apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "1" meta.helm.sh/release-name: envoy-gateway meta.helm.sh/release-namespace: envoy-gateway-system creationTimestamp: "2026-04-07T00:08:14Z" generation: 1 labels: app.kubernetes.io/instance: envoy-gateway app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: gateway-helm app.kubernetes.io/version: v1.7.0 control-plane: envoy-gateway helm.sh/chart: gateway-helm-v1.7.0 name: envoy-gateway namespace: envoy-gateway-system resourceVersion: "939" uid: 8461ed2a-ce0c-4e72-9a4c-c39de6177bbb spec: progressDeadlineSeconds: 600 replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: envoy-gateway app.kubernetes.io/name: gateway-helm control-plane: envoy-gateway strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: annotations: prometheus.io/port: "19001" prometheus.io/scrape: "true" creationTimestamp: null labels: app.kubernetes.io/instance: envoy-gateway app.kubernetes.io/name: gateway-helm control-plane: envoy-gateway spec: containers: - args: - server - --config-path=/config/envoy-gateway.yaml env: - name: ENVOY_GATEWAY_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local image: docker.io/envoyproxy/gateway:v1.7.0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: 8081 scheme: HTTP initialDelaySeconds: 15 periodSeconds: 20 successThreshold: 1 timeoutSeconds: 1 name: envoy-gateway ports: - containerPort: 18000 name: grpc protocol: TCP - containerPort: 18001 name: ratelimit protocol: TCP - containerPort: 18002 name: wasm protocol: TCP - containerPort: 19001 name: metrics protocol: TCP - containerPort: 9443 name: webhook protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /readyz port: 8081 scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: limits: memory: 1Gi requests: cpu: 100m memory: 256Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false runAsGroup: 65532 runAsNonRoot: true runAsUser: 65532 seccompProfile: type: RuntimeDefault terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /config name: envoy-gateway-config readOnly: true - mountPath: /certs name: certs readOnly: true dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: envoy-gateway serviceAccountName: envoy-gateway terminationGracePeriodSeconds: 10 volumes: - configMap: defaultMode: 420 name: envoy-gateway-config name: envoy-gateway-config - name: certs secret: defaultMode: 420 secretName: envoy-gateway status: availableReplicas: 1 conditions: - lastTransitionTime: "2026-04-07T00:08:24Z" lastUpdateTime: "2026-04-07T00:08:24Z" message: Deployment has minimum availability. reason: MinimumReplicasAvailable status: "True" type: Available - lastTransitionTime: "2026-04-07T00:08:14Z" lastUpdateTime: "2026-04-07T00:08:24Z" message: ReplicaSet "envoy-gateway-78446f96c9" has successfully progressed. reason: NewReplicaSetAvailable status: "True" type: Progressing observedGeneration: 1 readyReplicas: 1 replicas: 1 updatedReplicas: 1