apiVersion: v1 kind: Secret metadata: name: postgres-secret namespace: xpeditis type: Opaque data: # Base64 encoded values POSTGRES_DB: eHBlZGl0aXNfcHJvZA== # xpeditis_prod POSTGRES_USER: eHBlZGl0aXNfdXNlcg== # xpeditis_user POSTGRES_PASSWORD: eHBlZGl0aXNfcGFzc3dvcmQ= # xpeditis_password --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: postgres-pvc namespace: xpeditis spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: standard --- apiVersion: apps/v1 kind: Deployment metadata: name: postgres namespace: xpeditis labels: app: postgres spec: replicas: 1 selector: matchLabels: app: postgres template: metadata: labels: app: postgres spec: containers: - name: postgres image: postgres:15-alpine ports: - containerPort: 5432 env: - name: POSTGRES_DB valueFrom: secretKeyRef: name: postgres-secret key: POSTGRES_DB - name: POSTGRES_USER valueFrom: secretKeyRef: name: postgres-secret key: POSTGRES_USER - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: postgres-secret key: POSTGRES_PASSWORD volumeMounts: - name: postgres-storage mountPath: /var/lib/postgresql/data resources: requests: memory: "256Mi" cpu: "250m" limits: memory: "512Mi" cpu: "500m" livenessProbe: exec: command: - pg_isready - -U - xpeditis_user - -d - xpeditis_prod initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: exec: command: - pg_isready - -U - xpeditis_user - -d - xpeditis_prod initialDelaySeconds: 5 periodSeconds: 5 volumes: - name: postgres-storage persistentVolumeClaim: claimName: postgres-pvc --- apiVersion: v1 kind: Service metadata: name: postgres-service namespace: xpeditis labels: app: postgres spec: selector: app: postgres ports: - port: 5432 targetPort: 5432 type: ClusterIP