kubernetes/manifests/west/graphql-server-deployment.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: graphql-server-deployment
namespace: hm
labels:
app.kubernetes.io/name: graphql-server
spec:
replicas: 1
selector:
matchLabels:
app: graphql-server
template:
metadata:
labels:
app: graphql-server
spec:
containers:
- name: graphql-server
image: ghcr.io/hongbo-miao/hm-graphql-server:latest
env:
- name: APP_ENV
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: app_env
- name: PORT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: port
- name: GRPC_SERVER_HOST
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: grpc_server_host
- name: GRPC_SERVER_PORT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: grpc_server_port
- name: OPA_HOST
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opa_host
- name: OPA_PORT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opa_port
- name: DGRAPH_HOST
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: dgraph_host
- name: DGRAPH_GRPC_PORT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: dgraph_grpc_port
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: redis_host
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: redis_port
- name: REDIS_DB
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: redis_db
- name: REDIS_PASSWORD
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: redis_password
- name: MINIO_ENDPOINT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: minio_endpoint
- name: MINIO_ACCESS_KEY_ID
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: minio_access_key_id
- name: MINIO_SECRET_ACCESS_KEY
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: minio_secret_access_key
- name: TORCH_SERVE_GRPC_HOST
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: torch_serve_grpc_host
- name: TORCH_SERVE_GRPC_PORT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: torch_serve_grpc_port
- name: OPEN_CENSUS_AGENT_HOST
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: open_census_agent_host
- name: OPEN_CENSUS_AGENT_PORT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: open_census_agent_port
- name: JWT_SECRET
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: jwt_secret
# ---- ELASTIC APM BEGIN ----
- name: ELASTIC_APM_SERVICE_NAME
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: elastic_apm_service_name
- name: ELASTIC_APM_SERVER_URL
valueFrom:
configMapKeyRef:
name: elastic-apm-configmap
key: elastic_apm_server_url
- name: ELASTIC_APM_ENVIRONMENT
valueFrom:
configMapKeyRef:
name: elastic-apm-configmap
key: elastic_apm_environment
- name: ELASTIC_APM_SECRET_TOKEN
valueFrom:
secretKeyRef:
name: hm-elastic-apm
key: token
- name: ELASTIC_APM_VERIFY_SERVER_CERT
valueFrom:
configMapKeyRef:
name: elastic-apm-configmap
key: elastic_apm_verify_server_cert
- name: ELASTIC_APM_SERVER_CERT
valueFrom:
configMapKeyRef:
name: elastic-apm-configmap
key: elastic_apm_server_cert
- name: ELASTIC_APM_LOG_LEVEL
valueFrom:
configMapKeyRef:
name: elastic-apm-configmap
key: elastic_apm_log_level
- name: ELASTIC_APM_LOG_FILE
valueFrom:
configMapKeyRef:
name: elastic-apm-configmap
key: elastic_apm_log_file
# ---- ELASTIC APM END ----
ports:
- name: graphql-server
protocol: TCP
containerPort: 31800
resources:
limits:
cpu: 50m
memory: 512M
requests:
cpu: 25m
memory: 256M
# ---- ELASTIC APM BEGIN ----
volumeMounts:
- name: elastic-apm-volume
mountPath: /data/elastic-apm
# ---- ELASTIC APM END ----
# ---- OPA BEGIN ----
- name: opal-client
image: ghcr.io/hongbo-miao/hm-opal-client:latest
env:
- name: OPAL_CLIENT_TOKEN
valueFrom:
secretKeyRef:
name: hm-opal-client-secret
key: opal_client_token
- name: OPAL_SERVER_URL
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_server_url
- name: OPAL_FETCH_PROVIDER_MODULES
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_fetch_provider_modules
# - name: OPAL_SHOULD_REPORT_ON_DATA_UPDATES
# valueFrom:
# configMapKeyRef:
# name: graphql-server-configmap
# key: opal_should_report_on_data_updates
# - name: OPAL_DEFAULT_UPDATE_CALLBACKS
# valueFrom:
# secretKeyRef:
# name: hm-opal-client-secret
# key: opal_default_update_callbacks
- name: OPAL_OPA_HEALTH_CHECK_POLICY_ENABLED
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_opa_health_check_policy_enabled
- name: OPAL_STATISTICS_ENABLED
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_statistics_enabled
- name: OPAL_INLINE_OPA_CONFIG
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_inline_opa_config
- name: OPAL_INLINE_OPA_LOG_FORMAT
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_inline_opa_log_format
- name: OPAL_LOG_MODULE_EXCLUDE_LIST
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_log_module_exclude_list
- name: OPAL_LOG_COLORIZE
valueFrom:
configMapKeyRef:
name: graphql-server-configmap
key: opal_log_colorize
ports:
- name: opal-client
protocol: TCP
containerPort: 7000
- name: opa
protocol: TCP
containerPort: 8181
volumeMounts:
- name: opa-volume
mountPath: /data/opa
# ---- OPA END ----
# ---- OPA BEGIN ----
volumes:
- name: opa-volume
persistentVolumeClaim:
claimName: opa-pvc
# ---- ELASTIC APM BEGIN ----
- name: elastic-apm-volume
persistentVolumeClaim:
claimName: elastic-apm-pvc
# ---- ELASTIC APM END ----
# ---- OPA END ----