apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/name: rabbitmq app.kubernetes.io/component: rabbitmq name: rabbitmq spec: ports: - name: amqps port: 5671 selector: app.kubernetes.io/name: rabbitmq app.kubernetes.io/component: rabbitmq type: ClusterIP externalIPs: - 172.30.0.149 externalTrafficPolicy: Local --- apiVersion: apps/v1 kind: StatefulSet metadata: name: rabbitmq labels: app.kubernetes.io/name: rabbitmq app.kubernetes.io/component: rabbitmq spec: serviceName: rabbitmq selector: matchLabels: app.kubernetes.io/name: rabbitmq app.kubernetes.io/component: rabbitmq template: metadata: labels: app.kubernetes.io/name: rabbitmq app.kubernetes.io/component: rabbitmq spec: containers: - name: rabbitmq image: docker.io/library/rabbitmq:4.0-alpine ports: - name: amqps containerPort: 5671 - name: metrics containerPort: 15692 readinessProbe: &probe tcpSocket: port: amqps periodSeconds: 60 successThreshold: 1 failureThreshold: 2 startupProbe: <<: *probe initialDelaySeconds: 5 periodSeconds: 1 timeoutSeconds: 1 failureThreshold: 10 securityContext: readOnlyRootFilesystem: true volumeMounts: - mountPath: /etc/rabbitmq name: rabbitmq-config readOnly: true - mountPath: /run/secrets/rabbitmq/cert name: rabbitmq-cert readOnly: true - mountPath: /tmp name: tmp subPath: tmp - mountPath: /var/lib/rabbitmq name: data subPath: data securityContext: runAsNonRoot: true runAsUser: 5672 runAsGroup: 5762 fsGroup: 5672 fsGroupChangePolicy: OnRootMismatch volumes: - name: rabbitmq-cert secret: secretName: rabbitmq-cert defaultMode: 0440 - name: rabbitmq-config configMap: name: rabbitmq - name: tmp emptyDir: medium: Memory volumeClaimTemplates: - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: data labels: app.kubernetes.io/name: rabbitmq app.kubernetes.io/component: rabbitmq spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi