---
apiVersion: psmdb.percona.com/v1-4-0
kind: PerconaServerMongoDB
metadata:
name: ${FQDN}
spec:
updateStrategy: RollingUpdate
crVersion: "1.6.0"
image: percona/percona-server-mongodb:4.2.8-8
imagePullPolicy: Always
allowUnsafeConfigurations: false
secrets:
users: ${FQDN}-mongodb-users
pmm:
enabled: false
replsets:
- name: rs0
size: 3
affinity:
antiAffinityTopologyKey: "kubernetes.io/hostname"
arbiter:
enabled: false
size: 0
podDisruptionBudget:
maxUnavailable: 1
podSecurityContext:
fsGroup: 1001
containerSecurityContext:
runAsNonRoot: true
runAsUser: 1001
expose:
enabled: false
livenessProbe:
exec:
command:
- mongodb-healthcheck
- k8s
- liveness
- --startupDelaySeconds
- "61"
failureThreshold: 4
initialDelaySeconds: 60
periodSeconds: 30
startupDelaySeconds: 61
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
failureThreshold: 8
initialDelaySeconds: 10
periodSeconds: 3
successThreshold: 1
tcpSocket:
port: 27017
timeoutSeconds: 2
resources:
limits:
memory: 1500Mi
requests:
memory: 500Mi
storage:
engine: wiredTiger
wiredTiger:
collectionConfig: {}
engineConfig:
cacheSizeRatio: 0.5
indexConfig:
prefixCompression: true
volumeSpec:
persistentVolumeClaim:
storageClassName: small
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 5Gi
mongod:
security:
redactClientLogData: false
enableEncryption: true
encryptionCipherMode: AES256-CBC
net:
port: 27017
backup:
enabled: true
restartOnFailure: true
image: percona/percona-server-mongodb-operator:1.6.0-backup
serviceAccountName: percona-server-mongodb-operator
storages:
backup:
type: s3
s3:
bucket: ${DOMAIN}-dumps
credentialsSecret: ${DOMAIN}-dumps
region: default
endpointUrl: https://minio.k7.indie.host/
prefix: mongodb
tasks:
- name: daily
enabled: true
schedule: "0 0 * * *"
storageName: backup
compressionType: gzip