tvon/consul-connect-injector-webhook-debug-deployment.yaml

## consul-connect-injector-webhook-debug-deployment.yaml
---
# Deploy and `kubectl exec`
apiVersion: apps/v1
kind: Deployment
metadata:
  name: consul-connect-injector-webhook-debug-deployment
  namespace: consul
  labels:
    app: consul
spec:
  replicas: 1
  selector:
    matchLabels:
      app: consul
  template:
    metadata:
      labels:
        app: consul
      annotations:
        "consul.hashicorp.com/connect-inject": "false"
    spec:
      serviceAccountName: consul-connect-injector-webhook-svc-account
      containers:
        - name: sidecar-injector-debug
          image: "hashicorp/consul-k8s:0.23.0"
          env:
            - name: NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: HOST_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.hostIP
            - name: CONSUL_HTTP_ADDR
              value: http://$(HOST_IP):8500
          command:
            - "/bin/sh"
            - "-ec"
            - |
              CONSUL_FULLNAME="consul"

              cat <<EOF > /tmp/command.sh
              consul-k8s inject-connect \
                -default-inject=false \
                -consul-image="hashicorp/consul:1.9.2" \
                -envoy-image="envoyproxy/envoy:v1.16-latest" \
                -consul-k8s-image="hashicorp/consul-k8s:0.23.0" \
                -listen=:8080 \
                -log-level=debug \
                -enable-health-checks-controller=true \
                -health-checks-reconcile-period=1m \
                -envoy-extra-args="--log-level trace" \
                -enable-central-config=true \
                -allow-k8s-namespace="*" \
                -tls-auto=${CONSUL_FULLNAME}-connect-injector-cfg \
                -tls-auto-hosts=${CONSUL_FULLNAME}-connect-injector-svc,${CONSUL_FULLNAME}-connect-injector-svc.${NAMESPACE},${CONSUL_FULLNAME}-connect-injector-svc.${NAMESPACE}.svc \
                -init-container-memory-limit=150Mi \
                -init-container-memory-request=25Mi \
                -init-container-cpu-limit=50m \
                -init-container-cpu-request=50m \
                -lifecycle-sidecar-memory-limit=50Mi \
                -lifecycle-sidecar-memory-request=25Mi \
                -lifecycle-sidecar-cpu-limit=20m \
                -lifecycle-sidecar-cpu-request=20m
              EOF

              sleep infinity
          resources:
            limits:
              cpu: 50m
              memory: 50Mi
            requests:
              cpu: 50m
              memory: 50Mi
	---
	# Deploy and `kubectl exec`
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: consul-connect-injector-webhook-debug-deployment
	namespace: consul
	labels:
	app: consul
	spec:
	replicas: 1
	selector:
	matchLabels:
	app: consul
	template:
	metadata:
	labels:
	app: consul
	annotations:
	"consul.hashicorp.com/connect-inject": "false"
	spec:
	serviceAccountName: consul-connect-injector-webhook-svc-account
	containers:
	- name: sidecar-injector-debug
	image: "hashicorp/consul-k8s:0.23.0"
	env:
	- name: NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	- name: HOST_IP
	valueFrom:
	fieldRef:
	fieldPath: status.hostIP
	- name: CONSUL_HTTP_ADDR
	value: http://$(HOST_IP):8500
	command:
	- "/bin/sh"
	- "-ec"
	- \|
	CONSUL_FULLNAME="consul"

	cat <<EOF > /tmp/command.sh
	consul-k8s inject-connect \
	-default-inject=false \
	-consul-image="hashicorp/consul:1.9.2" \
	-envoy-image="envoyproxy/envoy:v1.16-latest" \
	-consul-k8s-image="hashicorp/consul-k8s:0.23.0" \
	-listen=:8080 \
	-log-level=debug \
	-enable-health-checks-controller=true \
	-health-checks-reconcile-period=1m \
	-envoy-extra-args="--log-level trace" \
	-enable-central-config=true \
	-allow-k8s-namespace="*" \
	-tls-auto=${CONSUL_FULLNAME}-connect-injector-cfg \
	-tls-auto-hosts=${CONSUL_FULLNAME}-connect-injector-svc,${CONSUL_FULLNAME}-connect-injector-svc.${NAMESPACE},${CONSUL_FULLNAME}-connect-injector-svc.${NAMESPACE}.svc \
	-init-container-memory-limit=150Mi \
	-init-container-memory-request=25Mi \
	-init-container-cpu-limit=50m \
	-init-container-cpu-request=50m \
	-lifecycle-sidecar-memory-limit=50Mi \
	-lifecycle-sidecar-memory-request=25Mi \
	-lifecycle-sidecar-cpu-limit=20m \
	-lifecycle-sidecar-cpu-request=20m
	EOF

	sleep infinity
	resources:
	limits:
	cpu: 50m
	memory: 50Mi
	requests:
	cpu: 50m
	memory: 50Mi