apiVersion: apps/v1 kind: StatefulSet metadata: name: cameleer-postgres namespace: cameleer spec: serviceName: cameleer-postgres replicas: 1 selector: matchLabels: app: cameleer-postgres template: metadata: labels: app: cameleer-postgres spec: securityContext: runAsNonRoot: true runAsUser: 999 fsGroup: 999 containers: - name: cameleer-postgres image: postgres:16 ports: - containerPort: 5432 name: cameleer-pg env: - name: POSTGRES_DB value: cameleer - name: POSTGRES_USER valueFrom: secretKeyRef: name: cameleer-postgres-credentials key: POSTGRES_USER - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: cameleer-postgres-credentials key: POSTGRES_PASSWORD volumeMounts: - name: data mountPath: /home/postgres/pgdata resources: requests: memory: "1Gi" cpu: "200m" limits: memory: "4Gi" cpu: "1000m" livenessProbe: exec: command: - sh - -c - pg_isready -U "$POSTGRES_USER" -d cameleer initialDelaySeconds: 15 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 readinessProbe: exec: command: - sh - -c - pg_isready -U "$POSTGRES_USER" -d cameleer initialDelaySeconds: 5 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 3 volumeClaimTemplates: - metadata: name: data spec: accessModes: ["ReadWriteOnce"] resources: requests: storage: 10Gi --- apiVersion: v1 kind: Service metadata: name: cameleer-postgres namespace: cameleer spec: clusterIP: None selector: app: cameleer-postgres ports: - port: 5432 targetPort: 5432 name: cameleer-pg --- apiVersion: v1 kind: Service metadata: name: cameleer-postgres-external namespace: cameleer spec: type: NodePort selector: app: cameleer-postgres ports: - port: 5432 targetPort: 5432 nodePort: 30432