chemavx/k8s-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add openclaw/deployments.yaml

Browse Source
This commit is contained in:
chemavx 2026-03-26 17:03:51 +00:00
parent 74c39b7adc
commit 657ec5f9f8
1 changed files with 209 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

209
openclaw/deployments.yaml Normal file
View File

@ -0,0 +1,209 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '35'
meta.helm.sh/release-name: openclaw
meta.helm.sh/release-namespace: openclaw
labels:
app.kubernetes.io/instance: openclaw
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: openclaw
app.kubernetes.io/version: 2026.3.2
helm.sh/chart: openclaw-0.1.13
name: openclaw
namespace: openclaw
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 5
selector:
matchLabels:
app.kubernetes.io/instance: openclaw
app.kubernetes.io/name: openclaw
strategy:
type: Recreate
template:
metadata:
annotations:
checksum/config: e1ce3c573c77508ddc719f952751bd9f0b6c3a40ec31cc09ae750af4a5772ed2
checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
kubectl.kubernetes.io/restartedAt: '2026-03-26T10:35:24.412Z'
labels:
app.kubernetes.io/instance: openclaw
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: openclaw
app.kubernetes.io/version: 2026.3.2
helm.sh/chart: openclaw-0.1.13
spec:
containers:
- command:
- node
- dist/index.js
- gateway
- --bind
- lan
- --port
- '18789'
env:
- name: HOME
value: /home/openclaw
- name: TZ
value: UTC
envFrom:
- secretRef:
name: openclaw-secrets
image: ghcr.io/openclaw/openclaw:2026.3.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: gateway
timeoutSeconds: 5
name: openclaw
ports:
- containerPort: 18789
name: gateway
protocol: TCP
- containerPort: 18793
name: canvas
protocol: TCP
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: gateway
timeoutSeconds: 5
resources:
limits:
cpu: 800m
memory: 2Gi
requests:
cpu: 300m
memory: 512Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: false
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
startupProbe:
failureThreshold: 72
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
tcpSocket:
port: gateway
timeoutSeconds: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /home/openclaw/.openclaw
name: data
- command:
- chromium-browser
- --headless
- --disable-gpu
- --disable-software-rasterizer
- --disable-dev-shm-usage
- --no-sandbox
- --remote-debugging-address=0.0.0.0
- --remote-debugging-port=9222
image: zenika/alpine-chrome:124
imagePullPolicy: IfNotPresent
name: chromium
ports:
- containerPort: 9222
name: cdp
protocol: TCP
resources:
limits:
cpu: '1'
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /dev/shm
name: dshm
dnsPolicy: ClusterFirst
initContainers:
- command:
- /bin/sh
- -c
- "mkdir -p /home/openclaw/.openclaw\nif [ \"overwrite\" = \"merge\" ] &&\
\ [ -f /home/openclaw/.openclaw/openclaw.json ]; then\n # Merge: existing\
\ config as base, helm config overwrites\n node -e \"\n const fs = require('fs');\n\
\ const existing = JSON.parse(fs.readFileSync('/home/openclaw/.openclaw/openclaw.json',\
\ 'utf8'));\n const helm = JSON.parse(fs.readFileSync('/config/openclaw.json',\
\ 'utf8'));\n const deepMerge = (target, source) => {\n for (const\
\ key of Object.keys(source)) {\n if (source[key] && typeof source[key]\
\ === 'object' && !Array.isArray(source[key])) {\n target[key]\
\ = target[key] || {};\n deepMerge(target[key], source[key]);\n\
\ } else {\n target[key] = source[key];\n }\n \
\ }\n return target;\n };\n const merged = deepMerge(existing,\
\ helm);\n fs.writeFileSync('/home/openclaw/.openclaw/openclaw.json',\
\ JSON.stringify(merged, null, 2));\n \"\nelse\n cp /config/openclaw.json\
\ /home/openclaw/.openclaw/openclaw.json\nfi\nchown -R 1000:1000 /home/openclaw/.openclaw\n"
image: ghcr.io/openclaw/openclaw:2026.3.2
imagePullPolicy: IfNotPresent
name: init-config
resources: {}
securityContext:
runAsNonRoot: false
runAsUser: 0
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /home/openclaw/.openclaw
name: data
- mountPath: /config
name: config
readOnly: true
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccount: openclaw
serviceAccountName: openclaw
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
name: openclaw
name: config
- name: data
persistentVolumeClaim:
claimName: openclaw
- emptyDir:
medium: Memory
sizeLimit: 1Gi
name: dshm