apiVersion: apps/v1 kind: StatefulSet metadata: name: samba-dc namespace: samba-api labels: app: samba-dc spec: serviceName: samba-dc replicas: 1 selector: matchLabels: app: samba-dc template: metadata: labels: app: samba-dc spec: containers: - name: samba-dc image: nowsci/samba-domain:4.16.0 env: - name: DOMAIN value: "example.com" - name: DOMAINPASS valueFrom: secretKeyRef: name: samba-api-secrets key: SAMBA_ADMIN_PASSWORD - name: DNSFORWARDER value: "8.8.8.8" - name: HOSTIP valueFrom: fieldRef: fieldPath: status.podIP ports: - containerPort: 53 name: dns protocol: UDP - containerPort: 53 name: dns-tcp protocol: TCP - containerPort: 88 name: kerberos protocol: TCP - containerPort: 88 name: kerberos-udp protocol: UDP - containerPort: 135 name: rpc - containerPort: 139 name: netbios - containerPort: 389 name: ldap - containerPort: 445 name: smb - containerPort: 464 name: kpasswd - containerPort: 636 name: ldaps - containerPort: 3268 name: gc - containerPort: 3269 name: gc-ssl volumeMounts: - name: samba-data mountPath: /var/lib/samba - name: samba-config mountPath: /etc/samba securityContext: privileged: true capabilities: add: - NET_ADMIN resources: requests: memory: "512Mi" cpu: "500m" limits: memory: "1Gi" cpu: "1000m" volumeClaimTemplates: - metadata: name: samba-data spec: accessModes: ["ReadWriteOnce"] storageClassName: "standard" resources: requests: storage: 10Gi - metadata: name: samba-config spec: accessModes: ["ReadWriteOnce"] storageClassName: "standard" resources: requests: storage: 1Gi --- apiVersion: v1 kind: Service metadata: name: samba-dc namespace: samba-api labels: app: samba-dc spec: type: ClusterIP clusterIP: None ports: - port: 53 name: dns protocol: UDP - port: 53 name: dns-tcp protocol: TCP - port: 88 name: kerberos protocol: TCP - port: 88 name: kerberos-udp protocol: UDP - port: 135 name: rpc - port: 139 name: netbios - port: 389 name: ldap - port: 445 name: smb - port: 464 name: kpasswd - port: 636 name: ldaps - port: 3268 name: gc - port: 3269 name: gc-ssl selector: app: samba-dc