Hugging Face's logo

Spaces:
salvinjose
/
HNTAI
Paused

App Files Community
HNTAI / services /ai-service /k8s /deployment.yaml
sachinchandrankallar's picture
sachinchandrankallar
changes for publishing the latest including generate_generic api
4156c57
Raw
History Blame
2.85 kB
apiVersion: v1
kind: Namespace
metadata:
 name: medical-ai
 labels:
 name: medical-ai
 compliance: hipaa
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
 name: medical-ai-default-deny
 namespace: medical-ai
spec:
 podSelector: {}
 policyTypes: ["Ingress","Egress"]
 egress:
 - to:
 - namespaceSelector:
 matchLabels:
 kubernetes.io/metadata.name: kube-system
 ports:
 - protocol: UDP
 port: 53
 - protocol: TCP
 port: 53
---
apiVersion: apps/v1
kind: Deployment
metadata:
 name: ai-service
 namespace: medical-ai
spec:
 replicas: 2
 selector:
 matchLabels:
 app: ai-service
 template:
 metadata:
 labels:
 app: ai-service
 spec:
 securityContext:
 runAsNonRoot: true
 runAsUser: 1001
 fsGroup: 1001
 seccompProfile:
 type: RuntimeDefault
 containers:
 - name: ai-service
 image: your-registry/ai-service:latest
 ports:
 - containerPort: 7860
 name: http
 securityContext:
 allowPrivilegeEscalation: false
 readOnlyRootFilesystem: true
 runAsNonRoot: true
 capabilities:
 drop: ["ALL"]
 env:
 - name: DATABASE_URL
 valueFrom:
 secretKeyRef:
 name: medical-ai-secrets
 key: DATABASE_URL
 - name: REDIS_URL
 valueFrom:
 secretKeyRef:
 name: medical-ai-secrets
 key: REDIS_URL
 - name: SECRET_KEY
 valueFrom:
 secretKeyRef:
 name: medical-ai-secrets
 key: SECRET_KEY
 - name: JWT_SECRET_KEY
 valueFrom:
 secretKeyRef:
 name: medical-ai-secrets
 key: JWT_SECRET_KEY
 readinessProbe:
 httpGet:
 path: /health/ready
 port: http
 initialDelaySeconds: 20
 livenessProbe:
 httpGet:
 path: /health/live
 port: http
 initialDelaySeconds: 30
 volumeMounts:
 - name: tmp
 mountPath: /tmp
 - name: uploads
 mountPath: /app/uploads
 - name: models
 mountPath: /app/models
 resources:
 requests:
 cpu: "500m"
 memory: "2Gi"
 limits:
 cpu: "2000m"
 memory: "4Gi"
 volumes:
 - name: tmp
 emptyDir: {}
 - name: uploads
 emptyDir: {}
 - name: models
 emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
 name: ai-service
 namespace: medical-ai
spec:
 selector:
 app: ai-service
 ports:
 - port: 80
 targetPort: http