summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common')
-rw-r--r--kubernetes/common/cassandra/templates/backup/cronjob.yaml10
-rw-r--r--kubernetes/common/cassandra/templates/pv.yaml33
-rw-r--r--kubernetes/common/cassandra/templates/service.yaml36
-rw-r--r--kubernetes/common/cassandra/templates/statefulset.yaml27
-rw-r--r--kubernetes/common/cassandra/values.yaml21
-rw-r--r--kubernetes/common/common/templates/_labels.tpl62
-rw-r--r--kubernetes/common/common/templates/_name.tpl4
-rw-r--r--kubernetes/common/common/templates/_pod.tpl38
-rw-r--r--kubernetes/common/common/templates/_postgres.tpl65
-rw-r--r--kubernetes/common/common/templates/_service.tpl107
-rw-r--r--kubernetes/common/common/templates/_storage.tpl (renamed from kubernetes/common/common/templates/_storageClass.tpl)33
-rw-r--r--kubernetes/common/common/templates/_tplValue.tpl (renamed from kubernetes/common/postgres/charts/pgpool/requirements.yaml)20
-rw-r--r--kubernetes/common/postgres/charts/pgpool/Chart.yaml18
-rw-r--r--kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf677
-rw-r--r--kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf68
-rwxr-xr-xkubernetes/common/postgres/charts/pgpool/templates/configmap.yaml26
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml100
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml28
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/service.yaml26
-rw-r--r--kubernetes/common/postgres/charts/pgpool/values.yaml45
-rw-r--r--kubernetes/common/postgres/templates/_deployment.tpl135
-rw-r--r--kubernetes/common/postgres/templates/deployment-primary.yaml124
-rw-r--r--kubernetes/common/postgres/templates/deployment-replica.yaml124
-rw-r--r--kubernetes/common/postgres/templates/secrets.yaml17
-rw-r--r--kubernetes/common/postgres/values.yaml34
25 files changed, 500 insertions, 1378 deletions
diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml
index 2edc8071f9..e4f2aabfa0 100644
--- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml
+++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml
@@ -19,11 +19,7 @@ kind: CronJob
metadata:
name: {{ include "common.fullname" . }}-backup
namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+ labels: {{- include "common.labels" . | nindent 4 }}
spec:
schedule: {{ .Values.backup.cron | quote }}
concurrencyPolicy: Forbid
@@ -31,6 +27,10 @@ spec:
jobTemplate:
spec:
template:
+ metadata:
+ labels: {{- include "common.labels" . | nindent 12 }}
+ annotations: {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" .) | nindent 12 }}
+ name: {{ include "common.name" . }}
spec:
restartPolicy: Never
initContainers:
diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml
index fd0a758e63..76a224ab5f 100644
--- a/kubernetes/common/cassandra/templates/pv.yaml
+++ b/kubernetes/common/cassandra/templates/pv.yaml
@@ -12,35 +12,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- $global := . }}
-{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
-{{- if eq "True" (include "common.needPV" .) -}}
-{{- range $i := until (int $global.Values.replicaCount)}}
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }}
- namespace: {{ $global.Release.Namespace }}
- labels:
- type: {{ $global.Values.persistence.storageType }}
- app: {{ $global.Values.service.name }}
- chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" $global }}
- heritage: {{ $global.Release.Service }}
-spec:
- capacity:
- storage: {{ $global.Values.persistence.size }}
- accessModes:
- {{- if $global.Values.backup.enabled }}
- - ReadWriteMany
- {{- else }}
- - ReadWriteOnce
- {{- end }}
- persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" $global }}-data"
- hostPath:
- path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
+{{ include "common.replicaPV" . }}
diff --git a/kubernetes/common/cassandra/templates/service.yaml b/kubernetes/common/cassandra/templates/service.yaml
index 6cbddbea40..0b91076f82 100644
--- a/kubernetes/common/cassandra/templates/service.yaml
+++ b/kubernetes/common/cassandra/templates/service.yaml
@@ -12,38 +12,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
- service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
-spec:
- type: {{ .Values.service.type }}
- publishNotReadyAddresses: true
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- {{- $global := . }}
- {{- range $index, $ports := .Values.service.ports }}
- - port: {{ $ports.port }}
- targetPort: {{ $ports.port }}
- nodePort: {{ $global.Values.global.nodePortPrefix | default $global.Values.nodePortPrefix }}{{ $ports.nodePort }}
- name: {{ $ports.name }}
- {{- end }}
-{{- else -}}
- {{- range $index, $ports := .Values.service.ports }}
- - port: {{ $ports.port }}
- targetPort: {{ $ports.port }}
- name: {{ $ports.name }}
- {{- end }}
-{{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- clusterIP: None
+{{ include "common.headlessService" . }}
diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml
index b737a8f960..16aa27f68a 100644
--- a/kubernetes/common/cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/cassandra/templates/statefulset.yaml
@@ -12,42 +12,25 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: apps/v1beta1
+apiVersion: apps/v1
kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
serviceName: {{ include "common.servicename" . }}
replicas: {{ .Values.replicaCount }}
podManagementPolicy: {{ .Values.podManagementPolicy }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- name: {{ include "common.name" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
hostNetwork: {{ .Values.hostNetwork }}
containers:
- name: {{ include "common.name" . }}
image: {{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- {{- range $index, $ports := .Values.service.ports }}
- - containerPort: {{ $ports.port }}
- {{- end }}
+ ports: {{ include "common.containerPorts" . | nindent 8 }}
volumeMounts:
- name: {{ include "common.fullname" . }}-data
mountPath: /var/lib/cassandra
diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml
index c3af7e59b2..dfa0a3e250 100644
--- a/kubernetes/common/cassandra/values.yaml
+++ b/kubernetes/common/cassandra/values.yaml
@@ -75,22 +75,27 @@ readiness:
failureThreshold: 3
service:
- type: ClusterIP
name: cassandra
- ports:
- - name: intra
+ headless:
+ suffix: ""
+ annotations:
+ service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
+ publishNotReadyAddresses: true
+ headlessPorts:
+ - name: tcp-intra
port: 7000
- name: tls
port: 7001
- - name: jmx
+ - name: tcp-jmx
port: 7199
- - name: cql
+ - name: tcp-cql
port: 9042
- - name: thrift
+ - name: tcp-thrift
port: 9160
- - name: agent
+ - name: tcp-agent
port: 61621
+podAnnotations: {}
podManagementPolicy: OrderedReady
updateStrategy:
type: RollingUpdate
@@ -116,7 +121,7 @@ persistence:
##
## storageClass: "-"
## Not set as it depends of the backup enabledment or not.
- #accessMode: ReadWriteOnce
+ accessMode: ReadWriteOnce
size: 2Gi
mountPath: /dockerdata-nfs
mountSubPath: cassandra
diff --git a/kubernetes/common/common/templates/_labels.tpl b/kubernetes/common/common/templates/_labels.tpl
new file mode 100644
index 0000000000..95d51e17b7
--- /dev/null
+++ b/kubernetes/common/common/templates/_labels.tpl
@@ -0,0 +1,62 @@
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+
+
+{{/*
+Common labels
+*/}}
+{{- define "common.labels" -}}
+app.kubernetes.io/name: {{ include "common.name" . }}
+helm.sh/chart: {{ include "common.chart" . }}
+app.kubernetes.io/instance: {{ include "common.release" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
+*/}}
+{{- define "common.matchLabels" -}}
+app.kubernetes.io/name: {{ include "common.name" . }}
+app.kubernetes.io/instance: {{ include "common.release" . }}
+{{- end -}}
+
+{{/*
+ Generate "top" metadata for Deployment / StatefulSet / ...
+*/}}
+{{- define "common.resourceMetadata" -}}
+name: {{ include "common.fullname" . }}
+namespace: {{ include "common.namespace" . }}
+labels: {{- include "common.labels" . | nindent 2 }}
+{{- end -}}
+
+{{/*
+ Generate selectors for Deployment / StatefulSet / ...
+*/}}
+{{- define "common.selectors" -}}
+matchLabels: {{- include "common.matchLabels" . | nindent 2 }}
+{{- end -}}
+
+{{/*
+ Generate "template" metadata for Deployment / StatefulSet / ...
+*/}}
+{{- define "common.templateMetadata" -}}
+{{- if .Values.podAnnotations }}
+annotations: {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" $) | nindent 2 }}
+{{- end }}
+labels: {{- include "common.labels" . | nindent 2 }}
+name: {{ include "common.name" . }}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_name.tpl b/kubernetes/common/common/templates/_name.tpl
index 7719cdbb9f..943078ff2f 100644
--- a/kubernetes/common/common/templates/_name.tpl
+++ b/kubernetes/common/common/templates/_name.tpl
@@ -49,3 +49,7 @@
{{- define "common.release" -}}
{{- first (regexSplit "-" .Release.Name -1) }}
{{- end -}}
+
+{{- define "common.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_pod.tpl b/kubernetes/common/common/templates/_pod.tpl
new file mode 100644
index 0000000000..9329572a92
--- /dev/null
+++ b/kubernetes/common/common/templates/_pod.tpl
@@ -0,0 +1,38 @@
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Generate the container port list.
+ Will use first ".Values.service.ports" list.
+ Will append ports from ".Values.service.headlessPorts" only if port number is
+ not already in port list.
+*/}}
+{{- define "common.containerPorts" -}}
+{{- $ports := default (list) .Values.service.ports }}
+{{- $portsNumber := list }}
+{{- range $index, $port := $ports }}
+{{- $portsNumber = append $portsNumber $port.port }}
+{{- end }}
+{{- range $index, $port := .Values.service.headlessPorts }}
+{{- if not (has $port.port $portsNumber) }}
+{{- $ports = append $ports $port }}
+{{- end }}
+{{- end }}
+{{- range $index, $port := $ports }}
+- containerPort: {{ $port.port }}
+ name: {{ $port.name }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_postgres.tpl b/kubernetes/common/common/templates/_postgres.tpl
new file mode 100644
index 0000000000..45d903e574
--- /dev/null
+++ b/kubernetes/common/common/templates/_postgres.tpl
@@ -0,0 +1,65 @@
+{{/*
+# Copyright © 2019 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{/*
+ UID of postgres root password
+*/}}
+{{- define "common.postgres.secret.rootPassUID" -}}
+ {{- printf "db-root-password" }}
+{{- end -}}
+
+{{/*
+ Name of postgres secret
+*/}}
+{{- define "common.postgres.secret._secretName" -}}
+ {{- $global := .dot }}
+ {{- $chartName := tpl .chartName $global -}}
+ {{- include "common.secret.genName" (dict "global" $global "uid" (include .uidTemplate $global) "chartName" $chartName) }}
+{{- end -}}
+
+{{/*
+ Name of postgres root password secret
+*/}}
+{{- define "common.postgres.secret.rootPassSecretName" -}}
+ {{- include "common.postgres.secret._secretName" (set . "uidTemplate" "common.postgres.secret.rootPassUID") }}
+{{- end -}}
+
+{{/*
+ UID of postgres user credentials
+*/}}
+{{- define "common.postgres.secret.userCredentialsUID" -}}
+ {{- printf "db-user-credentials" }}
+{{- end -}}
+
+{{/*
+ Name of postgres user credentials secret
+*/}}
+{{- define "common.postgres.secret.userCredentialsSecretName" -}}
+ {{- include "common.postgres.secret._secretName" (set . "uidTemplate" "common.postgres.secret.userCredentialsUID") }}
+{{- end -}}
+
+{{/*
+ UID of postgres primary password
+*/}}
+{{- define "common.postgres.secret.primaryPasswordUID" -}}
+ {{- printf "primary-password" }}
+{{- end -}}
+
+{{/*
+ Name of postgres user credentials secret
+*/}}
+{{- define "common.postgres.secret.primaryPasswordSecretName" -}}
+ {{- include "common.postgres.secret._secretName" (set . "uidTemplate" "common.postgres.secret.primaryPasswordUID") }}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl
index 77b77d059a..075f7965b9 100644
--- a/kubernetes/common/common/templates/_service.tpl
+++ b/kubernetes/common/common/templates/_service.tpl
@@ -20,7 +20,7 @@
The default will be the chart name (or .Values.nameOverride if set).
And the use of .Values.service.name overrides all.
- - .Values.service.name : override default service (ie. chart) name
+ - .Values.service.name: override default service (ie. chart) name
*/}}
{{/*
Expand the service name for a chart.
@@ -28,4 +28,107 @@
{{- define "common.servicename" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- default $name .Values.service.name | trunc 63 | trimSuffix "-" -}}
-{{- end -}} \ No newline at end of file
+{{- end -}}
+
+{{/* Define the metadata of Service
+ The function takes from one to three arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .suffix : a string which will be added at the end of the name (with a '-').
+ - .annotations: the annotations to add
+ Usage example:
+ {{ include "common.serviceMetadata" ( dict "suffix" "myService" "dot" .) }}
+ {{ include "common.serviceMetadata" ( dict "annotations" .Values.service.annotation "dot" .) }}
+*/}}
+{{- define "common.serviceMetadata" -}}
+ {{- $dot := default . .dot -}}
+ {{- $suffix := default "" .suffix -}}
+ {{- $annotations := default "" .annotations -}}
+{{- if $annotations -}}
+annotations: {{- include "common.tplValue" (dict "value" $annotations "context" $dot) | nindent 2 }}
+{{- end }}
+name: {{ include "common.servicename" $dot }}{{ if $suffix }}{{ print "-" $suffix }}{{ end }}
+namespace: {{ include "common.namespace" $dot }}
+labels: {{- include "common.labels" $dot | nindent 2 -}}
+{{- end -}}
+
+{{/* Define the ports of Service
+ The function takes three arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .ports : an array of ports
+ - .portType: the type of the service
+*/}}
+{{- define "common.servicePorts" -}}
+{{- $portType := .portType -}}
+{{- $dot := .dot -}}
+{{- range $index, $port := .ports }}
+- port: {{ $port.port }}
+ targetPort: {{ $port.name }}
+ {{- if (eq $portType "NodePort") }}
+ nodePort: {{ $dot.Values.global.nodePortPrefix | default $dot.Values.nodePortPrefix }}{{ $port.nodePort }}
+ {{- end }}
+ name: {{ $port.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create generic service template
+ The function takes several arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .ports : an array of ports
+ - .portType: the type of the service
+ - .suffix : a string which will be added at the end of the name (with a '-')
+ - .annotations: the annotations to add
+ - .publishNotReadyAddresses: if we publish not ready address
+ - .headless: if the service is headless
+*/}}
+{{- define "common.genericService" -}}
+{{- $dot := default . .dot -}}
+{{- $suffix := default "" .suffix -}}
+{{- $annotations := default "" .annotations -}}
+{{- $publishNotReadyAddresses := default false .publishNotReadyAddresses -}}
+{{- $portType := .portType -}}
+{{- $ports := .ports -}}
+{{- $headless := default false .headless -}}
+apiVersion: v1
+kind: Service
+metadata: {{ include "common.serviceMetadata" (dict "suffix" $suffix "annotations" $annotations "dot" $dot ) | nindent 2 }}
+spec:
+ {{- if $headless }}
+ clusterIP: None
+ {{- end }}
+ ports: {{- include "common.servicePorts" (dict "portType" $portType "ports" $ports "dot" $dot) | nindent 4 }}
+ {{- if $publishNotReadyAddresses }}
+ publishNotReadyAddresses: true
+ {{- end }}
+ type: {{ $portType }}
+ selector: {{- include "common.matchLabels" $dot | nindent 4 }}
+{{- end -}}
+
+{{/* Create service template */}}
+{{- define "common.service" -}}
+{{- $suffix := default "" .Values.service.suffix -}}
+{{- $annotations := default "" .Values.service.annotations -}}
+{{- $publishNotReadyAddresses := default false .Values.service.publishNotReadyAddresses -}}
+{{- $portType := .Values.service.type -}}
+{{- $ports := .Values.service.ports -}}
+{{ include "common.genericService" (dict "suffix" $suffix "annotations" $annotations "dot" . "publishNotReadyAddresses" $publishNotReadyAddresses "ports" $ports "portType" $portType) }}
+{{- end -}}
+
+{{/* Create headless service template */}}
+{{- define "common.headlessService" -}}
+{{- $suffix := include "common._makeHeadlessSuffix" . -}}
+{{- $annotations := default "" .Values.service.headless.annotations -}}
+{{- $publishNotReadyAddresses := default false .Values.service.headless.publishNotReadyAddresses -}}
+{{- $ports := .Values.service.headlessPorts -}}
+{{ include "common.genericService" (dict "suffix" $suffix "annotations" $annotations "dot" . "publishNotReadyAddresses" $publishNotReadyAddresses "ports" $ports "portType" "ClusterIP" "headless" true ) }}
+{{- end -}}
+
+{{/*
+ Generate the right suffix for headless service
+*/}}
+{{- define "common._makeHeadlessSuffix" -}}
+{{- if hasKey .Values.service.headless "suffix" }}
+{{- .Values.service.headless.suffix }}
+{{- else }}
+{{- print "headless" }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_storageClass.tpl b/kubernetes/common/common/templates/_storage.tpl
index 8fd1f9772b..ae9335909d 100644
--- a/kubernetes/common/common/templates/_storageClass.tpl
+++ b/kubernetes/common/common/templates/_storage.tpl
@@ -49,9 +49,36 @@
Calculate if we need a PV. If a storageClass is provided, then we don't need.
*/}}
{{- define "common.needPV" -}}
-{{- if or (or .Values.persistence.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}}
- False
-{{- else -}}
+{{- if not (or (or .Values.persistence.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass) -}}
True
{{- end -}}
{{- end -}}
+
+{{/*
+ Generate N PV for a statefulset
+*/}}
+{{- define "common.replicaPV" -}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+---
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{$i}}
+ namespace: {{ include "common.namespace" $global }}
+ labels: {{- include "common.labels" $global | nindent 4 }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/postgres/charts/pgpool/requirements.yaml b/kubernetes/common/common/templates/_tplValue.tpl
index 5b097f3ab7..b74ecbda19 100644
--- a/kubernetes/common/postgres/charts/pgpool/requirements.yaml
+++ b/kubernetes/common/common/templates/_tplValue.tpl
@@ -1,4 +1,5 @@
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+{{/*
+# Copyright © 2019 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -11,8 +12,17 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
-dependencies:
- - name: common
- version: ~5.x-0
- repository: '@local'
+{{/*
+Renders a value that contains template.
+Usage:
+{{ include "common.tplValue" ( dict "value" .Values.path.to.the.Value "context" $) }}
+*/}}
+{{- define "common.tplValue" -}}
+ {{- if typeIs "string" .value }}
+ {{- tpl .value .context }}
+ {{- else }}
+ {{- tpl (.value | toYaml) .context }}
+ {{- end }}
+{{- end -}}
diff --git a/kubernetes/common/postgres/charts/pgpool/Chart.yaml b/kubernetes/common/postgres/charts/pgpool/Chart.yaml
deleted file mode 100644
index e2818139fa..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/Chart.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Postgres Server
-name: pgpool
-version: 5.0.0
diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf b/kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf
deleted file mode 100644
index f335174f40..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf
+++ /dev/null
@@ -1,677 +0,0 @@
-# ----------------------------
-# pgPool-II configuration file a custom version
-# ----------------------------
-#
-# This file consists of lines of the form:
-#
-# name = value
-#
-# Whitespace may be used. Comments are introduced with "#" anywhere on a line.
-# The complete list of parameter names and allowed values can be found in the
-# pgPool-II documentation.
-#
-# This file is read on server startup and when the server receives a SIGHUP
-# signal. If you edit the file on a running system, you have to SIGHUP the
-# server for the changes to take effect, or use "pgpool reload". Some
-# parameters, which are marked below, require a server shutdown and restart to
-# take effect.
-#
-
-
-#------------------------------------------------------------------------------
-# CONNECTIONS
-#------------------------------------------------------------------------------
-
-# - pgpool Connection Settings -
-
-listen_addresses = '*'
- # Host name or IP address to listen on:
- # '*' for all, '' for no TCP/IP connections
- # (change requires restart)
-#port = 9999
-port = 5432
- # Port number
- # (change requires restart)
-socket_dir = '/tmp'
- # Unix domain socket path
- # The Debian package defaults to
- # /var/run/postgresql
- # (change requires restart)
-
-
-# - pgpool Communication Manager Connection Settings -
-
-pcp_port = 9898
- # Port number for pcp
- # (change requires restart)
-pcp_socket_dir = '/tmp'
- # Unix domain socket path for pcp
- # The Debian package defaults to
- # /var/run/postgresql
- # (change requires restart)
-
-# - Backend Connection Settings -
-
-backend_hostname0 = '{{.Values.container.name.primary}}'
-backend_port0 = 5432
-backend_weight0= 1
-backend_flag0= 'DISALLOW_TO_FAILOVER'
-
-backend_hostname1 = '{{.Values.container.name.replica}}'
-backend_port1 = 5432
-backend_weight1= 1
-backend_flag1= 'DISALLOW_TO_FAILOVER'
-
-#backend_hostname0 = 'master'
- # Host name or IP address to connect to for backend 0
-#backend_port0 = 5432
- # Port number for backend 0
-#backend_weight0 = 1
- # Weight for backend 0 (only in load balancing mode)
-#backend_data_directory0 = '/data'
- # Data directory for backend 0
-#backend_flag0 = 'ALLOW_TO_FAILOVER'
- # Controls various backend behavior
- # ALLOW_TO_FAILOVER or DISALLOW_TO_FAILOVER
-#backend_hostname1 = 'standby'
-#backend_port1 = 5432
-#backend_weight1 = 1
-#backend_data_directory1 = '/data1'
-#backend_flag1 = 'ALLOW_TO_FAILOVER'
-
-# - Authentication -
-
-enable_pool_hba = on
- # Use pool_hba.conf for client authentication
-pool_passwd = 'pool_passwd'
- # File name of pool_passwd for md5 authentication.
- # "" disables pool_passwd.
- # (change requires restart)
-authentication_timeout = 60
- # Delay in seconds to complete client authentication
- # 0 means no timeout.
-
-# - SSL Connections -
-
-ssl = off
- # Enable SSL support
- # (change requires restart)
-#ssl_key = './server.key'
- # Path to the SSL private key file
- # (change requires restart)
-#ssl_cert = './server.cert'
- # Path to the SSL public certificate file
- # (change requires restart)
-#ssl_ca_cert = ''
- # Path to a single PEM format file
- # containing CA root certificate(s)
- # (change requires restart)
-#ssl_ca_cert_dir = ''
- # Directory containing CA root certificate(s)
- # (change requires restart)
-
-
-#------------------------------------------------------------------------------
-# POOLS
-#------------------------------------------------------------------------------
-
-# - Pool size -
-
-num_init_children = 5
- # Number of pools
- # (change requires restart)
-max_pool = 1
- # Number of connections per pool
- # (change requires restart)
-
-# - Life time -
-
-child_life_time = 300
- # Pool exits after being idle for this many seconds
-child_max_connections = 0
- # Pool exits after receiving that many connections
- # 0 means no exit
-connection_life_time = 0
- # Connection to backend closes after being idle for this many seconds
- # 0 means no close
-client_idle_limit = 0
- # Client is disconnected after being idle for that many seconds
- # (even inside an explicit transactions!)
- # 0 means no disconnection
-
-
-#------------------------------------------------------------------------------
-# LOGS
-#------------------------------------------------------------------------------
-
-# - Where to log -
-
-log_destination = 'stderr'
- # Where to log
- # Valid values are combinations of stderr,
- # and syslog. Default to stderr.
-
-# - What to log -
-
-print_timestamp = on
- # Print timestamp on each line
- # (change requires restart)
-
-log_connections = on
- # Log connections
-log_hostname = on
- # Hostname will be shown in ps status
- # and in logs if connections are logged
-log_statement = on
- # Log all statements
-log_per_node_statement = off
- # Log all statements
- # with node and backend informations
-log_standby_delay = 'if_over_threshold'
- # Log standby delay
- # Valid values are combinations of always,
- # if_over_threshold, none
-
-# - Syslog specific -
-
-syslog_facility = 'LOCAL0'
- # Syslog local facility. Default to LOCAL0
-syslog_ident = 'pgpool'
- # Syslog program identification string
- # Default to 'pgpool'
-
-# - Debug -
-
-debug_level = 1
- # Debug message verbosity level
- # 0 means no message, 1 or more mean verbose
-
-
-#------------------------------------------------------------------------------
-# FILE LOCATIONS
-#------------------------------------------------------------------------------
-
-pid_file_name = '/tmp/pgpool.pid'
- # PID file name
- # (change requires restart)
-logdir = '/tmp'
- # Directory of pgPool status file
- # (change requires restart)
-
-
-#------------------------------------------------------------------------------
-# CONNECTION POOLING
-#------------------------------------------------------------------------------
-
-connection_cache = off
- # Activate connection pools
- # (change requires restart)
-
- # Semicolon separated list of queries
- # to be issued at the end of a session
- # The default is for 8.3 and later
-reset_query_list = 'ABORT; DISCARD ALL'
- # The following one is for 8.2 and before
-#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT'
-
-
-#------------------------------------------------------------------------------
-# REPLICATION MODE
-#------------------------------------------------------------------------------
-
-replication_mode = off
- # Activate replication mode
- # (change requires restart)
-replicate_select = off
- # Replicate SELECT statements
- # when in replication or parallel mode
- # replicate_select is higher priority than
- # load_balance_mode.
-
-insert_lock = off
- # Automatically locks a dummy row or a table
- # with INSERT statements to keep SERIAL data
- # consistency
- # Without SERIAL, no lock will be issued
-lobj_lock_table = ''
- # When rewriting lo_creat command in
- # replication mode, specify table name to
- # lock
-
-# - Degenerate handling -
-
-replication_stop_on_mismatch = off
- # On disagreement with the packet kind
- # sent from backend, degenerate the node
- # which is most likely "minority"
- # If off, just force to exit this session
-
-failover_if_affected_tuples_mismatch = off
- # On disagreement with the number of affected
- # tuples in UPDATE/DELETE queries, then
- # degenerate the node which is most likely
- # "minority".
- # If off, just abort the transaction to
- # keep the consistency
-
-
-#------------------------------------------------------------------------------
-# LOAD BALANCING MODE
-#------------------------------------------------------------------------------
-
-load_balance_mode = on
- # Activate load balancing mode
- # (change requires restart)
-ignore_leading_white_space = on
- # Ignore leading white spaces of each query
-white_function_list = ''
- # Comma separated list of function names
- # that don't write to database
- # Regexp are accepted
-black_function_list = 'currval,lastval,nextval,setval'
- # Comma separated list of function names
- # that write to database
- # Regexp are accepted
-
-
-#------------------------------------------------------------------------------
-# MASTER/SLAVE MODE
-#------------------------------------------------------------------------------
-
-master_slave_mode = on
- # Activate master/slave mode
- # (change requires restart)
-master_slave_sub_mode = 'stream'
- # Master/slave sub mode
- # Valid values are combinations slony or
- # stream. Default is slony.
- # (change requires restart)
-
-# - Streaming -
-
-sr_check_period = 10
- # Streaming replication check period
- # Disabled (0) by default
-sr_check_user = '{{.Values.credentials.pgusername}}'
- # Streaming replication check user
- # This is neccessary even if you disable streaming
- # replication delay check by sr_check_period = 0
-sr_check_password = '{{.Values.credentials.pgpassword}}'
- # Password for streaming replication check user
-delay_threshold = 10000000
- # Threshold before not dispatching query to standby node
- # Unit is in bytes
- # Disabled (0) by default
-
-# - Special commands -
-
-follow_master_command = ''
- # Executes this command after master failover
- # Special values:
- # %d = node id
- # %h = host name
- # %p = port number
- # %D = database cluster path
- # %m = new master node id
- # %H = hostname of the new master node
- # %M = old master node id
- # %P = old primary node id
- # %r = new master port number
- # %R = new master database cluster path
- # %% = '%' character
-
-
-#------------------------------------------------------------------------------
-# PARALLEL MODE
-#------------------------------------------------------------------------------
-
-parallel_mode = off
- # Activates parallel query mode
- # (change requires restart)
-pgpool2_hostname = ''
- # Set pgpool2 hostname
- # (change requires restart)
-
-# - System DB info -
-
-#system_db_hostname = 'localhost'
- # (change requires restart)
-#system_db_port = 5432
- # (change requires restart)
-#system_db_dbname = 'pgpool'
- # (change requires restart)
-#system_db_schema = 'pgpool_catalog'
- # (change requires restart)
-#system_db_user = 'pgpool'
- # (change requires restart)
-#system_db_password = ''
- # (change requires restart)
-
-
-#------------------------------------------------------------------------------
-# HEALTH CHECK
-#------------------------------------------------------------------------------
-
-health_check_period = 20
- # Health check period
- # Disabled (0) by default
-health_check_timeout = 10
- # Health check timeout
- # 0 means no timeout
-health_check_user = '{{.Values.credentials.pgusername}}'
- # Health check user
-health_check_password = '{{.Values.credentials.pgpassword}}'
- # Password for health check user
-health_check_max_retries = 3
-connect_timeout = 10000 # Timeout value in milliseconds before giving up to connect to backend.
-
- # Maximum number of times to retry a failed health check before giving up.
-health_check_retry_delay = 1
- # Amount of time to wait (in seconds) between retries.
-
-
-#------------------------------------------------------------------------------
-# FAILOVER AND FAILBACK
-#------------------------------------------------------------------------------
-
-failover_command = ''
- # Executes this command at failover
- # Special values:
- # %d = node id
- # %h = host name
- # %p = port number
- # %D = database cluster path
- # %m = new master node id
- # %H = hostname of the new master node
- # %M = old master node id
- # %P = old primary node id
- # %r = new master port number
- # %R = new master database cluster path
- # %% = '%' character
-failback_command = ''
- # Executes this command at failback.
- # Special values:
- # %d = node id
- # %h = host name
- # %p = port number
- # %D = database cluster path
- # %m = new master node id
- # %H = hostname of the new master node
- # %M = old master node id
- # %P = old primary node id
- # %r = new master port number
- # %R = new master database cluster path
- # %% = '%' character
-
-fail_over_on_backend_error = off
- # Initiates failover when reading/writing to the
- # backend communication socket fails
- # If set to off, pgpool will report an
- # error and disconnect the session.
-
-search_primary_node_timeout = 10
- # Timeout in seconds to search for the
- # primary node when a failover occurs.
- # 0 means no timeout, keep searching
- # for a primary node forever.
-
-#------------------------------------------------------------------------------
-# ONLINE RECOVERY
-#------------------------------------------------------------------------------
-
-recovery_user = '{{.Values.credentials.pgusername}}'
- # Online recovery user
-recovery_password = '{{.Values.credentials.pgpassword}}'
- # Online recovery password
-recovery_1st_stage_command = ''
- # Executes a command in first stage
-recovery_2nd_stage_command = ''
- # Executes a command in second stage
-recovery_timeout = 90
- # Timeout in seconds to wait for the
- # recovering node's postmaster to start up
- # 0 means no wait
-client_idle_limit_in_recovery = 0
- # Client is disconnected after being idle
- # for that many seconds in the second stage
- # of online recovery
- # 0 means no disconnection
- # -1 means immediate disconnection
-
-
-#------------------------------------------------------------------------------
-# WATCHDOG
-#------------------------------------------------------------------------------
-
-# - Enabling -
-
-use_watchdog = off
- # Activates watchdog
- # (change requires restart)
-
-# -Connection to up stream servers -
-
-trusted_servers = ''
- # trusted server list which are used
- # to confirm network connection
- # (hostA,hostB,hostC,...)
- # (change requires restart)
-ping_path = '/bin'
- # ping command path
- # (change requires restart)
-
-# - Watchdog communication Settings -
-
-wd_hostname = ''
- # Host name or IP address of this watchdog
- # (change requires restart)
-wd_port = 9000
- # port number for watchdog service
- # (change requires restart)
-wd_authkey = ''
- # Authentication key for watchdog communication
- # (change requires restart)
-
-# - Virtual IP control Setting -
-
-delegate_IP = ''
- # delegate IP address
- # If this is empty, virtual IP never bring up.
- # (change requires restart)
-ifconfig_path = '/sbin'
- # ifconfig command path
- # (change requires restart)
-if_up_cmd = 'ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0'
- # startup delegate IP command
- # (change requires restart)
-if_down_cmd = 'ifconfig eth0:0 down'
- # shutdown delegate IP command
- # (change requires restart)
-
-arping_path = '/usr/sbin' # arping command path
- # (change requires restart)
-
-arping_cmd = 'arping -U $_IP_$ -w 1'
- # arping command
- # (change requires restart)
-
-# - Behaivor on escalation Setting -
-
-clear_memqcache_on_escalation = on
- # Clear all the query cache on shared memory
- # when standby pgpool escalate to active pgpool
- # (= virtual IP holder).
- # This should be off if client connects to pgpool
- # not using virtual IP.
- # (change requires restart)
-wd_escalation_command = ''
- # Executes this command at escalation on new active pgpool.
- # (change requires restart)
-
-# - Lifecheck Setting -
-
-# -- common --
-
-wd_lifecheck_method = 'heartbeat'
- # Method of watchdog lifecheck ('heartbeat' or 'query')
- # (change requires restart)
-wd_interval = 10
- # lifecheck interval (sec) > 0
- # (change requires restart)
-
-# -- heartbeat mode --
-
-wd_heartbeat_port = 9694
- # Port number for receiving heartbeat signal
- # (change requires restart)
-wd_heartbeat_keepalive = 2
- # Interval time of sending heartbeat signal (sec)
- # (change requires restart)
-wd_heartbeat_deadtime = 30
- # Deadtime interval for heartbeat signal (sec)
- # (change requires restart)
-heartbeat_destination0 = 'host0_ip1'
- # Host name or IP address of destination 0
- # for sending heartbeat signal.
- # (change requires restart)
-heartbeat_destination_port0 = 9694
- # Port number of destination 0 for sending
- # heartbeat signal. Usually this is the
- # same as wd_heartbeat_port.
- # (change requires restart)
-heartbeat_device0 = ''
- # Name of NIC device (such like 'eth0')
- # used for sending/receiving heartbeat
- # signal to/from destination 0.
- # This works only when this is not empty
- # and pgpool has root privilege.
- # (change requires restart)
-
-#heartbeat_destination1 = 'host0_ip2'
-#heartbeat_destination_port1 = 9694
-#heartbeat_device1 = ''
-
-# -- query mode --
-
-wd_life_point = 3
- # lifecheck retry times
- # (change requires restart)
-wd_lifecheck_query = 'SELECT 1'
- # lifecheck query to pgpool from watchdog
- # (change requires restart)
-wd_lifecheck_dbname = 'template1'
- # Database name connected for lifecheck
- # (change requires restart)
-wd_lifecheck_user = 'nobody'
- # watchdog user monitoring pgpools in lifecheck
- # (change requires restart)
-wd_lifecheck_password = ''
- # Password for watchdog user in lifecheck
- # (change requires restart)
-
-# - Other pgpool Connection Settings -
-
-#other_pgpool_hostname0 = 'host0'
- # Host name or IP address to connect to for other pgpool 0
- # (change requires restart)
-#other_pgpool_port0 = 5432
- # Port number for othet pgpool 0
- # (change requires restart)
-#other_wd_port0 = 9000
- # Port number for othet watchdog 0
- # (change requires restart)
-#other_pgpool_hostname1 = 'host1'
-#other_pgpool_port1 = 5432
-#other_wd_port1 = 9000
-
-
-#------------------------------------------------------------------------------
-# OTHERS
-#------------------------------------------------------------------------------
-relcache_expire = 0
- # Life time of relation cache in seconds.
- # 0 means no cache expiration(the default).
- # The relation cache is used for cache the
- # query result against PostgreSQL system
- # catalog to obtain various information
- # including table structures or if it's a
- # temporary table or not. The cache is
- # maintained in a pgpool child local memory
- # and being kept as long as it survives.
- # If someone modify the table by using
- # ALTER TABLE or some such, the relcache is
- # not consistent anymore.
- # For this purpose, cache_expiration
- # controls the life time of the cache.
-relcache_size = 256
- # Number of relation cache
- # entry. If you see frequently:
- # "pool_search_relcache: cache replacement happend"
- # in the pgpool log, you might want to increate this number.
-
-check_temp_table = on
- # If on, enable temporary table check in SELECT statements.
- # This initiates queries against system catalog of primary/master
- # thus increases load of master.
- # If you are absolutely sure that your system never uses temporary tables
- # and you want to save access to primary/master, you could turn this off.
- # Default is on.
-
-
-#------------------------------------------------------------------------------
-# ON MEMORY QUERY MEMORY CACHE
-#------------------------------------------------------------------------------
-memory_cache_enabled = off
- # If on, use the memory cache functionality, off by default
-memqcache_method = 'shmem'
- # Cache storage method. either 'shmem'(shared memory) or
- # 'memcached'. 'shmem' by default
- # (change requires restart)
-memqcache_memcached_host = 'localhost'
- # Memcached host name or IP address. Mandatory if
- # memqcache_method = 'memcached'.
- # Defaults to localhost.
- # (change requires restart)
-memqcache_memcached_port = 11211
- # Memcached port number. Mondatory if memqcache_method = 'memcached'.
- # Defaults to 11211.
- # (change requires restart)
-memqcache_total_size = 67108864
- # Total memory size in bytes for storing memory cache.
- # Mandatory if memqcache_method = 'shmem'.
- # Defaults to 64MB.
- # (change requires restart)
-memqcache_max_num_cache = 1000000
- # Total number of cache entries. Mandatory
- # if memqcache_method = 'shmem'.
- # Each cache entry consumes 48 bytes on shared memory.
- # Defaults to 1,000,000(45.8MB).
- # (change requires restart)
-memqcache_expire = 0
- # Memory cache entry life time specified in seconds.
- # 0 means infinite life time. 0 by default.
- # (change requires restart)
-memqcache_auto_cache_invalidation = on
- # If on, invalidation of query cache is triggered by corresponding
- # DDL/DML/DCL(and memqcache_expire). If off, it is only triggered
- # by memqcache_expire. on by default.
- # (change requires restart)
-memqcache_maxcache = 409600
- # Maximum SELECT result size in bytes.
- # Must be smaller than memqcache_cache_block_size. Defaults to 400KB.
- # (change requires restart)
-memqcache_cache_block_size = 1048576
- # Cache block size in bytes. Mandatory if memqcache_method = 'shmem'.
- # Defaults to 1MB.
- # (change requires restart)
-memqcache_oiddir = '/var/log/pgpool/oiddir'
- # Temporary work directory to record table oids
- # (change requires restart)
-white_memqcache_table_list = ''
- # Comma separated list of table names to memcache
- # that don't write to database
- # Regexp are accepted
-black_memqcache_table_list = ''
- # Comma separated list of table names not to memcache
- # that don't write to database
- # Regexp are accepted
diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf
deleted file mode 100644
index 580185c6f0..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf
+++ /dev/null
@@ -1,68 +0,0 @@
-# pgpool Client Authentication Configuration File a custom version
-# ===============================================
-#
-# The format rule in this file follows the rules in the PostgreSQL
-# Administrator's Guide. Refer to chapter "Client Authentication" for a
-# complete description. A short synopsis follows.
-#
-# This file controls: which hosts are allowed to connect, how clients
-# are authenticated, which user names they can use, which databases they
-# can access. Records take one of these forms:
-#
-# local DATABASE USER METHOD [OPTION]
-# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
-#
-# (The uppercase items must be replaced by actual values.)
-#
-# The first field is the connection type: "local" is a Unix-domain
-# socket, "host" is either a plain or SSL-encrypted TCP/IP socket.
-#
-# DATABASE can be "all", "sameuser", a database name, or a comma-separated
-# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf
-# file is not supported, since pgpool does not know which group a user
-# belongs to. Also note that the database specified here may not exist in
-# the backend PostgreSQL. pgpool will authenticate based on the database's
-# name, not based on whether it exists or not.
-#
-# USER can be "all", a user name, or a comma-separated list thereof. In
-# both the DATABASE and USER fields you can also write a file name prefixed
-# with "@" to include names from a separate file. Note that a group name
-# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported
-# because of the same reason as "samegroup" token. Also note that a user
-# name specified here may not exist in the backend PostgreSQL. pgpool will
-# authenticate based on the user's name, not based on whether he/she exists.
-#
-# CIDR-ADDRESS specifies the set of hosts the record matches.
-# It is made up of an IP address and a CIDR mask that is an integer
-# (between 0 and 32 (IPv4) that specifies the number of significant bits in
-# the mask. Alternatively, you can write an IP address and netmask in
-# separate columns to specify the set of hosts.
-#
-# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords
-# in clear text.
-#
-# OPTION is the name of the PAM service. Default service name is "pgpool"
-#
-# Database and user names containing spaces, commas, quotes and other special
-# characters must be quoted. Quoting one of the keywords "all" or "sameuser"
-# makes the name lose its special character, and just match a database or
-# username with that name.
-#
-# This file is read on pgpool startup. If you edit the file on a running
-# system, you have to restart the pgpool for the changes to take effect.
-
-# Put your actual configuration here
-# ----------------------------------
-#
-# If you want to allow non-local connections, you need to add more
-# "host" records. In that case you will also need to make pgpool listen
-# on a non-local interface via the listen_addresses configuration parameter.
-#
-
-# TYPE DATABASE USER CIDR-ADDRESS METHOD
-
-# "local" is for Unix domain socket connections only
-#local all all trust
-# IPv4 local connections:
-host all all 0.0.0.0/0 md5
-
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml b/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml
deleted file mode 100755
index 099c8dd12e..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-pgpool-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml
deleted file mode 100644
index c24916ad22..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml
+++ /dev/null
@@ -1,100 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
-*/}}
-kind: Deployment
-apiVersion: extensions/v1beta1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: 2
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - name: {{ include "common.name" . }}-job
- image: "{{.Values.repository}}/{{.Values.image}}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: pgpool-pgconf
- mountPath: /pgconf/pgpoolconfigdir
- readOnly: false
- - name: pgpool-pgconf-static
- mountPath: /configdir/
- readOnly: false
- command:
- - /bin/sh
- args:
- - -c
- - |
- cp /configdir/pgpool.conf /pgconf/pgpoolconfigdir/
- cp /configdir/pool_hba.conf /pgconf/pgpoolconfigdir/
- pg_md5 -f /pgconf/pgpoolconfigdir/pgpool.conf --md5auth --username=${PG_USER} ${PG_PASSWORD}
- env:
- - name: PG_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-user-password
- - name: PG_USER
- value: {{ index .Values.credentials.pgusername }}
- containers:
- - image: "{{.Values.repository}}/{{.Values.image}}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}
- env:
- - name: PG_PRIMARY_SERVICE_NAME
- value: {{.Values.container.name.primary}}
- - name: PG_REPLICA_SERVICE_NAME
- value: {{.Values.container.name.replica}}
- - name: PG_USERNAME
- value: {{.Values.credentials.pgusername}}
- - name: PG_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-user-password
- ports:
- - containerPort: 5432
- name: pgpool
- protocol: TCP
- readinessProbe:
- tcpSocket:
- port: 5432
- initialDelaySeconds: 20
- periodSeconds: 10
- livenessProbe:
- tcpSocket:
- port: 5432
- initialDelaySeconds: 15
- periodSeconds: 20
- volumeMounts:
- - name: pgpool-pgconf
- mountPath: /pgconf/pgpoolconfigdir
- readOnly: false
- volumes:
- - name: pgpool-pgconf
- emptyDir: {}
- - name: pgpool-pgconf-static
- configMap:
- name: {{ include "common.fullname" . }}-pgpool-configmap
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml
deleted file mode 100644
index 3b89371ad4..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-type: Opaque
-data:
- db-user-password: {{ default "" .Values.credentials.pgpassword | b64enc | quote }}
-
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
deleted file mode 100644
index 696b22a80d..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/common/postgres/charts/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml
deleted file mode 100644
index 8ceff8f964..0000000000
--- a/kubernetes/common/postgres/charts/pgpool/values.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: crunchydata
-image: crunchy-pgpool:centos7-10.4-2.0.0
-pullPolicy: Always
-
-container:
- port: 5432
- name:
- primary: pgset-primary
- replica: pgset-replica
-credentials:
- pgusername: testuser
- pgpassword: password
-service:
- name: pgpool
- portName: tcp-postgres
- type: ClusterIP
- externalPort: 5432
- internalPort: 5432
diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl
new file mode 100644
index 0000000000..3777c1b2e4
--- /dev/null
+++ b/kubernetes/common/postgres/templates/_deployment.tpl
@@ -0,0 +1,135 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2020 Samsung Electronics
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+{{- define "common.postgres.deployment" -}}
+ {{- $dot := .dot }}
+ {{- $pgMode := .pgMode }}
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" $dot }}-{{ $pgMode }}
+ namespace: {{ include "common.namespace" $dot }}
+ labels:
+ app: {{ include "common.name" $dot }}-{{ $pgMode }}
+ chart: {{ $dot.Chart.Name }}-{{ $dot.Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" $dot }}
+ heritage: {{ $dot.Release.Service }}
+ name: "{{ index $dot.Values "container" "name" $pgMode }}"
+spec:
+ serviceName: {{ $dot.Values.service.name }}
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" $dot }}-{{ $pgMode }}
+ release: {{ include "common.release" $dot }}
+ name: "{{ index $dot.Values "container" "name" $pgMode }}"
+ spec:
+ initContainers:
+ - name: init-sysctl
+ command:
+ - /bin/sh
+ - -c
+ - |
+ chown 26:26 /podroot/;
+ chmod 700 /podroot/;
+ image: {{ $dot.Values.global.busyboxRepository | default $dot.Values.busyboxRepository }}/{{ $dot.Values.busyboxImage }}
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" $dot }}-data
+ mountPath: /podroot/
+ containers:
+ - name: {{ include "common.name" $dot }}
+ image: "{{ $dot.Values.postgresRepository }}/{{ $dot.Values.image }}"
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
+ ports:
+ - containerPort: {{ $dot.Values.service.internalPort }}
+ name: {{ $dot.Values.service.portName }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq $dot.Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ $dot.Values.service.internalPort }}
+ initialDelaySeconds: {{ $dot.Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ $dot.Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ $dot.Values.liveness.timeoutSeconds }}
+ {{- end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ $dot.Values.service.internalPort }}
+ initialDelaySeconds: {{ $dot.Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ $dot.Values.readiness.periodSeconds }}
+ env:
+ - name: PGHOST
+ value: /tmp
+ - name: PG_PRIMARY_USER
+ value: primaryuser
+ - name: PG_MODE
+ value: {{ $pgMode }}
+ - name: PG_PRIMARY_HOST
+ value: "{{ $dot.Values.container.name.primary }}"
+ - name: PG_REPLICA_HOST
+ value: "{{ $dot.Values.container.name.replica }}"
+ - name: PG_PRIMARY_PORT
+ value: "{{ $dot.Values.service.internalPort }}"
+ - name: PG_PRIMARY_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
+ - name: PG_USER
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
+ - name: PG_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
+ - name: PG_DATABASE
+ value: "{{ $dot.Values.config.pgDatabase }}"
+ - name: PG_ROOT_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
+ volumeMounts:
+ - name: pool-hba-conf
+ mountPath: /pgconf/pool_hba.conf
+ subPath: pool_hba.conf
+ - mountPath: /pgdata
+ name: {{ include "common.fullname" $dot }}-data
+ - mountPath: /backup
+ name: {{ include "common.fullname" $dot }}-backup
+ readOnly: true
+ resources:
+{{ include "common.resources" $dot | indent 12 }}
+ {{- if $dot.Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml $dot.Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if $dot.Values.affinity }}
+ affinity:
+{{ toYaml $dot.Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" $dot }}-backup
+ emptyDir: {}
+ - name: {{ include "common.fullname" $dot }}-data
+{{- if $dot.Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" $dot }}-{{ $pgMode }}
+{{- else }}
+ emptyDir: {}
+{{ end }}
+ - name: pool-hba-conf
+ configMap:
+ name: {{ include "common.fullname" $dot }}
+{{- end -}} \ No newline at end of file
diff --git a/kubernetes/common/postgres/templates/deployment-primary.yaml b/kubernetes/common/postgres/templates/deployment-primary.yaml
index b234dc2092..c8a000142e 100644
--- a/kubernetes/common/postgres/templates/deployment-primary.yaml
+++ b/kubernetes/common/postgres/templates/deployment-primary.yaml
@@ -13,126 +13,4 @@
# # See the License for the specific language governing permissions and
# # limitations under the License.
*/}}
-apiVersion: apps/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}-primary
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-primary
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- name: "{{ .Values.container.name.primary }}"
-spec:
- serviceName: {{ .Values.service.name }}
- replicas: 1
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}-primary
- release: {{ include "common.release" . }}
- name: "{{ .Values.container.name.primary }}"
- spec:
- initContainers:
- - name: init-sysctl
- command:
- - /bin/sh
- - -c
- - |
- chown 26:26 /podroot/;
- chmod 700 /podroot/;
- image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-data
- mountPath: /podroot/
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ .Values.postgresRepository }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{- end }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: PGHOST
- value: /tmp
- - name: PG_PRIMARY_USER
- value: primaryuser
- - name: PG_MODE
- value: primary
- - name: PG_PRIMARY_HOST
- value: "{{ .Values.container.name.primary }}"
- - name: PG_REPLICA_HOST
- value: "{{ .Values.container.name.replica }}"
- - name: PG_PRIMARY_PORT
- value: "{{ .Values.service.internalPort }}"
- - name: PG_PRIMARY_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: pg-primary-password
- - name: PG_USER
- value: "{{ .Values.config.pgUserName }}"
- - name: PG_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: pg-user-password
- - name: PG_DATABASE
- value: "{{ .Values.config.pgDatabase }}"
- - name: PG_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: pg-root-password
- volumeMounts:
- - name: pool-hba-conf
- mountPath: /pgconf/pool_hba.conf
- subPath: pool_hba.conf
- - mountPath: /pgdata
- name: {{ include "common.fullname" . }}-data
- - mountPath: /backup
- name: {{ include "common.fullname" . }}-backup
- readOnly: true
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-backup
- emptyDir: {}
- - name: {{ include "common.fullname" . }}-data
-{{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-primary
-{{- else }}
- emptyDir: {}
-{{ end }}
- - name: pool-hba-conf
- configMap:
- name: {{ include "common.fullname" . }}
+{{ include "common.postgres.deployment" (dict "dot" . "pgMode" "primary") }}
diff --git a/kubernetes/common/postgres/templates/deployment-replica.yaml b/kubernetes/common/postgres/templates/deployment-replica.yaml
index 72a8736e17..dc19c2d985 100644
--- a/kubernetes/common/postgres/templates/deployment-replica.yaml
+++ b/kubernetes/common/postgres/templates/deployment-replica.yaml
@@ -13,126 +13,4 @@
# # See the License for the specific language governing permissions and
# # limitations under the License.
*/}}
-apiVersion: apps/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}-replica
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-replica
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- name: "{{ .Values.container.name.replica }}"
-spec:
- serviceName: {{ .Values.service.name }}
- replicas: 1
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}-replica
- release: {{ include "common.release" . }}
- name: "{{ .Values.container.name.replica }}"
- spec:
- initContainers:
- - name: init-sysctl
- command:
- - /bin/sh
- - -c
- - |
- chown 26:26 /podroot/;
- chmod 700 /podroot/;
- image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-data
- mountPath: /podroot/
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ .Values.postgresRepository }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: PGHOST
- value: /tmp
- - name: PG_PRIMARY_USER
- value: primaryuser
- - name: PG_MODE
- value: replica
- - name: PG_PRIMARY_HOST
- value: "{{.Values.container.name.primary}}"
- - name: PG_REPLICA_HOST
- value: "{{.Values.container.name.replica}}"
- - name: PG_PRIMARY_PORT
- value: "{{.Values.service.internalPort}}"
- - name: PG_PRIMARY_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: pg-primary-password
- - name: PG_USER
- value: "{{.Values.config.pgUserName}}"
- - name: PG_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: pg-user-password
- - name: PG_DATABASE
- value: "{{.Values.config.pgDatabase}}"
- - name: PG_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: pg-root-password
- volumeMounts:
- - name: pool-hba-conf
- mountPath: /pgconf/pool_hba.conf
- subPath: pool_hba.conf
- - mountPath: /pgdata
- name: {{ include "common.fullname" . }}-data
- - mountPath: /backup
- name: {{ include "common.fullname" . }}-backup
- readOnly: true
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-backup
- emptyDir: {}
- - name: {{ include "common.fullname" . }}-data
-{{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-replica
-{{- else }}
- emptyDir: {}
-{{ end }}
- - name: pool-hba-conf
- configMap:
- name: {{ include "common.fullname" . }}
+{{ include "common.postgres.deployment" (dict "dot" . "pgMode" "replica") }}
diff --git a/kubernetes/common/postgres/templates/secrets.yaml b/kubernetes/common/postgres/templates/secrets.yaml
index db1bc5bb15..4c68015528 100644
--- a/kubernetes/common/postgres/templates/secrets.yaml
+++ b/kubernetes/common/postgres/templates/secrets.yaml
@@ -13,19 +13,4 @@
# # See the License for the specific language governing permissions and
# # limitations under the License.
*/}}
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
- pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }}
- pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }}
- pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }}
-
+{{ include "common.secret" . }}
diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml
index 3104ee79d2..c2131e9ad0 100644
--- a/kubernetes/common/postgres/values.yaml
+++ b/kubernetes/common/postgres/values.yaml
@@ -22,6 +22,24 @@ global:
readinessImage: readiness-check:2.0.0
#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: '{{ include "common.postgres.secret.rootPassUID" . }}'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.pgRootPasswordExternalSecret) . }}'
+ password: '{{ .Values.config.pgRootPassword }}'
+ - uid: '{{ include "common.postgres.secret.userCredentialsUID" . }}'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.pgUserExternalSecret) . }}'
+ login: '{{ .Values.config.pgUserName }}'
+ password: '{{ .Values.config.pgUserPassword }}'
+ - uid: '{{ include "common.postgres.secret.primaryPasswordUID" . }}'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.pgPrimaryPasswordExternalSecret) . }}'
+ password: '{{ .Values.config.pgPrimaryPassword }}'
+
+#################################################################
# Application configuration defaults.
#################################################################
@@ -46,22 +64,6 @@ container:
primary: pgset-primary
replica: pgset-replica
-pgpool:
- container:
- port: 5432
- name:
- primary: pgset-primary
- replica: pgset-replica
- credentials:
- pgusername: testuser
- pgpassword: password
- service:
- name: pgpool
-
-
-# default number of instances
-replicaCount: 2
-
nodeSelector: {}
affinity: {}