apiVersion: apps/v1 kind: Deployment metadata: name: shoal-api namespace: shoal labels: app.kubernetes.io/name: shoal app.kubernetes.io/component: api spec: replicas: 2 selector: matchLabels: app.kubernetes.io/name: shoal app.kubernetes.io/component: api template: metadata: labels: app.kubernetes.io/name: shoal app.kubernetes.io/component: api annotations: prometheus.io/scrape: "true" prometheus.io/port: "8080" prometheus.io/path: "/metrics" spec: securityContext: runAsNonRoot: true runAsUser: 10001 fsGroup: 10001 containers: - name: api image: ghcr.io/shoal-db/shoal:0.1.0 imagePullPolicy: IfNotPresent ports: - name: http containerPort: 8080 envFrom: - configMapRef: name: shoal-config - secretRef: name: shoal-credentials readinessProbe: httpGet: path: /healthz port: http initialDelaySeconds: 3 periodSeconds: 5 livenessProbe: httpGet: path: /healthz port: http initialDelaySeconds: 10 periodSeconds: 10 resources: requests: cpu: 500m memory: 1Gi limits: memory: 4Gi volumeMounts: - name: cache mountPath: /var/cache/shoal securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: drop: ["ALL"] volumes: - name: cache emptyDir: sizeLimit: 20Gi --- apiVersion: v1 kind: Service metadata: name: shoal-api namespace: shoal labels: app.kubernetes.io/name: shoal app.kubernetes.io/component: api spec: type: ClusterIP selector: app.kubernetes.io/name: shoal app.kubernetes.io/component: api ports: - name: http port: 8080 targetPort: http