Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save iliapolo/9f04aa34a738ac47be74952ca0212747 to your computer and use it in GitHub Desktop.
Save iliapolo/9f04aa34a738ac47be74952ca0212747 to your computer and use it in GitHub Desktop.
apiVersion: apps/v1
kind: Deployment
metadata:
name: aws-container-day-web-c8024530
spec:
minReadySeconds: 0
progressDeadlineSeconds: 600
replicas: 2
selector:
matchLabels:
cdk8s.io/metadata.addr: aws-container-day-Web-c80b2a40
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
cdk8s.io/metadata.addr: aws-container-day-Web-c80b2a40
spec:
automountServiceAccountToken: false
containers:
- image: web
imagePullPolicy: Always
name: main
resources:
limits:
cpu: 1500m
memory: 2048Mi
requests:
cpu: 1000m
memory: 512Mi
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 26000
runAsNonRoot: true
runAsUser: 25000
dnsPolicy: ClusterFirst
restartPolicy: Always
securityContext:
fsGroupChangePolicy: Always
runAsNonRoot: true
setHostnameAsFQDN: false
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allowegressc885000336ab59c03dcf7fa0944e165bb8-c87ec4c7
spec:
egress:
- ports: []
to:
- podSelector:
matchLabels:
cdk8s.io/metadata.addr: aws-container-day-Cache-c8850003
podSelector:
matchLabels:
cdk8s.io/metadata.addr: aws-container-day-Web-c80b2a40
policyTypes:
- Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allowingressundefinedc885000336ab59c03dcf7fa0-c81cf563
spec:
ingress:
- from:
- podSelector:
matchLabels:
cdk8s.io/metadata.addr: aws-container-day-Web-c80b2a40
ports: []
podSelector:
matchLabels:
cdk8s.io/metadata.addr: aws-container-day-Cache-c8850003
policyTypes:
- Ingress
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: aws-container-day-cache-c85447a0
spec:
minReadySeconds: 0
progressDeadlineSeconds: 600
replicas: 2
selector:
matchLabels:
cdk8s.io/metadata.addr: aws-container-day-Cache-c8850003
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
cdk8s.io/metadata.addr: aws-container-day-Cache-c8850003
spec:
automountServiceAccountToken: false
containers:
- image: cache
imagePullPolicy: Always
name: main
resources:
limits:
cpu: 1500m
memory: 2048Mi
requests:
cpu: 1000m
memory: 512Mi
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 26000
runAsNonRoot: true
runAsUser: 25000
dnsPolicy: ClusterFirst
restartPolicy: Always
securityContext:
fsGroupChangePolicy: Always
runAsNonRoot: true
setHostnameAsFQDN: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment