--- apiVersion: v1 kind: Service metadata: name: mongo labels: name: mongo spec: ports: - port: 27017 targetPort: 27017 clusterIP: None selector: role: mongo --- apiVersion: apps/v1beta1 kind: StatefulSet metadata: name: mongo spec: serviceName: "mongo" replicas: 3 template: metadata: annotations: ad.datadoghq.com/mongo.check_names: '["mongo"]' ad.datadoghq.com/mongo.init_configs: '[{}]' ad.datadoghq.com/mongo.instances: '[{"server": "mongodb://datadog:tndPhL3wrMEDuj4wLEHmbxbV@%%host%%:%%port%%"}]' labels: role: mongo environment: test spec: serviceAccountName: mongorbac terminationGracePeriodSeconds: 10 containers: - name: mongo image: mongo command: - mongod - "--replSet" - rs0 - "--bind_ip" - 0.0.0.0 - "--smallfiles" - "--noprealloc" ports: - containerPort: 27017 volumeMounts: - name: mongo-persistent-storage mountPath: /data/db - name: mongo-sidecar image: cvallance/mongo-k8s-sidecar env: - name: MONGO_SIDECAR_POD_LABELS value: "role=mongo,environment=test" volumeClaimTemplates: - metadata: name: mongo-persistent-storage annotations: volume.beta.kubernetes.io/storage-class: "fast" spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 1Gi --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: mongorbac rules: - apiGroups: - "" resources: - pods verbs: - get - list --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: mongorbac roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: mongorbac subjects: - kind: ServiceAccount name: mongorbac namespace: default --- kind: ServiceAccount apiVersion: v1 metadata: name: mongorbac namespace: default