60 lines
1.9 KiB
Markdown
60 lines
1.9 KiB
Markdown
# Using git-sync in kubernetes
|
|
|
|
This document provides a trivialized example of running a multi-container pod
|
|
in Kubernetes, with git-sync pulling data and an HTTP server serving it.
|
|
|
|
## YAML
|
|
|
|
```yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: git-sync-example
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: git-sync-example
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: git-sync-example
|
|
spec:
|
|
securityContext:
|
|
# Set this to any valid GID, and two things happen:
|
|
# 1) The volume "content-from-git" is group-owned by this GID.
|
|
# 2) This GID is added to each container.
|
|
fsGroup: 101
|
|
volumes:
|
|
- name: content-from-git
|
|
emptyDir: {}
|
|
containers:
|
|
- name: git-sync
|
|
# This container pulls git data and publishes it into volume
|
|
# "content-from-git". In that volume you will find a symlink
|
|
# "current" (see -dest below) which points to a checked-out copy of
|
|
# the master branch (see -branch) of the repo (see -repo).
|
|
# NOTE: git-sync already runs as non-root.
|
|
image: registry.k8s.io/git-sync/git-sync:v4.0.0
|
|
args:
|
|
- --repo=https://github.com/kubernetes/git-sync
|
|
- --depth=1
|
|
- --period=60s
|
|
- --link=current
|
|
- --root=/git
|
|
volumeMounts:
|
|
- name: content-from-git
|
|
mountPath: /git
|
|
- name: server
|
|
# This container serves the data pulled from git, via the volume
|
|
# "content-from-git".
|
|
# NOTE: apache runs as root to expose port 80, and there's not a
|
|
# trivial flag to change that. Real servers should not run as root
|
|
# when possible.
|
|
image: httpd:alpine
|
|
volumeMounts:
|
|
- name: content-from-git
|
|
mountPath: /usr/local/apache2/htdocs/
|
|
readOnly: true # no need to ever write to the volume
|
|
```
|