kubernetes.yaml

# gcloud container clusters get-credentials cluster-1 --zone us-central1-f --project mrjones-gke
apiVersion: apps/v1
kind: Deployment
metadata:
  name: workouts
spec:
  replicas: 2
  selector:
    matchLabels:
      run: workouts
  template:
    metadata:
      labels:
        run: workouts
    spec:
      containers:
      - name: workouts
        image: gcr.io/mrjones-gke/workouts:2020-06-13.6
        imagePullPolicy: IfNotPresent
        env:
        - name: GOOGLE_CLIENT_ID
          valueFrom:
            secretKeyRef:
              name: workouts-google-creds
              key: google-client-id
        - name: GOOGLE_CLIENT_SECRET
          valueFrom:
            secretKeyRef:
              name: workouts-google-creds
              key: google-client-secret
        - name: ADMIN_GOOGLE_ID
          valueFrom:
            secretKeyRef:
              name: workouts-admin
              key: id
        # https://github.com/kubernetes/kubernetes/wiki/User-FAQ#use-of-environment-variables-on-the-command-line
        # https://github.com/kubernetes/kubernetes/issues/386
        command: ["sh", "-c", "/deploy/WorkoutsMain --port=8000 --static_dir=/deploy/static --mysql_host=127.0.0.1 --google_client_id=$GOOGLE_CLIENT_ID --google_client_secret=$GOOGLE_CLIENT_SECRET --admin_kind=google --admin_id $ADMIN_GOOGLE_ID --mysql_username=workouts --mysql_password=workouts"]
      # https://cloud.google.com/sql/docs/mysql/connect-kubernetes-engine
      - name: cloudsql-proxy
        image: gcr.io/cloudsql-docker/gce-proxy:1.16
        command: ["/cloud_sql_proxy",
                  "-instances=mrjones-gke:us-east1:mysql-east=tcp:3306",
                  "-ip_address_types=PRIVATE",
                  "-credential_file=/secrets/cloudsql/cloudsql-access-service-account-key.json"]
        volumeMounts:
        - name: cloudsql-service-account-credentials
          mountPath: /secrets/cloudsql
          readOnly: true
      volumes:
      - name: cloudsql-service-account-credentials
        secret:
          secretName: cloudsql-access-service-account-key
      - name: cloudsql
        emptyDir: