-
Notifications
You must be signed in to change notification settings - Fork 509
/
mongodb.com_v1_mongodbcommunity_cr_podantiaffinity.yaml
60 lines (59 loc) · 1.86 KB
/
mongodb.com_v1_mongodbcommunity_cr_podantiaffinity.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
---
apiVersion: mongodbcommunity.mongodb.com/v1
kind: MongoDBCommunity
metadata:
name: example-mongodb
spec:
members: 3
type: ReplicaSet
version: "6.0.5"
security:
authentication:
modes: ["SCRAM"]
users:
- name: my-user
db: admin
passwordSecretRef: # a reference to the secret that will be used to generate the user's password
name: my-user-password
roles:
- name: clusterAdmin
db: admin
- name: userAdminAnyDatabase
db: admin
scramCredentialsSecretName: my-scram
statefulSet:
# NOTE: Overwriting the "app" labelSelectors via the sts wrapper is not supported since this labelselector is not
# getting propagated to the service. You can add others like defined below
spec:
selector:
matchLabels:
app.kubernetes.io/name: mongodb
template:
metadata:
# label the pod which is used by the "labelSelector" in podAntiAffinty
# you can label it witch some other labels as well -- make sure it change the podAntiAffinity labelselector accordingly
labels:
app.kubernetes.io/name: mongodb
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- mongodb
topologyKey: kubernetes.io/hostname
# the user credentials will be generated from this secret
# once the credentials are generated, this secret is no longer required
---
apiVersion: v1
kind: Secret
metadata:
name: my-user-password
type: Opaque
stringData:
password: <your-password-here>