github.com/pachyderm/pachyderm@v1.13.4/etc/testing/deploy-manifests/golden/amazon-deploy-manifest.yaml (about) 1 apiVersion: v1 2 kind: ServiceAccount 3 metadata: 4 creationTimestamp: null 5 labels: 6 app: "" 7 suite: pachyderm 8 name: pachyderm 9 namespace: default 10 --- 11 apiVersion: v1 12 kind: ServiceAccount 13 metadata: 14 creationTimestamp: null 15 labels: 16 app: "" 17 suite: pachyderm 18 name: pachyderm-worker 19 namespace: default 20 --- 21 apiVersion: rbac.authorization.k8s.io/v1 22 kind: ClusterRole 23 metadata: 24 creationTimestamp: null 25 labels: 26 app: "" 27 suite: pachyderm 28 name: pachyderm 29 namespace: default 30 rules: 31 - apiGroups: 32 - "" 33 resources: 34 - nodes 35 - pods 36 - pods/log 37 - endpoints 38 verbs: 39 - get 40 - list 41 - watch 42 - apiGroups: 43 - "" 44 resources: 45 - replicationcontrollers 46 - services 47 - replicationcontrollers/scale 48 verbs: 49 - get 50 - list 51 - watch 52 - create 53 - update 54 - delete 55 - apiGroups: 56 - "" 57 resources: 58 - secrets 59 verbs: 60 - get 61 - list 62 - watch 63 - create 64 - update 65 - delete 66 - deletecollection 67 --- 68 apiVersion: rbac.authorization.k8s.io/v1 69 kind: ClusterRoleBinding 70 metadata: 71 creationTimestamp: null 72 labels: 73 app: "" 74 suite: pachyderm 75 name: pachyderm-default 76 namespace: default 77 roleRef: 78 apiGroup: "" 79 kind: ClusterRole 80 name: pachyderm 81 subjects: 82 - kind: ServiceAccount 83 name: pachyderm 84 namespace: default 85 --- 86 apiVersion: rbac.authorization.k8s.io/v1 87 kind: Role 88 metadata: 89 creationTimestamp: null 90 labels: 91 app: "" 92 suite: pachyderm 93 name: pachyderm-worker 94 namespace: default 95 rules: 96 - apiGroups: 97 - "" 98 resources: 99 - services 100 verbs: 101 - get 102 - list 103 - update 104 - create 105 - delete 106 --- 107 apiVersion: rbac.authorization.k8s.io/v1 108 kind: RoleBinding 109 metadata: 110 creationTimestamp: null 111 labels: 112 app: "" 113 suite: pachyderm 114 name: pachyderm-worker 115 namespace: default 116 roleRef: 117 apiGroup: "" 118 kind: Role 119 name: pachyderm-worker 120 subjects: 121 - kind: ServiceAccount 122 name: pachyderm-worker 123 namespace: default 124 --- 125 allowVolumeExpansion: true 126 apiVersion: storage.k8s.io/v1 127 kind: StorageClass 128 metadata: 129 labels: 130 app: etcd 131 suite: pachyderm 132 name: etcd-storage-class 133 namespace: default 134 parameters: 135 type: gp2 136 provisioner: kubernetes.io/aws-ebs 137 --- 138 apiVersion: v1 139 kind: Service 140 metadata: 141 creationTimestamp: null 142 labels: 143 app: etcd 144 suite: pachyderm 145 name: etcd-headless 146 namespace: default 147 spec: 148 clusterIP: None 149 ports: 150 - name: peer-port 151 port: 2380 152 targetPort: 0 153 selector: 154 app: etcd 155 status: 156 loadBalancer: {} 157 --- 158 apiVersion: apps/v1 159 kind: StatefulSet 160 metadata: 161 labels: 162 app: etcd 163 suite: pachyderm 164 name: etcd 165 namespace: default 166 spec: 167 replicas: 3 168 selector: 169 matchLabels: 170 app: etcd 171 suite: pachyderm 172 serviceName: etcd-headless 173 template: 174 metadata: 175 labels: 176 app: etcd 177 suite: pachyderm 178 name: etcd 179 namespace: default 180 spec: 181 containers: 182 - args: 183 - '"/usr/local/bin/etcd" "--listen-client-urls=http://0.0.0.0:2379" "--advertise-client-urls=http://0.0.0.0:2379" 184 "--data-dir=/var/data/etcd" "--auto-compaction-retention=1" "--max-txn-ops=10000" 185 "--max-request-bytes=52428800" "--quota-backend-bytes=8589934592" "--listen-peer-urls=http://0.0.0.0:2380" 186 "--initial-cluster-token=pach-cluster" "--initial-advertise-peer-urls=http://${ETCD_NAME}.etcd-headless.${NAMESPACE}.svc.cluster.local:2380" 187 "--initial-cluster=etcd-0=http://etcd-0.etcd-headless.${NAMESPACE}.svc.cluster.local:2380,etcd-1=http://etcd-1.etcd-headless.${NAMESPACE}.svc.cluster.local:2380,etcd-2=http://etcd-2.etcd-headless.${NAMESPACE}.svc.cluster.local:2380"' 188 command: 189 - /bin/sh 190 - -c 191 env: 192 - name: ETCD_NAME 193 valueFrom: 194 fieldRef: 195 apiVersion: v1 196 fieldPath: metadata.name 197 - name: NAMESPACE 198 valueFrom: 199 fieldRef: 200 apiVersion: v1 201 fieldPath: metadata.namespace 202 image: pachyderm/etcd:v3.3.5 203 imagePullPolicy: IfNotPresent 204 name: etcd 205 ports: 206 - containerPort: 2379 207 name: client-port 208 - containerPort: 2380 209 name: peer-port 210 resources: 211 requests: 212 cpu: "1" 213 memory: 2G 214 volumeMounts: 215 - mountPath: /var/data/etcd 216 name: etcd-storage 217 imagePullSecrets: null 218 volumeClaimTemplates: 219 - metadata: 220 annotations: 221 volume.beta.kubernetes.io/storage-class: etcd-storage-class 222 labels: 223 app: etcd 224 suite: pachyderm 225 name: etcd-storage 226 namespace: default 227 spec: 228 accessModes: 229 - ReadWriteOnce 230 resources: 231 requests: 232 storage: 50Gi 233 --- 234 apiVersion: v1 235 kind: Service 236 metadata: 237 creationTimestamp: null 238 labels: 239 app: etcd 240 suite: pachyderm 241 name: etcd 242 namespace: default 243 spec: 244 ports: 245 - name: client-port 246 port: 2379 247 targetPort: 0 248 selector: 249 app: etcd 250 type: NodePort 251 status: 252 loadBalancer: {} 253 --- 254 apiVersion: v1 255 kind: Service 256 metadata: 257 annotations: 258 prometheus.io/port: "656" 259 prometheus.io/scrape: "true" 260 creationTimestamp: null 261 labels: 262 app: pachd 263 suite: pachyderm 264 name: pachd 265 namespace: default 266 spec: 267 ports: 268 - name: api-grpc-port 269 nodePort: 30650 270 port: 650 271 targetPort: 0 272 - name: trace-port 273 nodePort: 30651 274 port: 651 275 targetPort: 0 276 - name: api-http-port 277 nodePort: 30652 278 port: 652 279 targetPort: 0 280 - name: saml-port 281 nodePort: 30654 282 port: 654 283 targetPort: 0 284 - name: oidc-port 285 nodePort: 30657 286 port: 657 287 targetPort: 0 288 - name: api-git-port 289 nodePort: 30655 290 port: 655 291 targetPort: 0 292 - name: s3gateway-port 293 nodePort: 30600 294 port: 600 295 targetPort: 0 296 - name: prom-metrics 297 nodePort: 30656 298 port: 656 299 protocol: TCP 300 targetPort: 656 301 selector: 302 app: pachd 303 type: NodePort 304 status: 305 loadBalancer: {} 306 --- 307 apiVersion: v1 308 kind: Service 309 metadata: 310 creationTimestamp: null 311 labels: 312 app: pachd 313 suite: pachyderm 314 name: pachd-peer 315 namespace: default 316 spec: 317 ports: 318 - name: api-grpc-peer-port 319 port: 30653 320 targetPort: 653 321 selector: 322 app: pachd 323 type: ClusterIP 324 status: 325 loadBalancer: {} 326 --- 327 apiVersion: apps/v1 328 kind: Deployment 329 metadata: 330 creationTimestamp: null 331 labels: 332 app: pachd 333 suite: pachyderm 334 name: pachd 335 namespace: default 336 spec: 337 replicas: 1 338 selector: 339 matchLabels: 340 app: pachd 341 suite: pachyderm 342 strategy: {} 343 template: 344 metadata: 345 annotations: 346 iam.amazonaws.com/role: "" 347 creationTimestamp: null 348 labels: 349 app: pachd 350 suite: pachyderm 351 name: pachd 352 namespace: default 353 spec: 354 containers: 355 - command: 356 - /pachd 357 env: 358 - name: PACH_ROOT 359 value: /pach 360 - name: ETCD_PREFIX 361 - name: NUM_SHARDS 362 value: "16" 363 - name: STORAGE_BACKEND 364 value: AMAZON 365 - name: STORAGE_HOST_PATH 366 - name: WORKER_IMAGE 367 value: pachyderm/worker:1.13.4 368 - name: IMAGE_PULL_SECRET 369 - name: WORKER_SIDECAR_IMAGE 370 value: pachyderm/pachd:1.13.4 371 - name: WORKER_IMAGE_PULL_POLICY 372 value: IfNotPresent 373 - name: WORKER_SERVICE_ACCOUNT 374 value: pachyderm-worker 375 - name: PACHD_VERSION 376 value: 1.13.4 377 - name: METRICS 378 value: "true" 379 - name: LOG_LEVEL 380 value: info 381 - name: BLOCK_CACHE_BYTES 382 value: 1G 383 - name: IAM_ROLE 384 - name: NO_EXPOSE_DOCKER_SOCKET 385 value: "false" 386 - name: PACHYDERM_AUTHENTICATION_DISABLED_FOR_TESTING 387 value: "false" 388 - name: PACH_NAMESPACE 389 valueFrom: 390 fieldRef: 391 apiVersion: v1 392 fieldPath: metadata.namespace 393 - name: PACHD_MEMORY_REQUEST 394 valueFrom: 395 resourceFieldRef: 396 containerName: pachd 397 divisor: "0" 398 resource: requests.memory 399 - name: EXPOSE_OBJECT_API 400 value: "false" 401 - name: CLUSTER_DEPLOYMENT_ID 402 value: test 403 - name: REQUIRE_CRITICAL_SERVERS_ONLY 404 value: "false" 405 - name: PACHD_POD_NAME 406 valueFrom: 407 fieldRef: 408 apiVersion: v1 409 fieldPath: metadata.name 410 - name: PPS_WORKER_GRPC_PORT 411 value: "80" 412 - name: GOOGLE_BUCKET 413 valueFrom: 414 secretKeyRef: 415 key: google-bucket 416 name: pachyderm-storage-secret 417 optional: true 418 - name: GOOGLE_CRED 419 valueFrom: 420 secretKeyRef: 421 key: google-cred 422 name: pachyderm-storage-secret 423 optional: true 424 - name: MICROSOFT_CONTAINER 425 valueFrom: 426 secretKeyRef: 427 key: microsoft-container 428 name: pachyderm-storage-secret 429 optional: true 430 - name: MICROSOFT_ID 431 valueFrom: 432 secretKeyRef: 433 key: microsoft-id 434 name: pachyderm-storage-secret 435 optional: true 436 - name: MICROSOFT_SECRET 437 valueFrom: 438 secretKeyRef: 439 key: microsoft-secret 440 name: pachyderm-storage-secret 441 optional: true 442 - name: MINIO_BUCKET 443 valueFrom: 444 secretKeyRef: 445 key: minio-bucket 446 name: pachyderm-storage-secret 447 optional: true 448 - name: MINIO_ENDPOINT 449 valueFrom: 450 secretKeyRef: 451 key: minio-endpoint 452 name: pachyderm-storage-secret 453 optional: true 454 - name: MINIO_ID 455 valueFrom: 456 secretKeyRef: 457 key: minio-id 458 name: pachyderm-storage-secret 459 optional: true 460 - name: MINIO_SECRET 461 valueFrom: 462 secretKeyRef: 463 key: minio-secret 464 name: pachyderm-storage-secret 465 optional: true 466 - name: MINIO_SECURE 467 valueFrom: 468 secretKeyRef: 469 key: minio-secure 470 name: pachyderm-storage-secret 471 optional: true 472 - name: MINIO_SIGNATURE 473 valueFrom: 474 secretKeyRef: 475 key: minio-signature 476 name: pachyderm-storage-secret 477 optional: true 478 - name: AMAZON_REGION 479 valueFrom: 480 secretKeyRef: 481 key: amazon-region 482 name: pachyderm-storage-secret 483 optional: true 484 - name: AMAZON_BUCKET 485 valueFrom: 486 secretKeyRef: 487 key: amazon-bucket 488 name: pachyderm-storage-secret 489 optional: true 490 - name: AMAZON_ID 491 valueFrom: 492 secretKeyRef: 493 key: amazon-id 494 name: pachyderm-storage-secret 495 optional: true 496 - name: AMAZON_SECRET 497 valueFrom: 498 secretKeyRef: 499 key: amazon-secret 500 name: pachyderm-storage-secret 501 optional: true 502 - name: AMAZON_TOKEN 503 valueFrom: 504 secretKeyRef: 505 key: amazon-token 506 name: pachyderm-storage-secret 507 optional: true 508 - name: AMAZON_VAULT_ADDR 509 valueFrom: 510 secretKeyRef: 511 key: amazon-vault-addr 512 name: pachyderm-storage-secret 513 optional: true 514 - name: AMAZON_VAULT_ROLE 515 valueFrom: 516 secretKeyRef: 517 key: amazon-vault-role 518 name: pachyderm-storage-secret 519 optional: true 520 - name: AMAZON_VAULT_TOKEN 521 valueFrom: 522 secretKeyRef: 523 key: amazon-vault-token 524 name: pachyderm-storage-secret 525 optional: true 526 - name: AMAZON_DISTRIBUTION 527 valueFrom: 528 secretKeyRef: 529 key: amazon-distribution 530 name: pachyderm-storage-secret 531 optional: true 532 - name: CUSTOM_ENDPOINT 533 valueFrom: 534 secretKeyRef: 535 key: custom-endpoint 536 name: pachyderm-storage-secret 537 optional: true 538 - name: RETRIES 539 valueFrom: 540 secretKeyRef: 541 key: retries 542 name: pachyderm-storage-secret 543 optional: true 544 - name: TIMEOUT 545 valueFrom: 546 secretKeyRef: 547 key: timeout 548 name: pachyderm-storage-secret 549 optional: true 550 - name: UPLOAD_ACL 551 valueFrom: 552 secretKeyRef: 553 key: upload-acl 554 name: pachyderm-storage-secret 555 optional: true 556 - name: REVERSE 557 valueFrom: 558 secretKeyRef: 559 key: reverse 560 name: pachyderm-storage-secret 561 optional: true 562 - name: PART_SIZE 563 valueFrom: 564 secretKeyRef: 565 key: part-size 566 name: pachyderm-storage-secret 567 optional: true 568 - name: MAX_UPLOAD_PARTS 569 valueFrom: 570 secretKeyRef: 571 key: max-upload-parts 572 name: pachyderm-storage-secret 573 optional: true 574 - name: DISABLE_SSL 575 valueFrom: 576 secretKeyRef: 577 key: disable-ssl 578 name: pachyderm-storage-secret 579 optional: true 580 - name: NO_VERIFY_SSL 581 valueFrom: 582 secretKeyRef: 583 key: no-verify-ssl 584 name: pachyderm-storage-secret 585 optional: true 586 - name: OBJ_LOG_OPTS 587 valueFrom: 588 secretKeyRef: 589 key: log-options 590 name: pachyderm-storage-secret 591 optional: true 592 - name: STORAGE_UPLOAD_CONCURRENCY_LIMIT 593 value: "100" 594 - name: STORAGE_PUT_FILE_CONCURRENCY_LIMIT 595 value: "100" 596 - name: STORAGE_V2 597 value: "false" 598 image: pachyderm/pachd:1.13.4 599 imagePullPolicy: IfNotPresent 600 name: pachd 601 ports: 602 - containerPort: 650 603 name: api-grpc-port 604 protocol: TCP 605 - containerPort: 651 606 name: trace-port 607 - containerPort: 652 608 name: api-http-port 609 protocol: TCP 610 - containerPort: 653 611 name: peer-port 612 protocol: TCP 613 - containerPort: 655 614 name: api-git-port 615 protocol: TCP 616 - containerPort: 654 617 name: saml-port 618 protocol: TCP 619 - containerPort: 657 620 name: oidc-port 621 protocol: TCP 622 - containerPort: 656 623 name: prom-metrics 624 protocol: TCP 625 readinessProbe: 626 exec: 627 command: 628 - /pachd 629 - --readiness 630 resources: 631 limits: 632 cpu: "1" 633 memory: 3G 634 requests: 635 cpu: "1" 636 memory: 3G 637 volumeMounts: 638 - mountPath: /pach 639 name: pach-disk 640 - mountPath: /pachyderm-storage-secret 641 name: pachyderm-storage-secret 642 serviceAccountName: pachyderm 643 volumes: 644 - name: pach-disk 645 - name: pachyderm-storage-secret 646 secret: 647 secretName: pachyderm-storage-secret 648 status: {} 649 --- 650 apiVersion: v1 651 kind: Service 652 metadata: 653 creationTimestamp: null 654 labels: 655 app: dash 656 suite: pachyderm 657 name: dash 658 namespace: default 659 spec: 660 ports: 661 - name: dash-http 662 nodePort: 30080 663 port: 8080 664 targetPort: 0 665 - name: grpc-proxy-http 666 nodePort: 30081 667 port: 8081 668 targetPort: 0 669 selector: 670 app: dash 671 suite: pachyderm 672 type: NodePort 673 status: 674 loadBalancer: {} 675 --- 676 apiVersion: apps/v1 677 kind: Deployment 678 metadata: 679 creationTimestamp: null 680 labels: 681 app: dash 682 suite: pachyderm 683 name: dash 684 namespace: default 685 spec: 686 selector: 687 matchLabels: 688 app: dash 689 suite: pachyderm 690 strategy: {} 691 template: 692 metadata: 693 creationTimestamp: null 694 labels: 695 app: dash 696 suite: pachyderm 697 name: dash 698 namespace: default 699 spec: 700 containers: 701 - image: pachyderm/dash:0.5.57 702 imagePullPolicy: IfNotPresent 703 name: dash 704 ports: 705 - containerPort: 8080 706 name: dash-http 707 resources: {} 708 - image: pachyderm/grpc-proxy:0.4.10 709 imagePullPolicy: IfNotPresent 710 name: grpc-proxy 711 ports: 712 - containerPort: 8081 713 name: grpc-proxy-http 714 resources: {} 715 status: {} 716 --- 717 apiVersion: v1 718 data: 719 amazon-bucket: cGFjaC1idWNrZXQ= 720 amazon-distribution: "" 721 amazon-id: QVdTSURBV1NJREFXU0lEQVdTSUQ= 722 amazon-region: dXMtd2VzdC0x 723 amazon-secret: YXdzc2VjcmV0K2F3c3NlY3JldCthd3NzZWNyZXQrYXdzc2VjcmV0Kw== 724 amazon-token: "" 725 custom-endpoint: "" 726 disable-ssl: ZmFsc2U= 727 log-options: "" 728 max-upload-parts: MTAwMDA= 729 no-verify-ssl: ZmFsc2U= 730 part-size: NTI0Mjg4MA== 731 retries: MTA= 732 reverse: dHJ1ZQ== 733 timeout: NW0= 734 upload-acl: YnVja2V0LW93bmVyLWZ1bGwtY29udHJvbA== 735 kind: Secret 736 metadata: 737 creationTimestamp: null 738 labels: 739 app: pachyderm-storage-secret 740 suite: pachyderm 741 name: pachyderm-storage-secret 742 namespace: default