github.com/pachyderm/pachyderm@v1.13.4/etc/testing/deploy-manifests/golden/microsoft-deploy-manifest.yaml (about) 1 apiVersion: v1 2 kind: ServiceAccount 3 metadata: 4 creationTimestamp: null 5 labels: 6 app: "" 7 suite: pachyderm 8 name: pachyderm 9 namespace: default 10 --- 11 apiVersion: v1 12 kind: ServiceAccount 13 metadata: 14 creationTimestamp: null 15 labels: 16 app: "" 17 suite: pachyderm 18 name: pachyderm-worker 19 namespace: default 20 --- 21 apiVersion: rbac.authorization.k8s.io/v1 22 kind: ClusterRole 23 metadata: 24 creationTimestamp: null 25 labels: 26 app: "" 27 suite: pachyderm 28 name: pachyderm 29 namespace: default 30 rules: 31 - apiGroups: 32 - "" 33 resources: 34 - nodes 35 - pods 36 - pods/log 37 - endpoints 38 verbs: 39 - get 40 - list 41 - watch 42 - apiGroups: 43 - "" 44 resources: 45 - replicationcontrollers 46 - services 47 - replicationcontrollers/scale 48 verbs: 49 - get 50 - list 51 - watch 52 - create 53 - update 54 - delete 55 - apiGroups: 56 - "" 57 resources: 58 - secrets 59 verbs: 60 - get 61 - list 62 - watch 63 - create 64 - update 65 - delete 66 - deletecollection 67 --- 68 apiVersion: rbac.authorization.k8s.io/v1 69 kind: ClusterRoleBinding 70 metadata: 71 creationTimestamp: null 72 labels: 73 app: "" 74 suite: pachyderm 75 name: pachyderm-default 76 namespace: default 77 roleRef: 78 apiGroup: "" 79 kind: ClusterRole 80 name: pachyderm 81 subjects: 82 - kind: ServiceAccount 83 name: pachyderm 84 namespace: default 85 --- 86 apiVersion: rbac.authorization.k8s.io/v1 87 kind: Role 88 metadata: 89 creationTimestamp: null 90 labels: 91 app: "" 92 suite: pachyderm 93 name: pachyderm-worker 94 namespace: default 95 rules: 96 - apiGroups: 97 - "" 98 resources: 99 - services 100 verbs: 101 - get 102 - list 103 - update 104 - create 105 - delete 106 --- 107 apiVersion: rbac.authorization.k8s.io/v1 108 kind: RoleBinding 109 metadata: 110 creationTimestamp: null 111 labels: 112 app: "" 113 suite: pachyderm 114 name: pachyderm-worker 115 namespace: default 116 roleRef: 117 apiGroup: "" 118 kind: Role 119 name: pachyderm-worker 120 subjects: 121 - kind: ServiceAccount 122 name: pachyderm-worker 123 namespace: default 124 --- 125 apiVersion: v1 126 kind: Service 127 metadata: 128 creationTimestamp: null 129 labels: 130 app: etcd 131 suite: pachyderm 132 name: etcd-headless 133 namespace: default 134 spec: 135 clusterIP: None 136 ports: 137 - name: peer-port 138 port: 2380 139 targetPort: 0 140 selector: 141 app: etcd 142 status: 143 loadBalancer: {} 144 --- 145 apiVersion: apps/v1 146 kind: StatefulSet 147 metadata: 148 labels: 149 app: etcd 150 suite: pachyderm 151 name: etcd 152 namespace: default 153 spec: 154 replicas: 3 155 selector: 156 matchLabels: 157 app: etcd 158 suite: pachyderm 159 serviceName: etcd-headless 160 template: 161 metadata: 162 labels: 163 app: etcd 164 suite: pachyderm 165 name: etcd 166 namespace: default 167 spec: 168 containers: 169 - args: 170 - '"/usr/local/bin/etcd" "--listen-client-urls=http://0.0.0.0:2379" "--advertise-client-urls=http://0.0.0.0:2379" 171 "--data-dir=/var/data/etcd" "--auto-compaction-retention=1" "--max-txn-ops=10000" 172 "--max-request-bytes=52428800" "--quota-backend-bytes=8589934592" "--listen-peer-urls=http://0.0.0.0:2380" 173 "--initial-cluster-token=pach-cluster" "--initial-advertise-peer-urls=http://${ETCD_NAME}.etcd-headless.${NAMESPACE}.svc.cluster.local:2380" 174 "--initial-cluster=etcd-0=http://etcd-0.etcd-headless.${NAMESPACE}.svc.cluster.local:2380,etcd-1=http://etcd-1.etcd-headless.${NAMESPACE}.svc.cluster.local:2380,etcd-2=http://etcd-2.etcd-headless.${NAMESPACE}.svc.cluster.local:2380"' 175 command: 176 - /bin/sh 177 - -c 178 env: 179 - name: ETCD_NAME 180 valueFrom: 181 fieldRef: 182 apiVersion: v1 183 fieldPath: metadata.name 184 - name: NAMESPACE 185 valueFrom: 186 fieldRef: 187 apiVersion: v1 188 fieldPath: metadata.namespace 189 image: pachyderm/etcd:v3.3.5 190 imagePullPolicy: IfNotPresent 191 name: etcd 192 ports: 193 - containerPort: 2379 194 name: client-port 195 - containerPort: 2380 196 name: peer-port 197 resources: 198 requests: 199 cpu: "1" 200 memory: 2G 201 volumeMounts: 202 - mountPath: /var/data/etcd 203 name: etcd-storage 204 imagePullSecrets: null 205 volumeClaimTemplates: 206 - metadata: 207 labels: 208 app: etcd 209 suite: pachyderm 210 name: etcd-storage 211 namespace: default 212 spec: 213 accessModes: 214 - ReadWriteOnce 215 resources: 216 requests: 217 storage: 50Gi 218 --- 219 apiVersion: v1 220 kind: Service 221 metadata: 222 creationTimestamp: null 223 labels: 224 app: etcd 225 suite: pachyderm 226 name: etcd 227 namespace: default 228 spec: 229 ports: 230 - name: client-port 231 port: 2379 232 targetPort: 0 233 selector: 234 app: etcd 235 type: NodePort 236 status: 237 loadBalancer: {} 238 --- 239 apiVersion: v1 240 kind: Service 241 metadata: 242 annotations: 243 prometheus.io/port: "656" 244 prometheus.io/scrape: "true" 245 creationTimestamp: null 246 labels: 247 app: pachd 248 suite: pachyderm 249 name: pachd 250 namespace: default 251 spec: 252 ports: 253 - name: api-grpc-port 254 nodePort: 30650 255 port: 650 256 targetPort: 0 257 - name: trace-port 258 nodePort: 30651 259 port: 651 260 targetPort: 0 261 - name: api-http-port 262 nodePort: 30652 263 port: 652 264 targetPort: 0 265 - name: saml-port 266 nodePort: 30654 267 port: 654 268 targetPort: 0 269 - name: oidc-port 270 nodePort: 30657 271 port: 657 272 targetPort: 0 273 - name: api-git-port 274 nodePort: 30655 275 port: 655 276 targetPort: 0 277 - name: s3gateway-port 278 nodePort: 30600 279 port: 600 280 targetPort: 0 281 - name: prom-metrics 282 nodePort: 30656 283 port: 656 284 protocol: TCP 285 targetPort: 656 286 selector: 287 app: pachd 288 type: NodePort 289 status: 290 loadBalancer: {} 291 --- 292 apiVersion: v1 293 kind: Service 294 metadata: 295 creationTimestamp: null 296 labels: 297 app: pachd 298 suite: pachyderm 299 name: pachd-peer 300 namespace: default 301 spec: 302 ports: 303 - name: api-grpc-peer-port 304 port: 30653 305 targetPort: 653 306 selector: 307 app: pachd 308 type: ClusterIP 309 status: 310 loadBalancer: {} 311 --- 312 apiVersion: apps/v1 313 kind: Deployment 314 metadata: 315 creationTimestamp: null 316 labels: 317 app: pachd 318 suite: pachyderm 319 name: pachd 320 namespace: default 321 spec: 322 replicas: 1 323 selector: 324 matchLabels: 325 app: pachd 326 suite: pachyderm 327 strategy: {} 328 template: 329 metadata: 330 annotations: 331 iam.amazonaws.com/role: "" 332 creationTimestamp: null 333 labels: 334 app: pachd 335 suite: pachyderm 336 name: pachd 337 namespace: default 338 spec: 339 containers: 340 - command: 341 - /pachd 342 env: 343 - name: PACH_ROOT 344 value: /pach 345 - name: ETCD_PREFIX 346 - name: NUM_SHARDS 347 value: "16" 348 - name: STORAGE_BACKEND 349 value: MICROSOFT 350 - name: STORAGE_HOST_PATH 351 - name: WORKER_IMAGE 352 value: pachyderm/worker:1.13.4 353 - name: IMAGE_PULL_SECRET 354 - name: WORKER_SIDECAR_IMAGE 355 value: pachyderm/pachd:1.13.4 356 - name: WORKER_IMAGE_PULL_POLICY 357 value: IfNotPresent 358 - name: WORKER_SERVICE_ACCOUNT 359 value: pachyderm-worker 360 - name: PACHD_VERSION 361 value: 1.13.4 362 - name: METRICS 363 value: "true" 364 - name: LOG_LEVEL 365 value: info 366 - name: BLOCK_CACHE_BYTES 367 value: 1G 368 - name: IAM_ROLE 369 - name: NO_EXPOSE_DOCKER_SOCKET 370 value: "false" 371 - name: PACHYDERM_AUTHENTICATION_DISABLED_FOR_TESTING 372 value: "false" 373 - name: PACH_NAMESPACE 374 valueFrom: 375 fieldRef: 376 apiVersion: v1 377 fieldPath: metadata.namespace 378 - name: PACHD_MEMORY_REQUEST 379 valueFrom: 380 resourceFieldRef: 381 containerName: pachd 382 divisor: "0" 383 resource: requests.memory 384 - name: EXPOSE_OBJECT_API 385 value: "false" 386 - name: CLUSTER_DEPLOYMENT_ID 387 value: test 388 - name: REQUIRE_CRITICAL_SERVERS_ONLY 389 value: "false" 390 - name: PACHD_POD_NAME 391 valueFrom: 392 fieldRef: 393 apiVersion: v1 394 fieldPath: metadata.name 395 - name: PPS_WORKER_GRPC_PORT 396 value: "80" 397 - name: GOOGLE_BUCKET 398 valueFrom: 399 secretKeyRef: 400 key: google-bucket 401 name: pachyderm-storage-secret 402 optional: true 403 - name: GOOGLE_CRED 404 valueFrom: 405 secretKeyRef: 406 key: google-cred 407 name: pachyderm-storage-secret 408 optional: true 409 - name: MICROSOFT_CONTAINER 410 valueFrom: 411 secretKeyRef: 412 key: microsoft-container 413 name: pachyderm-storage-secret 414 optional: true 415 - name: MICROSOFT_ID 416 valueFrom: 417 secretKeyRef: 418 key: microsoft-id 419 name: pachyderm-storage-secret 420 optional: true 421 - name: MICROSOFT_SECRET 422 valueFrom: 423 secretKeyRef: 424 key: microsoft-secret 425 name: pachyderm-storage-secret 426 optional: true 427 - name: MINIO_BUCKET 428 valueFrom: 429 secretKeyRef: 430 key: minio-bucket 431 name: pachyderm-storage-secret 432 optional: true 433 - name: MINIO_ENDPOINT 434 valueFrom: 435 secretKeyRef: 436 key: minio-endpoint 437 name: pachyderm-storage-secret 438 optional: true 439 - name: MINIO_ID 440 valueFrom: 441 secretKeyRef: 442 key: minio-id 443 name: pachyderm-storage-secret 444 optional: true 445 - name: MINIO_SECRET 446 valueFrom: 447 secretKeyRef: 448 key: minio-secret 449 name: pachyderm-storage-secret 450 optional: true 451 - name: MINIO_SECURE 452 valueFrom: 453 secretKeyRef: 454 key: minio-secure 455 name: pachyderm-storage-secret 456 optional: true 457 - name: MINIO_SIGNATURE 458 valueFrom: 459 secretKeyRef: 460 key: minio-signature 461 name: pachyderm-storage-secret 462 optional: true 463 - name: AMAZON_REGION 464 valueFrom: 465 secretKeyRef: 466 key: amazon-region 467 name: pachyderm-storage-secret 468 optional: true 469 - name: AMAZON_BUCKET 470 valueFrom: 471 secretKeyRef: 472 key: amazon-bucket 473 name: pachyderm-storage-secret 474 optional: true 475 - name: AMAZON_ID 476 valueFrom: 477 secretKeyRef: 478 key: amazon-id 479 name: pachyderm-storage-secret 480 optional: true 481 - name: AMAZON_SECRET 482 valueFrom: 483 secretKeyRef: 484 key: amazon-secret 485 name: pachyderm-storage-secret 486 optional: true 487 - name: AMAZON_TOKEN 488 valueFrom: 489 secretKeyRef: 490 key: amazon-token 491 name: pachyderm-storage-secret 492 optional: true 493 - name: AMAZON_VAULT_ADDR 494 valueFrom: 495 secretKeyRef: 496 key: amazon-vault-addr 497 name: pachyderm-storage-secret 498 optional: true 499 - name: AMAZON_VAULT_ROLE 500 valueFrom: 501 secretKeyRef: 502 key: amazon-vault-role 503 name: pachyderm-storage-secret 504 optional: true 505 - name: AMAZON_VAULT_TOKEN 506 valueFrom: 507 secretKeyRef: 508 key: amazon-vault-token 509 name: pachyderm-storage-secret 510 optional: true 511 - name: AMAZON_DISTRIBUTION 512 valueFrom: 513 secretKeyRef: 514 key: amazon-distribution 515 name: pachyderm-storage-secret 516 optional: true 517 - name: CUSTOM_ENDPOINT 518 valueFrom: 519 secretKeyRef: 520 key: custom-endpoint 521 name: pachyderm-storage-secret 522 optional: true 523 - name: RETRIES 524 valueFrom: 525 secretKeyRef: 526 key: retries 527 name: pachyderm-storage-secret 528 optional: true 529 - name: TIMEOUT 530 valueFrom: 531 secretKeyRef: 532 key: timeout 533 name: pachyderm-storage-secret 534 optional: true 535 - name: UPLOAD_ACL 536 valueFrom: 537 secretKeyRef: 538 key: upload-acl 539 name: pachyderm-storage-secret 540 optional: true 541 - name: REVERSE 542 valueFrom: 543 secretKeyRef: 544 key: reverse 545 name: pachyderm-storage-secret 546 optional: true 547 - name: PART_SIZE 548 valueFrom: 549 secretKeyRef: 550 key: part-size 551 name: pachyderm-storage-secret 552 optional: true 553 - name: MAX_UPLOAD_PARTS 554 valueFrom: 555 secretKeyRef: 556 key: max-upload-parts 557 name: pachyderm-storage-secret 558 optional: true 559 - name: DISABLE_SSL 560 valueFrom: 561 secretKeyRef: 562 key: disable-ssl 563 name: pachyderm-storage-secret 564 optional: true 565 - name: NO_VERIFY_SSL 566 valueFrom: 567 secretKeyRef: 568 key: no-verify-ssl 569 name: pachyderm-storage-secret 570 optional: true 571 - name: OBJ_LOG_OPTS 572 valueFrom: 573 secretKeyRef: 574 key: log-options 575 name: pachyderm-storage-secret 576 optional: true 577 - name: STORAGE_UPLOAD_CONCURRENCY_LIMIT 578 value: "100" 579 - name: STORAGE_PUT_FILE_CONCURRENCY_LIMIT 580 value: "100" 581 - name: STORAGE_V2 582 value: "false" 583 image: pachyderm/pachd:1.13.4 584 imagePullPolicy: IfNotPresent 585 name: pachd 586 ports: 587 - containerPort: 650 588 name: api-grpc-port 589 protocol: TCP 590 - containerPort: 651 591 name: trace-port 592 - containerPort: 652 593 name: api-http-port 594 protocol: TCP 595 - containerPort: 653 596 name: peer-port 597 protocol: TCP 598 - containerPort: 655 599 name: api-git-port 600 protocol: TCP 601 - containerPort: 654 602 name: saml-port 603 protocol: TCP 604 - containerPort: 657 605 name: oidc-port 606 protocol: TCP 607 - containerPort: 656 608 name: prom-metrics 609 protocol: TCP 610 readinessProbe: 611 exec: 612 command: 613 - /pachd 614 - --readiness 615 resources: 616 limits: 617 cpu: "1" 618 memory: 3G 619 requests: 620 cpu: "1" 621 memory: 3G 622 volumeMounts: 623 - mountPath: /pach 624 name: pach-disk 625 - mountPath: /pachyderm-storage-secret 626 name: pachyderm-storage-secret 627 serviceAccountName: pachyderm 628 volumes: 629 - name: pach-disk 630 - name: pachyderm-storage-secret 631 secret: 632 secretName: pachyderm-storage-secret 633 status: {} 634 --- 635 apiVersion: v1 636 kind: Service 637 metadata: 638 creationTimestamp: null 639 labels: 640 app: dash 641 suite: pachyderm 642 name: dash 643 namespace: default 644 spec: 645 ports: 646 - name: dash-http 647 nodePort: 30080 648 port: 8080 649 targetPort: 0 650 - name: grpc-proxy-http 651 nodePort: 30081 652 port: 8081 653 targetPort: 0 654 selector: 655 app: dash 656 suite: pachyderm 657 type: NodePort 658 status: 659 loadBalancer: {} 660 --- 661 apiVersion: apps/v1 662 kind: Deployment 663 metadata: 664 creationTimestamp: null 665 labels: 666 app: dash 667 suite: pachyderm 668 name: dash 669 namespace: default 670 spec: 671 selector: 672 matchLabels: 673 app: dash 674 suite: pachyderm 675 strategy: {} 676 template: 677 metadata: 678 creationTimestamp: null 679 labels: 680 app: dash 681 suite: pachyderm 682 name: dash 683 namespace: default 684 spec: 685 containers: 686 - image: pachyderm/dash:0.5.57 687 imagePullPolicy: IfNotPresent 688 name: dash 689 ports: 690 - containerPort: 8080 691 name: dash-http 692 resources: {} 693 - image: pachyderm/grpc-proxy:0.4.10 694 imagePullPolicy: IfNotPresent 695 name: grpc-proxy 696 ports: 697 - containerPort: 8081 698 name: grpc-proxy-http 699 resources: {} 700 status: {} 701 --- 702 apiVersion: v1 703 data: 704 microsoft-container: cGFjaC1jb250YWluZXI= 705 microsoft-id: cGFjaC1hY2NvdW50 706 microsoft-secret: Y0dGamFDMWhZMk52ZFc1MExXdGxlUT09 707 kind: Secret 708 metadata: 709 creationTimestamp: null 710 labels: 711 app: pachyderm-storage-secret 712 suite: pachyderm 713 name: pachyderm-storage-secret 714 namespace: default