github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes-k127.yml (about) 1 apiVersion: apps/v1 2 kind: StatefulSet 3 metadata: 4 generation: 2 5 name: sec-context-pxc 6 ownerReferences: 7 - controller: true 8 kind: PerconaXtraDBCluster 9 name: sec-context 10 spec: 11 persistentVolumeClaimRetentionPolicy: 12 whenDeleted: Retain 13 whenScaled: Retain 14 podManagementPolicy: OrderedReady 15 replicas: 3 16 revisionHistoryLimit: 10 17 selector: 18 matchLabels: 19 app.kubernetes.io/component: pxc 20 app.kubernetes.io/instance: sec-context 21 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 22 app.kubernetes.io/name: percona-xtradb-cluster 23 app.kubernetes.io/part-of: percona-xtradb-cluster 24 serviceName: sec-context-pxc 25 template: 26 metadata: 27 annotations: 28 openshift.io/scc: privileged 29 labels: 30 app.kubernetes.io/component: pxc 31 app.kubernetes.io/instance: sec-context 32 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 33 app.kubernetes.io/name: percona-xtradb-cluster 34 app.kubernetes.io/part-of: percona-xtradb-cluster 35 spec: 36 affinity: 37 podAntiAffinity: 38 requiredDuringSchedulingIgnoredDuringExecution: 39 - labelSelector: 40 matchLabels: 41 app.kubernetes.io/component: pxc 42 app.kubernetes.io/instance: sec-context 43 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 44 app.kubernetes.io/name: percona-xtradb-cluster 45 app.kubernetes.io/part-of: percona-xtradb-cluster 46 topologyKey: kubernetes.io/hostname 47 containers: 48 - args: 49 - mysqld 50 command: 51 - /var/lib/mysql/pxc-entrypoint.sh 52 env: 53 - name: PXC_SERVICE 54 value: sec-context-pxc-unready 55 - name: MONITOR_HOST 56 value: '%' 57 - name: MYSQL_ROOT_PASSWORD 58 valueFrom: 59 secretKeyRef: 60 key: root 61 name: internal-sec-context 62 - name: XTRABACKUP_PASSWORD 63 valueFrom: 64 secretKeyRef: 65 key: xtrabackup 66 name: internal-sec-context 67 - name: MONITOR_PASSWORD 68 valueFrom: 69 secretKeyRef: 70 key: monitor 71 name: internal-sec-context 72 - name: OPERATOR_ADMIN_PASSWORD 73 valueFrom: 74 secretKeyRef: 75 key: operator 76 name: internal-sec-context 77 - name: LIVENESS_CHECK_TIMEOUT 78 value: "5" 79 - name: READINESS_CHECK_TIMEOUT 80 value: "15" 81 - name: DEFAULT_AUTHENTICATION_PLUGIN 82 value: mysql_native_password 83 envFrom: 84 - secretRef: 85 name: sec-context-env-vars-pxc 86 optional: true 87 imagePullPolicy: Always 88 livenessProbe: 89 exec: 90 command: 91 - /var/lib/mysql/liveness-check.sh 92 failureThreshold: 3 93 initialDelaySeconds: 300 94 periodSeconds: 10 95 successThreshold: 1 96 timeoutSeconds: 5 97 name: pxc 98 ports: 99 - containerPort: 3306 100 name: mysql 101 protocol: TCP 102 - containerPort: 4444 103 name: sst 104 protocol: TCP 105 - containerPort: 4567 106 name: write-set 107 protocol: TCP 108 - containerPort: 4568 109 name: ist 110 protocol: TCP 111 - containerPort: 33062 112 name: mysql-admin 113 protocol: TCP 114 - containerPort: 33060 115 name: mysqlx 116 protocol: TCP 117 readinessProbe: 118 exec: 119 command: 120 - /var/lib/mysql/readiness-check.sh 121 failureThreshold: 5 122 initialDelaySeconds: 15 123 periodSeconds: 30 124 successThreshold: 1 125 timeoutSeconds: 15 126 resources: 127 limits: 128 cpu: "1" 129 memory: 1G 130 requests: 131 cpu: 100m 132 memory: 100M 133 securityContext: 134 privileged: true 135 terminationMessagePath: /dev/termination-log 136 terminationMessagePolicy: File 137 volumeMounts: 138 - mountPath: /var/lib/mysql 139 name: datadir 140 - mountPath: /etc/percona-xtradb-cluster.conf.d 141 name: config 142 - mountPath: /tmp 143 name: tmp 144 - mountPath: /etc/mysql/ssl 145 name: ssl 146 - mountPath: /etc/mysql/ssl-internal 147 name: ssl-internal 148 - mountPath: /etc/mysql/mysql-users-secret 149 name: mysql-users-secret-file 150 - mountPath: /etc/my.cnf.d 151 name: auto-config 152 - mountPath: /etc/mysql/vault-keyring-secret 153 name: vault-keyring-secret 154 - mountPath: /etc/mysql/init-file 155 name: mysql-init-file 156 dnsPolicy: ClusterFirst 157 initContainers: 158 - command: 159 - /pxc-init-entrypoint.sh 160 imagePullPolicy: Always 161 name: pxc-init 162 resources: 163 limits: 164 cpu: 50m 165 memory: 50M 166 securityContext: 167 privileged: true 168 terminationMessagePath: /dev/termination-log 169 terminationMessagePolicy: File 170 volumeMounts: 171 - mountPath: /var/lib/mysql 172 name: datadir 173 restartPolicy: Always 174 schedulerName: default-scheduler 175 securityContext: 176 fsGroup: 1001 177 runAsUser: 1001 178 supplementalGroups: 179 - 1001 180 serviceAccount: percona-xtradb-cluster-operator-workload 181 serviceAccountName: percona-xtradb-cluster-operator-workload 182 terminationGracePeriodSeconds: 600 183 topologySpreadConstraints: 184 - labelSelector: 185 matchLabels: 186 app.kubernetes.io/component: pxc 187 app.kubernetes.io/instance: sec-context 188 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 189 app.kubernetes.io/name: percona-xtradb-cluster 190 app.kubernetes.io/part-of: percona-xtradb-cluster 191 maxSkew: 1 192 topologyKey: kubernetes.io/hostname 193 whenUnsatisfiable: ScheduleAnyway 194 volumes: 195 - emptyDir: {} 196 name: tmp 197 - configMap: 198 defaultMode: 420 199 name: sec-context-pxc 200 optional: true 201 name: config 202 - name: ssl-internal 203 secret: 204 defaultMode: 420 205 optional: true 206 secretName: some-name-ssl-internal 207 - name: ssl 208 secret: 209 defaultMode: 420 210 optional: false 211 secretName: some-name-ssl 212 - configMap: 213 defaultMode: 420 214 name: auto-sec-context-pxc 215 optional: true 216 name: auto-config 217 - name: vault-keyring-secret 218 secret: 219 defaultMode: 420 220 optional: true 221 secretName: sec-context-vault 222 - name: mysql-users-secret-file 223 secret: 224 defaultMode: 420 225 optional: false 226 secretName: internal-sec-context 227 - name: mysql-init-file 228 secret: 229 defaultMode: 420 230 optional: true 231 secretName: sec-context-mysql-init 232 updateStrategy: 233 rollingUpdate: 234 partition: 0 235 type: RollingUpdate 236 volumeClaimTemplates: 237 - metadata: 238 name: datadir 239 spec: 240 accessModes: 241 - ReadWriteOnce 242 resources: 243 requests: 244 storage: 2Gi 245 status: 246 phase: Pending