GitOps for k8s
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

flux-deployment.yaml 2.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263
  1. ---
  2. apiVersion: apps/v1beta1
  3. kind: Deployment
  4. metadata:
  5. name: flux
  6. spec:
  7. replicas: 1
  8. strategy:
  9. type: Recreate
  10. template:
  11. metadata:
  12. labels:
  13. name: flux
  14. spec:
  15. serviceAccount: flux
  16. volumes:
  17. - name: git-key
  18. secret:
  19. secretName: flux-git-deploy
  20. defaultMode: 0400 # when mounted read-only, we won't be able to chmod
  21. # This is a tmpfs used for generating SSH keys. In K8s >= 1.10,
  22. # mounted secrets are read-only, so we need a separate volume we
  23. # can write to.
  24. - name: git-keygen
  25. emptyDir:
  26. medium: Memory
  27. containers:
  28. - name: flux
  29. # There are no ":latest" images for flux. Find the most recent
  30. # release or image version at https://quay.io/weaveworks/flux
  31. # and replace the tag here.
  32. image: quay.io/weaveworks/flux:1.4.0
  33. imagePullPolicy: IfNotPresent
  34. ports:
  35. - containerPort: 3030 # informational
  36. volumeMounts:
  37. - name: git-key
  38. mountPath: /etc/fluxd/ssh # to match image's ~/.ssh/config
  39. readOnly: true # this will be the case perforce in K8s >=1.10
  40. - name: git-keygen
  41. mountPath: /var/fluxd/keygen # to match image's ~/.ssh/config
  42. args:
  43. # if you deployed memcached in a different namespace to flux,
  44. # or with a different service name, you can supply these
  45. # following two arguments to tell fluxd how to connect to it.
  46. # - --memcached-hostname=memcached.default.svc.cluster.local
  47. # - --memcached-service=memcached
  48. # this must be supplied, and be in the tmpfs (emptyDir)
  49. # mounted above, for K8s >= 1.10
  50. - --ssh-keygen-dir=/var/fluxd/keygen
  51. # replace (at least) the following URL
  52. - --git-url=git@github.com:weaveworks/flux-example
  53. - --git-branch=master
  54. # include these next two to connect to an "upstream" service
  55. # (e.g., Weave Cloud). The token is particular to the service.
  56. # - --connect=wss://cloud.weave.works/api/flux
  57. # - --token=abc123abc123abc123abc123