buildkit/examples/kubernetes/deployment+service.rootless...

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: buildkitd
  name: buildkitd
spec:
  replicas: 1
  selector:
    matchLabels:
      app: buildkitd
  template:
    metadata:
      labels:
        app: buildkitd
      annotations:
        container.apparmor.security.beta.kubernetes.io/buildkitd: unconfined
        container.seccomp.security.alpha.kubernetes.io/buildkitd: unconfined
# see buildkit/docs/rootless.md for caveats of rootless mode
    spec:
      containers:
      - name: buildkitd
        image: moby/buildkit:master-rootless
        args:
        - --addr
        - unix:///run/user/1000/buildkit/buildkitd.sock
        - --addr
        - tcp://0.0.0.0:1234
        - --tlscacert
        - /certs/ca.pem
        - --tlscert
        - /certs/cert.pem
        - --tlskey
        - /certs/key.pem
        - --oci-worker-no-process-sandbox
        securityContext:
# To change UID/GID, you need to rebuild the image
          runAsUser: 1000
          runAsGroup: 1000
        ports:
        - containerPort: 1234
        volumeMounts:
        - name: certs
          readOnly: true
          mountPath: /certs
      volumes:
# buildkit-daemon-certs must contain ca.pem, cert.pem, and key.pem
      - name: certs
        secret:
          secretName: buildkit-daemon-certs
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: buildkitd
  name: buildkitd
spec:
  ports:
  - port: 1234
    protocol: TCP
  selector:
    app: buildkitd
add example/kube-consistent-hash Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-04-23 10:07:45 +00:00			`apiVersion: apps/v1`
massive doc updates * examples/kubernetes: newly added * docs/rootless.md: cleaned up for better readability * examples/README.md: split out from the main README.md * examples/build-using-dockerfile/README.md: split out from the main README.md * README.md: add TOC using https://github.com/thlorenz/doctoc * README.md: add mTLS configuration (relates to #1074) * README.md: add more adoptions * README.md: add inline cache (fix #976) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-10-11 17:20:52 +00:00			`kind: Deployment`
add example/kube-consistent-hash Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-04-23 10:07:45 +00:00			`metadata:`
			`labels:`
			`app: buildkitd`
			`name: buildkitd`
			`spec:`
			`replicas: 1`
			`selector:`
			`matchLabels:`
			`app: buildkitd`
			`template:`
			`metadata:`
			`labels:`
			`app: buildkitd`
			`annotations:`
			`container.apparmor.security.beta.kubernetes.io/buildkitd: unconfined`
			`container.seccomp.security.alpha.kubernetes.io/buildkitd: unconfined`
			`# see buildkit/docs/rootless.md for caveats of rootless mode`
			`spec:`
			`containers:`
			`- name: buildkitd`
			`image: moby/buildkit:master-rootless`
			`args:`
			`- --addr`
			`- unix:///run/user/1000/buildkit/buildkitd.sock`
			`- --addr`
			`- tcp://0.0.0.0:1234`
massive doc updates * examples/kubernetes: newly added * docs/rootless.md: cleaned up for better readability * examples/README.md: split out from the main README.md * examples/build-using-dockerfile/README.md: split out from the main README.md * README.md: add TOC using https://github.com/thlorenz/doctoc * README.md: add mTLS configuration (relates to #1074) * README.md: add more adoptions * README.md: add inline cache (fix #976) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-10-11 17:20:52 +00:00			`- --tlscacert`
			`- /certs/ca.pem`
			`- --tlscert`
			`- /certs/cert.pem`
			`- --tlskey`
			`- /certs/key.pem`
add example/kube-consistent-hash Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-04-23 10:07:45 +00:00			`- --oci-worker-no-process-sandbox`
massive doc updates * examples/kubernetes: newly added * docs/rootless.md: cleaned up for better readability * examples/README.md: split out from the main README.md * examples/build-using-dockerfile/README.md: split out from the main README.md * README.md: add TOC using https://github.com/thlorenz/doctoc * README.md: add mTLS configuration (relates to #1074) * README.md: add more adoptions * README.md: add inline cache (fix #976) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-10-11 17:20:52 +00:00			`securityContext:`
			`# To change UID/GID, you need to rebuild the image`
			`runAsUser: 1000`
			`runAsGroup: 1000`
add example/kube-consistent-hash Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-04-23 10:07:45 +00:00			`ports:`
			`- containerPort: 1234`
massive doc updates * examples/kubernetes: newly added * docs/rootless.md: cleaned up for better readability * examples/README.md: split out from the main README.md * examples/build-using-dockerfile/README.md: split out from the main README.md * README.md: add TOC using https://github.com/thlorenz/doctoc * README.md: add mTLS configuration (relates to #1074) * README.md: add more adoptions * README.md: add inline cache (fix #976) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-10-11 17:20:52 +00:00			`volumeMounts:`
			`- name: certs`
			`readOnly: true`
			`mountPath: /certs`
			`volumes:`
			`# buildkit-daemon-certs must contain ca.pem, cert.pem, and key.pem`
			`- name: certs`
			`secret:`
			`secretName: buildkit-daemon-certs`
add example/kube-consistent-hash Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-04-23 10:07:45 +00:00			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`labels:`
			`app: buildkitd`
			`name: buildkitd`
			`spec:`
			`ports:`
			`- port: 1234`
			`protocol: TCP`
			`selector:`
massive doc updates * examples/kubernetes: newly added * docs/rootless.md: cleaned up for better readability * examples/README.md: split out from the main README.md * examples/build-using-dockerfile/README.md: split out from the main README.md * README.md: add TOC using https://github.com/thlorenz/doctoc * README.md: add mTLS configuration (relates to #1074) * README.md: add more adoptions * README.md: add inline cache (fix #976) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2019-10-11 17:20:52 +00:00			`app: buildkitd`