apps/garage/garage.yaml (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 |
apiVersion: v1 kind: ConfigMap metadata: name: garage-config data: garage.toml: |- metadata_dir = "/mnt/meta" data_dir = "/mnt/data" db_engine = "lmdb" block_size = 1048576 replication_mode = "1" compression_level = 1 rpc_bind_addr = "[::]:3901" bootstrap_peers = [] [kubernetes_discovery] namespace = "default" service_name = "garage" skip_crd = false [s3_api] s3_region = "garage" api_bind_addr = "[::]:3900" root_domain = "garage.default.svc.koti.lan" [s3_web] bind_addr = "[::]:3902" root_domain = "garage.koti.lan" index = "index.html" [admin] api_bind_addr = "[::]:3903" --- apiVersion: v1 kind: Service metadata: name: garage labels: app.kubernetes.io/name: garage app.kubernetes.io/instance: garage annotations: prometheus.io/scrape: "true" prometheus.io/port: "3903" prometheus.io/path: "/metrics" spec: type: ClusterIP ports: - port: 3900 targetPort: 3900 protocol: TCP name: s3-api - port: 80 targetPort: 3902 protocol: TCP name: s3-web - port: 3903 targetPort: 3903 protocol: TCP name: admin selector: app.kubernetes.io/name: garage app.kubernetes.io/instance: garage --- apiVersion: apps/v1 kind: StatefulSet metadata: name: garage labels: app.kubernetes.io/name: garage app.kubernetes.io/instance: garage spec: selector: matchLabels: app.kubernetes.io/name: garage app.kubernetes.io/instance: garage replicas: 1 serviceName: garage podManagementPolicy: OrderedReady template: metadata: labels: app.kubernetes.io/name: garage app.kubernetes.io/instance: garage spec: serviceAccountName: garage securityContext: fsGroup: 1000 runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 containers: - name: garage securityContext: capabilities: drop: - ALL readOnlyRootFilesystem: true image: "dxflrs/amd64_garage:v1.0.0" imagePullPolicy: IfNotPresent ports: - containerPort: 3900 name: s3-api - containerPort: 3902 name: web-api - containerPort: 3903 name: admin volumeMounts: - name: meta mountPath: /mnt/meta - name: data mountPath: /mnt/data - name: config mountPath: /etc/garage.toml subPath: garage.toml env: - name: GARAGE_RPC_SECRET valueFrom: secretKeyRef: name: garage-rpc-secret key: rpcSecret volumes: - name: config configMap: name: garage-config volumeClaimTemplates: - metadata: name: meta spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: "100Mi" - metadata: name: data spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: "30Gi" |