chemavx/k8s-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add authentik/deployments.yaml

Browse Source
This commit is contained in:
chemavx 2026-03-26 17:05:40 +00:00
parent 9c53d031df
commit eb8ad88d60
1 changed files with 252 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

252
authentik/deployments.yaml Normal file
View File

@ -0,0 +1,252 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '4'
meta.helm.sh/release-name: authentik
meta.helm.sh/release-namespace: authentik
labels:
app.kubernetes.io/component: server
app.kubernetes.io/instance: authentik
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authentik
app.kubernetes.io/part-of: authentik
app.kubernetes.io/version: 2026.2.1
helm.sh/chart: authentik-2026.2.1
name: authentik-server
namespace: authentik
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 3
selector:
matchLabels:
app.kubernetes.io/component: server
app.kubernetes.io/instance: authentik
app.kubernetes.io/name: authentik
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
checksum/secret: 33bbfa6b27c433d2d2ee2d03db5b13ab0eb5a19c87496fc82077dfacba684a24
kubectl.kubernetes.io/restartedAt: '2026-03-25T21:08:04Z'
labels:
app.kubernetes.io/component: server
app.kubernetes.io/instance: authentik
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authentik
app.kubernetes.io/part-of: authentik
app.kubernetes.io/version: 2026.2.1
helm.sh/chart: authentik-2026.2.1
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/component: server
app.kubernetes.io/instance: authentik
app.kubernetes.io/name: authentik
topologyKey: kubernetes.io/hostname
weight: 100
containers:
- args:
- server
env:
- name: AUTHENTIK_LISTEN__HTTP
value: 0.0.0.0:9000
- name: AUTHENTIK_LISTEN__HTTPS
value: 0.0.0.0:9443
- name: AUTHENTIK_LISTEN__METRICS
value: 0.0.0.0:9300
envFrom:
- secretRef:
name: authentik
image: ghcr.io/goauthentik/server:2026.2.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /-/health/live/
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
name: server
ports:
- containerPort: 9000
name: http
protocol: TCP
- containerPort: 9443
name: https
protocol: TCP
- containerPort: 9300
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /-/health/ready/
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
resources:
limits:
cpu: 800m
memory: 1Gi
requests:
cpu: 300m
memory: 512Mi
startupProbe:
failureThreshold: 60
httpGet:
path: /-/health/live/
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
enableServiceLinks: true
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '3'
meta.helm.sh/release-name: authentik
meta.helm.sh/release-namespace: authentik
labels:
app.kubernetes.io/component: worker
app.kubernetes.io/instance: authentik
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authentik
app.kubernetes.io/part-of: authentik
app.kubernetes.io/version: 2026.2.1
helm.sh/chart: authentik-2026.2.1
name: authentik-worker
namespace: authentik
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 3
selector:
matchLabels:
app.kubernetes.io/component: worker
app.kubernetes.io/instance: authentik
app.kubernetes.io/name: authentik
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
checksum/secret: 33bbfa6b27c433d2d2ee2d03db5b13ab0eb5a19c87496fc82077dfacba684a24
labels:
app.kubernetes.io/component: worker
app.kubernetes.io/instance: authentik
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authentik
app.kubernetes.io/part-of: authentik
app.kubernetes.io/version: 2026.2.1
helm.sh/chart: authentik-2026.2.1
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/component: worker
app.kubernetes.io/instance: authentik
app.kubernetes.io/name: authentik
topologyKey: kubernetes.io/hostname
weight: 100
containers:
- args:
- worker
env:
- name: AUTHENTIK_LISTEN__HTTP
value: 0.0.0.0:9000
- name: AUTHENTIK_LISTEN__METRICS
value: 0.0.0.0:9300
envFrom:
- secretRef:
name: authentik
image: ghcr.io/goauthentik/server:2026.2.1
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- ak
- healthcheck
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
name: worker
ports:
- containerPort: 9000
name: http
protocol: TCP
- containerPort: 9300
name: metrics
protocol: TCP
readinessProbe:
exec:
command:
- ak
- healthcheck
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 200m
memory: 256Mi
startupProbe:
exec:
command:
- ak
- healthcheck
failureThreshold: 60
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
enableServiceLinks: true
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: authentik
serviceAccountName: authentik
terminationGracePeriodSeconds: 30