apiVersion: apps/v1 kind: Deployment metadata: name: orders labels: app.kubernetes.io/created-by: eks-workshop app.kubernetes.io/type: app spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: orders app.kubernetes.io/instance: orders app.kubernetes.io/component: service template: metadata: annotations: prometheus.io/path: /actuator/prometheus prometheus.io/port: "8080" prometheus.io/scrape: "true" labels: app.kubernetes.io/name: orders app.kubernetes.io/instance: orders app.kubernetes.io/component: service app.kubernetes.io/created-by: eks-workshop spec: serviceAccountName: orders securityContext: fsGroup: 1000 containers: - name: orders env: - name: JAVA_OPTS value: -XX:MaxRAMPercentage=75.0 -Djava.security.egd=file:/dev/urandom - name: SPRING_DATASOURCE_WRITER_URL valueFrom: secretKeyRef: name: orders-db key: url - name: SPRING_DATASOURCE_WRITER_USERNAME valueFrom: secretKeyRef: name: orders-db key: username - name: SPRING_DATASOURCE_WRITER_PASSWORD valueFrom: secretKeyRef: name: orders-db key: password - name: SPRING_DATASOURCE_READER_URL valueFrom: secretKeyRef: name: orders-db key: url - name: SPRING_DATASOURCE_READER_USERNAME valueFrom: secretKeyRef: name: orders-db key: username - name: SPRING_DATASOURCE_READER_PASSWORD valueFrom: secretKeyRef: name: orders-db key: password envFrom: - configMapRef: name: orders securityContext: capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 image: "public.ecr.aws/aws-containers/retail-store-sample-orders:0.4.0" imagePullPolicy: IfNotPresent ports: - name: http containerPort: 8080 protocol: TCP livenessProbe: httpGet: path: /actuator/health/liveness port: 8080 initialDelaySeconds: 45 periodSeconds: 3 readinessProbe: httpGet: path: /actuator/health/liveness port: 8080 successThreshold: 3 periodSeconds: 5 resources: limits: memory: 1Gi requests: cpu: 250m memory: 1Gi volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory