diff --git a/garage/resources/workload.yaml b/garage/resources/workload.yaml index 67ce4f2..79016e0 100644 --- a/garage/resources/workload.yaml +++ b/garage/resources/workload.yaml @@ -16,53 +16,49 @@ spec: serviceAccountName: garage priorityClassName: system-cluster-critical containers: - - name: garage - image: garage - env: - - name: GARAGE_ADMIN_TOKEN - valueFrom: - secretKeyRef: - name: garage-secrets - key: admin-token - - name: GARAGE_RPC_SECRET - valueFrom: - secretKeyRef: - name: garage-secrets - key: rpc-secret - ports: - - containerPort: 3900 - name: s3-api - - containerPort: 3902 - name: s3-web - - containerPort: 3903 - name: metrics - volumeMounts: - - name: garage-data - mountPath: /srv/garage - - name: garage-config - mountPath: /etc/garage.toml - subPath: garage.toml - readOnly: true - resources: - requests: - cpu: 300m - memory: 280Mi - limits: - cpu: 750m - memory: 500Mi - readinessProbe: - httpGet: - port: 3903 - path: /health - livenessProbe: - httpGet: - port: 3903 - path: /health - securityContext: - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true + - name: garage + image: garage + env: + - name: GARAGE_ADMIN_TOKEN + valueFrom: + secretKeyRef: + name: garage-secrets + key: admin-token + - name: GARAGE_RPC_SECRET + valueFrom: + secretKeyRef: + name: garage-secrets + key: rpc-secret + ports: + - containerPort: 3900 + name: s3-api + - containerPort: 3902 + name: s3-web + - containerPort: 3903 + name: metrics + volumeMounts: + - name: garage-data + mountPath: /srv/garage + - name: garage-config + mountPath: /etc/garage.toml + subPath: garage.toml + readOnly: true + resources: + requests: + cpu: 300m + memory: 280Mi + limits: + cpu: 750m + memory: 500Mi + readinessProbe: + httpGet: + port: 3903 + path: /health + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true nodeSelector: k8s.icb4dc0.de/storage-node: "true" affinity: @@ -77,15 +73,15 @@ spec: - arm64 podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - fider - topologyKey: topology.kubernetes.io/zone + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - fider + topologyKey: topology.kubernetes.io/zone securityContext: runAsUser: 1000 runAsGroup: 1000 @@ -99,11 +95,11 @@ spec: - key: garage.toml path: garage.toml volumeClaimTemplates: - - metadata: - name: garage-data - spec: - accessModes: [ "ReadWriteOnce" ] - storageClassName: hcloud-volumes-xfs - resources: - requests: - storage: 20Gi + - metadata: + name: garage-data + spec: + accessModes: ["ReadWriteOnce"] + storageClassName: hcloud-volumes-xfs + resources: + requests: + storage: 20Gi