1# Copyright 2021 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apps/v1
16kind: Deployment
17metadata:
18 name: <YOUR-DEPLOYMENT-NAME>
19spec:
20 replicas: 5
21 selector:
22 matchLabels:
23 app: <YOUR-APPLICATION-NAME>
24 template:
25 metadata:
26 labels:
27 app: <YOUR-APPLICATION-NAME>
28 spec:
29 serviceAccountName: <YOUR-KSA-NAME>
30 volumes:
31 - name: cacert
32 secret:
33 secretName: <YOUR-CA-SECRET>
34 items:
35 - key: tls.crt
36 path: cert.pem
37 containers:
38 - name: <YOUR-APPLICATION-NAME>
39 image: <YOUR-APPLICATION-CONTAINER>
40 ports:
41 - containerPort: 8080
42 volumeMounts:
43 - name: cacert
44 mountPath: "/etc/ca"
45 readOnly: true
46 env:
47 - name: DB_HOST
48 value: "<YOUR-SERVICE-NAME>.default.svc.cluster.local" # using the "default" namespace
49 - name: DB_USER
50 valueFrom:
51 secretKeyRef:
52 name: <YOUR-DB-SECRET>
53 key: username
54 - name: DB_PASS
55 valueFrom:
56 secretKeyRef:
57 name: <YOUR-DB-SECRET>
58 key: password
59 - name: DB_NAME
60 valueFrom:
61 secretKeyRef:
62 name: <YOUR-DB-SECRET>
63 key: database
64 - name: DB_PORT
65 value: "5432"
66 - name: CA_CERT
67 value: "/etc/ca/cert.pem"
View as plain text