From 0b243b600f5c9c296189d66161a814396d648563 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Wed, 11 Dec 2019 11:53:42 +0100 Subject: [COMMON] Use deployment for postgresql Instead of statefulset + inner work in the container, use deployments in order to be more reliable Change-Id: Icf4fe1303ae3489c822558e28bb08b69af2d4970 Issue-ID: OOM-2234 Signed-off-by: Sylvain Desbureaux --- .../postgres/charts/pgpool/configs/pool_hba.conf | 1 + .../postgres/charts/pgpool/configs/pool_passwd | 2 - .../charts/pgpool/templates/deployment.yaml | 34 ++++- .../postgres/charts/pgpool/templates/secrets.yaml | 28 ++++ .../postgres/charts/pgpool/templates/service.yaml | 4 +- .../common/postgres/charts/pgpool/values.yaml | 3 +- kubernetes/common/postgres/configs/pg_hba.conf | 68 ++++++++++ .../common/postgres/templates/configmap.yaml | 27 ++++ .../postgres/templates/deployment-primary.yaml | 138 ++++++++++++++++++++ .../postgres/templates/deployment-replica.yaml | 138 ++++++++++++++++++++ .../common/postgres/templates/pv-primary.yaml | 37 ++++++ .../common/postgres/templates/pv-replica.yaml | 37 ++++++ kubernetes/common/postgres/templates/pv.yaml | 45 ------- .../common/postgres/templates/pvc-primary.yaml | 40 ++++++ .../common/postgres/templates/pvc-replica.yaml | 40 ++++++ .../common/postgres/templates/service-common.yaml | 41 ++++++ .../common/postgres/templates/service-primary.yaml | 41 ++++++ .../common/postgres/templates/service-replica.yaml | 41 ++++++ kubernetes/common/postgres/templates/service.yaml | 95 -------------- .../common/postgres/templates/statefulset.yaml | 143 --------------------- kubernetes/common/postgres/values.yaml | 8 +- 21 files changed, 719 insertions(+), 292 deletions(-) delete mode 100644 kubernetes/common/postgres/charts/pgpool/configs/pool_passwd create mode 100644 kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml create mode 100644 kubernetes/common/postgres/configs/pg_hba.conf create mode 100644 kubernetes/common/postgres/templates/configmap.yaml create mode 100644 kubernetes/common/postgres/templates/deployment-primary.yaml create mode 100644 kubernetes/common/postgres/templates/deployment-replica.yaml create mode 100644 kubernetes/common/postgres/templates/pv-primary.yaml create mode 100644 kubernetes/common/postgres/templates/pv-replica.yaml delete mode 100644 kubernetes/common/postgres/templates/pv.yaml create mode 100644 kubernetes/common/postgres/templates/pvc-primary.yaml create mode 100644 kubernetes/common/postgres/templates/pvc-replica.yaml create mode 100644 kubernetes/common/postgres/templates/service-common.yaml create mode 100644 kubernetes/common/postgres/templates/service-primary.yaml create mode 100644 kubernetes/common/postgres/templates/service-replica.yaml delete mode 100644 kubernetes/common/postgres/templates/service.yaml delete mode 100644 kubernetes/common/postgres/templates/statefulset.yaml (limited to 'kubernetes/common/postgres') diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf index d8918409e8..580185c6f0 100644 --- a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf +++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf @@ -65,3 +65,4 @@ #local all all trust # IPv4 local connections: host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd b/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd deleted file mode 100644 index 3636d1de74..0000000000 --- a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd +++ /dev/null @@ -1,2 +0,0 @@ -testuser:md599e8713364988502fa6189781bcf648f -postgres:md53175bce1d3201d16594cebf9d7eb3f9d diff --git a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml index 15fa18d81d..a4b0ca8657 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml @@ -31,6 +31,33 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - name: {{ include "common.name" . }}-job + image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: pgpool-pgconf + mountPath: /pgconf/pgpoolconfigdir + readOnly: false + - name: pgpool-pgconf-static + mountPath: /configdir/ + readOnly: false + command: + - /bin/sh + args: + - -c + - | + cp /configdir/pgpool.conf /pgconf/pgpoolconfigdir/ + cp /configdir/pool_hba.conf /pgconf/pgpoolconfigdir/ + pg_md5 -f /pgconf/pgpoolconfigdir/pgpool.conf --md5auth --username=${PG_USER} ${PG_PASSWORD} + env: + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password + - name: PG_USER + value: {{ index .Values.credentials.pgusername }} containers: - image: "{{.Values.repository}}/{{.Values.image}}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -43,7 +70,10 @@ spec: - name: PG_USERNAME value: {{.Values.credentials.pgusername}} - name: PG_PASSWORD - value: {{.Values.credentials.pgpassword}} + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password ports: - containerPort: 5432 name: pgpool @@ -64,5 +94,7 @@ spec: readOnly: false volumes: - name: pgpool-pgconf + emptyDir: {} + - name: pgpool-pgconf-static configMap: name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml new file mode 100644 index 0000000000..b449faca92 --- /dev/null +++ b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml @@ -0,0 +1,28 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + db-user-password: {{ default "" .Values.credentials.pgpassword | b64enc | quote }} + diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml index 86442a2740..4306b264b2 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml @@ -15,11 +15,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/common/postgres/charts/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml index cb732b7cd7..8ceff8f964 100644 --- a/kubernetes/common/postgres/charts/pgpool/values.yaml +++ b/kubernetes/common/postgres/charts/pgpool/values.yaml @@ -38,7 +38,8 @@ credentials: pgusername: testuser pgpassword: password service: - name: pgpool + name: pgpool + portName: tcp-postgres type: ClusterIP externalPort: 5432 internalPort: 5432 diff --git a/kubernetes/common/postgres/configs/pg_hba.conf b/kubernetes/common/postgres/configs/pg_hba.conf new file mode 100644 index 0000000000..580185c6f0 --- /dev/null +++ b/kubernetes/common/postgres/configs/pg_hba.conf @@ -0,0 +1,68 @@ +# pgpool Client Authentication Configuration File a custom version +# =============================================== +# +# The format rule in this file follows the rules in the PostgreSQL +# Administrator's Guide. Refer to chapter "Client Authentication" for a +# complete description. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which user names they can use, which databases they +# can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTION] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. +# +# DATABASE can be "all", "sameuser", a database name, or a comma-separated +# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf +# file is not supported, since pgpool does not know which group a user +# belongs to. Also note that the database specified here may not exist in +# the backend PostgreSQL. pgpool will authenticate based on the database's +# name, not based on whether it exists or not. +# +# USER can be "all", a user name, or a comma-separated list thereof. In +# both the DATABASE and USER fields you can also write a file name prefixed +# with "@" to include names from a separate file. Note that a group name +# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported +# because of the same reason as "samegroup" token. Also note that a user +# name specified here may not exist in the backend PostgreSQL. pgpool will +# authenticate based on the user's name, not based on whether he/she exists. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) that specifies the number of significant bits in +# the mask. Alternatively, you can write an IP address and netmask in +# separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords +# in clear text. +# +# OPTION is the name of the PAM service. Default service name is "pgpool" +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all" or "sameuser" +# makes the name lose its special character, and just match a database or +# username with that name. +# +# This file is read on pgpool startup. If you edit the file on a running +# system, you have to restart the pgpool for the changes to take effect. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make pgpool listen +# on a non-local interface via the listen_addresses configuration parameter. +# + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# "local" is for Unix domain socket connections only +#local all all trust +# IPv4 local connections: +host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/templates/configmap.yaml b/kubernetes/common/postgres/templates/configmap.yaml new file mode 100644 index 0000000000..7abd39b9b9 --- /dev/null +++ b/kubernetes/common/postgres/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/common/postgres/templates/deployment-primary.yaml b/kubernetes/common/postgres/templates/deployment-primary.yaml new file mode 100644 index 0000000000..9cb3007400 --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-primary.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.primary }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-primary + release: {{ .Release.Name }} + name: "{{ .Values.container.name.primary }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: primary + - name: PG_PRIMARY_HOST + value: "{{ .Values.container.name.primary }}" + - name: PG_REPLICA_HOST + value: "{{ .Values.container.name.replica }}" + - name: PG_PRIMARY_PORT + value: "{{ .Values.service.internalPort }}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{ .Values.config.pgUserName }}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{ .Values.config.pgDatabase }}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-primary +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/deployment-replica.yaml b/kubernetes/common/postgres/templates/deployment-replica.yaml new file mode 100644 index 0000000000..8f09a2f48f --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-replica.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.replica }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-replica + release: {{ .Release.Name }} + name: "{{ .Values.container.name.replica }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: replica + - name: PG_PRIMARY_HOST + value: "{{.Values.container.name.primary}}" + - name: PG_REPLICA_HOST + value: "{{.Values.container.name.replica}}" + - name: PG_PRIMARY_PORT + value: "{{.Values.service.internalPort}}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{.Values.config.pgUserName}}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{.Values.config.pgDatabase}}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-replica +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/pv-primary.yaml b/kubernetes/common/postgres/templates/pv-primary.yaml new file mode 100644 index 0000000000..096f0c9d2b --- /dev/null +++ b/kubernetes/common/postgres/templates/pv-primary.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-primary" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/primary +{{- end -}} diff --git a/kubernetes/common/postgres/templates/pv-replica.yaml b/kubernetes/common/postgres/templates/pv-replica.yaml new file mode 100644 index 0000000000..a98abefba0 --- /dev/null +++ b/kubernetes/common/postgres/templates/pv-replica.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-replica" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/replica +{{- end -}} diff --git a/kubernetes/common/postgres/templates/pv.yaml b/kubernetes/common/postgres/templates/pv.yaml deleted file mode 100644 index bcd67d79cb..0000000000 --- a/kubernetes/common/postgres/templates/pv.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} -{{- if eq "True" (include "common.needPV" .) -}} -{{- range $i := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-data-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ $global.Release.Name }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/common/postgres/templates/pvc-primary.yaml b/kubernetes/common/postgres/templates/pvc-primary.yaml new file mode 100644 index 0000000000..05a5088966 --- /dev/null +++ b/kubernetes/common/postgres/templates/pvc-primary.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} + storageClassName: "{{ include "common.fullname" . }}-primary" +{{- end -}} diff --git a/kubernetes/common/postgres/templates/pvc-replica.yaml b/kubernetes/common/postgres/templates/pvc-replica.yaml new file mode 100644 index 0000000000..f740521919 --- /dev/null +++ b/kubernetes/common/postgres/templates/pvc-replica.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} + storageClassName: "{{ include "common.fullname" . }}-replica" +{{- end -}} diff --git a/kubernetes/common/postgres/templates/service-common.yaml b/kubernetes/common/postgres/templates/service-common.yaml new file mode 100644 index 0000000000..da0505cfa6 --- /dev/null +++ b/kubernetes/common/postgres/templates/service-common.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/templates/service-primary.yaml b/kubernetes/common/postgres/templates/service-primary.yaml new file mode 100644 index 0000000000..501c01ecfe --- /dev/null +++ b/kubernetes/common/postgres/templates/service-primary.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} + selector: + name: "{{.Values.container.name.primary}}" + release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/templates/service-replica.yaml b/kubernetes/common/postgres/templates/service-replica.yaml new file mode 100644 index 0000000000..34f76d125e --- /dev/null +++ b/kubernetes/common/postgres/templates/service-replica.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name3 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type3 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.portName3 }} + {{- else -}} + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + {{- end}} + selector: + name: "{{.Values.container.name.replica}}" + release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/templates/service.yaml b/kubernetes/common/postgres/templates/service.yaml deleted file mode 100644 index 2a4e369ef4..0000000000 --- a/kubernetes/common/postgres/templates/service.yaml +++ /dev/null @@ -1,95 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name2 }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type2 }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.name2 }} - {{- else -}} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.name2 }} - {{- end}} - selector: - name: "{{.Values.container.name.primary}}" - release: {{ .Release.Name }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name3 }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type3 }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.name3 }} - {{- else -}} - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.name3 }} - {{- end}} - selector: - name: "{{.Values.container.name.replica}}" - release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/templates/statefulset.yaml b/kubernetes/common/postgres/templates/statefulset.yaml deleted file mode 100644 index 7c38d1d9d7..0000000000 --- a/kubernetes/common/postgres/templates/statefulset.yaml +++ /dev/null @@ -1,143 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - initContainers: - - command: - - /bin/sh - - -c - - | - chown -R 26:26 /podroot/; - chmod 700 /podroot/; - image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-prepare - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /podroot/ - containers: - - name: {{ include "common.name" . }} - image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - name: postgres - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: PGHOST - value: /tmp - - name: PG_PRIMARY_USER - value: primaryuser - - name: PG_MODE - value: set - - name: PG_PRIMARY_HOST - value: "{{.Values.container.name.primary}}" - - name: PG_REPLICA_HOST - value: "{{.Values.container.name.replica}}" - - name: PG_PRIMARY_PORT - value: "{{.Values.service.internalPort}}" - - name: PG_PRIMARY_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-primary-password - - name: PG_USER - value: "{{.Values.config.pgUserName}}" - - name: PG_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-user-password - - name: PG_DATABASE - value: "{{.Values.config.pgDatabase}}" - - name: PG_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-root-password - volumeMounts: - - mountPath: /pgdata - name: {{ include "common.fullname" . }}-data - - mountPath: /backup - name: {{ include "common.fullname" . }}-backup - readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-backup - emptyDir: {} -{{- if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - emptyDir: {} -{{- else }} - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{- end }} diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml index 8dd5d0aaac..3104ee79d2 100644 --- a/kubernetes/common/postgres/values.yaml +++ b/kubernetes/common/postgres/values.yaml @@ -104,14 +104,17 @@ persistence: service: type: ClusterIP name: pgset + portName: tcp-postgres externalPort: 5432 internalPort: 5432 type2: ClusterIP - name2: pgset-primary + name2: tcp-pgset-primary + portName2: tcp-postgres externalPort2: 5432 internalPort2: 5432 type3: ClusterIP - name3: pgset-replica + name3: tcp-pgset-replica + portName3: tcp-postgres externalPort3: 5432 internalPort3: 5432 @@ -136,4 +139,3 @@ resources: {} # requests: # cpu: 2 # memory: 4Gi - -- cgit 1.2.3-korg