pganti/ats.yaml

## ats.yaml
# Example Kubernetes Deployment configuration for running the Traffic Server
# ingress controller.  It will listen internally on ports 8080 and 8443, and
# expose ports 30080 and 30443 as a NodePort service.  Use an external load
# balancer of some sort to route incoming traffic to those ports.
#
# For an example using a DaemonSet and a hostPort, see example-daemonset.yaml.

apiVersion: v1
kind: Namespace
metadata:
  name: trafficserver

---

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: trafficserver
  name: trafficserver
  namespace: trafficserver
spec:
  minReadySeconds: 30

  selector:
    matchLabels:
      app: trafficserver

  # Run two copies, for redundancy.
  replicas: 2

  # TS is safe to use with rolling updates, allowing it to be upgraded without
  # any downtime as long as you run more than one copy.
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 0
      maxSurge: 1

  template:
    metadata:
      labels:
        app: trafficserver
    spec:
      # Create a volume for the TS cache.  We use an emptyDir here.  Each
      # instance requires its own cache volume, so you cannot use a persistent
      # volume (or hostPath, etc.) if deploying as a Deployment.  Use a
      # StatefulSet with a PV claim template if you want a fully persistent
      # cache; but node that this emptyDir will only be emptied when the pod is
      # deleted.
      volumes:
      - name: ts-storage
        emptyDir: {}

      containers:
      - name: trafficserver
        image: docker.io/torchbox/k8s-ts-ingress:v1.0.0-alpha9
        imagePullPolicy: IfNotPresent

        # Load the configuration map.
        env:
          name: TS_CONFIGMAP
          value: trafficserver/ts-config

        # The memory limit must be large enough for both TS itself, and its RAM
        # cache, which is set to 64MB by default.
        resources:
          limits:
            cpu: "1"
            memory: 196Mi
          requests:
            cpu: 100m
            memory: 196Mi

        ports:
        - containerPort: 8080
          hostPort: 8080
          name: http
          protocol: TCP
        - containerPort: 8443
          hostPort: 8443
          name: https
          protocol: TCP

        # Ensure TS's healthcheck fails before it stops serving requests, so it
        # can be removed from any load balancer node list.
        lifecycle:
          preStop:
            exec:
              command:
              - /bin/sh
              - -c
              - /bin/rm -f /run/ts-alive; sleep 20

        # The probes use TS's healthchecks plugin, so this will only return
        # successfully when TS is running.  It does not currently check the
        # health of the plugin, e.g. that it was able to contact the API server.
        livenessProbe:
          failureThreshold: 2
          httpGet:
            httpHeaders:
            - name: Host
              value: localhost
            path: /__trafficserver_alive
            port: http
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 3
          successThreshold: 1
          timeoutSeconds: 10

        readinessProbe:
          failureThreshold: 2
          httpGet:
            httpHeaders:
            - name: Host
              value: localhost
            path: /__trafficserver_alive
            port: http
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 3
          successThreshold: 1
          timeoutSeconds: 10

        # Mount the cache storage we configured above.
        volumeMounts:
        - mountPath: /var/lib/trafficserver
          name: ts-storage

---

apiVersion: v1
kind: Service
metadata:
  name: trafficserver
  namespace: trafficserver
spec:
  type: NodePort
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 8080
    nodePort: 30080
  - name: https
    port: 8443
    protocol: TCP
    targetPort: 8443
    nodePort: 30443
	# Example Kubernetes Deployment configuration for running the Traffic Server
	# ingress controller. It will listen internally on ports 8080 and 8443, and
	# expose ports 30080 and 30443 as a NodePort service. Use an external load
	# balancer of some sort to route incoming traffic to those ports.
	#
	# For an example using a DaemonSet and a hostPort, see example-daemonset.yaml.

	apiVersion: v1
	kind: Namespace
	metadata:
	name: trafficserver

	---

	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	labels:
	app: trafficserver
	name: trafficserver
	namespace: trafficserver
	spec:
	minReadySeconds: 30

	selector:
	matchLabels:
	app: trafficserver

	# Run two copies, for redundancy.
	replicas: 2

	# TS is safe to use with rolling updates, allowing it to be upgraded without
	# any downtime as long as you run more than one copy.
	strategy:
	type: RollingUpdate
	rollingUpdate:
	maxUnavailable: 0
	maxSurge: 1

	template:
	metadata:
	labels:
	app: trafficserver
	spec:
	# Create a volume for the TS cache. We use an emptyDir here. Each
	# instance requires its own cache volume, so you cannot use a persistent
	# volume (or hostPath, etc.) if deploying as a Deployment. Use a
	# StatefulSet with a PV claim template if you want a fully persistent
	# cache; but node that this emptyDir will only be emptied when the pod is
	# deleted.
	volumes:
	- name: ts-storage
	emptyDir: {}

	containers:
	- name: trafficserver
	image: docker.io/torchbox/k8s-ts-ingress:v1.0.0-alpha9
	imagePullPolicy: IfNotPresent

	# Load the configuration map.
	env:
	name: TS_CONFIGMAP
	value: trafficserver/ts-config

	# The memory limit must be large enough for both TS itself, and its RAM
	# cache, which is set to 64MB by default.
	resources:
	limits:
	cpu: "1"
	memory: 196Mi
	requests:
	cpu: 100m
	memory: 196Mi

	ports:
	- containerPort: 8080
	hostPort: 8080
	name: http
	protocol: TCP
	- containerPort: 8443
	hostPort: 8443
	name: https
	protocol: TCP

	# Ensure TS's healthcheck fails before it stops serving requests, so it
	# can be removed from any load balancer node list.
	lifecycle:
	preStop:
	exec:
	command:
	- /bin/sh
	- -c
	- /bin/rm -f /run/ts-alive; sleep 20

	# The probes use TS's healthchecks plugin, so this will only return
	# successfully when TS is running. It does not currently check the
	# health of the plugin, e.g. that it was able to contact the API server.
	livenessProbe:
	failureThreshold: 2
	httpGet:
	httpHeaders:
	- name: Host
	value: localhost
	path: /__trafficserver_alive
	port: http
	scheme: HTTP
	initialDelaySeconds: 5
	periodSeconds: 3
	successThreshold: 1
	timeoutSeconds: 10

	readinessProbe:
	failureThreshold: 2
	httpGet:
	httpHeaders:
	- name: Host
	value: localhost
	path: /__trafficserver_alive
	port: http
	scheme: HTTP
	initialDelaySeconds: 5
	periodSeconds: 3
	successThreshold: 1
	timeoutSeconds: 10

	# Mount the cache storage we configured above.
	volumeMounts:
	- mountPath: /var/lib/trafficserver
	name: ts-storage

	---

	apiVersion: v1
	kind: Service
	metadata:
	name: trafficserver
	namespace: trafficserver
	spec:
	type: NodePort
	ports:
	- name: http
	port: 8080
	protocol: TCP
	targetPort: 8080
	nodePort: 30080
	- name: https
	port: 8443
	protocol: TCP
	targetPort: 8443
	nodePort: 30443