apiVersion: v1 kind: PersistentVolumeClaim metadata: name: invoice-ninja-db labels: app.kubernetes.io/name: invoice-ninja-db app.kubernetes.io/component: mysql app.kubernetes.io/part-of: invoice-ninja spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi --- apiVersion: v1 kind: Service metadata: name: invoice-ninja-db labels: app.kubernetes.io/name: invoice-ninja-db app.kubernetes.io/component: mysql app.kubernetes.io/part-of: invoice-ninja spec: ports: - port: 3306 targetPort: mysql selector: app.kubernetes.io/name: invoice-ninja-db app.kubernetes.io/component: mysql type: ClusterIP --- apiVersion: apps/v1 kind: StatefulSet metadata: name: invoice-ninja-db labels: app.kubernetes.io/name: invoice-ninja-db app.kubernetes.io/component: mysql app.kubernetes.io/part-of: invoice-ninja spec: serviceName: invoice-ninja-db selector: matchLabels: app.kubernetes.io/name: invoice-ninja-db app.kubernetes.io/component: mysql template: metadata: labels: app.kubernetes.io/name: invoice-ninja-db app.kubernetes.io/component: mysql app.kubernetes.io/part-of: invoice-ninja spec: containers: - name: mariadb image: docker.io/library/mariadb:10.11.6 env: - name: MARIADB_ROOT_PASSWORD valueFrom: secretKeyRef: name: mysql-root key: password - name: MARIADB_DATABASE value: ninja - name: MARIADB_USER value: ninja - name: MARIADB_PASSWORD valueFrom: secretKeyRef: name: invoice-ninja key: db.password ports: - containerPort: 3306 name: mysql readinessProbe: &probe tcpSocket: port: mysql periodSeconds: 60 startupProbe: <<: *probe periodSeconds: 1 failureThreshold: 60 securityContext: readOnlyRootFilesystem: true volumeMounts: - mountPath: /run/mysqld name: run subPath: mysqld - mountPath: /tmp name: tmp subPath: tmp - mountPath: /var/lib/mysql name: data subPath: mysql enableServiceLinks: false securityContext: runAsNonRoot: true runAsUser: 3306 runAsGroup: 3306 fsGroup: 3306 volumes: - name: data persistentVolumeClaim: claimName: invoice-ninja-db - name: run emptyDir: medium: Memory - name: tmp emptyDir: {}