--- apiVersion: v1 kind: Secret metadata: name: mysql-secret type: Opaque data: # root DB password from secret wordpress-db-pxc-db-secrets MYSQL_ROOT_PASSWORD: SDc4XjFRMW1zUWgraD1XWiVZXw== --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: wordpress-pvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: "sc-name" --- apiVersion: apps/v1 kind: Deployment metadata: name: wordpress spec: replicas: 1 selector: matchLabels: app: wordpress template: metadata: labels: app: wordpress spec: containers: - name: wordpress image: wordpress:5.8.3-php7.4-apache resources: limits: memory: 1Gi requests: cpu: 500m memory: 1Gi ports: - containerPort: 80 name: wordpress volumeMounts: - name: wordpress-data mountPath: /var/www/html env: - name: WORDPRESS_DB_HOST # FQDN is service-name.service-namespace.svc.cluster.local value: wordpress-mysql-haproxy.mysql-operator.svc.cluster.local - name: WORDPRESS_DB_PASSWORD valueFrom: secretKeyRef: name: mysql-secret key: MYSQL_ROOT_PASSWORD - name: WORDPRESS_DB_USER value: root - name: WORDPRESS_DB_NAME value: mysql volumes: - name: wordpress-data persistentVolumeClaim: claimName: wordpress-pvc --- kind: Service apiVersion: v1 metadata: name: wordpress-service spec: selector: app: wordpress ports: - name: http protocol: TCP port: 80 targetPort: 80 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: wordpress-ingress namespace: wordpress annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" cert-manager.io/cluster-issuer: letsencrypt-prod spec: rules: - host: example.com.ua http: paths: - path: / pathType: Prefix backend: service: name: wordpress-service port: number: 80 tls: - secretName: web-app-cert hosts: - example.com.ua