aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenu Kumari <renu.kumari@bell.ca>2021-10-08 13:03:10 -0400
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-10-10 08:16:15 +0000
commitbc6eede10e56306f9108ad3b9ba9771743020727 (patch)
treed0b797843883f7a8bc0903e9893c273c6cdea54d
parentf09d817b0f58f89e9db06875e78404e7d978504e (diff)
[COMMON] Add limits to timescale db
- Added resources limit similar to postgres in the timescaledb - Using common.podSecurityContext - removed init-container and it is handled by kubernetes if fsGroup is provided Issue-ID: CPS-667 Signed-off-by: Renu Kumari <renu.kumari@bell.ca> Change-Id: I944cc93526d0d89f32840450121c1ff608fdd4c5
-rw-r--r--kubernetes/common/timescaledb/templates/statefulset.yaml17
-rw-r--r--kubernetes/common/timescaledb/values.yaml45
2 files changed, 31 insertions, 31 deletions
diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml
index 435c925eb2..0bd7d30478 100644
--- a/kubernetes/common/timescaledb/templates/statefulset.yaml
+++ b/kubernetes/common/timescaledb/templates/statefulset.yaml
@@ -29,25 +29,10 @@ spec:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }}
- securityContext:
- {{- toYaml .Values.podSecurityContext | nindent 8 }}
- initContainers:
- - name: chowm-mount-path
- command:
- - /bin/sh
- args:
- - -c
- - chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }} /var/lib/postgresql/data
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /var/lib/postgresql/data
- name: {{ include "common.fullname" . }}
+ {{ include "common.podSecurityContext" . | indent 10 | trim}}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
- securityContext:
- {{- toYaml .Values.securityContext | nindent 12 }}
imagePullPolicy: {{ .Values.pullPolicy }}
ports: {{ include "common.containerPorts" . | nindent 12 }}
livenessProbe:
diff --git a/kubernetes/common/timescaledb/values.yaml b/kubernetes/common/timescaledb/values.yaml
index 55acd92847..258f516ff0 100644
--- a/kubernetes/common/timescaledb/values.yaml
+++ b/kubernetes/common/timescaledb/values.yaml
@@ -37,30 +37,45 @@ serviceAccount:
roles:
- read
-podSecurityContext: {}
- # fsGroup: 2000
-
securityContext:
# Uid and gid to run the entrypoint of the container process (uid 70 is postgres user and gid 70 is postgres group)
- runAsUser: 70
- runAsGroup: 70
+ user_id: 70
+ group_id: 70
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
+flavor: small
+
+#resources: {}
+# We usually recommend not to specify default resources and to leave this as a conscious
+# choice for the user. This also increases chances charts run on environments with little
+# resources, such as Minikube. If you do want to specify resources, uncomment the following
+# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+#
+# Example:
+# Configure resource requests and limits
+# ref: http://kubernetes.io/docs/user-guide/compute-resources/
+# Minimum memory for development is 2 CPU cores and 4GB memory
+# Minimum memory for production is 4 CPU cores and 8GB memory
resources:
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- limits:
- cpu: 0.5
- memory: 256Mi
- requests:
- cpu: 20m
- memory: 256Mi
+ small:
+ limits:
+ cpu: 100m
+ memory: 300Mi
+ requests:
+ cpu: 10m
+ memory: 90Mi
+ large:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 2Gi
+ unlimited: {}
nodeSelector: {}