Skip to content
Snippets Groups Projects
Normal view History Permalink
mongo-operator.yml 2.59 KiB
Newer Older
Pierre Ozoux's avatar
First commit
Pierre Ozoux committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: percona-server-mongodb-operator
spec:
  replicas: 1
  selector:
    matchLabels:
      name: percona-server-mongodb-operator
  template:
    metadata:
      labels:
        name: percona-server-mongodb-operator
    spec:
      serviceAccountName: percona-server-mongodb-operator
      containers:
        - name: percona-server-mongodb-operator
          image: percona/percona-server-mongodb-operator:1.6.0
          ports:
          - containerPort: 60000
            name: metrics
          command:
          - percona-server-mongodb-operator
          imagePullPolicy: Always
          env:
            - name: WATCH_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: OPERATOR_NAME
              value: percona-server-mongodb-operator
            - name: RESYNC_PERIOD
              value: 5s
            - name: LOG_VERBOSE
              value: "false"
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: percona-server-mongodb-operator
rules:
- apiGroups:
  - psmdb.percona.com
  resources:
  - perconaservermongodbs
  - perconaservermongodbs/status
  - perconaservermongodbbackups
  - perconaservermongodbbackups/status
  - perconaservermongodbrestores
  - perconaservermongodbrestores/status
  verbs:
  - get
  - list
  - update
  - watch
  - create
- apiGroups:
  - ""
  resources:
  - pods
  - pods/exec
  - services
  - persistentvolumeclaims
  - secrets
  - configmaps
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - apps
  resources:
  - deployments
  - replicasets
  - statefulsets
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - batch
  resources:
  - cronjobs
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - policy
  resources:
  - poddisruptionbudgets
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - certmanager.k8s.io
  - cert-manager.io
  resources:
  - issuers
  - certificates
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
  - deletecollection
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: percona-server-mongodb-operator
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: service-account-percona-server-mongodb-operator
subjects:
- kind: ServiceAccount
  name: percona-server-mongodb-operator
roleRef:
  kind: Role
  name: percona-server-mongodb-operator
  apiGroup: rbac.authorization.k8s.io