K8s YAML Reference

apiVersion: apps/v1 kind: Deployment metadata: name: my-app namespace: production labels: app: my-app spec: replicas: 3 selector: matchLabels: app: my-app strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 template: metadata: labels: app: my-app spec: containers: - name: my-app image: myregistry/my-app:v1.2.3 ports: - containerPort: 8080 resources: requests: memory: "64Mi" cpu: "100m" limits: memory: "256Mi" cpu: "500m" env: - name: DB_HOST valueFrom: secretKeyRef: name: db-secret key: host - name: APP_ENV valueFrom: configMapKeyRef: name: app-config key: environment livenessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 15 periodSeconds: 20 readinessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 5 periodSeconds: 10

apiVersion: v1 kind: Service metadata: name: my-app-svc spec: selector: app: my-app ports: - port: 80 targetPort: 8080 type: ClusterIP # ClusterIP | NodePort | LoadBalancer --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: my-app-ingress annotations: nginx.ingress.kubernetes.io/rewrite-target: / cert-manager.io/cluster-issuer: letsencrypt-prod spec: ingressClassName: nginx tls: - hosts: [example.com] secretName: example-tls rules: - host: example.com http: paths: - path: / pathType: Prefix backend: service: name: my-app-svc port: number: 80

apiVersion: v1 kind: ConfigMap metadata: name: app-config data: environment: production log_level: info max_connections: "100" --- apiVersion: v1 kind: Secret metadata: name: db-secret type: Opaque data: # Values must be base64 encoded # echo -n "mypassword" | base64 host: bXlkYi5leGFtcGxlLmNvbQ== password: bXlwYXNzd29yZA==