######################################################################## # This YAML file desribes a StatefulSet with a service for running and # # exposing a MongoDB instance. # # It depends on the configdb and db k8s pvc. # ######################################################################## apiVersion: apps/v1beta1 kind: StatefulSet metadata: name: mdb-instance-0-ss namespace: default spec: serviceName: mdb-instance-0 replicas: 1 template: metadata: name: mdb-instance-0-ss labels: app: mdb-instance-0-ss spec: terminationGracePeriodSeconds: 10 containers: - name: mongodb image: bigchaindb/mongodb:3.4.4 imagePullPolicy: Always env: - name: MONGODB_FQDN valueFrom: configMapKeyRef: name: vars key: mdb-instance-name - name: MONGODB_POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: MONGODB_REPLICA_SET_NAME value: bigchain-rs - name: MONGODB_PORT value: "27017" args: - --mongodb-port - $(MONGODB_PORT) - --mongodb-key-file-path - /etc/mongod/ssl/mdb-instance.pem - --mongodb-ca-file-path - /etc/mongod/ssl/ca.pem - --mongodb-crl-file-path - /etc/mongod/ssl/mdb-crl.pem - --replica-set-name - $(MONGODB_REPLICA_SET_NAME) - --mongodb-fqdn - $(MONGODB_FQDN) - --mongodb-ip - $(MONGODB_POD_IP) securityContext: capabilities: add: - FOWNER ports: - containerPort: 27017 hostPort: 27017 name: mdb-port protocol: TCP volumeMounts: - name: mdb-db mountPath: /data/db - name: mdb-configdb mountPath: /data/configdb - name: mdb-certs mountPath: /etc/mongod/ssl/ readOnly: true resources: limits: cpu: 200m memory: 768Mi livenessProbe: tcpSocket: port: mdb-port successThreshold: 1 failureThreshold: 3 periodSeconds: 15 timeoutSeconds: 1 restartPolicy: Always volumes: - name: mdb-db persistentVolumeClaim: claimName: mongo-db-claim - name: mdb-configdb persistentVolumeClaim: claimName: mongo-configdb-claim - name: mdb-certs secret: secretName: mdb-certs defaultMode: 0400