# Pro tier agent deployment template # Variables: {{userId}}, {{deploymentName}}, {{pvcName}}, {{serviceName}} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{deploymentName}} namespace: dexorder-agents labels: app.kubernetes.io/name: agent app.kubernetes.io/component: user-agent dexorder.io/component: agent dexorder.io/user-id: {{userId}} dexorder.io/deployment: {{deploymentName}} dexorder.io/license-tier: pro spec: replicas: 1 selector: matchLabels: dexorder.io/user-id: {{userId}} template: metadata: labels: dexorder.io/component: agent dexorder.io/user-id: {{userId}} dexorder.io/deployment: {{deploymentName}} dexorder.io/license-tier: pro spec: serviceAccountName: agent-lifecycle shareProcessNamespace: true securityContext: runAsNonRoot: true runAsUser: 1000 fsGroup: 1000 seccompProfile: type: RuntimeDefault containers: - name: agent image: {{agentImage}} imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false runAsNonRoot: true runAsUser: 1000 readOnlyRootFilesystem: true capabilities: drop: - ALL resources: requests: memory: "512Mi" cpu: "250m" limits: memory: "2Gi" cpu: "2000m" env: - name: USER_ID value: {{userId}} - name: IDLE_TIMEOUT_MINUTES value: "60" - name: IDLE_CHECK_INTERVAL_SECONDS value: "60" - name: ENABLE_IDLE_SHUTDOWN value: "true" - name: MCP_SERVER_PORT value: "3000" - name: ZMQ_CONTROL_PORT value: "5555" ports: - name: mcp containerPort: 3000 protocol: TCP - name: zmq-control containerPort: 5555 protocol: TCP volumeMounts: - name: agent-data mountPath: /app/data - name: tmp mountPath: /tmp - name: shared-run mountPath: /var/run/agent livenessProbe: httpGet: path: /health port: mcp initialDelaySeconds: 10 periodSeconds: 30 timeoutSeconds: 5 readinessProbe: httpGet: path: /ready port: mcp initialDelaySeconds: 5 periodSeconds: 10 - name: lifecycle-sidecar image: {{sidecarImage}} imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false runAsNonRoot: true runAsUser: 1000 readOnlyRootFilesystem: true capabilities: drop: - ALL resources: requests: memory: "32Mi" cpu: "10m" limits: memory: "64Mi" cpu: "50m" env: - name: NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: DEPLOYMENT_NAME valueFrom: fieldRef: fieldPath: metadata.labels['dexorder.io/deployment'] - name: USER_TYPE value: "pro" - name: MAIN_CONTAINER_PID value: "1" volumeMounts: - name: shared-run mountPath: /var/run/agent readOnly: true volumes: - name: agent-data persistentVolumeClaim: claimName: {{pvcName}} - name: tmp emptyDir: medium: Memory sizeLimit: 256Mi - name: shared-run emptyDir: medium: Memory sizeLimit: 1Mi restartPolicy: Always terminationGracePeriodSeconds: 30 --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{pvcName}} namespace: dexorder-agents labels: dexorder.io/user-id: {{userId}} dexorder.io/license-tier: pro spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: {{storageClass}} --- apiVersion: v1 kind: Service metadata: name: {{serviceName}} namespace: dexorder-agents labels: dexorder.io/user-id: {{userId}} dexorder.io/license-tier: pro spec: type: ClusterIP selector: dexorder.io/user-id: {{userId}} ports: - name: mcp port: 3000 targetPort: mcp protocol: TCP - name: zmq-control port: 5555 targetPort: zmq-control protocol: TCP