| apiVersion: apps/v1 |
| kind: Deployment |
| metadata: |
| name: $POLICY_AGENT_APP_NAME |
| namespace: $KUBE_NONRTRIC_NAMESPACE |
| labels: |
| run: $POLICY_AGENT_APP_NAME |
| autotest: PA |
| spec: |
| replicas: 1 |
| selector: |
| matchLabels: |
| run: $POLICY_AGENT_APP_NAME |
| template: |
| metadata: |
| labels: |
| run: $POLICY_AGENT_APP_NAME |
| autotest: PA |
| spec: |
| securityContext: |
| runAsUser: 0 |
| # Need to run as root to be able to store files in dir mounted as a hostPath volume |
| containers: |
| - name: $POLICY_AGENT_APP_NAME |
| image: $POLICY_AGENT_IMAGE |
| imagePullPolicy: $KUBE_IMAGE_PULL_POLICY |
| ports: |
| - name: http |
| containerPort: $POLICY_AGENT_INTERNAL_PORT |
| - name: https |
| containerPort: $POLICY_AGENT_INTERNAL_SECURE_PORT |
| volumeMounts: |
| - mountPath: $POLICY_AGENT_CONFIG_MOUNT_PATH |
| name: pa-conf-name |
| # volumeMounts: |
| - mountPath: $POLICY_AGENT_CONTAINER_MNT_DIR |
| name: pa-pv-data-name |
| # volumeMounts: |
| - mountPath: $POLICY_AGENT_DATA_MOUNT_PATH |
| name: pa-data-name |
| volumes: |
| - configMap: |
| defaultMode: 420 |
| name: $POLICY_AGENT_CONFIG_CONFIGMAP_NAME |
| name: pa-conf-name |
| - configMap: |
| defaultMode: 420 |
| name: $POLICY_AGENT_DATA_CONFIGMAP_NAME |
| name: pa-data-name |
| - persistentVolumeClaim: |
| claimName: $POLICY_AGENT_DATA_PVC_NAME |
| name: pa-pv-data-name |
| # Selector will be set when pod is started first time |
| nodeSelector: |
| |