This repository has been archived by the owner on Jun 25, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 10
/
nais_example.yaml
80 lines (80 loc) · 4.43 KB
/
nais_example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
image: navikt/nais-testapp # Optional. Defaults to docker.adeo.no:5000/appname
team: teamName
replicas: # set min = max to disable autoscaling
min: 2 # minimum number of replicas.
max: 4 # maximum number of replicas
cpuThresholdPercentage: 50 # total cpu percentage threshold on deployment, at which point it will increase number of pods if current < max
port: 8080 # the port number which is exposed by the container and should receive traffic
deploymentStrategy: RollingUpdate # Specifies the strategy used to replace old Pods by new ones
healthcheck: #Optional
liveness:
path: isalive
initialDelay: 20
timeout: 1
periodSeconds: 5 # How often (in seconds) to perform the probe. Default to 10 seconds
failureThreshold: 10 # when a Pod starts and the probe fails,
# nais will try failureThreshold times before giving up and restarting the Pod
# Defaults to 3
readiness:
path: isready
initialDelay: 20
timeout: 1
leaderElection: false # if true, a http endpoint will be available at $ELECTOR_PATH that return the current leader
# Compare this value with the $HOSTNAME to see if the current instance is the leader
redis:
enabled: false # if true, will start a single Redis instance that can be reach through
# <your-app-name>-redis.<namespace>.svc.nais.local:6379 or <your-app-name>-redis:6379 if same namespace
image: redis:5-alpine # optional
# For most users; limits, requests are not needed to be set
limits: # Optional.
cpu: 100m # app will have its cpu usage throttled if exceeding this limit
memory: 128Mi # app will be killed if exceeding these limits
requests: # Optional. App is guaranteed the requested resources and will be scheduled on nodes with at least this amount of resources available
cpu: 100m
memory: 128Mi
#Optional. Defaults to NONE.
#See https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
preStopHookPath: "" # A HTTP GET will be issued to this endpoint at least once before the pod is terminated.
prometheus: #Optional
enabled: false # if true the pod will be scraped for metrics by prometheus
path: /metrics # Path to prometheus-metrics
istio:
enabled: false # when true, envoy-proxy sidecar will be injected into pod and https urls envvars will be rewritten
resources: # Optional. See: http://kubernetes.io/docs/user-guide/compute-resources/
limits:
cpu: 500m # app will have its cpu usage throttled if exceeding this limit
memory: 512Mi # app will be killed if exceeding these limits
requests: # App is guaranteed the requested resources and will be scheduled on nodes with at least this amount of resources available
cpu: 200m
memory: 256Mi
ingress:
disabled: false # if true, no ingress will be created and application can only be reached from inside cluster
fasitResources: # resources fetched from Fasit
used: # this will be injected into the application as environment variables
- alias: mydb
resourceType: datasource
# use propertyMap to map properties to custom environment variables
# env vars should be UPPERCASED_AND_UNDERSCORED
propertyMap:
username: DB_USERNAME # map the "username" property of mydb to DB_USERNAME
- alias: someservicenai
resourceType: restservice
exposed: # Will be registered as exposed services on an application instane in Fasit
- alias: myservice
resourceType: restservice
path: /api
alerts:
- alert: Nais-testapp deployed
expr: kube_deployment_status_replicas_unavailable{deployment="nais-testapp"} > 0
for: 5m
labels:
severity: Warning
annotations:
action: Investigate why nais-testapp can't spawn pods. kubectl describe deployment nais-testapp, kubectl describe pod nais-testapp-*.
logformat: accesslog # Optional. The format of the logs from the container if the logs should be handled differently than plain text or json
logtransform: dns_loglevel # Optional. The transformation of the logs, if they should be handled differently than plain text or json
secrets: false # Optional. If set to true fetch secrets from Secret Service and inject into the pods. todo link to doc.
vault:
enabled: false # Optional. If set to true, fetch secrets from Secret Service and inject into the pods.
sidecar: false # Optional. If set to true, will extend tokens time to live
webproxy: false # Optional. Automatically populates the HTTP_PROXY, HTTPS_PROXY, NO_PROXY and JAVA_PROXY_OPTIONS environment variables.