apiVersion: apps/v1 kind: Deployment metadata: name: gateway-deployment namespace: hsv2 spec: replicas: %d selector: matchLabels: app: gateway template: metadata: labels: app: gateway spec: topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: ScheduleAnyway labelSelector: matchLabels: app: gateway containers: - name: gateway image: hub.yizhisec.com/hybridscope/gateway_controller:latest imagePullPolicy: IfNotPresent volumeMounts: - name: config-volume mountPath: /etc/gateway_controller/config.yml subPath: config.yml readOnly: true - name: config-token mountPath: /etc/yizhisec/token subPath: token readOnly: true - name: ssl-client-crt mountPath: /yizhisec/ssl/client.crt subPath: client.crt readOnly: true - name: ssl-client-key mountPath: /yizhisec/ssl/client.key subPath: client.key readOnly: true volumes: - name: config-volume configMap: name: config-gateway items: - key: config.yml path: config.yml - name: config-token configMap: name: config-token items: - key: token path: token - name: ssl-client-crt configMap: name: ssl-client-crt items: - key: client.crt path: client.crt - name: ssl-client-key configMap: name: ssl-client-key items: - key: client.key path: client.key --- apiVersion: v1 kind: Service metadata: name: gateway-service namespace: hsv2 spec: selector: app: gateway ports: - protocol: TCP name: gateway-api port: 9012 targetPort: 9012 type: ClusterIP