47 lines
1.2 KiB
YAML
47 lines
1.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "gemini.fullname" . }}-controller
|
|
labels:
|
|
app: gemini
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: gemini
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: gemini
|
|
spec:
|
|
{{- if .Values.rbac.create }}
|
|
serviceAccountName: {{ include "gemini.fullname" . }}-controller
|
|
{{- else }}
|
|
serviceAccountName: {{ .Values.rbac.serviceAccountName }}
|
|
{{- end }}
|
|
nodeSelector:
|
|
node-role.kubernetes.io/master: ""
|
|
tolerations:
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/master
|
|
containers:
|
|
- command:
|
|
- gemini
|
|
{{- with .Values.verbosity }}
|
|
- -v
|
|
- {{ . | quote }}
|
|
{{- end }}
|
|
image: '{{.Values.image.repository}}:{{.Values.image.tag}}'
|
|
imagePullPolicy: '{{.Values.image.pullPolicy}}'
|
|
name: gemini-controller
|
|
resources:
|
|
{{- toYaml .Values.resources | nindent 12 }}
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|