k8s for ats

ats.yaml

# Example Kubernetes Deployment configuration for running the Traffic Server
# ingress controller.  It will listen internally on ports 8080 and 8443, and
# expose ports 30080 and 30443 as a NodePort service.  Use an external load
# balancer of some sort to route incoming traffic to those ports.
#
# For an example using a DaemonSet and a hostPort, see example-daemonset.yaml.

apiVersion: v1
kind: Namespace
metadata:
  name: trafficserver

---

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: trafficserver
  name: trafficserver
  namespace: trafficserver
spec:
  minReadySeconds: 30

  selector:
    matchLabels:
      app: trafficserver

  # Run two copies, for redundancy.
  replicas: 2

  # TS is safe to use with rolling updates, allowing it to be upgraded without
  # any downtime as long as you run more than one copy.
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 0
      maxSurge: 1

  template:
    metadata:
      labels:
        app: trafficserver
    spec:
      # Create a volume for the TS cache.  We use an emptyDir here.  Each
      # instance requires its own cache volume, so you cannot use a persistent
      # volume (or hostPath, etc.) if deploying as a Deployment.  Use a
      # StatefulSet with a PV claim template if you want a fully persistent
      # cache; but node that this emptyDir will only be emptied when the pod is
      # deleted.
      volumes:
      - name: ts-storage
        emptyDir: {}

      containers:
      - name: trafficserver
        image: docker.io/torchbox/k8s-ts-ingress:v1.0.0-alpha9
        imagePullPolicy: IfNotPresent

        # Load the configuration map.
        env:
          name: TS_CONFIGMAP
          value: trafficserver/ts-config

        # The memory limit must be large enough for both TS itself, and its RAM
        # cache, which is set to 64MB by default.
        resources:
          limits:
            cpu: "1"
            memory: 196Mi
          requests:
            cpu: 100m
            memory: 196Mi

        ports:
        - containerPort: 8080
          hostPort: 8080
          name: http
          protocol: TCP
        - containerPort: 8443
          hostPort: 8443
          name: https
          protocol: TCP

        # Ensure TS's healthcheck fails before it stops serving requests, so it
        # can be removed from any load balancer node list.
        lifecycle:
          preStop:
            exec:
              command:
              - /bin/sh
              - -c
              - /bin/rm -f /run/ts-alive; sleep 20

        # The probes use TS's healthchecks plugin, so this will only return
        # successfully when TS is running.  It does not currently check the
        # health of the plugin, e.g. that it was able to contact the API server.
        livenessProbe:
          failureThreshold: 2
          httpGet:
            httpHeaders:
            - name: Host
              value: localhost
            path: /__trafficserver_alive
            port: http
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 3
          successThreshold: 1
          timeoutSeconds: 10

        readinessProbe:
          failureThreshold: 2
          httpGet:
            httpHeaders:
            - name: Host
              value: localhost
            path: /__trafficserver_alive
            port: http
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 3
          successThreshold: 1
          timeoutSeconds: 10

        # Mount the cache storage we configured above.
        volumeMounts:
        - mountPath: /var/lib/trafficserver
          name: ts-storage

---

apiVersion: v1
kind: Service
metadata:
  name: trafficserver
  namespace: trafficserver
spec:
  type: NodePort
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 8080
    nodePort: 30080
  - name: https
    port: 8443
    protocol: TCP
    targetPort: 8443
    nodePort: 30443