kubernetes/manifests/hasura/hasura-deployment.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hasura-deployment
namespace: hm-hasura
labels:
app.kubernetes.io/name: hasura
app: hasura
hasuraService: custom
spec:
replicas: 1
selector:
matchLabels:
app: hasura
template:
metadata:
creationTimestamp: null
labels:
app: hasura
spec:
shareProcessNamespace: true
containers:
- image: docker.io/hasura/graphql-engine:v2.25.1-ce.cli-migrations-v3
name: hasura-graphql-engine
# https://hasura.io/docs/latest/graphql/core/deployment/graphql-engine-flags/reference/
env:
- name: HASURA_GRAPHQL_METADATA_DATABASE_URL
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_metadata_database_url
- name: HASURA_GRAPHQL_OPA_DB_URL
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_opa_db_url
- name: HASURA_GRAPHQL_TWITTER_DB_URL
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_twitter_db_url
- name: HASURA_GRAPHQL_SERVER_PORT
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_server_port
- name: HASURA_GRAPHQL_ADMIN_SECRET
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_admin_secret
- name: HASURA_GRAPHQL_UNAUTHORIZED_ROLE
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_unauthorized_role
- name: HASURA_GRAPHQL_ENABLE_ALLOWLIST
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_enable_allowlist
- name: HASURA_GRAPHQL_ENABLE_REMOTE_SCHEMA_PERMISSIONS
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_enable_remote_schema_permissions
- name: HASURA_GRAPHQL_ENABLED_LOG_TYPES
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_enabled_log_types
- name: HASURA_GRAPHQL_LOG_LEVEL
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_log_level
- name: HASURA_GRAPHQL_ENABLE_CONSOLE
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_enable_console
- name: HASURA_GRAPHQL_DEV_MODE
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_dev_mode
- name: HASURA_GRAPHQL_ENABLE_TELEMETRY
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_enable_telemetry
# - name: HASURA_GRAPHQL_MIGRATIONS_DIR
# valueFrom:
# configMapKeyRef:
# name: hasura-configmap
# key: hasura_graphql_migrations_dir
# - name: HASURA_GRAPHQL_METADATA_DIR
# valueFrom:
# configMapKeyRef:
# name: hasura-configmap
# key: hasura_graphql_metadata_dir
ports:
- name: hasura-engine
protocol: TCP
containerPort: 16020
livenessProbe:
httpGet:
path: /healthz
port: hasura-engine
readinessProbe:
httpGet:
path: /healthz
port: hasura-engine
command: [
"/bin/sh", "-c", "rm -f /tmp/log/stdout.log && mkfifo /tmp/log/stdout.log && /bin/graphql-engine serve | tee /tmp/log/stdout.log"
]
volumeMounts:
# - name: hasura-graphql-engine-volume
# mountPath: /data/hasura/hasura-graphql-engine
- name: log-volume
mountPath: /tmp/log
- image: ghcr.io/afitzek/hasura-metric-adapter:v0.2.1
name: hasura-metric-adapter
env:
- name: LOG_FILE
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: log_file
- name: LISTEN_ADDR
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: listen_addr
- name: HASURA_GRAPHQL_ADMIN_SECRET
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_admin_secret
- name: HASURA_GRAPHQL_ENDPOINT
valueFrom:
configMapKeyRef:
name: hasura-configmap
key: hasura_graphql_endpoint
ports:
- name: hasura-metrics
protocol: TCP
containerPort: 16021
volumeMounts:
- name: log-volume
mountPath: /tmp/log
# - image: ghcr.io/hongbo-miao/hm-traefik:latest
- image: docker.io/traefik:v2.10.1
name: traefik
ports:
- name: traefik-hasura
protocol: TCP
containerPort: 16022
- name: traefik-admin
protocol: TCP
containerPort: 8080
volumeMounts:
- name: traefik-configmap-volume
mountPath: /etc/traefik/
volumes:
# hasura-graphql-engine
# - name: hasura-graphql-engine-volume
# persistentVolumeClaim:
# claimName: hasura-graphql-engine-pvc
# hasura-metric-adapter
- name: log-volume
emptyDir: {}
# traefik
- name: traefik-configmap-volume
configMap:
name: traefik-configmap