github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/statefulset_sec-context-pxc-k127.yml (about) 1 apiVersion: apps/v1 2 kind: StatefulSet 3 metadata: 4 generation: 1 5 name: sec-context-pxc 6 ownerReferences: 7 - controller: true 8 kind: PerconaXtraDBCluster 9 name: sec-context 10 spec: 11 persistentVolumeClaimRetentionPolicy: 12 whenDeleted: Retain 13 whenScaled: Retain 14 podManagementPolicy: OrderedReady 15 replicas: 3 16 revisionHistoryLimit: 10 17 selector: 18 matchLabels: 19 app.kubernetes.io/component: pxc 20 app.kubernetes.io/instance: sec-context 21 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 22 app.kubernetes.io/name: percona-xtradb-cluster 23 app.kubernetes.io/part-of: percona-xtradb-cluster 24 serviceName: sec-context-pxc 25 template: 26 metadata: 27 annotations: 28 openshift.io/scc: privileged 29 labels: 30 app.kubernetes.io/component: pxc 31 app.kubernetes.io/instance: sec-context 32 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 33 app.kubernetes.io/name: percona-xtradb-cluster 34 app.kubernetes.io/part-of: percona-xtradb-cluster 35 spec: 36 affinity: 37 podAntiAffinity: 38 requiredDuringSchedulingIgnoredDuringExecution: 39 - labelSelector: 40 matchLabels: 41 app.kubernetes.io/component: pxc 42 app.kubernetes.io/instance: sec-context 43 app.kubernetes.io/managed-by: percona-xtradb-cluster-operator 44 app.kubernetes.io/name: percona-xtradb-cluster 45 app.kubernetes.io/part-of: percona-xtradb-cluster 46 topologyKey: kubernetes.io/hostname 47 containers: 48 - args: 49 - mysqld 50 command: 51 - /var/lib/mysql/pxc-entrypoint.sh 52 env: 53 - name: PXC_SERVICE 54 value: sec-context-pxc-unready 55 - name: MONITOR_HOST 56 value: '%' 57 - name: MYSQL_ROOT_PASSWORD 58 valueFrom: 59 secretKeyRef: 60 key: root 61 name: internal-sec-context 62 - name: XTRABACKUP_PASSWORD 63 valueFrom: 64 secretKeyRef: 65 key: xtrabackup 66 name: internal-sec-context 67 - name: MONITOR_PASSWORD 68 valueFrom: 69 secretKeyRef: 70 key: monitor 71 name: internal-sec-context 72 - name: OPERATOR_ADMIN_PASSWORD 73 valueFrom: 74 secretKeyRef: 75 key: operator 76 name: internal-sec-context 77 - name: LIVENESS_CHECK_TIMEOUT 78 value: "5" 79 - name: READINESS_CHECK_TIMEOUT 80 value: "15" 81 - name: DEFAULT_AUTHENTICATION_PLUGIN 82 value: mysql_native_password 83 envFrom: 84 - secretRef: 85 name: sec-context-env-vars-pxc 86 optional: true 87 imagePullPolicy: Always 88 livenessProbe: 89 exec: 90 command: 91 - /var/lib/mysql/liveness-check.sh 92 failureThreshold: 3 93 initialDelaySeconds: 300 94 periodSeconds: 10 95 successThreshold: 1 96 timeoutSeconds: 5 97 name: pxc 98 ports: 99 - containerPort: 3306 100 name: mysql 101 protocol: TCP 102 - containerPort: 4444 103 name: sst 104 protocol: TCP 105 - containerPort: 4567 106 name: write-set 107 protocol: TCP 108 - containerPort: 4568 109 name: ist 110 protocol: TCP 111 - containerPort: 33062 112 name: mysql-admin 113 protocol: TCP 114 - containerPort: 33060 115 name: mysqlx 116 protocol: TCP 117 readinessProbe: 118 exec: 119 command: 120 - /var/lib/mysql/readiness-check.sh 121 failureThreshold: 5 122 initialDelaySeconds: 15 123 periodSeconds: 30 124 successThreshold: 1 125 timeoutSeconds: 15 126 resources: 127 limits: 128 cpu: "1" 129 memory: 1G 130 requests: 131 cpu: 100m 132 memory: 100M 133 securityContext: 134 privileged: false 135 terminationMessagePath: /dev/termination-log 136 terminationMessagePolicy: File 137 volumeMounts: 138 - mountPath: /var/lib/mysql 139 name: datadir 140 - mountPath: /etc/percona-xtradb-cluster.conf.d 141 name: config 142 - mountPath: /tmp 143 name: tmp 144 - mountPath: /etc/mysql/ssl 145 name: ssl 146 - mountPath: /etc/mysql/ssl-internal 147 name: ssl-internal 148 - mountPath: /etc/mysql/mysql-users-secret 149 name: mysql-users-secret-file 150 - mountPath: /etc/my.cnf.d 151 name: auto-config 152 - mountPath: /etc/mysql/vault-keyring-secret 153 name: vault-keyring-secret 154 - mountPath: /etc/mysql/init-file 155 name: mysql-init-file 156 dnsPolicy: ClusterFirst 157 initContainers: 158 - command: 159 - /pxc-init-entrypoint.sh 160 imagePullPolicy: Always 161 name: pxc-init 162 resources: 163 limits: 164 cpu: 50m 165 memory: 50M 166 securityContext: 167 privileged: false 168 terminationMessagePath: /dev/termination-log 169 terminationMessagePolicy: File 170 volumeMounts: 171 - mountPath: /var/lib/mysql 172 name: datadir 173 restartPolicy: Always 174 schedulerName: default-scheduler 175 securityContext: 176 fsGroup: 1001 177 runAsUser: 1001 178 serviceAccount: percona-xtradb-cluster-operator-workload 179 serviceAccountName: percona-xtradb-cluster-operator-workload 180 terminationGracePeriodSeconds: 600 181 volumes: 182 - emptyDir: {} 183 name: tmp 184 - configMap: 185 defaultMode: 420 186 name: sec-context-pxc 187 optional: true 188 name: config 189 - name: ssl-internal 190 secret: 191 defaultMode: 420 192 optional: true 193 secretName: some-name-ssl-internal 194 - name: ssl 195 secret: 196 defaultMode: 420 197 optional: false 198 secretName: some-name-ssl 199 - configMap: 200 defaultMode: 420 201 name: auto-sec-context-pxc 202 optional: true 203 name: auto-config 204 - name: vault-keyring-secret 205 secret: 206 defaultMode: 420 207 optional: true 208 secretName: sec-context-vault 209 - name: mysql-users-secret-file 210 secret: 211 defaultMode: 420 212 optional: false 213 secretName: internal-sec-context 214 - name: mysql-init-file 215 secret: 216 defaultMode: 420 217 optional: true 218 secretName: sec-context-mysql-init 219 updateStrategy: 220 rollingUpdate: 221 partition: 0 222 type: RollingUpdate 223 volumeClaimTemplates: 224 - metadata: 225 name: datadir 226 spec: 227 accessModes: 228 - ReadWriteOnce 229 resources: 230 requests: 231 storage: 2Gi 232 status: 233 phase: Pending