123 lines
2.8 KiB
YAML
123 lines
2.8 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: mongodb
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: mongodb
|
|
replicas: 1
|
|
minReadySeconds: 10
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mongodb
|
|
spec:
|
|
terminationGracePeriodSeconds: 10
|
|
initContainers:
|
|
- name: app
|
|
image: busybox
|
|
command: ["sh", "-c"]
|
|
args:
|
|
- |
|
|
cp /keyfile/keyfile /data/db/keyfile && chmod 400 /data/db/keyfile
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data/db
|
|
- name: mongodb-keyfile
|
|
readOnly: true
|
|
mountPath: "/keyfile"
|
|
containers:
|
|
- name: mongodb
|
|
image: mirror.gcr.io/library/mongo:8
|
|
ports:
|
|
- containerPort: 27017
|
|
name: mongo
|
|
args:
|
|
- "--replSet=rs0"
|
|
- "--keyFile=/data/db/keyfile"
|
|
env:
|
|
- name: MONGO_INITDB_ROOT_USERNAME
|
|
value: "root"
|
|
- name: MONGO_INITDB_ROOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: mongodb-root-password
|
|
key: MONGO_INITDB_ROOT_PASSWORD
|
|
- name: MONGO_DBNAME
|
|
value: application
|
|
- name: MONGO_USER
|
|
value: application
|
|
- name: MONGO_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: mongodb-user-password
|
|
key: MONGO_PASS
|
|
- name: MONGO_AUTHSOURCE
|
|
value: "admin"
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data/db
|
|
- name: mongodb-keyfile
|
|
readOnly: true
|
|
mountPath: "/keyfile"
|
|
volumes:
|
|
- name: mongodb-keyfile
|
|
secret:
|
|
secretName: mongodb-keyfile
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: data
|
|
spec:
|
|
accessModes: [ "ReadWriteOnce" ]
|
|
storageClassName: mongo
|
|
resources:
|
|
requests:
|
|
storage: 10Gi
|
|
---
|
|
apiVersion: codemowers.cloud/v1beta1
|
|
kind: SecretClaim
|
|
metadata:
|
|
name: mongodb-root-password
|
|
spec:
|
|
size: 32
|
|
mapping:
|
|
- key: MONGO_INITDB_ROOT_PASSWORD
|
|
value: "%(plaintext)s"
|
|
---
|
|
apiVersion: codemowers.cloud/v1beta1
|
|
kind: SecretClaim
|
|
metadata:
|
|
name: mongodb-keyfile
|
|
spec:
|
|
size: 64
|
|
mapping:
|
|
- key: keyfile
|
|
value: "%(plaintext)s"
|
|
---
|
|
apiVersion: codemowers.cloud/v1beta1
|
|
kind: SecretClaim
|
|
metadata:
|
|
name: mongodb-user-password
|
|
spec:
|
|
size: 32
|
|
mapping:
|
|
- key: MONGO_PASS
|
|
value: "%(plaintext)s"
|
|
- key: MONGO_URI
|
|
value: "mongodb://application:%(plaintext)s@mongodb-0/application&authSource=admin"
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: mongodb-0
|
|
spec:
|
|
ports:
|
|
- port: 27017
|
|
name: mongo
|
|
targetPort: 27017
|
|
selector:
|
|
app: mongodb
|
|
type: ClusterIP
|