mirrors/zed
1
0
Fork 0
mirror of https://github.com/zed-industries/zed.git synced 2024-10-26 00:19:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
zed/server/k8s/manifest.template.yml
Max Brunsfeld 39ac723f5e Add SYS_ADMIN capability to the server container 
This will let us run perf(1) on the zed-server to debug
any performance problems we encounter in production.

Co-Authored-By: Nathan Sobo <nathan@zed.dev>
2021-09-29 14:53:20 -07:00

84 lines
2.1 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: ${ZED_KUBE_NAMESPACE}
---
kind: Service
apiVersion: v1
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: zed
annotations:
service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: "${ZED_LOAD_BALANCER_CERT_ID}"
spec:
type: LoadBalancer
selector:
app: zed
ports:
- name: web
protocol: TCP
port: 443
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: zed
spec:
replicas: 1
selector:
matchLabels:
app: zed
template:
metadata:
labels:
app: zed
spec:
containers:
- name: zed
image: "${ZED_IMAGE_ID}"
ports:
- containerPort: 8080
protocol: TCP
env:
- name: HTTP_PORT
value: "8080"
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: database
key: url
- name: SESSION_SECRET
valueFrom:
secretKeyRef:
name: session
key: secret
- name: GITHUB_APP_ID
valueFrom:
secretKeyRef:
name: github
key: appId
- name: GITHUB_CLIENT_ID
valueFrom:
secretKeyRef:
name: github
key: clientId
- name: GITHUB_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: github
key: clientSecret
- name: GITHUB_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: github
key: privateKey
securityContext:
capabilities:
# FIXME - Switch to the more restrictive `PERFMON` capability.
# This capability isn't yet available in a stable version of Debian.
add: ["SYS_ADMIN"]
Reference in a new issue View git blame Copy permalink