apiVersion: apps/v1 kind: Deployment metadata: namespace: ${KUBE_NAMESPACE} name: backend-deployment spec: replicas: 1 selector: matchLabels: app: backend template: metadata: labels: app: backend spec: nodeSelector: ${WORKER_NODE_LABEL} initContainers: - name: wait-storage-init image: busybox:latest args: - /bin/sh - -c - > set -x; while [ $(curl -sw '%{http_code}' "storage-service:8070/health" -o /dev/null) -ne 200 ]; do sleep 15; done containers: - name: backend image: yoshiunfriendly/backend-hideyoshi.com imagePullPolicy: Always resources: requests: memory: "256Mi" cpu: "250m" limits: memory: "256Mi" cpu: "1000m" ports: - containerPort: 8070 readinessProbe: httpGet: path: /health port: 8070 initialDelaySeconds: 60 livenessProbe: httpGet: path: /health port: 8070 initialDelaySeconds: 60 env: - name: FRONTEND_PATH valueFrom: secretKeyRef: name: frontend-secret key: frontendUrl - name: TOKEN_SECRET valueFrom: secretKeyRef: name: backend-secret key: backendTokenSecret - name: ACCESS_TOKEN_DURATION valueFrom: secretKeyRef: name: backend-secret key: backendAccessTokenDuration - name: REFRESH_TOKEN_DURATION valueFrom: secretKeyRef: name: backend-secret key: backendRefreshTokenDuration - name: DEFAULT_USER_FULLNAME valueFrom: secretKeyRef: name: backend-secret key: backendDefaultUserFullName - name: DEFAULT_USER_EMAIL valueFrom: secretKeyRef: name: backend-secret key: backendDefaultUserEmail - name: DEFAULT_USER_USERNAME valueFrom: secretKeyRef: name: backend-secret key: backendDefaultUserUsername - name: DEFAULT_USER_PASSWORD valueFrom: secretKeyRef: name: backend-secret key: backendDefaultUserPassword - name: PORT valueFrom: configMapKeyRef: name: backend-config key: backend_port - name: GOOGLE_CLIENT_ID valueFrom: secretKeyRef: name: backend-secret key: backendGoogleClientId - name: GOOGLE_CLIENT_SECRET valueFrom: secretKeyRef: name: backend-secret key: backendGoogleClientSecret - name: GOOGLE_REDIRECT_URL valueFrom: secretKeyRef: name: backend-secret key: backendGoogleRedirectUrl - name: GITHUB_CLIENT_ID valueFrom: secretKeyRef: name: backend-secret key: backendGithubClientId - name: GITHUB_CLIENT_SECRET valueFrom: secretKeyRef: name: backend-secret key: backendGithubClientSecret - name: GITHUB_REDIRECT_URL valueFrom: secretKeyRef: name: backend-secret key: backendGithubRedirectUrl - name: POSTGRES_URL valueFrom: secretKeyRef: name: postgres-cn-cluster-app key: host - name: POSTGRES_DB valueFrom: secretKeyRef: name: postgres-cn-cluster-app key: dbname - name: DATABASE_URL value: "postgresql://$(POSTGRES_URL):5432/$(POSTGRES_DB)" - name: DATABASE_USERNAME valueFrom: secretKeyRef: name: postgres-cn-cluster-app key: user - name: DATABASE_PASSWORD valueFrom: secretKeyRef: name: postgres-cn-cluster-app key: password - name: REDIS_URL valueFrom: configMapKeyRef: name: redis-config key: redis-url - name: REDIS_PORT valueFrom: configMapKeyRef: name: redis-config key: redis-port - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: redis-secret key: redisPassword - name: STORAGE_SERVICE_URL valueFrom: configMapKeyRef: name: storage-config key: storage_url - name: STORAGE_SERVICE_PORT valueFrom: configMapKeyRef: name: storage-config key: storage_port - name: STORAGE_SERVICE_PATH value: "http://$(STORAGE_SERVICE_URL):$(STORAGE_SERVICE_PORT)" --- apiVersion: v1 kind: Service metadata: namespace: ${KUBE_NAMESPACE} name: backend-service spec: selector: app: backend ports: - port: 8070 protocol: TCP targetPort: 8070 type: ClusterIP