apiVersion: apps/v1 kind: StatefulSet metadata: name: drools-workbench namespace: tools labels: app: drools-workbench spec: serviceName: "drools-workbench" replicas: 1 selector: matchLabels: app: drools-workbench template: metadata: labels: app: drools-workbench spec: securityContext: fsGroup: 1000 containers: - name: drools-workbench image: 'harbor.uenpay.com/base/drools-workbench-showcase:latest' imagePullPolicy: Always ports: - name: web containerPort: 8080 protocol: TCP - name: ssh containerPort: 8001 protocol: TCP securityContext: runAsUser: 1000 volumeMounts: - name: cache mountPath: /opt/jboss/.m2 - name: data mountPath: /opt/jboss/wildfly/bin/.niogit volumeClaimTemplates: - metadata: name: cache spec: accessModes: ["ReadWriteOnce"] storageClassName: cephrbd-sc resources: requests: storage: 30Gi - metadata: name: data spec: accessModes: ["ReadWriteOnce"] storageClassName: cephrbd-sc resources: requests: storage: 100Gi --- kind: Service apiVersion: v1 metadata: name: drools-workbench namespace: tools labels: app: drools-workbench spec: ports: - name: web protocol: TCP port: 8080 targetPort: 8080 - name: ssh protocol: TCP port: 8001 targetPort: 8001 selector: app: drools-workbench --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: nginx.ingress.kubernetes.io/proxy-body-size: 1024m nginx.ingress.kubernetes.io/proxy-connect-timeout: '300' nginx.ingress.kubernetes.io/proxy-read-timeout: '300' nginx.ingress.kubernetes.io/proxy-send-timeout: '300' nginx.ingress.kubernetes.io/ssl-redirect: 'true' name: workbench.uenpay.com-ingress namespace: tools spec: ingressClassName: nginx rules: - host: workbench.uenpay.com http: paths: - backend: service: name: drools-workbench port: number: 8080 path: / pathType: Prefix tls: - hosts: - workbench.uenpay.com secretName: uenpay.com