hailin
/
rwadurian
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
rwadurian/backend/mpc-system/k8s/session-coordinator-deploym...

190 lines
4.8 KiB
YAML
Raw Blame History

apiVersion: v1
kind: ServiceAccount
metadata:
name: mpc-session-coordinator
namespace: mpc-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: mpc-session-coordinator-role
namespace: mpc-system
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["services"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: mpc-session-coordinator-rolebinding
namespace: mpc-system
subjects:
- kind: ServiceAccount
name: mpc-session-coordinator
namespace: mpc-system
roleRef:
kind: Role
name: mpc-session-coordinator-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mpc-session-coordinator
namespace: mpc-system
labels:
app: mpc-session-coordinator
component: core
spec:
replicas: 2 # Can scale horizontally for high availability
selector:
matchLabels:
app: mpc-session-coordinator
template:
metadata:
labels:
app: mpc-session-coordinator
component: core
spec:
serviceAccountName: mpc-session-coordinator
containers:
- name: session-coordinator
image: mpc-system/session-coordinator:latest
imagePullPolicy: IfNotPresent
ports:
- name: grpc
containerPort: 50051
protocol: TCP
- name: http
containerPort: 8080
protocol: TCP
env:
- name: MPC_SERVER_GRPC_PORT
value: "50051"
- name: MPC_SERVER_HTTP_PORT
value: "8080"
- name: MPC_SERVER_ENVIRONMENT
valueFrom:
configMapKeyRef:
name: mpc-config
key: environment
- name: MPC_DATABASE_HOST
valueFrom:
configMapKeyRef:
name: mpc-config
key: postgres_host
- name: MPC_DATABASE_PORT
value: "5432"
- name: MPC_DATABASE_USER
valueFrom:
secretKeyRef:
name: mpc-secrets
key: postgres_user
- name: MPC_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: mpc-secrets
key: postgres_password
- name: MPC_DATABASE_DBNAME
value: "mpc_system"
- name: MPC_DATABASE_SSLMODE
value: "disable"
- name: MPC_REDIS_HOST
valueFrom:
configMapKeyRef:
name: mpc-config
key: redis_host
- name: MPC_REDIS_PORT
value: "6379"
- name: MPC_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: mpc-secrets
key: redis_password
optional: true
- name: MPC_RABBITMQ_HOST
valueFrom:
configMapKeyRef:
name: mpc-config
key: rabbitmq_host
- name: MPC_RABBITMQ_PORT
value: "5672"
- name: MPC_RABBITMQ_USER
valueFrom:
secretKeyRef:
name: mpc-secrets
key: rabbitmq_user
- name: MPC_RABBITMQ_PASSWORD
valueFrom:
secretKeyRef:
name: mpc-secrets
key: rabbitmq_password
- name: MPC_JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: mpc-secrets
key: jwt_secret_key
- name: MPC_JWT_ISSUER
value: "mpc-system"
# K8s service discovery configuration
- name: K8S_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: MPC_PARTY_SERVICE_NAME
value: "mpc-server-party"
- name: MPC_PARTY_LABEL_SELECTOR
value: "app=mpc-server-party"
- name: MPC_PARTY_GRPC_PORT
value: "50051"
- name: MPC_PARTY_DISCOVERY_INTERVAL
value: "30s"
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
---
apiVersion: v1
kind: Service
metadata:
name: mpc-session-coordinator
namespace: mpc-system
labels:
app: mpc-session-coordinator
spec:
selector:
app: mpc-session-coordinator
type: ClusterIP
ports:
- name: grpc
port: 50051
targetPort: 50051
protocol: TCP
- name: http
port: 8080
targetPort: 8080
protocol: TCP
Reference in New Issue View Git Blame Copy Permalink