# Copyright © 2020 Interplanetary Database Association e.V.,
# Planetmint and IPDB software contributors.
# SPDX-License-Identifier: (Apache-2.0 AND CC-BY-4.0)
# Code is Apache-2.0 and docs are CC-BY-4.0
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: ngx-instance-0-dep
spec:
replicas: 1
template:
metadata:
labels:
app: ngx-instance-0-dep
spec:
terminationGracePeriodSeconds: 10
containers:
- name: nginx
image: planetmint/nginx_https:2.2.2
imagePullPolicy: Always
env:
- name: NODE_FRONTEND_PORT
valueFrom:
configMapKeyRef:
name: vars
key: node-frontend-port
- name: HEALTH_CHECK_PORT
valueFrom:
configMapKeyRef:
name: vars
key: node-health-check-port
- name: NODE_FQDN
valueFrom:
configMapKeyRef:
name: vars
key: node-fqdn
- name: DNS_SERVER
valueFrom:
configMapKeyRef:
name: vars
key: node-dns-server-ip
- name: MONGODB_BACKEND_HOST
valueFrom:
configMapKeyRef:
name: vars
key: ngx-mdb-instance-name
- name: MONGODB_BACKEND_PORT
valueFrom:
configMapKeyRef:
name: vars
key: mongodb-backend-port
- name: OPENRESTY_BACKEND_PORT
valueFrom:
configMapKeyRef:
name: vars
key: openresty-backend-port
- name: OPENRESTY_BACKEND_HOST
valueFrom:
configMapKeyRef:
name: vars
key: ngx-openresty-instance-name
- name: PLANETMINT_BACKEND_HOST
valueFrom:
configMapKeyRef:
name: vars
key: ngx-bdb-instance-name
- name: PLANETMINT_API_PORT
valueFrom:
configMapKeyRef:
name: vars
key: planetmint-api-port
- name: PLANETMINT_WS_PORT
valueFrom:
configMapKeyRef:
name: vars
key: planetmint-ws-port
- name: TM_PUB_KEY_ACCESS_PORT
valueFrom:
configMapKeyRef:
name: tendermint-config
key: bdb-pub-key-access
- name: TM_P2P_PORT
valueFrom:
configMapKeyRef:
name: tendermint-config
key: bdb-p2p-port
- name: AUTHORIZATION_MODE
valueFrom:
configMapKeyRef:
name: vars
key: authorization-mode
- name: SECRET_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: nginx-secret-header
key: secret-token
ports:
# return a pretty error message on port 80, since we are expecting
# HTTPS traffic.
- containerPort: 80
protocol: TCP
- containerPort: 443
protocol: TCP
- containerPort: 8888
protocol: TCP
name: ngx-port
- containerPort: 9986
protocol: TCP
name: bdb-pub-key
- containerPort: 26656
protocol: TCP
name: bdb-p2p-port
livenessProbe:
httpGet:
path: /health
port: ngx-port
initialDelaySeconds: 15
periodSeconds: 15
failureThreshold: 3
timeoutSeconds: 10
resources:
limits:
cpu: 200m
memory: 768Mi
volumeMounts:
- name: https-certs
mountPath: /etc/nginx/ssl/
readOnly: true
restartPolicy: Always
volumes:
- name: https-certs
secret:
secretName: https-certs
defaultMode: 0400