diff --git a/infrastructure/bazel-remote/001-pvcs.yaml b/infrastructure/bazel-remote/001-pvcs.yaml new file mode 100644 index 00000000..17bce49e --- /dev/null +++ b/infrastructure/bazel-remote/001-pvcs.yaml @@ -0,0 +1,14 @@ +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: buildcache + namespace: default + labels: + app: buildcache +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Gi diff --git a/infrastructure/bazel-remote/002-serviceaccounts.yaml b/infrastructure/bazel-remote/002-serviceaccounts.yaml new file mode 100644 index 00000000..85fff0ed --- /dev/null +++ b/infrastructure/bazel-remote/002-serviceaccounts.yaml @@ -0,0 +1,7 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: buildcache + namespace: default + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::893168113496:role/resf-buildcache-peridot diff --git a/infrastructure/bazel-remote/003-deployment.yaml b/infrastructure/bazel-remote/003-deployment.yaml new file mode 100644 index 00000000..727d46fb --- /dev/null +++ b/infrastructure/bazel-remote/003-deployment.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: buildcache + namespace: default + labels: + app: buildcache +spec: + replicas: 1 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + selector: + matchLabels: + app: buildcache + template: + metadata: + labels: + app: buildcache + spec: + serviceAccountName: "buildcache" + terminationGracePeriodSeconds: 180 + securityContext: + fsGroup: 1000 + containers: + - name: buildcache + image: quay.io/bazel-remote/bazel-remote:v2.3.9 + args: + - --s3.auth_method=iam_role + - --s3.region=us-east-2 + - --s3.bucket=resf-prod-buildcache + - --s3.endpoint=s3.us-east-2.amazonaws.com + - --max_size=98 + - --dir=/buildcache + ports: + - name: http + containerPort: 8080 + - name: grpc + containerPort: 9092 + volumeMounts: + - name: buildcache + mountPath: /buildcache + livenessProbe: + httpGet: + path: /status + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 3 + readinessProbe: + httpGet: + path: /status + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 3 + timeoutSeconds: 600 + volumes: + - name: buildcache + persistentVolumeClaim: + claimName: buildcache diff --git a/infrastructure/bazel-remote/004-service.yaml b/infrastructure/bazel-remote/004-service.yaml new file mode 100644 index 00000000..5af12e98 --- /dev/null +++ b/infrastructure/bazel-remote/004-service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: buildcache + namespace: default +spec: + selector: + app: buildcache + ports: + - port: 9092