apiVersion: apps/v1 kind: Deployment metadata: name: api-deployment namespace: hsv2 spec: replicas: %d selector: matchLabels: app: api template: metadata: labels: app: api spec: topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: ScheduleAnyway labelSelector: matchLabels: app: api containers: - name: api image: hub.yizhisec.com/hybridscope/mie-server:latest imagePullPolicy: IfNotPresent args: ["server.app", "--master", "--debug"] volumeMounts: - name: ssl-pub-crt mountPath: /etc/mie-server/license/pub_key subPath: pub_key readOnly: true - name: config-volume mountPath: /yizhisec/web_server/conf/conf.yml subPath: conf.yml readOnly: true - name: config-license-init mountPath: /etc/mie-server/server_license_init.conf subPath: server_license_init.conf readOnly: true - name: ssl-web-crt mountPath: /yizhisec/hs_nginx/ssl/web.server.crt subPath: web.server.crt readOnly: true - name: config-oem-data mountPath: /yizhisec/hs_nginx/data/443/oem/data.json subPath: data.json readOnly: true volumes: - name: ssl-pub-crt configMap: name: ssl-pub-crt items: - key: pub_key path: pub_key - name: config-volume configMap: name: config-api items: - key: conf.yml path: conf.yml - name: config-license-init configMap: name: config-license-init items: - key: server_license_init.conf path: server_license_init.conf - name: ssl-web-crt configMap: name: ssl-web-crt items: - key: web.server.crt path: web.server.crt - name: config-oem-data configMap: name: config-oem-data items: - key: data.json path: data.json --- apiVersion: v1 kind: Service metadata: name: api-service namespace: hsv2 spec: selector: app: api ports: - protocol: TCP name: mie-api port: 9002 targetPort: 9002 type: ClusterIP