github.com/replicatedhq/ship@v0.55.0/integration/init/forgeops/expected/base/ds.yaml (about) 1 --- 2 # Source: ds/templates/ds.yaml 3 # Copyright (c) 2016-2018 ForgeRock AS. All Rights Reserved. 4 apiVersion: apps/v1beta1 5 kind: StatefulSet 6 metadata: 7 name: ds 8 labels: 9 instance: ds 10 app: ds-ds 11 vendor: forgerock 12 component: ds 13 release: ds 14 heritage: Tiller 15 spec: 16 serviceName: ds 17 replicas: 1 18 updateStrategy: 19 type: RollingUpdate 20 volumeClaimTemplates: 21 - metadata: 22 name: db 23 annotations: 24 pv.beta.kubernetes.io/gid: "11111" 25 spec: 26 accessModes: [ "ReadWriteOnce" ] 27 resources: 28 requests: 29 storage: 10Gi 30 template: 31 metadata: 32 labels: 33 instance: ds 34 app: ds-ds 35 vendor: forgerock 36 release: ds 37 component: ds 38 spec: 39 affinity: 40 podAntiAffinity: 41 preferredDuringSchedulingIgnoredDuringExecution: 42 - weight: 100 43 podAffinityTerm: 44 labelSelector: 45 matchExpressions: 46 - key: instance 47 operator: In 48 values: 49 - ds 50 topologyKey: kubernetes.io/hostname 51 terminationGracePeriodSeconds: 30 52 # This will make sure the mounted PVCs are writable by the forgerock user with gid 111111. 53 securityContext: 54 fsGroup: 11111 55 runAsUser: 11111 56 supplementalGroups: 57 - 0 58 59 initContainers: [] 60 61 containers: 62 - name: ds 63 image: forgerock-docker-public.bintray.io/forgerock/ds:6.5.0 64 imagePullPolicy: IfNotPresent 65 #terminationGracePeriodSeconds: 10 66 resources: 67 limits: 68 memory: 768Mi 69 requests: 70 memory: 512Mi 71 72 envFrom: 73 - configMapRef: 74 name: ds 75 env: 76 - name: NAMESPACE 77 valueFrom: 78 fieldRef: 79 fieldPath: metadata.namespace 80 ports: 81 - containerPort: 1389 82 name: ldap 83 - containerPort: 4444 84 name: admin 85 - containerPort: 8989 86 name: replication 87 - containerPort: 8080 88 name: metrics 89 volumeMounts: 90 - name: dj-secrets 91 mountPath: /var/run/secrets/opendj 92 - name: backup 93 mountPath: /opt/opendj/bak 94 - name: logs 95 mountPath: /opt/opendj/logs 96 - name: db 97 mountPath: /opt/opendj/data 98 args: [ "start" ] 99 # Due to cost, we don't want to do a full scrape of the metrics http endpoint - so we create a tcp connection 100 # todo: revisit when https://bugster.forgerock.org/jira/browse/OPENDJ-4728 is resolved. 101 # TODO: Uncomment when we get ds to start faster. Seletively disable replication 102 # readinessProbe: 103 # tcpSocket: 104 # port: metrics 105 # periodSeconds: 10 106 livenessProbe: 107 tcpSocket: 108 port: metrics 109 initialDelaySeconds: 60 110 periodSeconds: 120 111 volumes: 112 - name: dj-secrets 113 secret: 114 secretName: ds 115 - name: logs 116 emptyDir: {} 117 - name: backup 118 emptyDir: {} 119