#deployment apiVersion: apps/v1 kind: Deployment metadata: labels: app: pekko-bootstrap-demo name: pekko-bootstrap-demo spec: replicas: 3 selector: matchLabels: app: pekko-bootstrap-demo strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: labels: app: pekko-bootstrap-demo actorSystemName: pekko-bootstrap-demo spec: containers: - name: pekko-bootstrap-demo image: integration-test-kubernetes-api:1.3.3.7 # Remove for a real project, the image is picked up locally for the integratio test imagePullPolicy: Never #health livenessProbe: httpGet: path: /alive port: management readinessProbe: httpGet: path: /ready port: management #health ports: # pekko-management bootstrap - containerPort: 7626 protocol: TCP # when contact-point-discovery.port-name is set for cluster bootstrap, # the management port must be named accordingly: # name: management env: # The Kubernetes API discovery will use this service name to look for # nodes with this value in the 'app' label. # This can be customized with the 'pod-label-selector' setting. - name: PEKKO_CLUSTER_BOOTSTRAP_SERVICE_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: "metadata.labels['app']" #deployment --- #rbac # # Create a role, `pod-reader`, that can list pods and # bind the default service account in the namespace # that the binding is deployed to to that role. # kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pod-reader rules: - apiGroups: [""] # "" indicates the core API group resources: ["pods"] verbs: ["get", "watch", "list"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: read-pods subjects: # Uses the default service account. # Consider creating a dedicated service account to run your # Apache Pekko Cluster services and binding the role to that one. - kind: ServiceAccount name: default roleRef: kind: Role name: pod-reader apiGroup: rbac.authorization.k8s.io #rbac