# services/game-stream/wolf-statefulset.yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: wolf namespace: game-stream labels: app: wolf spec: serviceName: wolf replicas: 1 selector: matchLabels: app: wolf template: metadata: labels: app: wolf atlas.bstein.dev/game-mode: wolf spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet runtimeClassName: nvidia securityContext: fsGroup: 1000 initContainers: - name: wolfmanager-data-permissions image: busybox:1.36 command: ["sh", "-c", "mkdir -p /app/data && chown -R 1000:1000 /app/data"] volumeMounts: - name: wolfmanager-data mountPath: /app/data nodeSelector: kubernetes.io/hostname: titan-24 tolerations: - key: nvidia.com/gpu operator: Exists effect: NoSchedule containers: - name: wolf image: ghcr.io/games-on-whales/wolf:stable imagePullPolicy: IfNotPresent env: - name: WOLF_LOG_LEVEL value: INFO - name: WOLF_DOCKER_SOCKET value: /var/run/docker.sock - name: NVIDIA_DRIVER_CAPABILITIES value: all - name: NVIDIA_VISIBLE_DEVICES value: all securityContext: privileged: true resources: requests: cpu: "2" memory: 4Gi nvidia.com/gpu.shared: 1 limits: cpu: "12" memory: 32Gi nvidia.com/gpu.shared: 1 volumeMounts: - name: wolf-state mountPath: /etc/wolf - name: wolf-runtime mountPath: /run/user/wolf - name: docker-socket mountPath: /var/run/docker.sock - name: dev mountPath: /dev - name: udev mountPath: /run/udev - name: wolf-api-proxy image: ghcr.io/games-on-whales/wolf:stable imagePullPolicy: IfNotPresent command: ["/usr/bin/python3", "/opt/wolf-api-proxy/wolf_api_proxy.py"] ports: - name: api-proxy containerPort: 8088 resources: requests: cpu: 25m memory: 64Mi limits: cpu: 250m memory: 256Mi volumeMounts: - name: wolf-runtime mountPath: /run/user/wolf - name: wolf-api-proxy mountPath: /opt/wolf-api-proxy readOnly: true - name: wolfmanager image: ghcr.io/salty2011/wolfmanager:latest imagePullPolicy: IfNotPresent command: ["/bin/sh", "-ec"] args: - | umask 077 mkdir -p /app/data if [ ! -s /app/data/jwt_secret ]; then head -c 32 /dev/urandom | od -An -tx1 | tr -d ' \n' > /app/data/jwt_secret fi if [ ! -s /app/data/admin_password ]; then printf 'Wm%s1a\n' "$(head -c 18 /dev/urandom | od -An -tx1 | tr -d ' \n')" > /app/data/admin_password fi export Jwt__SecretKey="$(cat /app/data/jwt_secret)" export Admin__Password="$(cat /app/data/admin_password)" exec dotnet WolfManager.Api.dll env: - name: ASPNETCORE_URLS value: http://+:8080 - name: ASPNETCORE_ENVIRONMENT value: Production - name: ConnectionStrings__DefaultConnection value: Data Source=/app/data/wolfmanager.db - name: Jobs__Storage value: Memory - name: Jobs__DashboardEnabled value: "true" - name: Wolf__UseUnixSocket value: "true" - name: Wolf__UnixSocketPath value: /run/user/wolf/wolf.sock - name: OpenTelemetry__ServiceName value: WolfManager - name: OpenTelemetry__ConsoleExporter value: "false" - name: OpenTelemetry__OtlpExporter value: "false" ports: - name: wolfmanager containerPort: 8080 readinessProbe: httpGet: path: /health/ready port: 8080 initialDelaySeconds: 10 periodSeconds: 10 livenessProbe: httpGet: path: /health/live port: 8080 initialDelaySeconds: 30 periodSeconds: 20 resources: requests: cpu: 100m memory: 256Mi limits: cpu: "1" memory: 1Gi volumeMounts: - name: wolf-runtime mountPath: /run/user/wolf - name: wolfmanager-data mountPath: /app/data volumes: - name: wolf-state hostPath: path: /etc/wolf type: DirectoryOrCreate - name: wolf-runtime emptyDir: {} - name: wolf-api-proxy configMap: name: wolf-api-proxy defaultMode: 0555 - name: wolfmanager-data hostPath: path: /etc/wolfmanager type: DirectoryOrCreate - name: docker-socket hostPath: path: /var/run/docker.sock type: Socket - name: dev hostPath: path: /dev type: Directory - name: udev hostPath: path: /run/udev type: Directory