# ocis-pod.yaml --- apiVersion: v1 kind: Pod metadata: name: ocis spec: containers: # ── PostgreSQL 数据库 ── - name: ocis-db image: docker.io/postgres:17-alpine envFrom: - configMapRef: name: ocis-config - secretRef: name: ocis-secret ports: - containerPort: 5432 hostPort: 5432 securityContext: readOnlyRootFilesystem: false volumeMounts: - name: ocis-db-data mountPath: /var/lib/postgresql/data resources: limits: memory: 512M requests: memory: 128M # ── Redis 缓存 ── - name: ocis-redis image: docker.io/redis:latest command: - redis-server - --requirepass - $(OCIS_CACHE_PASSWORD) ports: - containerPort: 6379 hostPort: 6379 envFrom: - secretRef: name: ocis-secret securityContext: readOnlyRootFilesystem: false resources: limits: memory: 128M requests: memory: 32M # ── oCIS 主服务 ── - name: ocis image: docker.io/owncloud/ocis:latest envFrom: - configMapRef: name: ocis-config - secretRef: name: ocis-secret ports: - containerPort: 9200 hostPort: 9200 securityContext: readOnlyRootFilesystem: false volumeMounts: - name: ocis-config mountPath: /etc/ocis - name: ocis-data mountPath: /var/lib/ocis dependsOn: - ocis-db - ocis-redis resources: limits: memory: 1G requests: memory: 256M # ── 持久卷 ── volumes: - name: ocis-db-data persistentVolumeClaim: claimName: ocis-db-data - name: ocis-config persistentVolumeClaim: claimName: ocis-config - name: ocis-data persistentVolumeClaim: claimName: ocis-data --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: ocis-db-data spec: resources: requests: storage: 10Gi accessModes: - ReadWriteOnce --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: ocis-config spec: resources: requests: storage: 1Gi accessModes: - ReadWriteOnce --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: ocis-data spec: resources: requests: storage: 50Gi accessModes: - ReadWriteOnce