StatefulSet

Jan 1, 0001

Definition

A StatefulSet is a Kubernetes resource used to manage stateful applications. Unlike a Deployment, a StatefulSet maintains a unique identity for each of its Pods, ensuring that they are created in a specific order and have stable network identities. This is particularly useful for applications that require persistent storage and stable network identifiers, such as databases or distributed systems.

Secure Settings Example

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: secure-statefulset
spec:
  serviceName: "secure-service"
  replicas: 3
  selector:
    matchLabels:
      app: secure-app
  template:
    metadata:
      labels:
        app: secure-app
    spec:
      securityContext:
        runAsNonRoot: true
        fsGroup: 1000
      containers:
      - name: secure-container
        image: secure-image:latest
        ports:
        - containerPort: 80
        volumeMounts:
        - name: secure-storage
          mountPath: /data
  volumeClaimTemplates:
  - metadata:
      name: secure-storage
    spec:
      accessModes: ["ReadWriteOnce"]
      resources:
        requests:
          storage: 1Gi

Insecure Settings Example

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: insecure-statefulset
spec:
  serviceName: "insecure-service"
  replicas: 3
  selector:
    matchLabels:
      app: insecure-app
  template:
    metadata:
      labels:
        app: insecure-app
    spec:
      containers:
      - name: insecure-container
        image: insecure-image:latest
        ports:
        - containerPort: 80
        volumeMounts:
        - name: insecure-storage
          mountPath: /data
  volumeClaimTemplates:
  - metadata:
      name: insecure-storage
    spec:
      accessModes: ["ReadWriteMany"]
      resources:
        requests:
          storage: 1Gi

StatefulSet

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter