From cf8d85428ec257a4e57c4c66cf63d958c32fdefe Mon Sep 17 00:00:00 2001
From: "Siddhant P. Pardeshi" <siddhantpp@gmail.com>
Date: Mon, 30 Dec 2024 17:34:24 -0500
Subject: [PATCH] Add
 public-samples/trail-project-1-n75ia4/infrastructure/kubernetes/web/deployment.yaml

---
 infrastructure/kubernetes/web/deployment.yaml | 82 +++++++++++++++++++
 1 file changed, 82 insertions(+)
 create mode 100644 infrastructure/kubernetes/web/deployment.yaml

diff --git a/infrastructure/kubernetes/web/deployment.yaml b/infrastructure/kubernetes/web/deployment.yaml
new file mode 100644
index 0000000..86c0031
--- /dev/null
+++ b/infrastructure/kubernetes/web/deployment.yaml
@@ -0,0 +1,82 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: web-deployment
+  namespace: web
+  labels:
+    app: task-management-web
+    tier: frontend
+    environment: production
+spec:
+  # Initial replica count of 2 for high availability
+  replicas: 2
+  selector:
+    matchLabels:
+      app: task-management-web
+  # Zero-downtime rolling update strategy
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+  template:
+    metadata:
+      labels:
+        app: task-management-web
+        tier: frontend
+      # Prometheus monitoring annotations
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "80"
+        prometheus.io/path: "/metrics"
+    spec:
+      # Pod-level security context
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        fsGroup: 2000
+      containers:
+        - name: web
+          image: task-management/web:latest
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 80
+              protocol: TCP
+              name: http
+          # Resource requests and limits based on application profiling
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+          # Environment configuration from ConfigMap
+          envFrom:
+            - configMapRef:
+                name: web-config
+          # Liveness probe for container health monitoring
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: 80
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            timeoutSeconds: 5
+            failureThreshold: 3
+          # Readiness probe for traffic routing
+          readinessProbe:
+            httpGet:
+              path: /ready
+              port: 80
+            initialDelaySeconds: 15
+            periodSeconds: 5
+            timeoutSeconds: 3
+            failureThreshold: 2
+          # Container-level security context
+          securityContext:
+            readOnlyRootFilesystem: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
\ No newline at end of file