apiVersion: apps/v1 kind: StatefulSet metadata: labels: app: netmaker name: netmaker spec: replicas: 3 serviceName: netmaker-headless selector: matchLabels: app: netmaker template: metadata: labels: app: netmaker spec: initContainers: - name: init-sysctl image: busybox imagePullPolicy: IfNotPresent command: ["/bin/sh", "-c"] args: ["sysctl -w net.ipv4.ip_forward=1 && sysctl -w net.ipv4.conf.all.src_valid_mark=1 && sysctl -w net.ipv6.conf.all.disable_ipv6=0 && sysctl -w net.ipv6.conf.all.forwarding=1"] securityContext: privileged: true dnsPolicy: ClusterFirstWithHostNet containers: - env: - name: NODE_ID valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: SQL_PASS valueFrom: secretKeyRef: key: password name: postgres-pw - name: MASTER_KEY valueFrom: secretKeyRef: key: master_key name: netmaker-secrets - name: MQ_PASSWORD valueFrom: secretKeyRef: key: mq_password name: netmaker-secrets - name: TURN_SERVER_PASSWORD valueFrom: secretKeyRef: key: turn_password name: netmaker-secrets envFrom: - configMapRef: name: netmaker-config image: gravitl/netmaker:v1.1.0 imagePullPolicy: Always name: netmaker ports: - containerPort: 8081 protocol: TCP - containerPort: 31821 protocol: UDP - containerPort: 31822 protocol: UDP - containerPort: 31823 protocol: UDP - containerPort: 31824 protocol: UDP - containerPort: 31825 protocol: UDP - containerPort: 31826 protocol: UDP - containerPort: 31827 protocol: UDP - containerPort: 31828 protocol: UDP - containerPort: 31829 protocol: UDP - containerPort: 31830 protocol: UDP resources: {} securityContext: capabilities: add: - NET_ADMIN - NET_RAW volumeMounts: - mountPath: /etc/netmaker/ name: shared-certs volumes: - name: shared-certs persistentVolumeClaim: claimName: shared-certs-pvc