150 lines
4.3 KiB
YAML
150 lines
4.3 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: pixelfed-worker
|
|
namespace: pixelfed-application
|
|
labels:
|
|
app: pixelfed
|
|
component: worker
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
maxUnavailable: 0
|
|
maxSurge: 1
|
|
selector:
|
|
matchLabels:
|
|
app: pixelfed
|
|
component: worker
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: pixelfed
|
|
component: worker
|
|
spec:
|
|
securityContext:
|
|
runAsUser: 1000 # pixelfed user in Docker image
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
runAsNonRoot: true
|
|
imagePullSecrets:
|
|
- name: harbor-pull-secret
|
|
|
|
initContainers:
|
|
- name: setup-env
|
|
image: <YOUR_REGISTRY_URL>/library/pixelfed-worker:v0.12.6
|
|
imagePullPolicy: Always
|
|
command: ["/bin/sh", "-c"]
|
|
args:
|
|
- |
|
|
set -e
|
|
echo "Worker init: Waiting for .env file to be available..."
|
|
|
|
# Simple wait for .env file to exist (shared via PVC)
|
|
while [ ! -f /var/www/pixelfed/.env ]; do
|
|
echo "Waiting for .env file to be created..."
|
|
sleep 5
|
|
done
|
|
|
|
echo "Worker init: .env file found, creating storage link..."
|
|
cd /var/www/pixelfed
|
|
php artisan storage:link
|
|
echo "Worker init: Storage link created, ready to start worker processes"
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- name: pixelfed-env-writable
|
|
mountPath: /var/www/pixelfed/.env
|
|
subPath: .env
|
|
- name: app-storage
|
|
mountPath: /var/www/pixelfed/storage
|
|
- name: cache-storage
|
|
mountPath: /var/www/pixelfed/bootstrap/cache
|
|
|
|
containers:
|
|
- name: pixelfed-worker
|
|
image: <YOUR_REGISTRY_URL>/library/pixelfed-worker:v0.12.6
|
|
imagePullPolicy: Always
|
|
command: ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
|
|
volumeMounts:
|
|
- name: app-storage
|
|
mountPath: /var/www/pixelfed/storage
|
|
- name: pixelfed-env-writable
|
|
mountPath: /var/www/pixelfed/.env
|
|
subPath: .env
|
|
- name: cache-storage
|
|
mountPath: /var/www/pixelfed/bootstrap/cache
|
|
resources:
|
|
requests:
|
|
memory: "2Gi"
|
|
cpu: "500m"
|
|
limits:
|
|
memory: "4Gi"
|
|
cpu: "1500m"
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- "cd /var/www/pixelfed && php artisan horizon:status >/dev/null 2>&1"
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 10
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- "cd /var/www/pixelfed && php artisan horizon:status >/dev/null 2>&1"
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
startupProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- "cd /var/www/pixelfed && php artisan horizon:status >/dev/null 2>&1"
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
timeoutSeconds: 5
|
|
failureThreshold: 12
|
|
volumes:
|
|
- name: app-storage
|
|
persistentVolumeClaim:
|
|
claimName: pixelfed-app-storage
|
|
- name: cache-storage
|
|
persistentVolumeClaim:
|
|
claimName: pixelfed-cache-storage
|
|
- name: pixelfed-env-writable
|
|
persistentVolumeClaim:
|
|
claimName: pixelfed-env-storage
|
|
# Node affinity to distribute across nodes
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app
|
|
operator: In
|
|
values: ["pixelfed"]
|
|
- key: component
|
|
operator: In
|
|
values: ["web"]
|
|
topologyKey: kubernetes.io/hostname |