2 # Copyright © 2018 Amdocs, AT&T, Bell Canada
3 # Copyright © 2020 Samsung Electronics
4 # Copyright © 2021 Orange
5 # Modifications Copyright (C) 2021 Bell Canada.
7 # # Licensed under the Apache License, Version 2.0 (the "License");
8 # # you may not use this file except in compliance with the License.
9 # # You may obtain a copy of the License at
11 # # http://www.apache.org/licenses/LICENSE-2.0
13 # # Unless required by applicable law or agreed to in writing, software
14 # # distributed under the License is distributed on an "AS IS" BASIS,
15 # # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # # See the License for the specific language governing permissions and
17 # # limitations under the License.
20 {{- define "common.postgres.deployment" -}}
22 {{- $pgMode := .pgMode }}
26 name: {{ include "common.fullname" $dot }}-{{ $pgMode }}
27 namespace: {{ include "common.namespace" $dot }}
29 app: {{ include "common.name" $dot }}-{{ $pgMode }}
30 chart: {{ $dot.Chart.Name }}-{{ $dot.Chart.Version | replace "+" "_" }}
31 release: {{ include "common.release" $dot }}
32 heritage: {{ $dot.Release.Service }}
33 name: "{{ index $dot.Values "container" "name" $pgMode }}"
40 app: {{ include "common.name" $dot }}-{{ $pgMode }}
44 app: {{ include "common.name" $dot }}-{{ $pgMode }}
45 release: {{ include "common.release" $dot }}
46 name: "{{ index $dot.Values "container" "name" $pgMode }}"
49 - name: "{{ include "common.namespace" $dot }}-docker-registry-key"
56 function prepare_password {
57 echo -n $1 | sed -e "s/'/''/g"
59 export PG_PRIMARY_PASSWORD=`prepare_password $PG_PRIMARY_PASSWORD_INPUT`;
60 export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
61 export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
62 cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done
64 - name: PG_PRIMARY_USER
68 - name: PG_PRIMARY_PASSWORD_INPUT
69 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
71 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
72 - name: PG_PASSWORD_INPUT
73 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
75 value: "{{ $dot.Values.config.pgDatabase }}"
76 - name: PG_ROOT_PASSWORD_INPUT
77 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
79 - mountPath: /config-input/setup.sql
84 image: {{ include "repositoryGenerator.image.envsubst" $dot }}
85 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
86 name: {{ include "common.name" $dot }}-update-config
93 chown 26:26 /podroot/;
95 image: {{ include "repositoryGenerator.image.busybox" $dot }}
96 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
98 - name: {{ include "common.fullname" $dot }}-data
101 - name: {{ include "common.name" $dot }}
102 image: {{ include "repositoryGenerator.image.postgres" $dot }}
103 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
105 - containerPort: {{ $dot.Values.service.internalPort }}
106 name: {{ $dot.Values.service.portName }}
107 # disable liveness probe when breakpoints set in debugger
108 # so K8s doesn't restart unresponsive container
109 {{- if eq $dot.Values.liveness.enabled true }}
112 port: {{ $dot.Values.service.internalPort }}
113 initialDelaySeconds: {{ $dot.Values.liveness.initialDelaySeconds }}
114 periodSeconds: {{ $dot.Values.liveness.periodSeconds }}
115 timeoutSeconds: {{ $dot.Values.liveness.timeoutSeconds }}
119 port: {{ $dot.Values.service.internalPort }}
120 initialDelaySeconds: {{ $dot.Values.readiness.initialDelaySeconds }}
121 periodSeconds: {{ $dot.Values.readiness.periodSeconds }}
125 - name: PG_PRIMARY_USER
131 - name: PG_PRIMARY_HOST
132 value: "{{ $dot.Values.service.name2 }}"
133 - name: PG_REPLICA_HOST
134 value: "{{ $dot.Values.service.name3 }}"
135 - name: PG_PRIMARY_PORT
136 value: "{{ $dot.Values.service.internalPort }}"
137 - name: PG_PRIMARY_PASSWORD
138 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
140 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
142 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
144 value: "{{ $dot.Values.config.pgDatabase }}"
145 - name: PG_ROOT_PASSWORD
146 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
147 - name: PGDATA_PATH_OVERRIDE
148 value: "{{ $dot.Values.config.pgDataPath }}"
151 mountPath: /pgconf/pool_hba.conf
152 subPath: pool_hba.conf
154 mountPath: /pgconf/setup.sql
157 name: {{ include "common.fullname" $dot }}-data
159 name: {{ include "common.fullname" $dot }}-backup
161 resources: {{ include "common.resources" $dot | nindent 10 }}
162 {{- if (default false $dot.Values.metrics.enabled) }}
163 - name: {{ include "common.name" $dot }}-metrics
164 image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ $dot.Values.metrics.image }}
165 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.metrics.pullPolicy | quote}}
167 - name: POSTGRES_METRICS_EXTRA_FLAGS
168 value: {{ default "" (join " " $dot.Values.metrics.extraFlags) | quote }}
169 - name: DATA_SOURCE_USER
170 value: "{{ $dot.Values.metrics.postgresUser }}"
171 - name: DATA_SOURCE_PASS
172 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 12 }}
177 DATA_SOURCE_URI="127.0.0.1:5432/?sslmode=disable" ./bin/postgres_exporter $POSTGRES_METRICS_EXTRA_FLAGS
179 {{- range $index, $metricPort := $dot.Values.metrics.ports }}
180 - name: {{ $metricPort.name }}
181 containerPort: {{ $metricPort.port }}
188 initialDelaySeconds: {{ $dot.Values.metrics.livenessProbe.initialDelaySeconds }}
189 periodSeconds: {{ $dot.Values.metrics.livenessProbe.periodSeconds }}
190 timeoutSeconds: {{ $dot.Values.metrics.livenessProbe.timeoutSeconds }}
191 successThreshold: {{ $dot.Values.metrics.livenessProbe.successThreshold }}
192 failureThreshold: {{ $dot.Values.metrics.livenessProbe.failureThreshold }}
197 initialDelaySeconds: {{ $dot.Values.metrics.readinessProbe.initialDelaySeconds }}
198 periodSeconds: {{ $dot.Values.metrics.readinessProbe.periodSeconds }}
199 timeoutSeconds: {{ $dot.Values.metrics.readinessProbe.timeoutSeconds }}
200 successThreshold: {{ $dot.Values.metrics.readinessProbe.successThreshold }}
201 failureThreshold: {{ $dot.Values.metrics.readinessProbe.failureThreshold }}
202 {{ include "common.containerSecurityContext" $dot | indent 10 | trim }}
203 resources: {{- toYaml $dot.Values.metrics.resources | nindent 12 }}
205 {{- if $dot.Values.nodeSelector }}
207 {{ toYaml $dot.Values.nodeSelector | indent 10 }}
209 {{- if $dot.Values.affinity }}
211 {{ toYaml $dot.Values.affinity | indent 10 }}
217 - name: {{ include "common.fullname" $dot }}-backup
219 - name: {{ include "common.fullname" $dot }}-data
220 {{- if $dot.Values.persistence.enabled }}
221 persistentVolumeClaim:
222 claimName: {{ include "common.fullname" $dot }}-{{ $pgMode }}
228 name: {{ include "common.fullname" $dot }}