Rene Luria
f94dd12216
Changes made: - Remove problematic configuration-snippet from base ingress - Add namespace creation for math-tables - Configure ingress with nginx class and letsencrypt-prod issuer - Set production hostname to math-tables.cl1.parano.ch - Reduce production replicas to 1 - Update copyright year in index.html
37 lines
914 B
YAML
37 lines
914 B
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: math-exercises-app
|
|
annotations:
|
|
# Production environment annotation
|
|
environment: production
|
|
# Security annotations
|
|
seccomp.security.alpha.kubernetes.io/pod: docker/default
|
|
spec:
|
|
replicas: 1
|
|
template:
|
|
spec:
|
|
containers:
|
|
- name: math-exercises
|
|
env:
|
|
- name: ENVIRONMENT
|
|
value: production
|
|
- name: DEBUG
|
|
value: "false"
|
|
# Enhanced security for production
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
# Production resource settings
|
|
resources:
|
|
requests:
|
|
memory: "64Mi"
|
|
cpu: "250m"
|
|
limits:
|
|
memory: "128Mi"
|
|
cpu: "500m" |