config/samples/cluster_local_tls.yaml

# This file provides an example of a cluster you can run in a local testing
# environment, with TLS enabled.
apiVersion: apps.foundationdb.org/v1beta1
kind: FoundationDBCluster
metadata:
  labels:
    controller-tools.k8s.io: "1.0"
  name: sample-cluster
spec:
  version: 6.2.28
  faultDomain:
    key: foundationdb.org/none
  processCounts:
    stateless: -1
    cluster_controller: 1
  services:
    headless: true
  processes:
    general:
      customParameters:
        - "knob_disable_posix_kernel_aio=1"
      volumeClaimTemplate:
        spec:
          resources:
            requests:
              storage: "16G"
      podTemplate:
        spec:
          securityContext:
            fsGroup: 0
          volumes:
            - name: fdb-certs
              secret:
                secretName: fdb-kubernetes-operator-secrets
          containers:
              - name: foundationdb
                resources:
                  requests:
                    cpu: 250m
                    memory: 128Mi
                env:
                  - name: FDB_TLS_CERTIFICATE_FILE
                    value: /tmp/fdb-certs/tls.crt
                  - name: FDB_TLS_CA_FILE
                    value: /tmp/fdb-certs/tls.crt
                  - name: FDB_TLS_KEY_FILE
                    value: /tmp/fdb-certs/tls.key
                volumeMounts:
                  - name: fdb-certs
                    mountPath: /tmp/fdb-certs
                securityContext:
                  runAsUser: 0
              - name: foundationdb-kubernetes-sidecar
                env:
                  - name: FDB_TLS_CERTIFICATE_FILE
                    value: /tmp/fdb-certs/tls.crt
                  - name: FDB_TLS_CA_FILE
                    value: /tmp/fdb-certs/tls.crt
                  - name: FDB_TLS_KEY_FILE
                    value: /tmp/fdb-certs/tls.key
                resources:
                  requests:
                    cpu: 250m
                    memory: 128Mi
                  limits:
                    cpu: 250m
                    memory: 128Mi
                volumeMounts:
                  - name: fdb-certs
                    mountPath: /tmp/fdb-certs
                securityContext:
                  runAsUser: 0
          initContainers:
            - name: foundationdb-kubernetes-init
              resources:
                requests:
                  cpu: 100m
                  memory: 128Mi
                limits:
                  cpu: 100m
                  memory: 128Mi
              securityContext:
                runAsUser: 0
  mainContainer:
    enableTls: true
  sidecarContainer:
    enableTls: true