--- apiVersion: v1 kind: Service metadata: name: guardian labels: app: guardian spec: ports: - port: 8999 name: p2p protocol: UDP - port: 7070 name: public-grpc protocol: TCP - port: 7071 name: public-rest protocol: TCP clusterIP: None selector: app: guardian --- apiVersion: apps/v1 kind: StatefulSet metadata: name: guardian spec: selector: matchLabels: app: guardian serviceName: guardian replicas: 5 updateStrategy: # The StatefulSet rolling update strategy is rather dumb, and updates one pod after another. # If we want blue-green deployments, we should use a Deployment instead. type: RollingUpdate template: metadata: labels: app: guardian spec: terminationGracePeriodSeconds: 0 volumes: # mount shared between containers for runtime state - name: bridge-rundir emptyDir: {} - name: bridge-keysdir secret: secretName: bridge-bigtable-key optional: true items: - key: bigtable-key.json path: bigtable-key.json containers: - name: guardiand image: guardiand-image volumeMounts: - mountPath: /run/bridge name: bridge-rundir - mountPath: /tmp/mounted-keys name: bridge-keysdir command: # Uncomment this to enable in-place debugging using dlv # (not suitable for regular development since the process will no longer restart on its own) # # - /dlv # - --listen=:2345 # - --accept-multiclient # - --headless=true # - --api-version=2 # - --continue=true # - exec - /guardiand # - -- - bridge - --ethRPC - ws://eth-devnet:8545 - --bscRPC - ws://eth-devnet:8545 - --terraWS - ws://terra-terrad:26657/websocket - --terraLCD - http://terra-lcd:1317 - --terraChainID - localterra - --terraContract - terra18eezxhys9jwku67cm4w84xhnzt4xjj77w2qt62 - --solanaBridgeAddress - Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o - --solanaWS - ws://solana-devnet:8900 - --solanaRPC - http://solana-devnet:8899 - --unsafeDevMode - --bridgeKey - /tmp/bridge.key - --publicRPC - "[::]:7070" - --publicWeb - "[::]:7071" - --adminSocket - /tmp/admin.sock - --dataDir - /tmp/data - --bigTableInstanceName - wormhole-dev - --bigTableTableName - v2Events - --bigTableKeyPath - /tmp/mounted-keys/bigtable-key.json # - --logLevel=debug securityContext: capabilities: add: # required for syscall.Mlockall - IPC_LOCK readinessProbe: httpGet: port: 6060 path: /readyz ports: - containerPort: 8999 name: p2p protocol: UDP - containerPort: 6060 name: pprof protocol: TCP - containerPort: 7070 name: public-grpc protocol: TCP