github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes.yml (about) 1 apiVersion: apps/v1 2 kind: StatefulSet 3 metadata: 4 generation: 2 5 name: sec-context-pxc 6 ownerReferences: 7 - controller: true 8 kind: PerconaXtraDBCluster 9 name: sec-context 10 spec: 11 podManagementPolicy: OrderedReady 12 replicas: 3 13 revisionHistoryLimit: 10 14 selector: 15 matchLabels: 16 app.kubernetes.io/component: pxc 17 app.kubernetes.io/instance: sec-context 18 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 19 app.kubernetes.io/name: percona-xtradb-cluster 20 app.kubernetes.io/part-of: percona-xtradb-cluster 21 serviceName: sec-context-pxc 22 template: 23 metadata: 24 annotations: 25 openshift.io/scc: privileged 26 labels: 27 app.kubernetes.io/component: pxc 28 app.kubernetes.io/instance: sec-context 29 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 30 app.kubernetes.io/name: percona-xtradb-cluster 31 app.kubernetes.io/part-of: percona-xtradb-cluster 32 spec: 33 affinity: 34 podAntiAffinity: 35 requiredDuringSchedulingIgnoredDuringExecution: 36 - labelSelector: 37 matchLabels: 38 app.kubernetes.io/component: pxc 39 app.kubernetes.io/instance: sec-context 40 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 41 app.kubernetes.io/name: percona-xtradb-cluster 42 app.kubernetes.io/part-of: percona-xtradb-cluster 43 topologyKey: kubernetes.io/hostname 44 containers: 45 - args: 46 - mysqld 47 command: 48 - /var/lib/mysql/pxc-entrypoint.sh 49 env: 50 - name: PXC_SERVICE 51 value: sec-context-pxc-unready 52 - name: MONITOR_HOST 53 value: '%' 54 - name: MYSQL_ROOT_PASSWORD 55 valueFrom: 56 secretKeyRef: 57 key: root 58 name: internal-sec-context 59 - name: XTRABACKUP_PASSWORD 60 valueFrom: 61 secretKeyRef: 62 key: xtrabackup 63 name: internal-sec-context 64 - name: MONITOR_PASSWORD 65 valueFrom: 66 secretKeyRef: 67 key: monitor 68 name: internal-sec-context 69 - name: OPERATOR_ADMIN_PASSWORD 70 valueFrom: 71 secretKeyRef: 72 key: operator 73 name: internal-sec-context 74 - name: LIVENESS_CHECK_TIMEOUT 75 value: "5" 76 - name: READINESS_CHECK_TIMEOUT 77 value: "15" 78 - name: DEFAULT_AUTHENTICATION_PLUGIN 79 value: mysql_native_password 80 envFrom: 81 - secretRef: 82 name: sec-context-env-vars-pxc 83 optional: true 84 imagePullPolicy: Always 85 livenessProbe: 86 exec: 87 command: 88 - /var/lib/mysql/liveness-check.sh 89 failureThreshold: 3 90 initialDelaySeconds: 300 91 periodSeconds: 10 92 successThreshold: 1 93 timeoutSeconds: 5 94 name: pxc 95 ports: 96 - containerPort: 3306 97 name: mysql 98 protocol: TCP 99 - containerPort: 4444 100 name: sst 101 protocol: TCP 102 - containerPort: 4567 103 name: write-set 104 protocol: TCP 105 - containerPort: 4568 106 name: ist 107 protocol: TCP 108 - containerPort: 33062 109 name: mysql-admin 110 protocol: TCP 111 - containerPort: 33060 112 name: mysqlx 113 protocol: TCP 114 readinessProbe: 115 exec: 116 command: 117 - /var/lib/mysql/readiness-check.sh 118 failureThreshold: 5 119 initialDelaySeconds: 15 120 periodSeconds: 30 121 successThreshold: 1 122 timeoutSeconds: 15 123 resources: 124 limits: 125 cpu: "1" 126 memory: 1G 127 requests: 128 cpu: 100m 129 memory: 100M 130 securityContext: 131 privileged: true 132 terminationMessagePath: /dev/termination-log 133 terminationMessagePolicy: File 134 volumeMounts: 135 - mountPath: /var/lib/mysql 136 name: datadir 137 - mountPath: /etc/percona-xtradb-cluster.conf.d 138 name: config 139 - mountPath: /tmp 140 name: tmp 141 - mountPath: /etc/mysql/ssl 142 name: ssl 143 - mountPath: /etc/mysql/ssl-internal 144 name: ssl-internal 145 - mountPath: /etc/mysql/mysql-users-secret 146 name: mysql-users-secret-file 147 - mountPath: /etc/my.cnf.d 148 name: auto-config 149 - mountPath: /etc/mysql/vault-keyring-secret 150 name: vault-keyring-secret 151 - mountPath: /etc/mysql/init-file 152 name: mysql-init-file 153 dnsPolicy: ClusterFirst 154 initContainers: 155 - command: 156 - /pxc-init-entrypoint.sh 157 imagePullPolicy: Always 158 name: pxc-init 159 resources: 160 limits: 161 cpu: 50m 162 memory: 50M 163 securityContext: 164 privileged: true 165 terminationMessagePath: /dev/termination-log 166 terminationMessagePolicy: File 167 volumeMounts: 168 - mountPath: /var/lib/mysql 169 name: datadir 170 restartPolicy: Always 171 schedulerName: default-scheduler 172 securityContext: 173 fsGroup: 1001 174 runAsUser: 1001 175 supplementalGroups: 176 - 1001 177 serviceAccount: percona-xtradb-cluster-operator-workload 178 serviceAccountName: percona-xtradb-cluster-operator-workload 179 terminationGracePeriodSeconds: 600 180 topologySpreadConstraints: 181 - labelSelector: 182 matchLabels: 183 app.kubernetes.io/component: pxc 184 app.kubernetes.io/instance: sec-context 185 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 186 app.kubernetes.io/name: percona-xtradb-cluster 187 app.kubernetes.io/part-of: percona-xtradb-cluster 188 maxSkew: 1 189 topologyKey: kubernetes.io/hostname 190 whenUnsatisfiable: ScheduleAnyway 191 volumes: 192 - emptyDir: {} 193 name: tmp 194 - configMap: 195 defaultMode: 420 196 name: sec-context-pxc 197 optional: true 198 name: config 199 - name: ssl-internal 200 secret: 201 defaultMode: 420 202 optional: true 203 secretName: some-name-ssl-internal 204 - name: ssl 205 secret: 206 defaultMode: 420 207 optional: false 208 secretName: some-name-ssl 209 - configMap: 210 defaultMode: 420 211 name: auto-sec-context-pxc 212 optional: true 213 name: auto-config 214 - name: vault-keyring-secret 215 secret: 216 defaultMode: 420 217 optional: true 218 secretName: sec-context-vault 219 - name: mysql-users-secret-file 220 secret: 221 defaultMode: 420 222 optional: false 223 secretName: internal-sec-context 224 - name: mysql-init-file 225 secret: 226 defaultMode: 420 227 optional: true 228 secretName: sec-context-mysql-init 229 updateStrategy: 230 rollingUpdate: 231 partition: 0 232 type: RollingUpdate 233 volumeClaimTemplates: 234 - metadata: 235 name: datadir 236 spec: 237 accessModes: 238 - ReadWriteOnce 239 resources: 240 requests: 241 storage: 2Gi 242 status: 243 phase: Pending