apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: red-pod
  name: red-pod
  namespace: sg-per-pod
spec:
  replicas: 1
  selector:
    matchLabels:
      app: red-pod
  template:
    metadata:
      labels:
        app: red-pod
    spec:
      affinity:
       nodeAffinity:
        requiredDuringSchedulingIgnoredDuringExecution:
          nodeSelectorTerms:
          - matchExpressions:
            - key: "vpc.amazonaws.com/has-trunk-attached"
              operator: In
              values:
                - "true"
      containers:
      - image: fmedery/app:latest
        name: red-pod
        resources:
          requests:
            memory: "256Mi"
            cpu: "500m"
          limits:
            memory: "512Mi"
            cpu: "1024m"
        env:
        - name: HOST
          valueFrom:
            secretKeyRef:
              name: rds
              key: host
        - name: DBNAME
          value: eksworkshop
        - name: USER
          value: eksworkshop
        - name: PASSWORD
          valueFrom:
            secretKeyRef:
              name: rds
              key: password