apiVersion: apps/v1 kind: StatefulSet metadata: name: mongo spec: replicas: 3 serviceName: mongo selector: matchLabels: app: mongo template: metadata: labels: app: mongo spec: initContainers: - name: init image: busybox imagePullPolicy: IfNotPresent command: - sh - -c - | sysctl -w net.ipv4.tcp_keepalive_time=300 sysctl -w net.ipv4.tcp_keepalive_intvl=10 sysctl -w net.ipv4.tcp_keepalive_probes=3 # chown 999 /etc/mongodb/keyfile.key # chmod 400 /etc/mongodb/keyfile.key securityContext: privileged: true # volumeMounts: # - name: mongo-keyfile # mountPath: /etc/mongodb/keyfile.key # subPath: keyfile.key containers: - name: mongo image: mongo:6.0 imagePullPolicy: IfNotPresent args: - "--bind_ip_all" - "--replSet=bfs-mongo-rs0" - "--keyFile=/etc/mongodb/keyfile.key" ports: - containerPort: 27017 volumeMounts: - name: mongo-data mountPath: /data/db - name: mongo-keyfile mountPath: /etc/mongodb/keyfile.key subPath: keyfile.key volumes: - name: mongo-data hostPath: path: /data/mongodb/rs0 - name: mongo-keyfile configMap: name: mongo-keyfile items: - key: keyFile path: keyfile.key affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "app.kubernetes.io/component" operator: In values: - mongo tolerations: - key: "app.kubernetes.io/component" operator: "Equal" value: "mongo" effect: "NoSchedule" --- apiVersion: v1 kind: Service metadata: name: mongo spec: ports: - name: mongo protocol: TCP port: 27017 targetPort: 27017 type: ClusterIP selector: app: mongo