Text file src/edge-infra.dev/config/pallets/sds/wireguard/testing/client-b/deployment-client-b.yaml

Documentation: edge-infra.dev/config/pallets/sds/wireguard/testing/client-b

     1apiVersion: apps/v1
     2kind: Deployment
     3metadata:
     4  name: wireguard-client-b
     5  namespace: vpn
     6  labels:
     7    platform.edge.ncr.com/component: wireguard-client-b
     8spec:
     9  replicas: 1
    10  selector:
    11    matchLabels:
    12      platform.edge.ncr.com/component: wireguard-client-b
    13  template:
    14    metadata:
    15      labels:
    16        platform.edge.ncr.com/component: wireguard-client-b
    17    spec:
    18      containers:
    19      - name: wireguard
    20        image: bzl://cmd/sds/remoteaccess/wireguard:container_push
    21        command:
    22        - /bin/bash
    23        args:
    24        - -c
    25        - /entrypoint/wg-sync.sh
    26        ports:
    27        - protocol: TCP
    28          containerPort: 51820
    29        volumeMounts:
    30        - name: wireguard-config
    31          readOnly: true
    32          mountPath: /etc/wireguard/secret/
    33        imagePullPolicy: IfNotPresent
    34        securityContext:
    35          capabilities:
    36            add:
    37            - NET_ADMIN
    38            - NET_RAW
    39            - SYS_MODULE
    40            drop:
    41            - all
    42      volumes:
    43      - name: wireguard-config
    44        secret:
    45          optional: true
    46          secretName: wireguard-client-b
    47      imagePullSecrets:
    48      - name: edge-docker-pull-secret

View as plain text