--- apiVersion: apps/v1 kind: Deployment metadata: name: ${deployment_name} namespace: ${namespace_name} labels: app: ${deployment_name} deployment_id: ${deployment_id} owner: xds-k8s-interop-test spec: replicas: ${replica_count} selector: matchLabels: app: ${deployment_name} deployment_id: ${deployment_id} template: metadata: annotations: security.cloud.google.com/use-workload-certificates: "" labels: app: ${deployment_name} deployment_id: ${deployment_id} owner: xds-k8s-interop-test spec: serviceAccountName: ${service_account_name} containers: - name: ${deployment_name} image: ${image_name} imagePullPolicy: Always startupProbe: tcpSocket: port: ${maintenance_port} periodSeconds: 3 ## Extend the number of probes well beyond the duration of the test ## driver waiting for the container to start. failureThreshold: 1000 args: - "--port=${test_port}" - "--maintenance_port=${maintenance_port}" - "--secure_mode=${secure_mode}" ports: - containerPort: ${test_port} - containerPort: ${maintenance_port} env: - name: GRPC_XDS_BOOTSTRAP value: "/tmp/grpc-xds/td-grpc-bootstrap.json" - name: GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT value: "true" - name: GRPC_XDS_EXPERIMENTAL_V3_SUPPORT value: "true" ## TODO(sergiitk): this should be conditional for if version < v1.37.x - name: GRPC_XDS_EXPERIMENTAL_NEW_SERVER_API value: "true" - name: GRPC_XDS_EXPERIMENTAL_RBAC value: "true" volumeMounts: - mountPath: /tmp/grpc-xds/ name: grpc-td-conf readOnly: true resources: limits: cpu: 800m memory: 512Mi requests: cpu: 100m memory: 512Mi initContainers: - name: grpc-td-init image: ${td_bootstrap_image} imagePullPolicy: Always args: - "--output=/tmp/bootstrap/td-grpc-bootstrap.json" - "--vpc-network-name=${network}" % if xds_server_uri: - "--xds-server-uri=${xds_server_uri}" % endif - "--node-metadata=app=${namespace_name}-${deployment_name}" resources: limits: cpu: 100m memory: 100Mi requests: cpu: 10m memory: 100Mi volumeMounts: - mountPath: /tmp/bootstrap/ name: grpc-td-conf volumes: - name: grpc-td-conf emptyDir: medium: Memory ...