apiVersion: apps/v1 kind: Deployment metadata: name: hive-metastore namespace: stonks-oracle labels: app: hive-metastore app.kubernetes.io/part-of: stonks-oracle stonks-oracle/tier: analytics spec: replicas: 1 selector: matchLabels: app: hive-metastore template: metadata: labels: app: hive-metastore stonks-oracle/tier: analytics spec: automountServiceAccountToken: false securityContext: runAsNonRoot: true runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 seccompProfile: type: RuntimeDefault initContainers: - name: hive-config-init image: busybox:1.36 securityContext: allowPrivilegeEscalation: false capabilities: drop: ["ALL"] command: ["sh", "-c"] args: - | cat > /hive-config/core-site.xml < fs.s3a.endpoint http://minio.minio-service.svc.cluster.local:80 fs.s3a.access.key ${MINIO_ACCESS_KEY} fs.s3a.secret.key ${MINIO_SECRET_KEY} fs.s3a.path.style.access true fs.s3a.impl org.apache.hadoop.fs.s3a.S3AFileSystem fs.s3a.connection.ssl.enabled false EOF cat > /hive-config/metastore-site.xml < metastore.thrift.uris thrift://0.0.0.0:9083 metastore.task.threads.always org.apache.hadoop.hive.metastore.events.EventCleanerTask metastore.expression.proxy org.apache.hadoop.hive.metastore.DefaultPartitionExpressionProxy javax.jdo.option.ConnectionDriverName org.apache.derby.jdbc.EmbeddedDriver javax.jdo.option.ConnectionURL jdbc:derby:/opt/hive/data/metastore_db;create=true metastore.warehouse.dir s3a://stonks-lakehouse/warehouse EOF env: - name: MINIO_ACCESS_KEY valueFrom: secretKeyRef: name: stonks-core-secrets key: MINIO_ACCESS_KEY - name: MINIO_SECRET_KEY valueFrom: secretKeyRef: name: stonks-core-secrets key: MINIO_SECRET_KEY volumeMounts: - name: hive-config mountPath: /hive-config containers: - name: hive-metastore image: apache/hive:4.0.0 ports: - containerPort: 9083 securityContext: allowPrivilegeEscalation: false capabilities: drop: ["ALL"] env: - name: SERVICE_NAME value: metastore - name: DB_DRIVER value: derby volumeMounts: - name: hive-data mountPath: /opt/hive/data - name: hive-config mountPath: /opt/hive/conf/core-site.xml subPath: core-site.xml - name: hive-config mountPath: /opt/hive/conf/metastore-site.xml subPath: metastore-site.xml resources: requests: cpu: 200m memory: 512Mi limits: cpu: "1" memory: 1Gi volumes: - name: hive-data persistentVolumeClaim: claimName: hive-metastore-data - name: hive-config emptyDir: {} --- apiVersion: v1 kind: Service metadata: name: hive-metastore namespace: stonks-oracle spec: selector: app: hive-metastore ports: - port: 9083 targetPort: 9083 --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: hive-metastore-data namespace: stonks-oracle spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi