--- # 创建 Namespace apiVersion: v1 kind: Namespace metadata: name: hty1024-app --- # 创建 StorageClass apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: storage-local-vaultwarden labels: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: storageClass provisioner: kubernetes.io/no-provisioner reclaimPolicy: Retain volumeBindingMode: WaitForFirstConsumer --- # 创建 PersistentVolume apiVersion: v1 kind: PersistentVolume metadata: name: hty1024-app-vaultwarden-pv labels: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: persistentVolume spec: capacity: storage: 1Gi volumeMode: Filesystem accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain storageClassName: storage-local-vaultwarden local: path: /app/vaultwarden/data nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: node.k8s.hty1024.com/type operator: In values: - app --- # 创建 PersistentVolumeClaim apiVersion: v1 kind: PersistentVolumeClaim metadata: name: hty1024-app-vaultwarden-pvc namespace: hty1024-app labels: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: persistentVolumeClaim spec: resources: requests: storage: 1Gi volumeMode: Filesystem accessModes: - ReadWriteOnce storageClassName: storage-local-vaultwarden --- # 创建 Service apiVersion: v1 kind: Service metadata: name: hty1024-app-vaultwarden-service namespace: hty1024-app labels: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: service spec: type: NodePort ports: - port: 80 targetPort: 80 nodePort: 30000 selector: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: pod --- # 创建 StatefulSet apiVersion: apps/v1 kind: StatefulSet metadata: name: hty1024-app-vaultwarden-statefulset namespace: hty1024-app labels: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: statefulSet spec: replicas: 1 minReadySeconds: 30 selector: matchLabels: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: pod template: metadata: labels: app.k8s.hty1024.com/env: prod app.k8s.hty1024.com/type: app app.k8s.hty1024.com/name: vaultwarden app.k8s.hty1024.com/version: 1.32.6-alpine app.k8s.hty1024.com/resources: pod spec: terminationGracePeriodSeconds: 60 volumes: - name: localtime hostPath: path: /etc/localtime - name: hty1024-app-vaultwarden-data persistentVolumeClaim: claimName: hty1024-app-vaultwarden-pvc containers: - name: vaultwarden image: vaultwarden/server:1.32.6-alpine ports: - name: tcp containerPort: 80 volumeMounts: - name: localtime mountPath: /etc/localtime readOnly: true - name: hty1024-app-vaultwarden-data mountPath: /data env: - name: SIGNUPS_ALLOWED value: "false" livenessProbe: tcpSocket: port: 80 initialDelaySeconds: 300 periodSeconds: 10 timeoutSeconds: 30 failureThreshold: 3 successThreshold: 3 readinessProbe: tcpSocket: port: 80 initialDelaySeconds: 10 periodSeconds: 5 successThreshold: 3 startupProbe: tcpSocket: port: 80 initialDelaySeconds: 10 periodSeconds: 5 successThreshold: 3 nodeSelector: node.k8s.hty1024.com/type: app