1---
2apiVersion: apps/v1
3kind: Deployment
4metadata:
5  name: ${deployment_name}
6  namespace: ${namespace_name}
7  labels:
8    app: ${deployment_name}
9    deployment_id: ${deployment_id}
10    owner: xds-k8s-interop-test
11spec:
12  replicas: ${replica_count}
13  selector:
14    matchLabels:
15      app: ${deployment_name}
16      deployment_id: ${deployment_id}
17  template:
18    metadata:
19      annotations:
20        security.cloud.google.com/use-workload-certificates: ""
21      labels:
22        app: ${deployment_name}
23        deployment_id: ${deployment_id}
24        owner: xds-k8s-interop-test
25    spec:
26      serviceAccountName: ${service_account_name}
27      containers:
28      - name: ${deployment_name}
29        image: ${image_name}
30        imagePullPolicy: Always
31        startupProbe:
32          tcpSocket:
33            port: ${maintenance_port}
34          periodSeconds: 3
35          ## Extend the number of probes well beyond the duration of the test
36          ## driver waiting for the container to start.
37          failureThreshold: 1000
38        args:
39          - "--port=${test_port}"
40          - "--maintenance_port=${maintenance_port}"
41          - "--secure_mode=${secure_mode}"
42        ports:
43          - containerPort: ${test_port}
44          - containerPort: ${maintenance_port}
45        env:
46          - name: GRPC_XDS_BOOTSTRAP
47            value: "/tmp/grpc-xds/td-grpc-bootstrap.json"
48          - name: GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT
49            value: "true"
50          - name: GRPC_XDS_EXPERIMENTAL_V3_SUPPORT
51            value: "true"
52          ## TODO(sergiitk): this should be conditional for if version < v1.37.x
53          - name: GRPC_XDS_EXPERIMENTAL_NEW_SERVER_API
54            value: "true"
55          - name: GRPC_XDS_EXPERIMENTAL_RBAC
56            value: "true"
57        volumeMounts:
58          - mountPath: /tmp/grpc-xds/
59            name: grpc-td-conf
60            readOnly: true
61        resources:
62          limits:
63            cpu: 800m
64            memory: 512Mi
65          requests:
66            cpu: 100m
67            memory: 512Mi
68      initContainers:
69        - name: grpc-td-init
70          image: ${td_bootstrap_image}
71          imagePullPolicy: Always
72          args:
73            - "--output=/tmp/bootstrap/td-grpc-bootstrap.json"
74            - "--vpc-network-name=${network}"
75            % if xds_server_uri:
76            - "--xds-server-uri=${xds_server_uri}"
77            % endif
78            - "--node-metadata=app=${namespace_name}-${deployment_name}"
79          resources:
80            limits:
81              cpu: 100m
82              memory: 100Mi
83            requests:
84              cpu: 10m
85              memory: 100Mi
86          volumeMounts:
87            - mountPath: /tmp/bootstrap/
88              name: grpc-td-conf
89      volumes:
90        - name: grpc-td-conf
91          emptyDir:
92            medium: Memory
93...
94