apiVersion: apps/v1
kind: Deployment
metadata:
  name: lyra
  namespace: default
spec:
  selector:
    matchLabels:
      app: lyra
  template:
    metadata:
      labels:
        app: lyra
    spec:
      nodeSelector:
        karpenter.sh/provisioner-name: lyra
      serviceAccountName: appsimulator
      securityContext:
        #runAsUser: 1000
        runAsUser: 0
      containers:
      - name: lyra
        securityContext:
          allowPrivilegeEscalation: true
          capabilities:
            add: ["NET_ADMIN"]
        env:
        - name: POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        image: $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com/lyra:lyra_starter_game
        imagePullPolicy: Always
        command: ["/usr/local/lyra_starter_game/LyraServer.sh"]
        lifecycle:
          postStart:
            exec:
              command: ["/usr/local/lyra_starter_game/create_node_port_svc.sh"]
          preStop:
            exec:
              command: ["/bin/sh","-c","kubectl delete svc `kubectl get svc|grep $POD_NAME | awk '{print $1}'`"]
        resources:
          requests:
            cpu: 1000m
          limits:
            cpu: 4000m
        ports:
          - containerPort: 7777 
            protocol: UDP