--- # Source: ghost/charts/mysql/templates/primary/statefulset.yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: ghost-mysql namespace: "default" labels: app.kubernetes.io/instance: ghost app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.5 helm.sh/chart: mysql-12.3.4 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary spec: replicas: 1 podManagementPolicy: "" selector: matchLabels: app.kubernetes.io/instance: ghost app.kubernetes.io/name: mysql app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary serviceName: ghost-mysql-headless updateStrategy: type: RollingUpdate template: metadata: annotations: checksum/configuration: 959b0f76ba7e6be0aaaabf97932398c31b17bc9f86d3839a26a3bbbc48673cd9 labels: app.kubernetes.io/instance: ghost app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.5 helm.sh/chart: mysql-12.3.4 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary spec: serviceAccountName: ghost-mysql automountServiceAccountToken: false affinity: podAffinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/instance: ghost app.kubernetes.io/name: mysql topologyKey: kubernetes.io/hostname weight: 1 nodeAffinity: securityContext: fsGroup: 1001 fsGroupChangePolicy: Always supplementalGroups: [] sysctls: [] initContainers: - name: preserve-logs-symlinks image: docker.io/bitnami/mysql:8.4.5-debian-12-r0 imagePullPolicy: "IfNotPresent" securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault resources: limits: cpu: 750m ephemeral-storage: 2Gi memory: 768Mi requests: cpu: 500m ephemeral-storage: 50Mi memory: 512Mi command: - /bin/bash args: - -ec - | #!/bin/bash . /opt/bitnami/scripts/libfs.sh # We copy the logs folder because it has symlinks to stdout and stderr if ! is_dir_empty /opt/bitnami/mysql/logs; then cp -r /opt/bitnami/mysql/logs /emptydir/app-logs-dir fi volumeMounts: - name: empty-dir mountPath: /emptydir containers: - name: mysql image: docker.io/bitnami/mysql:8.4.5-debian-12-r0 imagePullPolicy: "IfNotPresent" securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault env: - name: BITNAMI_DEBUG value: "false" - name: MYSQL_ROOT_PASSWORD_FILE value: /opt/bitnami/mysql/secrets/mysql-root-password - name: MYSQL_ENABLE_SSL value: "no" - name: MYSQL_USER value: "bn_ghost" - name: MYSQL_PASSWORD_FILE value: /opt/bitnami/mysql/secrets/mysql-password - name: MYSQL_PORT value: "3306" - name: MYSQL_DATABASE value: "bitnami_ghost" envFrom: ports: - name: mysql containerPort: 3306 livenessProbe: failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin status -uroot -p"${password_aux}" readinessProbe: failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" startupProbe: failureThreshold: 10 initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" resources: limits: cpu: 750m ephemeral-storage: 2Gi memory: 768Mi requests: cpu: 500m ephemeral-storage: 50Mi memory: 512Mi volumeMounts: - name: data mountPath: /bitnami/mysql - name: empty-dir mountPath: /tmp subPath: tmp-dir - name: empty-dir mountPath: /opt/bitnami/mysql/conf subPath: app-conf-dir - name: empty-dir mountPath: /opt/bitnami/mysql/tmp subPath: app-tmp-dir - name: empty-dir mountPath: /opt/bitnami/mysql/logs subPath: app-logs-dir - name: config mountPath: /opt/bitnami/mysql/conf/my.cnf subPath: my.cnf - name: mysql-credentials mountPath: /opt/bitnami/mysql/secrets/ volumes: - name: config configMap: name: ghost-mysql - name: mysql-credentials secret: secretName: ghost-mysql items: - key: mysql-root-password path: mysql-root-password - key: mysql-password path: mysql-password - name: empty-dir emptyDir: {} volumeClaimTemplates: - metadata: name: data labels: app.kubernetes.io/instance: ghost app.kubernetes.io/name: mysql app.kubernetes.io/component: primary spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "8Gi"