apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    run: haproxy-unified-gateway
  name: haproxy-unified-gateway
  namespace: haproxy-unified-gateway
spec:
  # specify the number of controller replicas
  replicas: 1
  selector:
    matchLabels:
      run: haproxy-unified-gateway
  template:
    metadata:
      labels:
        run: haproxy-unified-gateway
    spec:
      serviceAccountName: haproxy-unified-gateway
      containers:
        - name: haproxy-unified-gateway
          # specify the container image, tag and pull policy
          image: docker.io/haproxytech/haproxy-unified-gateway:v1.0
          # image: haproxytech/haproxy-unified-gateway:latest
          # imagePullPolicy: this is set to never for kind cluster usage
          imagePullPolicy: Always
          # imagePullPolicy: IfNotPresent
          args:
            # specify the hugconf CRD location, all other params are in configuration file
            - --hugconf-crd=haproxy-unified-gateway/hugconf
            # metrics auth: none (default), kube-rbac, or basic
            # - --metrics-auth=kube-rbac
            # - --metrics-auth=basic
            # - --metrics-basic-auth-user=prometheus
            # - --metrics-basic-auth-password=changeme
          resources:
            limits:
              memory: 2560Mi
            requests:
              memory: 2048Mi
          securityContext:
            runAsNonRoot: true
            allowPrivilegeEscalation: false
            runAsUser: 1000
            runAsGroup: 1000
            capabilities:
              drop:
                - ALL
              add:
                - NET_BIND_SERVICE
            seccompProfile:
              type: RuntimeDefault
          ports:
            # specify the container ports, it needs to align with gateway configuration
            - name: http
              containerPort: 31080
            - name: https
              containerPort: 31443
            # additional container port to specify the stats port
            - name: stat
              containerPort: 31024
            # prometheus metrics port
            - name: metrics
              containerPort: 31060
          env:
            # specify the environment variables needed for logs and metrics
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
---
apiVersion: v1
kind: Service
metadata:
  name: haproxy-unified-gateway
  namespace: haproxy-unified-gateway
  labels:
    app.kubernetes.io/name: haproxy-unified-gateway
spec:
  selector:
    run: haproxy-unified-gateway
  type: LoadBalancer
  ports:
    - name: stat
      port: 31024
      targetPort: 31024
    - name: metrics
      port: 31060
      targetPort: 31060