diff options
Diffstat (limited to 'kubernetes/common')
89 files changed, 2182 insertions, 241 deletions
diff --git a/kubernetes/common/cassandra/templates/backup/configmap.yaml b/kubernetes/common/cassandra/templates/backup/configmap.yaml index e9e1012811..9bbc69ba04 100644 --- a/kubernetes/common/cassandra/templates/backup/configmap.yaml +++ b/kubernetes/common/cassandra/templates/backup/configmap.yaml @@ -22,7 +22,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/restore.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml index 0d06318422..2edc8071f9 100644 --- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -22,7 +22,7 @@ metadata: labels: app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: schedule: {{ .Values.backup.cron | quote }} diff --git a/kubernetes/common/cassandra/templates/backup/pvc.yaml b/kubernetes/common/cassandra/templates/backup/pvc.yaml index dd7f3810a0..6fd53618bc 100644 --- a/kubernetes/common/cassandra/templates/backup/pvc.yaml +++ b/kubernetes/common/cassandra/templates/backup/pvc.yaml @@ -24,7 +24,7 @@ metadata: labels: app: {{ include "common.name" . }}-backup chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" {{- if .Values.persistence.annotations }} annotations: diff --git a/kubernetes/common/cassandra/templates/configmap.yaml b/kubernetes/common/cassandra/templates/configmap.yaml index abb8a7e65f..ab08c82fef 100644 --- a/kubernetes/common/cassandra/templates/configmap.yaml +++ b/kubernetes/common/cassandra/templates/configmap.yaml @@ -7,7 +7,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: {{ toYaml .Values.configOverrides | indent 2 }} @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/docker-entrypoint.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml index fbbb5ba105..fd0a758e63 100644 --- a/kubernetes/common/cassandra/templates/pv.yaml +++ b/kubernetes/common/cassandra/templates/pv.yaml @@ -20,13 +20,13 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }} + name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }} namespace: {{ $global.Release.Namespace }} labels: type: {{ $global.Values.persistence.storageType }} app: {{ $global.Values.service.name }} chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ $global.Release.Name }} + release: {{ include "common.release" $global }} heritage: {{ $global.Release.Service }} spec: capacity: @@ -40,7 +40,7 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} + path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} {{- end -}} {{- end -}} {{- end -}} diff --git a/kubernetes/common/cassandra/templates/service.yaml b/kubernetes/common/cassandra/templates/service.yaml index cda519115d..6cbddbea40 100644 --- a/kubernetes/common/cassandra/templates/service.yaml +++ b/kubernetes/common/cassandra/templates/service.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" @@ -45,5 +45,5 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} clusterIP: None diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 72e886d4d1..2f262ca149 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -20,13 +20,13 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: selector: matchLabels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} serviceName: {{ include "common.servicename" . }} replicas: {{ .Values.replicaCount }} podManagementPolicy: {{ .Values.podManagementPolicy }} @@ -36,7 +36,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: hostNetwork: {{ .Values.hostNetwork }} @@ -115,6 +115,14 @@ spec: value: {{ default "GossipingPropertyFileSnitch" .Values.config.endpoint_snitch | quote }} - name: CASSANDRA_AUTHENTICATOR value: {{ default "PasswordAuthenticator" .Values.config.authenticator | quote }} + {{- if (include "common.serviceMesh" .) }} + - name: CASSANDRA_LISTEN_ADDRESS + value: "127.0.0.1" + - name: CASSANDRA_BROADCAST_ADDRESS + valueFrom: + fieldRef: + fieldPath: status.podIP + {{- end }} - name: POD_IP valueFrom: fieldRef: @@ -160,7 +168,7 @@ spec: labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl index 938b0ee514..8b2f1e274d 100644 --- a/kubernetes/common/common/templates/_createPassword.tpl +++ b/kubernetes/common/common/templates/_createPassword.tpl @@ -29,6 +29,9 @@ {{- printf "%d" .Values.global.masterPassword -}} {{ else if .Values.masterPassword }} {{- printf "%d" .Values.masterPassword -}} + {{ else if eq "testRelease" (include "common.release" .) }} + {{/* Special case for chart liniting. DON"T NAME YOUR PRODUCTION RELEASE testRelease */}} + {{- printf "testRelease" -}} {{ else }} {{ fail "masterPassword not provided" }} {{ end }} diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl index 935e318fc8..c3c744358c 100644 --- a/kubernetes/common/common/templates/_ingress.tpl +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -87,7 +87,7 @@ metadata: labels: app: {{ .Chart.Name }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: rules: diff --git a/kubernetes/common/common/templates/_mariadb.tpl b/kubernetes/common/common/templates/_mariadb.tpl index 15fb5a4225..df0e6b41c9 100644 --- a/kubernetes/common/common/templates/_mariadb.tpl +++ b/kubernetes/common/common/templates/_mariadb.tpl @@ -15,6 +15,43 @@ */}} {{/* + UID of mariadb root password +*/}} +{{- define "common.mariadb.secret.rootPassUID" -}} + {{- printf "db-root-password" }} +{{- end -}} + +{{/* + Name of mariadb secret +*/}} +{{- define "common.mariadb.secret._secretName" -}} + {{- $global := .dot }} + {{- $chartName := tpl .chartName $global -}} + {{- include "common.secret.genName" (dict "global" $global "uid" (include .uidTemplate $global) "chartName" $chartName) }} +{{- end -}} + +{{/* + Name of mariadb root password secret +*/}} +{{- define "common.mariadb.secret.rootPassSecretName" -}} + {{- include "common.mariadb.secret._secretName" (set . "uidTemplate" "common.mariadb.secret.rootPassUID") }} +{{- end -}} + +{{/* + UID of mariadb user credentials +*/}} +{{- define "common.mariadb.secret.userCredentialsUID" -}} + {{- printf "db-user-credentials" }} +{{- end -}} + +{{/* + Name of mariadb user credentials secret +*/}} +{{- define "common.mariadb.secret.userCredentialsSecretName" -}} + {{- include "common.mariadb.secret._secretName" (set . "uidTemplate" "common.mariadb.secret.userCredentialsUID") }} +{{- end -}} + +{{/* Choose the name of the mariadb service to use. */}} {{- define "common.mariadbService" -}} @@ -43,7 +80,7 @@ {{- if .Values.global.mariadbGalera.localCluster -}} {{ printf "%s-%s-db-user-credentials" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}} {{- else -}} - {{ printf "%s-%s" (.Release.Name) (index .Values "mariadb-init" "nameOverride") -}} + {{ printf "%s-%s-%s" ( include "common.release" .) (index .Values "mariadb-init" "nameOverride") (index .Values "mariadb-init" "config" "mysqlDatabase" ) -}} {{- end -}} {{- end -}} @@ -51,9 +88,5 @@ Choose the value of secret param to retrieve user value. */}} {{- define "common.mariadbSecretParam" -}} - {{- if .Values.global.mariadbGalera.localCluster -}} - {{ printf "password" -}} - {{- else -}} - {{ printf "db-user-password" -}} - {{- end -}} + {{ printf "password" -}} {{- end -}} diff --git a/kubernetes/common/common/templates/_name.tpl b/kubernetes/common/common/templates/_name.tpl index f84ca21f3a..7719cdbb9f 100644 --- a/kubernetes/common/common/templates/_name.tpl +++ b/kubernetes/common/common/templates/_name.tpl @@ -22,12 +22,22 @@ {{- end -}} {{/* + The same as common.full name but based on passed dictionary instead of trying to figure + out chart name on its own. +*/}} +{{- define "common.fullnameExplicit" -}} + {{- $dot := .dot }} + {{- $name := .chartName }} + {{- printf "%s-%s" (include "common.release" $dot) $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Create a default fully qualified application name. Truncated at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} {{- define "common.fullname" -}} {{- $name := default .Chart.Name .Values.nameOverride -}} - {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} + {{- include "common.fullnameExplicit" (dict "dot" . "chartName" $name) }} {{- end -}} {{/* @@ -37,5 +47,5 @@ this function would answer back "toto". */}} {{- define "common.release" -}} - {{- regexReplaceAll "-[a-zA-Z0-9]*$" .Release.Name "" }} + {{- first (regexSplit "-" .Release.Name -1) }} {{- end -}} diff --git a/kubernetes/common/common/templates/_secret.yaml b/kubernetes/common/common/templates/_secret.yaml index 523d7880f0..e24a2e4ba7 100644 --- a/kubernetes/common/common/templates/_secret.yaml +++ b/kubernetes/common/common/templates/_secret.yaml @@ -37,7 +37,7 @@ metadata: labels: app: {{ include "common.name" $global }} chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ $global.Release.Name }} + release: {{ include "common.release" $global }} heritage: {{ $global.Release.Service }} type: Opaque {{- end -}} @@ -76,8 +76,6 @@ type: Opaque {{/* - For internal use only! - Generate a secret name based on provided name or UID. If UID is provided then the name is generated by appending this UID right after the chart name. If name is provided, it overrides the name generation algorith @@ -90,11 +88,12 @@ type: Opaque - .name: string that can be used to override default name generation algorithm and provide a custom name for the secret */}} -{{- define "common.secret._genName" -}} +{{- define "common.secret.genName" -}} {{- $global := .global }} {{- $uid := tpl (default "" .uid) $global }} {{- $name := tpl (default "" .name) $global }} - {{- default (printf "%s-%s" (include "common.fullname" $global) $uid) $name }} + {{- $fullname := ne (default "" .chartName) "" | ternary (include "common.fullnameExplicit" (dict "dot" $global "chartName" .chartName)) (include "common.fullname" $global) }} + {{- default (printf "%s-%s" $fullname $uid) $name }} {{- end -}} {{/* @@ -115,10 +114,14 @@ type: Opaque */}} {{- define "common.secret.getSecretName" -}} {{- $global := .global }} - {{- $targetName := include "common.secret._genName" (dict "global" $global "uid" .uid "name" .name) }} + {{- $name := tpl (default "" .name) $global }} + {{- $uid := tpl (default "" .uid) $global }} + {{- $targetName := default (include "common.secret.genName" (dict "global" $global "uid" $uid "name" .name)) $name}} {{- range $secret := $global.Values.secrets }} - {{- $currName := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} - {{- if eq $currName $targetName }} + {{- $givenName := tpl (default "" $secret.name) $global }} + {{- $currUID := tpl (default "" $secret.uid) $global }} + {{- $currName := default (include "common.secret.genName" (dict "global" $global "uid" $currUID "name" $secret.name)) $givenName }} + {{- if or (eq $uid $currUID) (eq $currName $targetName) }} {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} {{- default $currName $externalSecret }} {{- end }} @@ -234,7 +237,8 @@ valueFrom: {{- define "common.secret" -}} {{- $global := . }} {{- range $secret := .Values.secrets }} - {{- $name := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} + {{- $uid := tpl (default "" $secret.uid) $global }} + {{- $name := include "common.secret.genName" (dict "global" $global "uid" $uid "name" $secret.name) }} {{- $type := default "generic" $secret.type }} {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} {{- if not $externalSecret }} diff --git a/kubernetes/common/dgbuilder/templates/configmap.yaml b/kubernetes/common/dgbuilder/templates/configmap.yaml index cef11f499b..24f61b5487 100644 --- a/kubernetes/common/dgbuilder/templates/configmap.yaml +++ b/kubernetes/common/dgbuilder/templates/configmap.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} @@ -33,7 +33,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml index 353c2314ac..495c4c6ab6 100644 --- a/kubernetes/common/dgbuilder/templates/deployment.yaml +++ b/kubernetes/common/dgbuilder/templates/deployment.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} @@ -28,7 +28,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} spec: initContainers: - command: diff --git a/kubernetes/common/dgbuilder/templates/secrets.yaml b/kubernetes/common/dgbuilder/templates/secrets.yaml index 2781cca8aa..e00d7cfc03 100644 --- a/kubernetes/common/dgbuilder/templates/secrets.yaml +++ b/kubernetes/common/dgbuilder/templates/secrets.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} type: Opaque data: diff --git a/kubernetes/common/dgbuilder/templates/service.yaml b/kubernetes/common/dgbuilder/templates/service.yaml index 1e2f0a5f00..7a8f752a2d 100644 --- a/kubernetes/common/dgbuilder/templates/service.yaml +++ b/kubernetes/common/dgbuilder/templates/service.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: type: {{ .Values.service.type }} @@ -37,4 +37,4 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/etcd/templates/pv.yaml b/kubernetes/common/etcd/templates/pv.yaml index da8dfb8a22..ed1344d4c1 100644 --- a/kubernetes/common/etcd/templates/pv.yaml +++ b/kubernetes/common/etcd/templates/pv.yaml @@ -25,7 +25,7 @@ metadata: labels: app: {{ include "common.fullname" $global }} chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ $global.Release.Name }}" + release: "{{ include "common.release" $global }}" heritage: "{{ $global.Release.Service }}" name: {{ include "common.fullname" $global }} spec: @@ -36,7 +36,7 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} + path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} {{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} diff --git a/kubernetes/common/etcd/templates/service.yaml b/kubernetes/common/etcd/templates/service.yaml index 692faa9f2d..4268dd6d2c 100644 --- a/kubernetes/common/etcd/templates/service.yaml +++ b/kubernetes/common/etcd/templates/service.yaml @@ -21,7 +21,7 @@ metadata: name: {{ include "common.servicename" . }} labels: heritage: "{{ .Release.Service }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" app: {{ include "common.name" . }} spec: @@ -33,5 +33,5 @@ spec: clusterIP: None selector: app: {{ include "common.name" . }} - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index cef1a48c2a..96cda89c1f 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -17,7 +17,7 @@ metadata: name: {{ include "common.fullname" . }} labels: heritage: "{{ .Release.Service }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" app: {{ include "common.name" . }} spec: @@ -27,7 +27,7 @@ spec: metadata: labels: heritage: "{{ .Release.Service }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" app: {{ include "common.name" . }} spec: @@ -216,7 +216,7 @@ spec: labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 408bd1814c..c9e2ffe85c 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -22,7 +22,7 @@ metadata: labels: app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: schedule: {{ .Values.backup.cron | quote }} @@ -86,7 +86,7 @@ spec: echo "Backup Successful!!!" env: - name: DB_PASS - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} volumeMounts: - name: backup-dir mountPath: /backup @@ -96,7 +96,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} command: - /bin/bash - -c diff --git a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml index 06b590c7fd..807833ae93 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml @@ -24,7 +24,7 @@ metadata: labels: app: {{ include "common.name" . }}-backup chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" {{- if .Values.persistence.annotations }} annotations: diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml index ff6e119b0c..f143c3b679 100644 --- a/kubernetes/common/mariadb-galera/templates/configmap.yaml +++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: my_extra.cnf: | diff --git a/kubernetes/common/mariadb-galera/templates/pv.yaml b/kubernetes/common/mariadb-galera/templates/pv.yaml index 795ad3188b..6e53a9543d 100644 --- a/kubernetes/common/mariadb-galera/templates/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/pv.yaml @@ -25,7 +25,7 @@ metadata: labels: app: {{ include "common.fullname" $global }} chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ $global.Release.Name }}" + release: "{{ include "common.release" $global }}" heritage: "{{ $global.Release.Service }}" name: {{ include "common.fullname" $global }} spec: @@ -36,7 +36,7 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} {{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml index ae11a26629..71d1b0fe80 100644 --- a/kubernetes/common/mariadb-galera/templates/service.yaml +++ b/kubernetes/common/mariadb-galera/templates/service.yaml @@ -23,7 +23,7 @@ metadata: labels: app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: ports: diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index a9f1fb37b7..a6260fae54 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: serviceName: {{ .Values.service.name }} @@ -30,7 +30,7 @@ spec: labels: app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" annotations: pod.alpha.kubernetes.io/initialized: "true" @@ -61,13 +61,13 @@ spec: apiVersion: v1 fieldPath: metadata.namespace - name: MYSQL_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "login") | indent 14}} - name: MYSQL_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "password") | indent 14}} - name: MYSQL_DATABASE value: {{ default "" .Values.config.mysqlDatabase | quote }} - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} ports: - containerPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} @@ -119,7 +119,7 @@ spec: labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index a6dd1ca359..dabf21da79 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -17,11 +17,11 @@ # Secrets metaconfig ################################################################# secrets: - - uid: "db-root-password" + - uid: '{{ include "common.mariadb.secret.rootPassUID" . }}' type: password externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' password: '{{ .Values.config.mariadbRootPassword }}' - - uid: "db-user-credentials" + - uid: '{{ include "common.mariadb.secret.userCredentialsUID" . }}' type: basicAuth externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}' login: '{{ .Values.config.userName }}' @@ -61,8 +61,8 @@ config: mariadbRootPassword: secretpassword # .userCredentialsExternalSecret: 'some-external-secret' userName: my-user - userPassword: my-password - mysqlDatabase: my-database + # userPassword: my-password + # mysqlDatabase: my-database # default number of instances in the StatefulSet replicaCount: 3 diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh index 304835bdd5..b2fdb14b12 100755 --- a/kubernetes/common/mariadb-init/resources/config/db_init.sh +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -1,5 +1,6 @@ -#!/bin/sh +#!/bin/bash # Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,20 +14,23 @@ # See the License for the specific language governing permissions and # limitations under the License. -echo "Creating database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}..." +while read DB ; do + USER_VAR="MYSQL_USER_${DB^^}" + PASS_VAR="MYSQL_PASSWORD_${DB^^}" + USER=${!USER_VAR} + PASS=${!PASS_VAR} + MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} ) -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ .Values.config.userName }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ .Values.config.mysqlDatabase }}" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ .Values.config.mysqlDatabase }}.* TO '{{ .Values.config.userName }}'@'%'" + echo "Creating database ${DB} and user ${USER}..." -echo "Created database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}." + mysql "${MYSQL_OPTS[@]}" -e "CREATE OR REPLACE USER '${USER}'@'%' IDENTIFIED BY '${PASS}'" + mysql "${MYSQL_OPTS[@]}" -e "CREATE DATABASE IF NOT EXISTS ${DB}" + mysql "${MYSQL_OPTS[@]}" -e "GRANT ALL PRIVILEGES ON ${DB}.* TO '${USER}'@'%'" -{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases -}} -echo "Creating database {{ $db }} and user {{ $dbInfos.user }}..." - -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ $dbInfos.user }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_{{ $db | upper }}}'" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ $db }}" -mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ $db }}.* TO '{{ $dbInfos.user }}'@'%'" - -echo "Created database {{ $db }} and user {{ $dbInfos.user }}." -{{ end }} + echo "Created database ${DB} and user ${USER}." +done <<EOF +{{ .Values.config.mysqlDatabase }} +{{- range $db, $_value := .Values.config.mysqlAdditionalDatabases }} +{{ $db }} +{{- end }} +EOF diff --git a/kubernetes/common/mariadb-init/templates/_mariadb.tpl b/kubernetes/common/mariadb-init/templates/_mariadb.tpl index fb3f7974b9..af9a4f5f02 100644 --- a/kubernetes/common/mariadb-init/templates/_mariadb.tpl +++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl @@ -18,9 +18,5 @@ Choose the name of the mariadb secret to use. */}} {{- define "mariadbInit.mariadbClusterSecret" -}} - {{- if (eq "default" .Values.global.mariadbGalera.userRootSecret) -}} - {{- printf "%s-mariadb-galera-%s-db-root-password" (include "common.release" .) .Values.global.mariadbGalera.nameOverride -}} - {{- else -}} - {{- .Values.global.mariadbGalera.userRootSecret -}} - {{- end -}} + {{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride)) -}} {{- end -}} diff --git a/kubernetes/common/mariadb-init/templates/configmap.yaml b/kubernetes/common/mariadb-init/templates/configmap.yaml index 9da03668f5..0144ec1907 100644 --- a/kubernetes/common/mariadb-init/templates/configmap.yaml +++ b/kubernetes/common/mariadb-init/templates/configmap.yaml @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index 679c10c9a3..5202d572a2 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -1,4 +1,5 @@ # Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: backoffLimit: 20 @@ -28,7 +29,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: initContainers: @@ -59,22 +60,17 @@ spec: - name: DB_PORT value: "{{ .Values.global.mariadbGalera.servicePort }}" - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "mariadbInit.mariadbClusterSecret" . }} - key: {{ .Values.global.mariadbGalera.userRootSecretKey }} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-user-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }} + - name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "login") | indent 10 }} + - name: {{ printf "MYSQL_PASSWORD_%s" .Values.config.mysqlDatabase | upper }} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "password") | indent 10 }} {{- $root := . }} -{{ range $db, $_value := .Values.config.mysqlAdditionalDatabases }} +{{ range $db, $_values := .Values.config.mysqlAdditionalDatabases }} + - name: {{ printf "MYSQL_USER_%s" $db | upper }} + {{- include "common.secret.envFromSecret" (dict "global" $root "uid" $db "key" "login") | indent 10 }} - name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }} - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" $root }}-secret - key: {{ printf "db-%s-user-password" $db }} + {{- include "common.secret.envFromSecret" (dict "global" $root "uid" $db "key" "password") | indent 10 }} {{ end }} volumeMounts: - mountPath: /etc/localtime diff --git a/kubernetes/common/mariadb-init/templates/secret.yaml b/kubernetes/common/mariadb-init/templates/secret.yaml index f30d582110..71a89d019b 100644 --- a/kubernetes/common/mariadb-init/templates/secret.yaml +++ b/kubernetes/common/mariadb-init/templates/secret.yaml @@ -12,19 +12,26 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - db-user-password: {{ index .Values.config.userPassword | b64enc | quote }} -{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} - {{ printf "db-%s-user-password" $db}}: {{ $dbInfos.password | b64enc | quote }} -{{ end }} +{{- define "mariadb-init._update-secrets" -}} + {{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} +{{ printf "- uid: %s" $db }} +{{ printf " type: basicAuth" }} + {{- if $dbInfos.externalSecret }} +{{ printf " externalSecret: %s" $dbInfos.externalSecret }} + {{- end }} +{{ printf " login: %s" $dbInfos.user }} +{{ printf " password: %s" $dbInfos.password }} +{{ printf " passwordPolicy: required" }} + {{- end -}} +{{- end -}} + +{{ $global := . }} +{{ $secretsString := .Values.secrets | toYaml | indent 2 }} +{{ $additionalSecretsString := (include "mariadb-init._update-secrets" .) | indent 2 }} +{{ $finalSecretsString := (cat "\nsecrets:\n" $secretsString $additionalSecretsString) | replace " -" " -" }} +{{ $finalSecrets := ($finalSecretsString | fromYaml).secrets }} + +{{ $newValues := set $global.Values "secrets" $finalSecrets }} +{{ $tmpGlobal := set $global "Values" $newValues }} + +{{ include "common.secret" $tmpGlobal }} diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml index d148ba6888..cac6f79f16 100644 --- a/kubernetes/common/mariadb-init/values.yaml +++ b/kubernetes/common/mariadb-init/values.yaml @@ -23,8 +23,24 @@ global: nameOverride: mariadb-galera servicePort: 3306 # set these two values if you want to access an 'out of ONAP' mariadb - userRootSecret: default - userRootSecretKey: password + # userRootPassword: some-password + # userRootSecret: some-secret-name + # userRootSecretKey: password + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: root-password + type: password + externalSecret: '{{ tpl (default (include "mariadbInit.mariadbClusterSecret" .) .Values.global.mariadbGalera.userRootSecret) . }}' + password: '{{ tpl (default "" .global.mariadbGalera.userRootPassword) . }}' + - uid: '{{ .Values.config.mysqlDatabase }}' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.mysqlExternalSecret) . }}' + login: '{{ .Values.config.userName }}' + password: '{{ .Values.config.userPassword }}' + passwordPolicy: required ################################################################# # Application configuration defaults. @@ -39,6 +55,8 @@ pullPolicy: IfNotPresent config: userPassword: Ci@shsOd3pky1Vji userName: u5WZ1GMSIS1wHZF + # set this value if you would like to use external secret instead of providing a password + # mysqlExternalsecret: some-secret-name mysqlDatabase: ynsaUCru6mUNwGal mysqlAdditionalDatabases: {} # add addtional dabases @@ -48,9 +66,11 @@ config: # dbOne: # user: one # password: pwd1 + # externalSecret: some-secret-name # dbTwo: # user: two # password: pwd2 + # externalSecret: some-secret-name config_map: default nodeSelector: {} diff --git a/kubernetes/common/mongo/templates/pv.yaml b/kubernetes/common/mongo/templates/pv.yaml index edc50aedea..9d40144ed5 100644 --- a/kubernetes/common/mongo/templates/pv.yaml +++ b/kubernetes/common/mongo/templates/pv.yaml @@ -26,7 +26,7 @@ metadata: labels: app: {{ include "common.fullname" $global }} chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ $global.Release.Name }}" + release: "{{ include "common.release" $global }}" heritage: "{{ $global.Release.Service }}" name: {{ include "common.fullname" $global }} spec: @@ -37,7 +37,7 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} {{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} diff --git a/kubernetes/common/mongo/templates/service.yaml b/kubernetes/common/mongo/templates/service.yaml index d59243f90d..e8894c2b59 100644 --- a/kubernetes/common/mongo/templates/service.yaml +++ b/kubernetes/common/mongo/templates/service.yaml @@ -22,7 +22,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: ports: @@ -30,7 +30,7 @@ spec: name: {{ .Values.service.portName }} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} clusterIP: None --- # Client service for connecting to any Mongo instance for reads. @@ -47,7 +47,7 @@ spec: name: {{ .Values.service.portName }} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} --- {{ if .Values.geoEnabled }} apiVersion: v1 @@ -70,5 +70,5 @@ spec: type: NodePort selector: statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0 - release: {{ .Release.Name }} + release: {{ include "common.release" . }} {{ end }} diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml index 0c6c9f4fd5..ae373343d3 100644 --- a/kubernetes/common/mongo/templates/statefulset.yaml +++ b/kubernetes/common/mongo/templates/statefulset.yaml @@ -22,7 +22,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: serviceName: {{ .Values.service.name }} @@ -31,7 +31,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} spec: containers: - name: {{ include "common.name" . }} @@ -84,7 +84,7 @@ spec: labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: diff --git a/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml index 88f0c7465f..46310fb0fb 100644 --- a/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml +++ b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml @@ -22,14 +22,14 @@ metadata: labels: app: {{ include "common.name" . }}-job chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: template: metadata: labels: app: {{ include "common.name" . }}-job - release: {{ .Release.Name }} + release: {{ include "common.release" . }} spec: restartPolicy: Never initContainers: diff --git a/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml b/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml index fb815400da..8399bff77d 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml @@ -26,7 +26,7 @@ metadata: labels: app: {{ include "common.fullname" $global }} chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ $global.Release.Name }}" + release: "{{ include "common.release" $global }}" heritage: "{{ $global.Release.Service }}" name: {{ include "common.fullname" $global }} spec: @@ -37,7 +37,7 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} {{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} diff --git a/kubernetes/common/music/charts/music-cassandra/templates/service.yaml b/kubernetes/common/music/charts/music-cassandra/templates/service.yaml index 818c70e8f3..5a26d6701c 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/service.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/service.yaml @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" @@ -50,5 +50,5 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} clusterIP: None diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml index c3c56f2282..58866495db 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -23,7 +23,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: podAntiAffinity: @@ -46,7 +46,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: containers: @@ -120,7 +120,7 @@ spec: labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: diff --git a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml index 2a38a6aad0..dcbd4e2d88 100755 --- a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml +++ b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml @@ -22,7 +22,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} @@ -30,7 +30,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} spec: initContainers: - name: {{ include "common.name" . }}-zookeeper-readiness @@ -54,7 +54,7 @@ spec: - /root/job_complete.py args: - -j - - "{{ .Release.Name }}-music-cassandra-job-config" + - "{{ include "common.release" . }}-music-cassandra-job-config" env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/common/music/charts/music-tomcat/templates/service.yaml b/kubernetes/common/music/charts/music-tomcat/templates/service.yaml index f6a086cc99..d808bf957a 100755 --- a/kubernetes/common/music/charts/music-tomcat/templates/service.yaml +++ b/kubernetes/common/music/charts/music-tomcat/templates/service.yaml @@ -22,7 +22,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: spec: @@ -39,4 +39,4 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/_helpers.tpl b/kubernetes/common/music/charts/zookeeper/templates/_helpers.tpl deleted file mode 100644 index 1ef5353fa1..0000000000 --- a/kubernetes/common/music/charts/zookeeper/templates/_helpers.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "common.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "common.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "zookeeper.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/kubernetes/common/music/charts/zookeeper/templates/config-jmx-exporter.yaml b/kubernetes/common/music/charts/zookeeper/templates/config-jmx-exporter.yaml index aeb9a2c031..72fedbcbbb 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/config-jmx-exporter.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/config-jmx-exporter.yaml @@ -2,11 +2,11 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ .Release.Name }}-jmx-exporter + name: {{ include "common.release" . }}-jmx-exporter labels: app: {{ template "common.name" . }} chart: {{ .Chart.Name }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: config.yml: |- diff --git a/kubernetes/common/music/charts/zookeeper/templates/job-chroots.yaml b/kubernetes/common/music/charts/zookeeper/templates/job-chroots.yaml index b5b97233a0..b857a0d7b1 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/job-chroots.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/job-chroots.yaml @@ -12,7 +12,7 @@ metadata: labels: app: {{ template "common.name" . }} chart: {{ .Chart.Name }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} component: jobs job: chroots @@ -25,7 +25,7 @@ spec: metadata: labels: app: {{ template "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} component: jobs job: chroots spec: diff --git a/kubernetes/common/music/charts/zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/common/music/charts/zookeeper/templates/poddisruptionbudget.yaml index 7a9f3fe105..a4bc322a31 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/poddisruptionbudget.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/poddisruptionbudget.yaml @@ -5,13 +5,13 @@ metadata: labels: app: {{ template "common.name" . }} chart: {{ .Chart.Name }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} component: server spec: selector: matchLabels: app: {{ template "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} component: server {{ toYaml .Values.podDisruptionBudget | indent 2 }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/pv.yaml b/kubernetes/common/music/charts/zookeeper/templates/pv.yaml index 795ad3188b..6e53a9543d 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/pv.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/pv.yaml @@ -25,7 +25,7 @@ metadata: labels: app: {{ include "common.fullname" $global }} chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ $global.Release.Name }}" + release: "{{ include "common.release" $global }}" heritage: "{{ $global.Release.Service }}" name: {{ include "common.fullname" $global }} spec: @@ -36,7 +36,7 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} {{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} diff --git a/kubernetes/common/music/charts/zookeeper/templates/service-headless.yaml b/kubernetes/common/music/charts/zookeeper/templates/service-headless.yaml index 70ebf6013e..31475a1c76 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/service-headless.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/service-headless.yaml @@ -5,7 +5,7 @@ metadata: labels: app: {{ template "common.name" . }} chart: {{ .Chart.Name }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: clusterIP: None @@ -18,4 +18,4 @@ spec: {{- end }} selector: app: {{ template "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/service.yaml b/kubernetes/common/music/charts/zookeeper/templates/service.yaml index 6ac3066ecf..0ef3a28b27 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/service.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/service.yaml @@ -5,7 +5,7 @@ metadata: labels: app: {{ template "common.name" . }} chart: {{ .Chart.Name }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: {{- with .Values.service.annotations }} @@ -20,4 +20,4 @@ spec: {{- end }} selector: app: {{ template "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml index 580042d090..73224addef 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml @@ -5,7 +5,7 @@ metadata: labels: app: {{ template "common.name" . }} chart: {{ .Chart.Name }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} component: server spec: @@ -25,7 +25,7 @@ spec: selector: matchLabels: app: {{ template "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} component: server updateStrategy: {{ toYaml .Values.updateStrategy | indent 4 }} @@ -33,7 +33,7 @@ spec: metadata: labels: app: {{ template "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} component: server {{- if .Values.podLabels }} ## Custom pod labels @@ -160,7 +160,7 @@ spec: {{- if .Values.exporters.jmx.enabled }} - name: config-jmx-exporter configMap: - name: {{ .Release.Name }}-jmx-exporter + name: {{ include "common.release" . }}-jmx-exporter {{- end }} {{- end }} {{- if .Values.persistence.enabled }} @@ -170,7 +170,7 @@ spec: labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index dac4e0d4ce..2f9cd6a158 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} @@ -28,7 +28,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} spec: initContainers: - command: @@ -53,12 +53,9 @@ spec: - name: SPRING_PROFILE value: "{{ .Values.config.springProfile }}" - name: NENG_DB_USER - value: {{ index .Values "mariadb-galera" "config" "userName" }} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10}} - name: NENG_DB_PASS - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10}} - name: NENG_DB_URL value: {{ .Values.config.dbUrl }} - name: POL_CLIENT_AUTH @@ -97,6 +94,6 @@ spec: volumes: - name: certs secret: - secretName: {{ .Release.Name}}-aai-keystore + secretName: {{ include "common.release" . }}-aai-keystore imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/common/network-name-gen/templates/secrets.yaml b/kubernetes/common/network-name-gen/templates/secrets.yaml index c8630a2535..d5bdce3e04 100644 --- a/kubernetes/common/network-name-gen/templates/secrets.yaml +++ b/kubernetes/common/network-name-gen/templates/secrets.yaml @@ -12,30 +12,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} +{{ include "common.secret" . }} --- apiVersion: v1 data: {{ tpl (.Files.Glob "resources/config/aai_keystore").AsSecrets . | indent 2 }} metadata: - name: {{ .Release.Name}}-aai-keystore + name: {{ include "common.release" . }}-aai-keystore namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} kind: Secret -type: Opaque
\ No newline at end of file +type: Opaque diff --git a/kubernetes/common/network-name-gen/templates/service.yaml b/kubernetes/common/network-name-gen/templates/service.yaml index 0321be9f28..a4c5b05012 100644 --- a/kubernetes/common/network-name-gen/templates/service.yaml +++ b/kubernetes/common/network-name-gen/templates/service.yaml @@ -19,7 +19,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: type: {{ .Values.service.type }} @@ -36,4 +36,4 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index b8a5dad170..d5897013c4 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -32,6 +32,17 @@ global: # image pull policy pullPolicy: IfNotPresent +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-user-creds" + externalSecret: '{{- include "common.mariadb.secret.userCredentialsSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}' + type: basicAuth + - uid: "db-root-pass" + externalSecret: '{{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}' + type: password + # sub-chart config mariadb-galera: config: diff --git a/kubernetes/common/postgres-legacy/.helmignore b/kubernetes/common/postgres-legacy/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/common/postgres-legacy/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/common/postgres-legacy/Chart.yaml b/kubernetes/common/postgres-legacy/Chart.yaml new file mode 100644 index 0000000000..eff8e36eba --- /dev/null +++ b/kubernetes/common/postgres-legacy/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Postgres Server +name: postgres-legacy +version: 5.0.0 diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml new file mode 100644 index 0000000000..e2818139fa --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Postgres Server +name: pgpool +version: 5.0.0 diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf new file mode 100644 index 0000000000..f335174f40 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf @@ -0,0 +1,677 @@ +# ---------------------------- +# pgPool-II configuration file a custom version +# ---------------------------- +# +# This file consists of lines of the form: +# +# name = value +# +# Whitespace may be used. Comments are introduced with "#" anywhere on a line. +# The complete list of parameter names and allowed values can be found in the +# pgPool-II documentation. +# +# This file is read on server startup and when the server receives a SIGHUP +# signal. If you edit the file on a running system, you have to SIGHUP the +# server for the changes to take effect, or use "pgpool reload". Some +# parameters, which are marked below, require a server shutdown and restart to +# take effect. +# + + +#------------------------------------------------------------------------------ +# CONNECTIONS +#------------------------------------------------------------------------------ + +# - pgpool Connection Settings - + +listen_addresses = '*' + # Host name or IP address to listen on: + # '*' for all, '' for no TCP/IP connections + # (change requires restart) +#port = 9999 +port = 5432 + # Port number + # (change requires restart) +socket_dir = '/tmp' + # Unix domain socket path + # The Debian package defaults to + # /var/run/postgresql + # (change requires restart) + + +# - pgpool Communication Manager Connection Settings - + +pcp_port = 9898 + # Port number for pcp + # (change requires restart) +pcp_socket_dir = '/tmp' + # Unix domain socket path for pcp + # The Debian package defaults to + # /var/run/postgresql + # (change requires restart) + +# - Backend Connection Settings - + +backend_hostname0 = '{{.Values.container.name.primary}}' +backend_port0 = 5432 +backend_weight0= 1 +backend_flag0= 'DISALLOW_TO_FAILOVER' + +backend_hostname1 = '{{.Values.container.name.replica}}' +backend_port1 = 5432 +backend_weight1= 1 +backend_flag1= 'DISALLOW_TO_FAILOVER' + +#backend_hostname0 = 'master' + # Host name or IP address to connect to for backend 0 +#backend_port0 = 5432 + # Port number for backend 0 +#backend_weight0 = 1 + # Weight for backend 0 (only in load balancing mode) +#backend_data_directory0 = '/data' + # Data directory for backend 0 +#backend_flag0 = 'ALLOW_TO_FAILOVER' + # Controls various backend behavior + # ALLOW_TO_FAILOVER or DISALLOW_TO_FAILOVER +#backend_hostname1 = 'standby' +#backend_port1 = 5432 +#backend_weight1 = 1 +#backend_data_directory1 = '/data1' +#backend_flag1 = 'ALLOW_TO_FAILOVER' + +# - Authentication - + +enable_pool_hba = on + # Use pool_hba.conf for client authentication +pool_passwd = 'pool_passwd' + # File name of pool_passwd for md5 authentication. + # "" disables pool_passwd. + # (change requires restart) +authentication_timeout = 60 + # Delay in seconds to complete client authentication + # 0 means no timeout. + +# - SSL Connections - + +ssl = off + # Enable SSL support + # (change requires restart) +#ssl_key = './server.key' + # Path to the SSL private key file + # (change requires restart) +#ssl_cert = './server.cert' + # Path to the SSL public certificate file + # (change requires restart) +#ssl_ca_cert = '' + # Path to a single PEM format file + # containing CA root certificate(s) + # (change requires restart) +#ssl_ca_cert_dir = '' + # Directory containing CA root certificate(s) + # (change requires restart) + + +#------------------------------------------------------------------------------ +# POOLS +#------------------------------------------------------------------------------ + +# - Pool size - + +num_init_children = 5 + # Number of pools + # (change requires restart) +max_pool = 1 + # Number of connections per pool + # (change requires restart) + +# - Life time - + +child_life_time = 300 + # Pool exits after being idle for this many seconds +child_max_connections = 0 + # Pool exits after receiving that many connections + # 0 means no exit +connection_life_time = 0 + # Connection to backend closes after being idle for this many seconds + # 0 means no close +client_idle_limit = 0 + # Client is disconnected after being idle for that many seconds + # (even inside an explicit transactions!) + # 0 means no disconnection + + +#------------------------------------------------------------------------------ +# LOGS +#------------------------------------------------------------------------------ + +# - Where to log - + +log_destination = 'stderr' + # Where to log + # Valid values are combinations of stderr, + # and syslog. Default to stderr. + +# - What to log - + +print_timestamp = on + # Print timestamp on each line + # (change requires restart) + +log_connections = on + # Log connections +log_hostname = on + # Hostname will be shown in ps status + # and in logs if connections are logged +log_statement = on + # Log all statements +log_per_node_statement = off + # Log all statements + # with node and backend informations +log_standby_delay = 'if_over_threshold' + # Log standby delay + # Valid values are combinations of always, + # if_over_threshold, none + +# - Syslog specific - + +syslog_facility = 'LOCAL0' + # Syslog local facility. Default to LOCAL0 +syslog_ident = 'pgpool' + # Syslog program identification string + # Default to 'pgpool' + +# - Debug - + +debug_level = 1 + # Debug message verbosity level + # 0 means no message, 1 or more mean verbose + + +#------------------------------------------------------------------------------ +# FILE LOCATIONS +#------------------------------------------------------------------------------ + +pid_file_name = '/tmp/pgpool.pid' + # PID file name + # (change requires restart) +logdir = '/tmp' + # Directory of pgPool status file + # (change requires restart) + + +#------------------------------------------------------------------------------ +# CONNECTION POOLING +#------------------------------------------------------------------------------ + +connection_cache = off + # Activate connection pools + # (change requires restart) + + # Semicolon separated list of queries + # to be issued at the end of a session + # The default is for 8.3 and later +reset_query_list = 'ABORT; DISCARD ALL' + # The following one is for 8.2 and before +#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT' + + +#------------------------------------------------------------------------------ +# REPLICATION MODE +#------------------------------------------------------------------------------ + +replication_mode = off + # Activate replication mode + # (change requires restart) +replicate_select = off + # Replicate SELECT statements + # when in replication or parallel mode + # replicate_select is higher priority than + # load_balance_mode. + +insert_lock = off + # Automatically locks a dummy row or a table + # with INSERT statements to keep SERIAL data + # consistency + # Without SERIAL, no lock will be issued +lobj_lock_table = '' + # When rewriting lo_creat command in + # replication mode, specify table name to + # lock + +# - Degenerate handling - + +replication_stop_on_mismatch = off + # On disagreement with the packet kind + # sent from backend, degenerate the node + # which is most likely "minority" + # If off, just force to exit this session + +failover_if_affected_tuples_mismatch = off + # On disagreement with the number of affected + # tuples in UPDATE/DELETE queries, then + # degenerate the node which is most likely + # "minority". + # If off, just abort the transaction to + # keep the consistency + + +#------------------------------------------------------------------------------ +# LOAD BALANCING MODE +#------------------------------------------------------------------------------ + +load_balance_mode = on + # Activate load balancing mode + # (change requires restart) +ignore_leading_white_space = on + # Ignore leading white spaces of each query +white_function_list = '' + # Comma separated list of function names + # that don't write to database + # Regexp are accepted +black_function_list = 'currval,lastval,nextval,setval' + # Comma separated list of function names + # that write to database + # Regexp are accepted + + +#------------------------------------------------------------------------------ +# MASTER/SLAVE MODE +#------------------------------------------------------------------------------ + +master_slave_mode = on + # Activate master/slave mode + # (change requires restart) +master_slave_sub_mode = 'stream' + # Master/slave sub mode + # Valid values are combinations slony or + # stream. Default is slony. + # (change requires restart) + +# - Streaming - + +sr_check_period = 10 + # Streaming replication check period + # Disabled (0) by default +sr_check_user = '{{.Values.credentials.pgusername}}' + # Streaming replication check user + # This is neccessary even if you disable streaming + # replication delay check by sr_check_period = 0 +sr_check_password = '{{.Values.credentials.pgpassword}}' + # Password for streaming replication check user +delay_threshold = 10000000 + # Threshold before not dispatching query to standby node + # Unit is in bytes + # Disabled (0) by default + +# - Special commands - + +follow_master_command = '' + # Executes this command after master failover + # Special values: + # %d = node id + # %h = host name + # %p = port number + # %D = database cluster path + # %m = new master node id + # %H = hostname of the new master node + # %M = old master node id + # %P = old primary node id + # %r = new master port number + # %R = new master database cluster path + # %% = '%' character + + +#------------------------------------------------------------------------------ +# PARALLEL MODE +#------------------------------------------------------------------------------ + +parallel_mode = off + # Activates parallel query mode + # (change requires restart) +pgpool2_hostname = '' + # Set pgpool2 hostname + # (change requires restart) + +# - System DB info - + +#system_db_hostname = 'localhost' + # (change requires restart) +#system_db_port = 5432 + # (change requires restart) +#system_db_dbname = 'pgpool' + # (change requires restart) +#system_db_schema = 'pgpool_catalog' + # (change requires restart) +#system_db_user = 'pgpool' + # (change requires restart) +#system_db_password = '' + # (change requires restart) + + +#------------------------------------------------------------------------------ +# HEALTH CHECK +#------------------------------------------------------------------------------ + +health_check_period = 20 + # Health check period + # Disabled (0) by default +health_check_timeout = 10 + # Health check timeout + # 0 means no timeout +health_check_user = '{{.Values.credentials.pgusername}}' + # Health check user +health_check_password = '{{.Values.credentials.pgpassword}}' + # Password for health check user +health_check_max_retries = 3 +connect_timeout = 10000 # Timeout value in milliseconds before giving up to connect to backend. + + # Maximum number of times to retry a failed health check before giving up. +health_check_retry_delay = 1 + # Amount of time to wait (in seconds) between retries. + + +#------------------------------------------------------------------------------ +# FAILOVER AND FAILBACK +#------------------------------------------------------------------------------ + +failover_command = '' + # Executes this command at failover + # Special values: + # %d = node id + # %h = host name + # %p = port number + # %D = database cluster path + # %m = new master node id + # %H = hostname of the new master node + # %M = old master node id + # %P = old primary node id + # %r = new master port number + # %R = new master database cluster path + # %% = '%' character +failback_command = '' + # Executes this command at failback. + # Special values: + # %d = node id + # %h = host name + # %p = port number + # %D = database cluster path + # %m = new master node id + # %H = hostname of the new master node + # %M = old master node id + # %P = old primary node id + # %r = new master port number + # %R = new master database cluster path + # %% = '%' character + +fail_over_on_backend_error = off + # Initiates failover when reading/writing to the + # backend communication socket fails + # If set to off, pgpool will report an + # error and disconnect the session. + +search_primary_node_timeout = 10 + # Timeout in seconds to search for the + # primary node when a failover occurs. + # 0 means no timeout, keep searching + # for a primary node forever. + +#------------------------------------------------------------------------------ +# ONLINE RECOVERY +#------------------------------------------------------------------------------ + +recovery_user = '{{.Values.credentials.pgusername}}' + # Online recovery user +recovery_password = '{{.Values.credentials.pgpassword}}' + # Online recovery password +recovery_1st_stage_command = '' + # Executes a command in first stage +recovery_2nd_stage_command = '' + # Executes a command in second stage +recovery_timeout = 90 + # Timeout in seconds to wait for the + # recovering node's postmaster to start up + # 0 means no wait +client_idle_limit_in_recovery = 0 + # Client is disconnected after being idle + # for that many seconds in the second stage + # of online recovery + # 0 means no disconnection + # -1 means immediate disconnection + + +#------------------------------------------------------------------------------ +# WATCHDOG +#------------------------------------------------------------------------------ + +# - Enabling - + +use_watchdog = off + # Activates watchdog + # (change requires restart) + +# -Connection to up stream servers - + +trusted_servers = '' + # trusted server list which are used + # to confirm network connection + # (hostA,hostB,hostC,...) + # (change requires restart) +ping_path = '/bin' + # ping command path + # (change requires restart) + +# - Watchdog communication Settings - + +wd_hostname = '' + # Host name or IP address of this watchdog + # (change requires restart) +wd_port = 9000 + # port number for watchdog service + # (change requires restart) +wd_authkey = '' + # Authentication key for watchdog communication + # (change requires restart) + +# - Virtual IP control Setting - + +delegate_IP = '' + # delegate IP address + # If this is empty, virtual IP never bring up. + # (change requires restart) +ifconfig_path = '/sbin' + # ifconfig command path + # (change requires restart) +if_up_cmd = 'ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0' + # startup delegate IP command + # (change requires restart) +if_down_cmd = 'ifconfig eth0:0 down' + # shutdown delegate IP command + # (change requires restart) + +arping_path = '/usr/sbin' # arping command path + # (change requires restart) + +arping_cmd = 'arping -U $_IP_$ -w 1' + # arping command + # (change requires restart) + +# - Behaivor on escalation Setting - + +clear_memqcache_on_escalation = on + # Clear all the query cache on shared memory + # when standby pgpool escalate to active pgpool + # (= virtual IP holder). + # This should be off if client connects to pgpool + # not using virtual IP. + # (change requires restart) +wd_escalation_command = '' + # Executes this command at escalation on new active pgpool. + # (change requires restart) + +# - Lifecheck Setting - + +# -- common -- + +wd_lifecheck_method = 'heartbeat' + # Method of watchdog lifecheck ('heartbeat' or 'query') + # (change requires restart) +wd_interval = 10 + # lifecheck interval (sec) > 0 + # (change requires restart) + +# -- heartbeat mode -- + +wd_heartbeat_port = 9694 + # Port number for receiving heartbeat signal + # (change requires restart) +wd_heartbeat_keepalive = 2 + # Interval time of sending heartbeat signal (sec) + # (change requires restart) +wd_heartbeat_deadtime = 30 + # Deadtime interval for heartbeat signal (sec) + # (change requires restart) +heartbeat_destination0 = 'host0_ip1' + # Host name or IP address of destination 0 + # for sending heartbeat signal. + # (change requires restart) +heartbeat_destination_port0 = 9694 + # Port number of destination 0 for sending + # heartbeat signal. Usually this is the + # same as wd_heartbeat_port. + # (change requires restart) +heartbeat_device0 = '' + # Name of NIC device (such like 'eth0') + # used for sending/receiving heartbeat + # signal to/from destination 0. + # This works only when this is not empty + # and pgpool has root privilege. + # (change requires restart) + +#heartbeat_destination1 = 'host0_ip2' +#heartbeat_destination_port1 = 9694 +#heartbeat_device1 = '' + +# -- query mode -- + +wd_life_point = 3 + # lifecheck retry times + # (change requires restart) +wd_lifecheck_query = 'SELECT 1' + # lifecheck query to pgpool from watchdog + # (change requires restart) +wd_lifecheck_dbname = 'template1' + # Database name connected for lifecheck + # (change requires restart) +wd_lifecheck_user = 'nobody' + # watchdog user monitoring pgpools in lifecheck + # (change requires restart) +wd_lifecheck_password = '' + # Password for watchdog user in lifecheck + # (change requires restart) + +# - Other pgpool Connection Settings - + +#other_pgpool_hostname0 = 'host0' + # Host name or IP address to connect to for other pgpool 0 + # (change requires restart) +#other_pgpool_port0 = 5432 + # Port number for othet pgpool 0 + # (change requires restart) +#other_wd_port0 = 9000 + # Port number for othet watchdog 0 + # (change requires restart) +#other_pgpool_hostname1 = 'host1' +#other_pgpool_port1 = 5432 +#other_wd_port1 = 9000 + + +#------------------------------------------------------------------------------ +# OTHERS +#------------------------------------------------------------------------------ +relcache_expire = 0 + # Life time of relation cache in seconds. + # 0 means no cache expiration(the default). + # The relation cache is used for cache the + # query result against PostgreSQL system + # catalog to obtain various information + # including table structures or if it's a + # temporary table or not. The cache is + # maintained in a pgpool child local memory + # and being kept as long as it survives. + # If someone modify the table by using + # ALTER TABLE or some such, the relcache is + # not consistent anymore. + # For this purpose, cache_expiration + # controls the life time of the cache. +relcache_size = 256 + # Number of relation cache + # entry. If you see frequently: + # "pool_search_relcache: cache replacement happend" + # in the pgpool log, you might want to increate this number. + +check_temp_table = on + # If on, enable temporary table check in SELECT statements. + # This initiates queries against system catalog of primary/master + # thus increases load of master. + # If you are absolutely sure that your system never uses temporary tables + # and you want to save access to primary/master, you could turn this off. + # Default is on. + + +#------------------------------------------------------------------------------ +# ON MEMORY QUERY MEMORY CACHE +#------------------------------------------------------------------------------ +memory_cache_enabled = off + # If on, use the memory cache functionality, off by default +memqcache_method = 'shmem' + # Cache storage method. either 'shmem'(shared memory) or + # 'memcached'. 'shmem' by default + # (change requires restart) +memqcache_memcached_host = 'localhost' + # Memcached host name or IP address. Mandatory if + # memqcache_method = 'memcached'. + # Defaults to localhost. + # (change requires restart) +memqcache_memcached_port = 11211 + # Memcached port number. Mondatory if memqcache_method = 'memcached'. + # Defaults to 11211. + # (change requires restart) +memqcache_total_size = 67108864 + # Total memory size in bytes for storing memory cache. + # Mandatory if memqcache_method = 'shmem'. + # Defaults to 64MB. + # (change requires restart) +memqcache_max_num_cache = 1000000 + # Total number of cache entries. Mandatory + # if memqcache_method = 'shmem'. + # Each cache entry consumes 48 bytes on shared memory. + # Defaults to 1,000,000(45.8MB). + # (change requires restart) +memqcache_expire = 0 + # Memory cache entry life time specified in seconds. + # 0 means infinite life time. 0 by default. + # (change requires restart) +memqcache_auto_cache_invalidation = on + # If on, invalidation of query cache is triggered by corresponding + # DDL/DML/DCL(and memqcache_expire). If off, it is only triggered + # by memqcache_expire. on by default. + # (change requires restart) +memqcache_maxcache = 409600 + # Maximum SELECT result size in bytes. + # Must be smaller than memqcache_cache_block_size. Defaults to 400KB. + # (change requires restart) +memqcache_cache_block_size = 1048576 + # Cache block size in bytes. Mandatory if memqcache_method = 'shmem'. + # Defaults to 1MB. + # (change requires restart) +memqcache_oiddir = '/var/log/pgpool/oiddir' + # Temporary work directory to record table oids + # (change requires restart) +white_memqcache_table_list = '' + # Comma separated list of table names to memcache + # that don't write to database + # Regexp are accepted +black_memqcache_table_list = '' + # Comma separated list of table names not to memcache + # that don't write to database + # Regexp are accepted diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf new file mode 100644 index 0000000000..d8918409e8 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf @@ -0,0 +1,67 @@ +# pgpool Client Authentication Configuration File a custom version +# =============================================== +# +# The format rule in this file follows the rules in the PostgreSQL +# Administrator's Guide. Refer to chapter "Client Authentication" for a +# complete description. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which user names they can use, which databases they +# can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTION] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. +# +# DATABASE can be "all", "sameuser", a database name, or a comma-separated +# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf +# file is not supported, since pgpool does not know which group a user +# belongs to. Also note that the database specified here may not exist in +# the backend PostgreSQL. pgpool will authenticate based on the database's +# name, not based on whether it exists or not. +# +# USER can be "all", a user name, or a comma-separated list thereof. In +# both the DATABASE and USER fields you can also write a file name prefixed +# with "@" to include names from a separate file. Note that a group name +# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported +# because of the same reason as "samegroup" token. Also note that a user +# name specified here may not exist in the backend PostgreSQL. pgpool will +# authenticate based on the user's name, not based on whether he/she exists. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) that specifies the number of significant bits in +# the mask. Alternatively, you can write an IP address and netmask in +# separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords +# in clear text. +# +# OPTION is the name of the PAM service. Default service name is "pgpool" +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all" or "sameuser" +# makes the name lose its special character, and just match a database or +# username with that name. +# +# This file is read on pgpool startup. If you edit the file on a running +# system, you have to restart the pgpool for the changes to take effect. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make pgpool listen +# on a non-local interface via the listen_addresses configuration parameter. +# + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# "local" is for Unix domain socket connections only +#local all all trust +# IPv4 local connections: +host all all 0.0.0.0/0 md5 diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd index 3636d1de74..3636d1de74 100644 --- a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd +++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml new file mode 100644 index 0000000000..5b097f3ab7 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml new file mode 100755 index 0000000000..099c8dd12e --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pgpool-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml new file mode 100644 index 0000000000..7572d7f444 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml @@ -0,0 +1,68 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: 2 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }} + env: + - name: PG_PRIMARY_SERVICE_NAME + value: {{.Values.container.name.primary}} + - name: PG_REPLICA_SERVICE_NAME + value: {{.Values.container.name.replica}} + - name: PG_USERNAME + value: {{.Values.credentials.pgusername}} + - name: PG_PASSWORD + value: {{.Values.credentials.pgpassword}} + ports: + - containerPort: 5432 + name: pgpool + protocol: TCP + readinessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 20 + periodSeconds: 10 + livenessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 15 + periodSeconds: 20 + volumeMounts: + - name: pgpool-pgconf + mountPath: /pgconf/pgpoolconfigdir + readOnly: false + volumes: + - name: pgpool-pgconf + configMap: + name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml new file mode 100644 index 0000000000..8c066e5b7a --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml new file mode 100644 index 0000000000..cb732b7cd7 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml @@ -0,0 +1,44 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: crunchydata +image: crunchy-pgpool:centos7-10.4-2.0.0 +pullPolicy: Always + +container: + port: 5432 + name: + primary: pgset-primary + replica: pgset-replica +credentials: + pgusername: testuser + pgpassword: password +service: + name: pgpool + type: ClusterIP + externalPort: 5432 + internalPort: 5432 diff --git a/kubernetes/common/postgres-legacy/requirements.yaml b/kubernetes/common/postgres-legacy/requirements.yaml new file mode 100644 index 0000000000..5b097f3ab7 --- /dev/null +++ b/kubernetes/common/postgres-legacy/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/common/postgres/templates/pv.yaml b/kubernetes/common/postgres-legacy/templates/pv.yaml index bcd67d79cb..2ac5d979d5 100644 --- a/kubernetes/common/postgres/templates/pv.yaml +++ b/kubernetes/common/postgres-legacy/templates/pv.yaml @@ -25,7 +25,7 @@ metadata: labels: app: {{ include "common.fullname" $global }} chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ $global.Release.Name }}" + release: "{{ include "common.release" $global }}" heritage: "{{ $global.Release.Service }}" name: {{ include "common.fullname" $global }} spec: @@ -36,7 +36,7 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} {{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} diff --git a/kubernetes/common/postgres-legacy/templates/secrets.yaml b/kubernetes/common/postgres-legacy/templates/secrets.yaml new file mode 100644 index 0000000000..db1bc5bb15 --- /dev/null +++ b/kubernetes/common/postgres-legacy/templates/secrets.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +type: Opaque +data: + pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }} + pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }} + pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }} + diff --git a/kubernetes/common/postgres/templates/service.yaml b/kubernetes/common/postgres-legacy/templates/service.yaml index 2a4e369ef4..30d824bbd7 100644 --- a/kubernetes/common/postgres/templates/service.yaml +++ b/kubernetes/common/postgres-legacy/templates/service.yaml @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: spec: @@ -38,7 +38,7 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} --- apiVersion: v1 kind: Service @@ -48,7 +48,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: spec: @@ -65,7 +65,7 @@ spec: {{- end}} selector: name: "{{.Values.container.name.primary}}" - release: {{ .Release.Name }} + release: {{ include "common.release" . }} --- apiVersion: v1 kind: Service @@ -75,7 +75,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: spec: @@ -92,4 +92,4 @@ spec: {{- end}} selector: name: "{{.Values.container.name.replica}}" - release: {{ .Release.Name }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres/templates/statefulset.yaml b/kubernetes/common/postgres-legacy/templates/statefulset.yaml index 7c38d1d9d7..5333a0d310 100644 --- a/kubernetes/common/postgres/templates/statefulset.yaml +++ b/kubernetes/common/postgres-legacy/templates/statefulset.yaml @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: serviceName: {{ .Values.service.name }} @@ -30,7 +30,7 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} spec: initContainers: - command: @@ -131,7 +131,7 @@ spec: labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" + release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: diff --git a/kubernetes/common/postgres-legacy/values.yaml b/kubernetes/common/postgres-legacy/values.yaml new file mode 100644 index 0000000000..8dd5d0aaac --- /dev/null +++ b/kubernetes/common/postgres-legacy/values.yaml @@ -0,0 +1,139 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +################################################################# +# Application configuration defaults. +################################################################# + +# BusyBox image +busyboxRepository: registry.hub.docker.com +busyboxImage: library/busybox:latest + +postgresRepository: crunchydata +image: crunchy-postgres:centos7-10.4-2.0.0 +pullPolicy: Always + +# application configuration +config: + pgUserName: testuser + pgDatabase: userdb + pgPrimaryPassword: password + pgUserPassword: password + pgRootPassword: password + +container: + name: + primary: pgset-primary + replica: pgset-replica + +pgpool: + container: + port: 5432 + name: + primary: pgset-primary + replica: pgset-replica + credentials: + pgusername: testuser + pgpassword: password + service: + name: pgpool + + +# default number of instances +replicaCount: 2 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 300 + periodSeconds: 10 + timeoutSeconds: 5 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: postgres/data + mountInitPath: postgres + +service: + type: ClusterIP + name: pgset + externalPort: 5432 + internalPort: 5432 + type2: ClusterIP + name2: pgset-primary + externalPort2: 5432 + internalPort2: 5432 + type3: ClusterIP + name3: pgset-replica + externalPort3: 5432 + internalPort3: 5432 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi + diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf index d8918409e8..580185c6f0 100644 --- a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf +++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf @@ -65,3 +65,4 @@ #local all all trust # IPv4 local connections: host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml b/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml index e2c77ff910..099c8dd12e 100755 --- a/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml @@ -20,7 +20,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml index 15fa18d81d..c24916ad22 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: replicas: 2 @@ -29,8 +29,35 @@ spec: metadata: labels: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} spec: + initContainers: + - name: {{ include "common.name" . }}-job + image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: pgpool-pgconf + mountPath: /pgconf/pgpoolconfigdir + readOnly: false + - name: pgpool-pgconf-static + mountPath: /configdir/ + readOnly: false + command: + - /bin/sh + args: + - -c + - | + cp /configdir/pgpool.conf /pgconf/pgpoolconfigdir/ + cp /configdir/pool_hba.conf /pgconf/pgpoolconfigdir/ + pg_md5 -f /pgconf/pgpoolconfigdir/pgpool.conf --md5auth --username=${PG_USER} ${PG_PASSWORD} + env: + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password + - name: PG_USER + value: {{ index .Values.credentials.pgusername }} containers: - image: "{{.Values.repository}}/{{.Values.image}}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -43,7 +70,10 @@ spec: - name: PG_USERNAME value: {{.Values.credentials.pgusername}} - name: PG_PASSWORD - value: {{.Values.credentials.pgpassword}} + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password ports: - containerPort: 5432 name: pgpool @@ -64,5 +94,7 @@ spec: readOnly: false volumes: - name: pgpool-pgconf + emptyDir: {} + - name: pgpool-pgconf-static configMap: name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml new file mode 100644 index 0000000000..3b89371ad4 --- /dev/null +++ b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml @@ -0,0 +1,28 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + db-user-password: {{ default "" .Values.credentials.pgpassword | b64enc | quote }} + diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml index 86442a2740..696b22a80d 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml @@ -6,7 +6,7 @@ metadata: labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} annotations: spec: @@ -15,12 +15,12 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres/charts/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml index cb732b7cd7..8ceff8f964 100644 --- a/kubernetes/common/postgres/charts/pgpool/values.yaml +++ b/kubernetes/common/postgres/charts/pgpool/values.yaml @@ -38,7 +38,8 @@ credentials: pgusername: testuser pgpassword: password service: - name: pgpool + name: pgpool + portName: tcp-postgres type: ClusterIP externalPort: 5432 internalPort: 5432 diff --git a/kubernetes/common/postgres/configs/pg_hba.conf b/kubernetes/common/postgres/configs/pg_hba.conf new file mode 100644 index 0000000000..580185c6f0 --- /dev/null +++ b/kubernetes/common/postgres/configs/pg_hba.conf @@ -0,0 +1,68 @@ +# pgpool Client Authentication Configuration File a custom version +# =============================================== +# +# The format rule in this file follows the rules in the PostgreSQL +# Administrator's Guide. Refer to chapter "Client Authentication" for a +# complete description. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which user names they can use, which databases they +# can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTION] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. +# +# DATABASE can be "all", "sameuser", a database name, or a comma-separated +# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf +# file is not supported, since pgpool does not know which group a user +# belongs to. Also note that the database specified here may not exist in +# the backend PostgreSQL. pgpool will authenticate based on the database's +# name, not based on whether it exists or not. +# +# USER can be "all", a user name, or a comma-separated list thereof. In +# both the DATABASE and USER fields you can also write a file name prefixed +# with "@" to include names from a separate file. Note that a group name +# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported +# because of the same reason as "samegroup" token. Also note that a user +# name specified here may not exist in the backend PostgreSQL. pgpool will +# authenticate based on the user's name, not based on whether he/she exists. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) that specifies the number of significant bits in +# the mask. Alternatively, you can write an IP address and netmask in +# separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords +# in clear text. +# +# OPTION is the name of the PAM service. Default service name is "pgpool" +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all" or "sameuser" +# makes the name lose its special character, and just match a database or +# username with that name. +# +# This file is read on pgpool startup. If you edit the file on a running +# system, you have to restart the pgpool for the changes to take effect. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make pgpool listen +# on a non-local interface via the listen_addresses configuration parameter. +# + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# "local" is for Unix domain socket connections only +#local all all trust +# IPv4 local connections: +host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/templates/configmap.yaml b/kubernetes/common/postgres/templates/configmap.yaml new file mode 100644 index 0000000000..26ba390040 --- /dev/null +++ b/kubernetes/common/postgres/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/common/postgres/templates/deployment-primary.yaml b/kubernetes/common/postgres/templates/deployment-primary.yaml new file mode 100644 index 0000000000..b234dc2092 --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-primary.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.primary }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-primary + release: {{ include "common.release" . }} + name: "{{ .Values.container.name.primary }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: primary + - name: PG_PRIMARY_HOST + value: "{{ .Values.container.name.primary }}" + - name: PG_REPLICA_HOST + value: "{{ .Values.container.name.replica }}" + - name: PG_PRIMARY_PORT + value: "{{ .Values.service.internalPort }}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{ .Values.config.pgUserName }}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{ .Values.config.pgDatabase }}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-primary +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/deployment-replica.yaml b/kubernetes/common/postgres/templates/deployment-replica.yaml new file mode 100644 index 0000000000..72a8736e17 --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-replica.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.replica }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-replica + release: {{ include "common.release" . }} + name: "{{ .Values.container.name.replica }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: replica + - name: PG_PRIMARY_HOST + value: "{{.Values.container.name.primary}}" + - name: PG_REPLICA_HOST + value: "{{.Values.container.name.replica}}" + - name: PG_PRIMARY_PORT + value: "{{.Values.service.internalPort}}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{.Values.config.pgUserName}}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{.Values.config.pgDatabase}}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-replica +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/pv-primary.yaml b/kubernetes/common/postgres/templates/pv-primary.yaml new file mode 100644 index 0000000000..e1ff1f9f4e --- /dev/null +++ b/kubernetes/common/postgres/templates/pv-primary.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if include "common.needPV" . -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-primary" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}/primary +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/postgres/templates/pv-replica.yaml b/kubernetes/common/postgres/templates/pv-replica.yaml new file mode 100644 index 0000000000..d553c36680 --- /dev/null +++ b/kubernetes/common/postgres/templates/pv-replica.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if include "common.needPV" . -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-replica" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}/replica +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/postgres/templates/pvc-primary.yaml b/kubernetes/common/postgres/templates/pvc-primary.yaml new file mode 100644 index 0000000000..fa25f19077 --- /dev/null +++ b/kubernetes/common/postgres/templates/pvc-primary.yaml @@ -0,0 +1,45 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if include "common.needPV" . }} + storageClassName: "{{ include "common.fullname" . }}-primary" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} + storageClassName: "{{ include "common.fullname" . }}-primary" +{{- end -}} diff --git a/kubernetes/common/postgres/templates/pvc-replica.yaml b/kubernetes/common/postgres/templates/pvc-replica.yaml new file mode 100644 index 0000000000..1e453fbcfd --- /dev/null +++ b/kubernetes/common/postgres/templates/pvc-replica.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if include "common.needPV" . }} + storageClassName: "{{ include "common.fullname" . }}-replica" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} +{{- end -}} diff --git a/kubernetes/common/postgres/templates/secrets.yaml b/kubernetes/common/postgres/templates/secrets.yaml index 29de3af260..db1bc5bb15 100644 --- a/kubernetes/common/postgres/templates/secrets.yaml +++ b/kubernetes/common/postgres/templates/secrets.yaml @@ -21,7 +21,7 @@ metadata: labels: app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + release: {{ include "common.release" . }} heritage: {{ .Release.Service }} type: Opaque data: diff --git a/kubernetes/common/postgres/templates/service-common.yaml b/kubernetes/common/postgres/templates/service-common.yaml new file mode 100644 index 0000000000..6e74a06616 --- /dev/null +++ b/kubernetes/common/postgres/templates/service-common.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres/templates/service-primary.yaml b/kubernetes/common/postgres/templates/service-primary.yaml new file mode 100644 index 0000000000..2965b7df81 --- /dev/null +++ b/kubernetes/common/postgres/templates/service-primary.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} + selector: + name: "{{.Values.container.name.primary}}" + release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres/templates/service-replica.yaml b/kubernetes/common/postgres/templates/service-replica.yaml new file mode 100644 index 0000000000..d92a0833af --- /dev/null +++ b/kubernetes/common/postgres/templates/service-replica.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name3 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type3 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.portName3 }} + {{- else -}} + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + {{- end}} + selector: + name: "{{.Values.container.name.replica}}" + release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml index 8dd5d0aaac..3104ee79d2 100644 --- a/kubernetes/common/postgres/values.yaml +++ b/kubernetes/common/postgres/values.yaml @@ -104,14 +104,17 @@ persistence: service: type: ClusterIP name: pgset + portName: tcp-postgres externalPort: 5432 internalPort: 5432 type2: ClusterIP - name2: pgset-primary + name2: tcp-pgset-primary + portName2: tcp-postgres externalPort2: 5432 internalPort2: 5432 type3: ClusterIP - name3: pgset-replica + name3: tcp-pgset-replica + portName3: tcp-postgres externalPort3: 5432 internalPort3: 5432 @@ -136,4 +139,3 @@ resources: {} # requests: # cpu: 2 # memory: 4Gi - |