This repository has been archived by the owner on Jun 30, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 15
/
example-deployment.yaml
150 lines (133 loc) · 3.89 KB
/
example-deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# Example Kubernetes Deployment configuration for running the Traffic Server
# ingress controller. It will listen internally on ports 8080 and 8443, and
# expose ports 30080 and 30443 as a NodePort service. Use an external load
# balancer of some sort to route incoming traffic to those ports.
#
# For an example using a DaemonSet and a hostPort, see example-daemonset.yaml.
apiVersion: v1
kind: Namespace
metadata:
name: trafficserver
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: trafficserver
name: trafficserver
namespace: trafficserver
spec:
minReadySeconds: 30
selector:
matchLabels:
app: trafficserver
# Run two copies, for redundancy.
replicas: 2
# TS is safe to use with rolling updates, allowing it to be upgraded without
# any downtime as long as you run more than one copy.
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
template:
metadata:
labels:
app: trafficserver
spec:
# Create a volume for the TS cache. We use an emptyDir here. Each
# instance requires its own cache volume, so you cannot use a persistent
# volume (or hostPath, etc.) if deploying as a Deployment. Use a
# StatefulSet with a PV claim template if you want a fully persistent
# cache; but node that this emptyDir will only be emptied when the pod is
# deleted.
volumes:
- name: ts-storage
emptyDir: {}
containers:
- name: trafficserver
image: docker.io/torchbox/k8s-ts-ingress:v1.0.0-alpha9
imagePullPolicy: IfNotPresent
# Load the configuration map.
env:
name: TS_CONFIGMAP
value: trafficserver/ts-config
# The memory limit must be large enough for both TS itself, and its RAM
# cache, which is set to 64MB by default.
resources:
limits:
cpu: "1"
memory: 196Mi
requests:
cpu: 100m
memory: 196Mi
ports:
- containerPort: 8080
hostPort: 8080
name: http
protocol: TCP
- containerPort: 8443
hostPort: 8443
name: https
protocol: TCP
# Ensure TS's healthcheck fails before it stops serving requests, so it
# can be removed from any load balancer node list.
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- /bin/rm -f /run/ts-alive; sleep 20
# The probes use TS's healthchecks plugin, so this will only return
# successfully when TS is running. It does not currently check the
# health of the plugin, e.g. that it was able to contact the API server.
livenessProbe:
failureThreshold: 2
httpGet:
httpHeaders:
- name: Host
value: localhost
path: /__trafficserver_alive
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 3
successThreshold: 1
timeoutSeconds: 10
readinessProbe:
failureThreshold: 2
httpGet:
httpHeaders:
- name: Host
value: localhost
path: /__trafficserver_alive
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 3
successThreshold: 1
timeoutSeconds: 10
# Mount the cache storage we configured above.
volumeMounts:
- mountPath: /var/lib/trafficserver
name: ts-storage
---
apiVersion: v1
kind: Service
metadata:
name: trafficserver
namespace: trafficserver
spec:
type: NodePort
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
nodePort: 30080
- name: https
port: 8443
protocol: TCP
targetPort: 8443
nodePort: 30443