diff options
Diffstat (limited to 'kubernetes/common/postgres/templates')
4 files changed, 138 insertions, 262 deletions
diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl new file mode 100644 index 0000000000..3777c1b2e4 --- /dev/null +++ b/kubernetes/common/postgres/templates/_deployment.tpl @@ -0,0 +1,135 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2020 Samsung Electronics +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +{{- define "common.postgres.deployment" -}} + {{- $dot := .dot }} + {{- $pgMode := .pgMode }} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" $dot }}-{{ $pgMode }} + namespace: {{ include "common.namespace" $dot }} + labels: + app: {{ include "common.name" $dot }}-{{ $pgMode }} + chart: {{ $dot.Chart.Name }}-{{ $dot.Chart.Version | replace "+" "_" }} + release: {{ include "common.release" $dot }} + heritage: {{ $dot.Release.Service }} + name: "{{ index $dot.Values "container" "name" $pgMode }}" +spec: + serviceName: {{ $dot.Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" $dot }}-{{ $pgMode }} + release: {{ include "common.release" $dot }} + name: "{{ index $dot.Values "container" "name" $pgMode }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ $dot.Values.global.busyboxRepository | default $dot.Values.busyboxRepository }}/{{ $dot.Values.busyboxImage }} + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" $dot }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" $dot }} + image: "{{ $dot.Values.postgresRepository }}/{{ $dot.Values.image }}" + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} + ports: + - containerPort: {{ $dot.Values.service.internalPort }} + name: {{ $dot.Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq $dot.Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ $dot.Values.service.internalPort }} + initialDelaySeconds: {{ $dot.Values.liveness.initialDelaySeconds }} + periodSeconds: {{ $dot.Values.liveness.periodSeconds }} + timeoutSeconds: {{ $dot.Values.liveness.timeoutSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ $dot.Values.service.internalPort }} + initialDelaySeconds: {{ $dot.Values.readiness.initialDelaySeconds }} + periodSeconds: {{ $dot.Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: {{ $pgMode }} + - name: PG_PRIMARY_HOST + value: "{{ $dot.Values.container.name.primary }}" + - name: PG_REPLICA_HOST + value: "{{ $dot.Values.container.name.replica }}" + - name: PG_PRIMARY_PORT + value: "{{ $dot.Values.service.internalPort }}" + - name: PG_PRIMARY_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }} + - name: PG_USER + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }} + - name: PG_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }} + - name: PG_DATABASE + value: "{{ $dot.Values.config.pgDatabase }}" + - name: PG_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }} + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" $dot }}-data + - mountPath: /backup + name: {{ include "common.fullname" $dot }}-backup + readOnly: true + resources: +{{ include "common.resources" $dot | indent 12 }} + {{- if $dot.Values.nodeSelector }} + nodeSelector: +{{ toYaml $dot.Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if $dot.Values.affinity }} + affinity: +{{ toYaml $dot.Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" $dot }}-backup + emptyDir: {} + - name: {{ include "common.fullname" $dot }}-data +{{- if $dot.Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" $dot }}-{{ $pgMode }} +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" $dot }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/common/postgres/templates/deployment-primary.yaml b/kubernetes/common/postgres/templates/deployment-primary.yaml index b234dc2092..c8a000142e 100644 --- a/kubernetes/common/postgres/templates/deployment-primary.yaml +++ b/kubernetes/common/postgres/templates/deployment-primary.yaml @@ -13,126 +13,4 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} -apiVersion: apps/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }}-primary - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-primary - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: "{{ .Values.container.name.primary }}" -spec: - serviceName: {{ .Values.service.name }} - replicas: 1 - template: - metadata: - labels: - app: {{ include "common.name" . }}-primary - release: {{ include "common.release" . }} - name: "{{ .Values.container.name.primary }}" - spec: - initContainers: - - name: init-sysctl - command: - - /bin/sh - - -c - - | - chown 26:26 /podroot/; - chmod 700 /podroot/; - image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /podroot/ - containers: - - name: {{ include "common.name" . }} - image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{- end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: PGHOST - value: /tmp - - name: PG_PRIMARY_USER - value: primaryuser - - name: PG_MODE - value: primary - - name: PG_PRIMARY_HOST - value: "{{ .Values.container.name.primary }}" - - name: PG_REPLICA_HOST - value: "{{ .Values.container.name.replica }}" - - name: PG_PRIMARY_PORT - value: "{{ .Values.service.internalPort }}" - - name: PG_PRIMARY_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-primary-password - - name: PG_USER - value: "{{ .Values.config.pgUserName }}" - - name: PG_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-user-password - - name: PG_DATABASE - value: "{{ .Values.config.pgDatabase }}" - - name: PG_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-root-password - volumeMounts: - - name: pool-hba-conf - mountPath: /pgconf/pool_hba.conf - subPath: pool_hba.conf - - mountPath: /pgdata - name: {{ include "common.fullname" . }}-data - - mountPath: /backup - name: {{ include "common.fullname" . }}-backup - readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-backup - emptyDir: {} - - name: {{ include "common.fullname" . }}-data -{{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-primary -{{- else }} - emptyDir: {} -{{ end }} - - name: pool-hba-conf - configMap: - name: {{ include "common.fullname" . }} +{{ include "common.postgres.deployment" (dict "dot" . "pgMode" "primary") }} diff --git a/kubernetes/common/postgres/templates/deployment-replica.yaml b/kubernetes/common/postgres/templates/deployment-replica.yaml index 72a8736e17..dc19c2d985 100644 --- a/kubernetes/common/postgres/templates/deployment-replica.yaml +++ b/kubernetes/common/postgres/templates/deployment-replica.yaml @@ -13,126 +13,4 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} -apiVersion: apps/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }}-replica - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-replica - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: "{{ .Values.container.name.replica }}" -spec: - serviceName: {{ .Values.service.name }} - replicas: 1 - template: - metadata: - labels: - app: {{ include "common.name" . }}-replica - release: {{ include "common.release" . }} - name: "{{ .Values.container.name.replica }}" - spec: - initContainers: - - name: init-sysctl - command: - - /bin/sh - - -c - - | - chown 26:26 /podroot/; - chmod 700 /podroot/; - image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /podroot/ - containers: - - name: {{ include "common.name" . }} - image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: PGHOST - value: /tmp - - name: PG_PRIMARY_USER - value: primaryuser - - name: PG_MODE - value: replica - - name: PG_PRIMARY_HOST - value: "{{.Values.container.name.primary}}" - - name: PG_REPLICA_HOST - value: "{{.Values.container.name.replica}}" - - name: PG_PRIMARY_PORT - value: "{{.Values.service.internalPort}}" - - name: PG_PRIMARY_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-primary-password - - name: PG_USER - value: "{{.Values.config.pgUserName}}" - - name: PG_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-user-password - - name: PG_DATABASE - value: "{{.Values.config.pgDatabase}}" - - name: PG_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-root-password - volumeMounts: - - name: pool-hba-conf - mountPath: /pgconf/pool_hba.conf - subPath: pool_hba.conf - - mountPath: /pgdata - name: {{ include "common.fullname" . }}-data - - mountPath: /backup - name: {{ include "common.fullname" . }}-backup - readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-backup - emptyDir: {} - - name: {{ include "common.fullname" . }}-data -{{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-replica -{{- else }} - emptyDir: {} -{{ end }} - - name: pool-hba-conf - configMap: - name: {{ include "common.fullname" . }} +{{ include "common.postgres.deployment" (dict "dot" . "pgMode" "replica") }} diff --git a/kubernetes/common/postgres/templates/secrets.yaml b/kubernetes/common/postgres/templates/secrets.yaml index db1bc5bb15..4c68015528 100644 --- a/kubernetes/common/postgres/templates/secrets.yaml +++ b/kubernetes/common/postgres/templates/secrets.yaml @@ -13,19 +13,4 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: - pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }} - pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }} - pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }} - +{{ include "common.secret" . }} |