tusd/.infra/kube/tusd-kube.yaml

172 lines
4.0 KiB
YAML

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: tusd
namespace: tus
spec:
replicas: 2
template:
metadata:
labels:
app: tusd
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: cloud.google.com/gke-preemptible
operator: Exists
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- tusd
topologyKey: kubernetes.io/hostname
containers:
- image: docker.io/tusproject/tusd:latest
imagePullPolicy: Always
args: ["-gcs-bucket","tusd-public-demo","-port=8080","-behind-proxy","-max-size=20000000000"]
name: tusd
resources:
limits:
memory: "2Gi"
requests:
memory: "1Gi"
ports:
- name: tusd-web
containerPort: 8080
envFrom:
- configMapRef:
name: tusd-env
securityContext:
runAsUser: 0
fsGroup: 0
volumeMounts:
- name: tusd-account
mountPath: /gcs
- name: muescheli
image: "monostream/muescheli:18.11.1"
imagePullPolicy: Always
env:
- name: CLAMD_HOST
value: localhost
- name: CLAMD_PORT
value: '3310'
ports:
- containerPort: 8091
livenessProbe:
httpGet:
path: /liveness
port: 8091
readinessProbe:
httpGet:
path: /readiness
port: 8091
initialDelaySeconds: 30
- name: clamd
image: "monostream/clamav:0.99.3-r1"
imagePullPolicy: Always
ports:
- containerPort: 3310
name: api
protocol: TCP
readinessProbe:
exec:
command:
- readiness.sh
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 60
failureThreshold: 3
livenessProbe:
exec:
command:
- liveness.sh
initialDelaySeconds: 30
timeoutSeconds: 15
periodSeconds: 60
failureThreshold: 5
volumes:
- name: tusd-account
secret:
secretName: gcs-account
---
apiVersion: v1
kind: Service
metadata:
name: tusd
namespace: tus
spec:
ports:
- name: tusd-web
port: 80
targetPort: 8080
protocol: TCP
selector:
app: tusd
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: tusd
namespace: tus
annotations:
certmanager.k8s.io/cluster-issuer: "letsencrypt-prod"
certmanager.k8s.io/acme-challenge-type: "http01"
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/proxy-body-size: 0m
nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
spec:
tls:
- hosts:
- tusd.tus.io
secretName: tusd-tls
- hosts:
- master.tus.io
secretName: master-tls
rules:
- host: tusd.tus.io
http:
paths:
- path: /
backend:
serviceName: tusd
servicePort: 80
- host: master.tus.io
http:
paths:
- path: /
backend:
serviceName: tusd
servicePort: 80
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: tusd
namespace: tus
spec:
scaleTargetRef:
apiVersion: apps/v1beta1
kind: Deployment
name: tusd
minReplicas: 1
maxReplicas: 5
metrics:
- type: Resource
resource:
name: cpu
targetAverageUtilization: 80
- type: Resource
resource:
name: memory
targetAverageValue: 1800Mi