GitOps for k8s
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

flux-deployment.yaml 4.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119
  1. ---
  2. apiVersion: apps/v1
  3. kind: Deployment
  4. metadata:
  5. name: flux
  6. spec:
  7. replicas: 1
  8. selector:
  9. matchLabels:
  10. name: flux
  11. strategy:
  12. type: Recreate
  13. template:
  14. metadata:
  15. annotations:
  16. prometheus.io.port: "3031" # tell prometheus to scrape /metrics endpoint's port.
  17. labels:
  18. name: flux
  19. spec:
  20. serviceAccountName: flux
  21. volumes:
  22. - name: git-key
  23. secret:
  24. secretName: flux-git-deploy
  25. defaultMode: 0400 # when mounted read-only, we won't be able to chmod
  26. # This is a tmpfs used for generating SSH keys. In K8s >= 1.10,
  27. # mounted secrets are read-only, so we need a separate volume we
  28. # can write to.
  29. - name: git-keygen
  30. emptyDir:
  31. medium: Memory
  32. # The following volume is for using a customised known_hosts
  33. # file, which you will need to do if you host your own git
  34. # repo rather than using github or the like. You'll also need to
  35. # mount it into the container, below. See
  36. # https://github.com/weaveworks/flux/blob/master/site/standalone-setup.md#using-a-private-git-host
  37. # - name: ssh-config
  38. # configMap:
  39. # name: flux-ssh-config
  40. # The following volume is for using a customised .kube/config,
  41. # which you will need to do if you wish to have a different
  42. # default namespace. You will also need to provide the configmap
  43. # with an entry for `config`, and uncomment the volumeMount and
  44. # env entries below.
  45. # - name: kubeconfig
  46. # configMap:
  47. # name: flux-kubeconfig
  48. containers:
  49. - name: flux
  50. # There are no ":latest" images for flux. Find the most recent
  51. # release or image version at https://hub.docker.com/r/weaveworks/flux/tags
  52. # and replace the tag here.
  53. image: docker.io/weaveworks/flux:1.12.0
  54. imagePullPolicy: IfNotPresent
  55. resources:
  56. requests:
  57. cpu: 50m
  58. memory: 64Mi
  59. ports:
  60. - containerPort: 3030 # informational
  61. volumeMounts:
  62. - name: git-key
  63. mountPath: /etc/fluxd/ssh # to match location given in image's /etc/ssh/config
  64. readOnly: true # this will be the case perforce in K8s >=1.10
  65. - name: git-keygen
  66. mountPath: /var/fluxd/keygen # to match location given in image's /etc/ssh/config
  67. # Include this if you need to mount a customised known_hosts
  68. # file; you'll also need the volume declared above.
  69. # - name: ssh-config
  70. # mountPath: /root/.ssh
  71. # Include this and the volume "kubeconfig" above, and the
  72. # environment entry "KUBECONFIG" below, to override the config
  73. # used by kuebctl.
  74. # - name: kubeconfig
  75. # mountPath: /etc/fluxd/kube
  76. # Include this to point kubectl at a different config; you
  77. # will need to do this if you have mounted an alternate config
  78. # from a configmap, as in commented blocks above.
  79. # env:
  80. # - name: KUBECONFIG
  81. # value: /etc/fluxd/kube/config
  82. args:
  83. # if you deployed memcached in a different namespace to flux,
  84. # or with a different service name, you can supply these
  85. # following two arguments to tell fluxd how to connect to it.
  86. # - --memcached-hostname=memcached.default.svc.cluster.local
  87. # use the memcached ClusterIP service name by setting the
  88. # memcached-service to string empty
  89. - --memcached-service=
  90. # this must be supplied, and be in the tmpfs (emptyDir)
  91. # mounted above, for K8s >= 1.10
  92. - --ssh-keygen-dir=/var/fluxd/keygen
  93. # replace or remove the following URL
  94. - --git-url=git@github.com:weaveworks/flux-get-started
  95. - --git-branch=master
  96. # include this if you want to restrict the manifests considered by flux
  97. # to those under the following relative paths in the git repository
  98. # - --git-path=subdir1,subdir2
  99. # include these next two to connect to an "upstream" service
  100. # (e.g., Weave Cloud). The token is particular to the service.
  101. # - --connect=wss://cloud.weave.works/api/flux
  102. # - --token=abc123abc123abc123abc123
  103. # serve /metrics endpoint at different port.
  104. # make sure to set prometheus' annotation to scrape the port value.
  105. - --listen-metrics=:3031