-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdeployment.yaml
152 lines (148 loc) · 4.17 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
#
# This will create a deployment of the fake-server app
# that will live on https://fake-server.loadtest.identitysandbox.gov.
# The loadtest.identitysandbox.gov dns zone needs to be created
# and delegated from identitysandbox.gov in the account this is going
# to be created in, and an SSL cert for fake-server.loadtest.identitysandbox.gov
# needs to be created and have it's magic auth stuff put in the loadtest
# subdomain. I did this by hand, but the rest happens automagically,
# as the fake-server hostname will be created by the external-dns
# service in the cluster, and the cert will be autodiscovered by the
# aws-load-balancer-controller.
# Logs should be going into cloudwatch.
#
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: fake-server
labels:
app: fake-server
spec:
selector:
matchLabels:
app: fake-server
template:
metadata:
labels:
app: fake-server
annotations:
prometheus.io/scrape: "true"
prometheus.io/path: "/metrics"
prometheus.io/port: "5555"
spec:
containers:
- name: fake-server
image: 894947205914.dkr.ecr.us-west-2.amazonaws.com/logindotgov/identity-fake-server:1.3.0
env:
- name: AAMVA_SECURITY_TOKEN_DELAY
value: "0.3645"
- name: AAMVA_AUTHENTICATION_TOKEN_DELAY
value: "0.3706"
- name: AAMVA_VERIFICATION_DELAY
value: "3.4252"
- name: ACUANT_CREATE_DOCUMENT_DELAY
value: "0.3916"
- name: ACUANT_UPLOAD_IMAGE_DELAY
value: "1.5201"
- name: ACUANT_FACEMATCH_DELAY
value: "4"
- name: ACUANT_GET_RESULTS_DELAY
value: "8.3772"
- name: LEXISNEXIS_INSTANT_VERIFY_DELAY
value: "0.9257"
- name: LEXISNEXIS_PHONE_FINDER_DELAY
value: "3.3355"
- name: LEXISNEXIS_TRUE_ID_DELAY
value: "26.0"
- name: USPS_IPPAAS_GETPROOFINGRESULTS_OUTCOME
value: "missing_enrollment_code"
- name: NEW_RELIC_LICENSE_KEY
valueFrom:
secretKeyRef:
name: newrelic-license
key: newrelic-license
optional: false
- name: NEW_RELIC_APP_NAME
value: fake-server.loadtest.identitysandbox.gov
- name: NEW_RELIC_HOST
value: gov-collector.newrelic.com
- name: RACK_TIMEOUT_SERVICE_TIMEOUT
value: "120000"
resources:
requests:
cpu: "75m"
memory: "512Mi"
limits:
memory: "512Mi"
ports:
- containerPort: 5555
tolerations:
- key: "spot"
operator: "Equal"
value: "true"
effect: "NoSchedule"
---
apiVersion: v1
kind: Service
metadata:
name: fake-server
spec:
ports:
- port: 5555
targetPort: 5555
protocol: TCP
type: NodePort
selector:
app: fake-server
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: fake-server
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: fake-server
minReplicas: 1
maxReplicas: 100
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
# - type: Pods
# pods:
# metric:
# name: http_connections
# target:
# type: AverageValue
# averageValue: 10
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: fake-server
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
alb.ingress.kubernetes.io/healthcheck-path: /health
external-dns.alpha.kubernetes.io/hostname: fake-server.loadtest.identitysandbox.gov
spec:
ingressClassName: alb
tls:
- hosts:
- fake-server.loadtest.identitysandbox.gov
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: fake-server
port:
number: 5555