# # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # --- apiVersion: apps/v1 kind: StatefulSet metadata: name: nuvolaris-etcd namespace: nuvolaris labels: app.kubernetes.io/name: nuvolaris-etcd spec: replicas: 3 serviceName: nuvolaris-etcd-headless podManagementPolicy: Parallel updateStrategy: type: RollingUpdate selector: matchLabels: app.kubernetes.io/name: nuvolaris-etcd template: metadata: labels: name: nuvolaris-etcd app.kubernetes.io/name: nuvolaris-etcd annotations: serviceName: nuvolaris-etcd whisks.nuvolaris.org/annotate-version: "true" spec: restartPolicy: Always securityContext: fsGroup: 1001 fsGroupChangePolicy: Always terminationGracePeriodSeconds: 30 containers: - name: nuvolaris-etcd env: - name: BITNAMI_DEBUG value: "false" - name: MY_POD_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP - name: MY_POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: MY_STS_NAME value: nuvolaris-etcd - name: ETCDCTL_API value: "3" - name: ETCD_ON_K8S value: "yes" - name: ETCD_START_FROM_SNAPSHOT value: "no" - name: ETCD_DISASTER_RECOVERY value: "no" - name: ETCD_NAME value: $(MY_POD_NAME) - name: ETCD_DATA_DIR value: /bitnami/etcd/data - name: ETCD_LOG_LEVEL value: info - name: ALLOW_NONE_AUTHENTICATION value: "no" - name: ETCD_ROOT_PASSWORD valueFrom: secretKeyRef: name: nuvolaris-etcd-secret key: rootPassword - name: ETCD_AUTH_TOKEN value: jwt,priv-key=/opt/bitnami/etcd/certs/token/jwt-token.pem,sign-method=RS256,ttl=10m - name: ETCD_ADVERTISE_CLIENT_URLS value: http://$(MY_POD_NAME).nuvolaris-etcd-headless.nuvolaris.svc.cluster.local:2379,http://nuvolaris-etcd.nuvolaris.svc.cluster.local:2379 - name: ETCD_LISTEN_CLIENT_URLS value: http://0.0.0.0:2379 - name: ETCD_INITIAL_ADVERTISE_PEER_URLS value: http://$(MY_POD_NAME).nuvolaris-etcd-headless.nuvolaris.svc.cluster.local:2380 - name: ETCD_LISTEN_PEER_URLS value: http://0.0.0.0:2380 - name: ETCD_INITIAL_CLUSTER_TOKEN value: etcd-cluster-k8s - name: ETCD_INITIAL_CLUSTER_STATE value: new - name: ETCD_INITIAL_CLUSTER value: nuvolaris-etcd-0=http://nuvolaris-etcd-0.nuvolaris-etcd-headless.nuvolaris.svc.cluster.local:2380,nuvolaris-etcd-1=http://nuvolaris-etcd-1.nuvolaris-etcd-headless.nuvolaris.svc.cluster.local:2380,nuvolaris-etcd-2=http://nuvolaris-etcd-2.nuvolaris-etcd-headless.nuvolaris.svc.cluster.local:2380 - name: ETCD_CLUSTER_DOMAIN value: nuvolaris-etcd-headless.nuvolaris.svc.cluster.local image: docker.io/bitnami/etcd:3.5.17-debian-12-r0 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /opt/bitnami/scripts/etcd/prestop.sh livenessProbe: failureThreshold: 5 httpGet: path: /livez port: 2379 scheme: HTTP initialDelaySeconds: 60 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 5 ports: - containerPort: 2379 name: client protocol: TCP - containerPort: 2380 name: peer protocol: TCP readinessProbe: exec: command: - /opt/bitnami/scripts/etcd/healthcheck.sh failureThreshold: 5 initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 volumeMounts: - mountPath: /opt/bitnami/etcd/conf/ name: empty-dir subPath: app-conf-dir - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /bitnami/etcd name: nuvolaris-etc-data - mountPath: /opt/bitnami/etcd/certs/token/ name: etcd-jwt-token readOnly: true volumes: - emptyDir: {} name: empty-dir - name: etcd-jwt-token secret: defaultMode: 256 secretName: nuvolaris-etcd-jwt-token volumeClaimTemplates: - metadata: name: nuvolaris-etc-data spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "8Gi"