KEY
valueFrom: {secretKeyRef: {name: secrets, key: rails-master-key}}
- name: PGHOST
valueFrom: {secretKeyRef: {name: hippo-pguser-ssnext, key: host}}
- name: PGHOST_REPLICA
valueFrom: {configMapKeyRef: {name: config, key: replica-host, optional: true}}
- name: PGPORT
valueFrom: {secretKeyRef: {name: hippo-pguser-ssnext, key: port}}
- name: PGDATABASE
valueFrom: {secretKeyRef: {name: hippo-pguser-ssnext, key: dbname}}
- name: PGUSER
valueFrom: {secretKeyRef: {name: hippo-pguser-ssnext, key: user}}
- name: PGPASSWORD
valueFrom: {secretKeyRef: {name: hippo-pguser-ssnext, key: password}}
- name: RAILS_SERVE_STATIC_FILES
value: "true"
- name: STAGE
valueFrom: {configMapKeyRef: {name: config, key: stage}}
- name: FQDN
valueFrom: {configMapKeyRef: {name: config, key: fqdn}}
- name: REDIS
valueFrom: {configMapKeyRef: {name: config, key: redis}}
- name: MEMCACHED_HOSTS
valueFrom: {configMapKeyRef: {name: config, key: memcached-hosts}}
- name: AWS_ACCESS_KEY_ID
valueFrom: {secretKeyRef: {name: secrets, key: aws-access-key-id}}
- name: AWS_SECRET_ACCESS_KEY
valueFrom: {secretKeyRef: {name: secrets, key: aws-secret-access-key}}
- name: AWS_REGION
valueFrom: {configMapKeyRef: {name: config, key: aws-region}}
- name: AWS_BUCKET
valueFrom: {configMapKeyRef: {name: config, key: aws-bucket, optional: true}}
- name: NEW_RELIC_MONITOR_MODE
valueFrom: {configMapKeyRef: {name: config, key: new-relic-monitor-mode, optional: true}}
- name: NEW_RELIC_LICENSE
valueFrom: {secretKeyRef: {name: secrets, key: new-relic-license, optional: true}}
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: puma-pdb
spec:
minAvailable: 1 # prevent maintenance from taking app completely offline
selector:
matchLabels:
component: app-server