apiVersion: v1
kind: Service
metadata:
  name: stk-nlb-svc-inject
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-type: "external"
    service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "80"
    service.beta.kubernetes.io/aws-load-balancer-healthcheck-protocol: TCP    
    service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
spec:
  selector:
    app: stknlb-inject
  ports:
    - protocol: UDP
      port: 8081
      targetPort: 8081
  type: LoadBalancer

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: stknlb-inject
  labels:
    app: stknlb-inject
spec:
  replicas: 2
  selector:
    matchLabels:
      app: stknlb-inject
  template:
    metadata:
      annotations:
        sidecar-injector-webhook.morven.me/inject: "yes"
      labels:
        app: stknlb-inject
    spec:
      shareProcessNamespace: true
      nodeSelector:
        karpenter.sh/provisioner-name: default
      containers:
      - name: stk
        env:
        - name: UDP_SOCKET_PORT
          value: "8081"
        - name: UDP_SOCKET_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        image: ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/stk:arm0.12.0
        imagePullPolicy: Always
        command: ["/stk-code/start-server.sh"]
        ports:
          - name: udp
            containerPort: 8081
            protocol: UDP
        readinessProbe:
          exec:
            command:
            - /udp-health-probe.py
          initialDelaySeconds: 30
          periodSeconds: 10
        livenessProbe:
          tcpSocket:
            port: 80
          initialDelaySeconds: 10
          periodSeconds: 10
        securityContext:
          capabilities:
            add:
            - SYS_PTRACE
        resources:
          requests:
            cpu: 500m
            memory: 512Mi