103 lines
3.0 KiB
YAML
103 lines
3.0 KiB
YAML
# services/zot/deployment.yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: zot
|
|
namespace: zot
|
|
labels: { app: zot }
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels: { app: zot }
|
|
template:
|
|
metadata:
|
|
labels: { app: zot }
|
|
spec:
|
|
nodeSelector:
|
|
node-role.kubernetes.io/worker: "true"
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: hardware
|
|
operator: In
|
|
values: ["rpi4","rpi5"]
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 50
|
|
preference:
|
|
matchExpressions:
|
|
- key: hardware
|
|
operator: In
|
|
values: ["rpi4"]
|
|
containers:
|
|
- name: zot
|
|
image: ghcr.io/project-zot/zot-linux-arm64:v2.1.8
|
|
imagePullPolicy: IfNotPresent
|
|
args: ["serve", "/etc/zot/config.json"]
|
|
env:
|
|
- name: UI_PROXY_HTPASSWD
|
|
value: "zot-ui-proxy:$2y$05$ctfbLo5KBoNA6pluLGGWde6TK8eOPnIH9u8x/IivAhcE/k0qCCR3y"
|
|
ports:
|
|
- { name: http, containerPort: 5000 }
|
|
volumeMounts:
|
|
- name: cfg
|
|
mountPath: /etc/zot/config.json
|
|
subPath: config.json
|
|
readOnly: true
|
|
- name: htpasswd-merged
|
|
mountPath: /etc/zot/htpasswd
|
|
subPath: htpasswd
|
|
- name: zot-data
|
|
mountPath: /var/lib/registry
|
|
readinessProbe:
|
|
tcpSocket:
|
|
port: 5000
|
|
initialDelaySeconds: 2
|
|
periodSeconds: 5
|
|
livenessProbe:
|
|
tcpSocket:
|
|
port: 5000
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
resources:
|
|
requests: { cpu: "50m", memory: "64Mi" }
|
|
initContainers:
|
|
- name: merge-htpasswd
|
|
image: busybox:1.36
|
|
command:
|
|
- sh
|
|
- -c
|
|
- |
|
|
set -e
|
|
if [ -f /src/htpasswd ]; then
|
|
cp /src/htpasswd /merged/htpasswd
|
|
else
|
|
touch /merged/htpasswd
|
|
fi
|
|
if [ -n "${UI_PROXY_HTPASSWD}" ]; then
|
|
echo "${UI_PROXY_HTPASSWD}" >> /merged/htpasswd
|
|
fi
|
|
env:
|
|
- name: UI_PROXY_HTPASSWD
|
|
value: "zot-ui-proxy:$2y$05$ctfbLo5KBoNA6pluLGGWde6TK8eOPnIH9u8x/IivAhcE/k0qCCR3y"
|
|
volumeMounts:
|
|
- name: htpasswd-source
|
|
mountPath: /src
|
|
readOnly: true
|
|
- name: htpasswd-merged
|
|
mountPath: /merged
|
|
volumes:
|
|
- name: cfg
|
|
configMap:
|
|
name: zot-config
|
|
- name: htpasswd-source
|
|
secret:
|
|
secretName: zot-htpasswd
|
|
optional: true
|
|
- name: htpasswd-merged
|
|
emptyDir: {}
|
|
- name: zot-data
|
|
persistentVolumeClaim:
|
|
claimName: zot-data
|