apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: app: datamate tier: backend name: datamate-backend rules: - verbs: - create - list - get - delete apiGroups: - batch resources: - jobs - verbs: - list apiGroups: - "" resources: - pods - verbs: - get - list apiGroups: - "" resources: - pods/log --- apiVersion: v1 kind: ServiceAccount metadata: labels: app: datamate tier: backend name: datamate-backend --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: app: datamate tier: backend name: datamate-backend roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: datamate-backend subjects: - kind: ServiceAccount name: datamate-backend --- apiVersion: apps/v1 kind: Deployment metadata: name: datamate-backend labels: app: datamate tier: backend spec: replicas: 1 selector: matchLabels: app: datamate tier: backend template: metadata: labels: app: datamate tier: backend spec: serviceAccountName: datamate-backend containers: - name: backend image: datamate-backend imagePullPolicy: IfNotPresent env: - name: namespace valueFrom: fieldRef: fieldPath: metadata.namespace - name: SPRING_CONFIG_LOCATION value: file:/opt/backend/application.yml ports: - containerPort: 8080 volumeMounts: - name: dataset-volume mountPath: /dataset - name: flow-volume mountPath: /flow - name: log-volume mountPath: /var/log/datamate volumes: - name: dataset-volume hostPath: path: /opt/datamate/data/dataset type: DirectoryOrCreate - name: flow-volume hostPath: path: /opt/datamate/data/flow type: DirectoryOrCreate - name: log-volume hostPath: path: /opt/datamate/data/log type: DirectoryOrCreate --- apiVersion: v1 kind: Service metadata: name: datamate-backend labels: app: datamate tier: backend spec: type: ClusterIP ports: - port: 8080 targetPort: 8080 protocol: TCP selector: app: datamate tier: backend