Undercloud/k8s-apps
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
k8s-apps/openbao/openbao.yaml
shodan ad508d5ceb .
2026-03-29 15:33:13 +00:00

101 lines
2.0 KiB
YAML
Raw Permalink Blame History

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: openbao-data
namespace: openbao
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
storageClassName: cephfs-hyper
---
apiVersion: v1
kind: ConfigMap
metadata:
name: openbao-config
namespace: openbao
data:
bao.hcl: |
ui = true
listener "tcp" {
address = "[::]:8200"
tls_disable = 1
}
storage "file" {
path = "/openbao/data"
}
disable_mlock = true
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: openbao
namespace: openbao
spec:
replicas: 1
selector:
matchLabels:
app: openbao
template:
metadata:
labels:
app: openbao
spec:
securityContext:
fsGroup: 1000
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: fix-permissions
image: busybox:1.36
command:
- sh
- -c
- |
mkdir -p /openbao/file
chown -R 100:1000 /openbao/file
chmod -R ug+rwX /openbao/file
securityContext:
runAsUser: 0
volumeMounts:
- name: data
mountPath: /openbao/file
containers:
- name: openbao
image: ghcr.io/openbao/openbao:2.4.3
imagePullPolicy: IfNotPresent
args:
- "server"
- "-config=/openbao/config/bao.hcl"
ports:
- containerPort: 8200
name: http
volumeMounts:
- name: config
mountPath: /openbao/config
- name: data
mountPath: /openbao/file
volumes:
- name: config
configMap:
name: openbao-config
- name: data
persistentVolumeClaim:
claimName: openbao-data
---
apiVersion: v1
kind: Service
metadata:
name: openbao
namespace: openbao
spec:
selector:
app: openbao
ports:
- port: 8200
targetPort: 8200
type: ClusterIP
Reference in New Issue View Git Blame Copy Permalink