From 96724f8d41bef5ef49fd72c6f1c99fd3e4cd6cad Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Wed, 23 Oct 2024 22:50:20 -0500
Subject: [PATCH] move to default pod options and add runtime class for nvidia

---
 .../apps/anime/jellyfin/app/helmrelease.yaml  | 22 ++++++++++---------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/kubernetes/apps/anime/jellyfin/app/helmrelease.yaml b/kubernetes/apps/anime/jellyfin/app/helmrelease.yaml
index 3b8b8e98..596d52ca 100644
--- a/kubernetes/apps/anime/jellyfin/app/helmrelease.yaml
+++ b/kubernetes/apps/anime/jellyfin/app/helmrelease.yaml
@@ -67,16 +67,18 @@ spec:
               limits:
                 nvidia.com/gpu: 1 # requesting 1 GPU
                 memory: 4Gi
-        pod:
-          nodeSelector:
-            nvidia.com/gpu.present: "true"
-          securityContext:
-            runAsUser: 568
-            runAsGroup: 568
-            runAsNonRoot: true
-            fsGroup: 568
-            fsGroupChangePolicy: OnRootMismatch
-            supplementalGroups: [44, 10000]
+    defaultPodOptions:
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 568
+        runAsGroup: 568
+        fsGroup: 568
+        fsGroupChangePolicy: OnRootMismatch
+        supplementalGroups: [44, 10000]
+        seccompProfile: { type: RuntimeDefault }
+      nodeSelector:
+        nvidia.com/gpu.present: "true"
+      runtimeClassName: nvidia
     service:
       app:
         controller: *app