137 lines
4.2 KiB
YAML
137 lines
4.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: mysql-ghost-k8s
|
|
labels:
|
|
app: mysql-ghost-k8s
|
|
app.kubernetes.io/name: mysql-ghost-k8s
|
|
app.kubernetes.io/instance: ghost-k8s
|
|
app.kubernetes.io/version: "5.8"
|
|
app.kubernetes.io/component: database
|
|
app.kubernetes.io/part-of: ghost-k8s
|
|
app.kubernetes.io/managed-by: sredevopsorg
|
|
spec:
|
|
serviceName: service-mysql-ghost-k8s
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: mysql-ghost-k8s
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mysql-ghost-k8s
|
|
annotations:
|
|
container.apparmor.security.beta.kubernetes.io/mysql-ghost-k8s: runtime/default
|
|
spec:
|
|
initContainers:
|
|
- name: mysql-ghost-k8s-init
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
image: docker.io/busybox:stable-musl
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- |
|
|
set -e
|
|
echo 'Changing ownership of mysql mount directory to 999:999'
|
|
chown -Rfv 999:999 /mnt/mysql || echo 'Error changing ownership of mysql mount directory to 999:999' && true
|
|
echo 'Changing ownership of tmp mount directory to 999:999'
|
|
chown -Rfv 999:999 /mnt/tmp || echo 'Error changing ownership of tmp mount directory to 999:999' && true
|
|
echo 'Changing ownership of socket mount directory to 999:999'
|
|
chown -Rfv 999:999 /mnt/var/run/mysqld || echo 'Error changing ownership of socket mount directory to 999:999' && true
|
|
exit 0
|
|
|
|
|
|
volumeMounts:
|
|
- name: mysql-ghost-k8s-volume
|
|
mountPath: /mnt/mysql
|
|
subPath: mysql-empty-subdir
|
|
readOnly: false
|
|
|
|
- name: mysql-ghost-k8s-tmp
|
|
mountPath: /mnt/tmp
|
|
readOnly: false
|
|
|
|
- name: mysql-ghost-k8s-socket
|
|
mountPath: /mnt/var/run/mysqld
|
|
readOnly: false
|
|
|
|
# YOu can ajust the resources according to your needs
|
|
resources:
|
|
requests:
|
|
memory: 0Mi
|
|
cpu: 0m
|
|
limits:
|
|
memory: 1Gi
|
|
cpu: 900m
|
|
|
|
containers:
|
|
- name: mysql-ghost-k8s
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 999
|
|
|
|
image: docker.io/mysql:8.2
|
|
imagePullPolicy: IfNotPresent # You can change this value according to your needs
|
|
envFrom:
|
|
- secretRef:
|
|
name: mysql-ghost-k8s-config
|
|
resources:
|
|
requests:
|
|
memory: 500Mi # You can change this value according to your needs
|
|
cpu: 400m # You can change this value according to your needs
|
|
limits:
|
|
memory: 1Gi # You can change this value according to your needs
|
|
cpu: 900m # You can change this value according to your needs
|
|
ports:
|
|
- containerPort: 3306
|
|
protocol: TCP
|
|
name: mysqlgh
|
|
volumeMounts:
|
|
- name: mysql-ghost-k8s-volume
|
|
mountPath: /var/lib/mysql
|
|
subPath: mysql-empty-subdir
|
|
readOnly: false
|
|
|
|
- name: mysql-ghost-k8s-tmp
|
|
mountPath: /tmp
|
|
readOnly: false
|
|
|
|
- name: mysql-ghost-k8s-socket
|
|
mountPath: /var/run/mysqld
|
|
readOnly: false
|
|
|
|
automountServiceAccountToken: false
|
|
|
|
# Optional: Uncomment the following to specify node selectors
|
|
# affinity:
|
|
# nodeAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# nodeSelectorTerms:
|
|
# - matchExpressions:
|
|
# - key: static
|
|
# operator: In
|
|
# values:
|
|
# - "true"
|
|
|
|
securityContext:
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
|
|
volumes:
|
|
- name: mysql-ghost-k8s-volume
|
|
hostPath:
|
|
path: /media/kube/ghost/mysql
|
|
- name: mysql-ghost-k8s-tmp
|
|
hostPath:
|
|
path: /media/kube/ghost/tmp
|
|
- name: mysql-ghost-k8s-socket
|
|
hostPath:
|
|
path: /media/kube/ghost/mysqld
|
|
automountServiceAccountToken: false
|