collab.template.yml

  1---
  2apiVersion: v1
  3kind: Namespace
  4metadata:
  5  name: ${ZED_KUBE_NAMESPACE}
  6
  7---
  8kind: Service
  9apiVersion: v1
 10metadata:
 11  namespace: ${ZED_KUBE_NAMESPACE}
 12  name: collab
 13  annotations:
 14    service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
 15    service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
 16    service.beta.kubernetes.io/do-loadbalancer-disable-lets-encrypt-dns-records: "true"
 17spec:
 18  type: LoadBalancer
 19  selector:
 20    app: collab
 21  ports:
 22    - name: web
 23      protocol: TCP
 24      port: 443
 25      targetPort: 8080
 26
 27---
 28apiVersion: apps/v1
 29kind: Deployment
 30metadata:
 31  namespace: ${ZED_KUBE_NAMESPACE}
 32  name: collab
 33
 34spec:
 35  replicas: 1
 36  selector:
 37    matchLabels:
 38      app: collab
 39  template:
 40    metadata:
 41      labels:
 42        app: collab
 43      annotations:
 44        ad.datadoghq.com/collab.check_names: |
 45          ["openmetrics"]
 46        ad.datadoghq.com/collab.init_configs: |
 47          [{}]
 48        ad.datadoghq.com/collab.instances: |
 49          [
 50              {
 51              "openmetrics_endpoint": "http://%%host%%:%%port%%/metrics",
 52              "namespace": "collab_${ZED_KUBE_NAMESPACE}",
 53              "metrics": [".*"]
 54              }
 55          ]
 56    spec:
 57      containers:
 58        - name: collab
 59          image: "${ZED_IMAGE_ID}"
 60          args:
 61            - serve
 62          ports:
 63            - containerPort: 8080
 64              protocol: TCP
 65          livenessProbe:
 66            httpGet:
 67              path: /healthz
 68              port: 8080
 69            initialDelaySeconds: 5
 70            periodSeconds: 5
 71            timeoutSeconds: 5
 72          readinessProbe:
 73            httpGet:
 74              path: /
 75              port: 8080
 76            initialDelaySeconds: 1
 77            periodSeconds: 1
 78          env:
 79            - name: HTTP_PORT
 80              value: "8080"
 81            - name: DATABASE_URL
 82              valueFrom:
 83                secretKeyRef:
 84                  name: database
 85                  key: url
 86            - name: DATABASE_MAX_CONNECTIONS
 87              value: "${DATABASE_MAX_CONNECTIONS}"
 88            - name: API_TOKEN
 89              valueFrom:
 90                secretKeyRef:
 91                  name: api
 92                  key: token
 93            - name: LIVE_KIT_SERVER
 94              valueFrom:
 95                secretKeyRef:
 96                  name: livekit
 97                  key: server
 98            - name: LIVE_KIT_KEY
 99              valueFrom:
100                secretKeyRef:
101                  name: livekit
102                  key: key
103            - name: LIVE_KIT_SECRET
104              valueFrom:
105                secretKeyRef:
106                  name: livekit
107                  key: secret
108            - name: INVITE_LINK_PREFIX
109              value: ${INVITE_LINK_PREFIX}
110            - name: RUST_BACKTRACE
111              value: "1"
112            - name: RUST_LOG
113              value: ${RUST_LOG}
114            - name: LOG_JSON
115              value: "true"
116            - name: ZED_ENVIRONMENT
117              value: ${ZED_ENVIRONMENT}
118          securityContext:
119            capabilities:
120              # FIXME - Switch to the more restrictive `PERFMON` capability.
121              # This capability isn't yet available in a stable version of Debian.
122              add: ["SYS_ADMIN"]