| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 |
- # This Source Code Form is subject to the terms of the Mozilla Public
- # License, v. 2.0. If a copy of the MPL was not distributed with this
- # file, You can obtain one at https://mozilla.org/MPL/2.0/.
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: xgl
- spec:
- replicas: 1
- selector:
- matchLabels:
- app: xgl
- template:
- metadata:
- labels:
- app: xgl
- spec:
- hostname: xgl
- # Uncomment the below line to disable network isolation for WebRTC connectivity, display `:20` and `:21` should not be used in the host, may show an error if disallowed by the cluster
- # hostNetwork: true
- containers:
- - name: xgl
- # Change tag `latest` to Ubuntu versions such as `24.04`
- image: ghcr.io/selkies-project/nvidia-glx-desktop:latest
- env:
- - name: TZ
- value: "UTC"
- - name: DISPLAY_SIZEW
- value: "1920"
- - name: DISPLAY_SIZEH
- value: "1080"
- - name: DISPLAY_REFRESH
- value: "60"
- - name: DISPLAY_DPI
- value: "96"
- - name: DISPLAY_CDEPTH
- value: "24"
- # With driver versions lower than 550, change to `DP-0` or any other `DP-*` port for larger resolution support if NOT using datacenter GPUs
- - name: VIDEO_PORT
- value: "DFP"
- # Choose either `value:` or `secretKeyRef:` but not both at the same time
- - name: PASSWD
- value: "mypasswd"
- # valueFrom:
- # secretKeyRef:
- # name: my-pass
- # key: my-pass
- # Uncomment to enable KasmVNC instead of Selkies-GStreamer, `SELKIES_BASIC_AUTH_PASSWORD` is used for authentication with KasmVNC, defaulting to `PASSWD` if not provided
- # Uses: `SELKIES_ENABLE_BASIC_AUTH`, `SELKIES_BASIC_AUTH_USER`, `SELKIES_BASIC_AUTH_PASSWORD`, `SELKIES_ENABLE_RESIZE`, `SELKIES_ENABLE_HTTPS`, `SELKIES_HTTPS_CERT`, `SELKIES_HTTPS_KEY`
- # - name: KASMVNC_ENABLE
- # value: "true"
- # Number of threads for encoding frames with KasmVNC, default value is all threads
- # - name: KASMVNC_THREADS
- # value: "auto"
- ###
- # Selkies-GStreamer parameters, for additional configurations see `selkies-gstreamer --help`
- ###
- # Change `SELKIES_ENCODER` to `x264enc`, `vp8enc`, or `vp9enc` if your GPU does not support `H.264 (AVCHD)` under the `NVENC - Encoding` section in https://developer.nvidia.com/video-encode-and-decode-gpu-support-matrix-new
- - name: SELKIES_ENCODER
- value: "nvh264enc"
- # Do NOT set to `true` if physical monitor is connected to video port
- - name: SELKIES_ENABLE_RESIZE
- value: "false"
- # Initial video bitrate in kilobits per second, may be changed later within web interface
- - name: SELKIES_VIDEO_BITRATE
- value: "8000"
- # Initial frames per second, may be changed later within web interface
- - name: SELKIES_FRAMERATE
- value: "60"
- # Initial audio bitrate in bits per second, may be changed later within web interface
- - name: SELKIES_AUDIO_BITRATE
- value: "128000"
- # Uncomment if network conditions rapidly fluctuate
- # - name: SELKIES_CONGESTION_CONTROL
- # value: "true"
- # Enable basic authentication with the web interface
- - name: SELKIES_ENABLE_BASIC_AUTH
- value: "true"
- # Defaults to `PASSWD` if unspecified, choose either `value:` or `secretKeyRef:` but not both at the same time
- # - name: SELKIES_BASIC_AUTH_PASSWORD
- # value: "mypasswd"
- # valueFrom:
- # secretKeyRef:
- # name: my-pass
- # key: my-pass
- # Enable HTTPS web interface from inside the container
- - name: SELKIES_ENABLE_HTTPS
- value: "false"
- # Volume mount trusted HTTPS certificate to new path for no web browser warnings
- # - name: SELKIES_HTTPS_CERT
- # value: /etc/ssl/certs/ssl-cert-snakeoil.pem
- # - name: SELKIES_HTTPS_KEY
- # value: /etc/ssl/private/ssl-cert-snakeoil.key
- ###
- # Uncomment below to use a TURN server for improved network compatibility
- ###
- # - name: SELKIES_TURN_HOST
- # value: "turn.example.com"
- # - name: SELKIES_TURN_PORT
- # value: "3478"
- # Provide only `SELKIES_TURN_SHARED_SECRET` for time-limited shared secret authentication or both `SELKIES_TURN_USERNAME` and `SELKIES_TURN_PASSWORD` for legacy long-term authentication, but do not provide both authentication methods at the same time
- # - name: SELKIES_TURN_SHARED_SECRET
- # valueFrom:
- # secretKeyRef:
- # name: turn-shared-secret
- # key: turn-shared-secret
- # - name: SELKIES_TURN_USERNAME
- # value: "username"
- # Choose either `value:` or `secretKeyRef:` but not both at the same time
- # - name: SELKIES_TURN_PASSWORD
- # value: "mypasswd"
- # valueFrom:
- # secretKeyRef:
- # name: turn-password
- # key: turn-password
- # TURN REST URI authentication, all TURN server settings above are ignored if enabled
- # - name: SELKIES_TURN_REST_URI
- # value: "http://localhost:8008"
- # Change to `tcp` if the UDP protocol is throttled or blocked in your client network, or when the TURN server does not support UDP
- # - name: SELKIES_TURN_PROTOCOL
- # value: "udp"
- # You need a valid hostname and a certificate from authorities such as ZeroSSL (Let's Encrypt may have issues) to enable this
- # - name: SELKIES_TURN_TLS
- # value: "false"
- stdin: true
- tty: true
- ports:
- - name: http
- containerPort: 8080
- protocol: TCP
- resources:
- limits:
- memory: 64Gi
- cpu: "16"
- nvidia.com/gpu: 1
- requests:
- memory: 100Mi
- cpu: 100m
- volumeMounts:
- - mountPath: /dev/shm
- name: dshm
- - mountPath: /cache
- name: xgl-cache-vol
- - mountPath: /home/ubuntu
- name: xgl-root-vol
- volumes:
- - name: dshm
- emptyDir:
- medium: Memory
- - name: xgl-cache-vol
- emptyDir: {}
- # persistentVolumeClaim:
- # claimName: xgl-cache-vol
- - name: xgl-root-vol
- emptyDir: {}
- # persistentVolumeClaim:
- # claimName: xgl-root-vol
|
