apiVersion: apps/v1 kind: Deployment metadata: name: cloudflared namespace: cloudflared annotations: reloader.stakater.com/auto: "true" spec: selector: matchLabels: app: cloudflared replicas: 2 template: metadata: labels: app: cloudflared spec: containers: - name: cloudflared image: docker.io/cloudflare/cloudflared:2024.5.0 args: - tunnel - --config - /etc/cloudflared/config/config.yaml - run - $(TunnelID) env: # https://github.com/cloudflare/cloudflared/blob/master/cmd/cloudflared/tunnel/cmd.go # https://github.com/cloudflare/cloudflared/blob/master/cmd/cloudflared/tunnel/subcommands.go - name: TunnelID valueFrom: secretKeyRef: name: cloudflared key: TunnelID - name: NO_AUTOUPDATE value: "true" - name: TUNNEL_ORIGIN_SERVER_NAME value: cloudflared-test. - name: TUNNEL_CRED_FILE value: /etc/cloudflared/creds/credentials.json - name: TUNNEL_METRICS value: 0.0.0.0:2000 - name: TUNNEL_TRANSPORT_PROTOCOL value: quic - name: TUNNEL_ORIGIN_ENABLE_HTTP2 value: "true" - name: TUNNEL_POST_QUANTUM value: "true" livenessProbe: httpGet: path: /ready port: 2000 failureThreshold: 1 initialDelaySeconds: 10 periodSeconds: 10 volumeMounts: - name: config mountPath: /etc/cloudflared/config readOnly: true - name: creds mountPath: /etc/cloudflared/creds readOnly: true volumes: - name: creds secret: secretName: cloudflared - name: config configMap: name: cloudflared items: - key: config.yaml path: config.yaml