X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Fpostgres%2Ftemplates%2F_deployment.tpl;h=38a7ce1f63fc1a43da23eeace26669b3ae8c7d09;hb=0c31367d791d773bda5687d5977497a1e8215e4f;hp=3777c1b2e40e1b46efbe84bedb5a67c8c9dc3843;hpb=63307ec8c80e82d9763d48f6497940bdcabde404;p=oom.git diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl index 3777c1b2e4..38a7ce1f63 100644 --- a/kubernetes/common/postgres/templates/_deployment.tpl +++ b/kubernetes/common/postgres/templates/_deployment.tpl @@ -1,6 +1,7 @@ {{/* # Copyright © 2018 Amdocs, AT&T, Bell Canada # Copyright © 2020 Samsung Electronics +# Modifications Copyright (C) 2021 Bell Canada. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. @@ -18,7 +19,7 @@ {{- define "common.postgres.deployment" -}} {{- $dot := .dot }} {{- $pgMode := .pgMode }} -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" $dot }}-{{ $pgMode }} @@ -30,8 +31,10 @@ metadata: heritage: {{ $dot.Release.Service }} name: "{{ index $dot.Values "container" "name" $pgMode }}" spec: - serviceName: {{ $dot.Values.service.name }} replicas: 1 + selector: + matchLabels: + app: {{ include "common.name" $dot }}-{{ $pgMode }} template: metadata: labels: @@ -40,6 +43,41 @@ spec: name: "{{ index $dot.Values "container" "name" $pgMode }}" spec: initContainers: + - command: + - sh + args: + - -c + - | + function prepare_password { + echo -n $1 | sed -e "s/'/''/g" + } + export PG_PRIMARY_PASSWORD=`prepare_password $PG_PRIMARY_PASSWORD_INPUT`; + export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`; + export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`; + cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done + env: + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_PRIMARY_PASSWORD_INPUT + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }} + - name: PG_USER + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }} + - name: PG_PASSWORD_INPUT + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }} + - name: PG_DATABASE + value: "{{ $dot.Values.config.pgDatabase }}" + - name: PG_ROOT_PASSWORD_INPUT + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /config-input/setup.sql + name: config + subPath: setup.sql + - mountPath: /config + name: pgconf + image: {{ include "repositoryGenerator.image.envsubst" $dot }} + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} + name: {{ include "common.name" $dot }}-update-config + - name: init-sysctl command: - /bin/sh @@ -47,14 +85,14 @@ spec: - | chown 26:26 /podroot/; chmod 700 /podroot/; - image: {{ $dot.Values.global.busyboxRepository | default $dot.Values.busyboxRepository }}/{{ $dot.Values.busyboxImage }} + image: {{ include "repositoryGenerator.image.busybox" $dot }} imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} volumeMounts: - name: {{ include "common.fullname" $dot }}-data mountPath: /podroot/ containers: - name: {{ include "common.name" $dot }} - image: "{{ $dot.Values.postgresRepository }}/{{ $dot.Values.image }}" + image: {{ include "repositoryGenerator.image.postgres" $dot }} imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} ports: - containerPort: {{ $dot.Values.service.internalPort }} @@ -88,26 +126,30 @@ spec: - name: PG_PRIMARY_PORT value: "{{ $dot.Values.service.internalPort }}" - name: PG_PRIMARY_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }} - name: PG_USER - {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }} - name: PG_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }} - name: PG_DATABASE value: "{{ $dot.Values.config.pgDatabase }}" - name: PG_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }} + - name: PGDATA_PATH_OVERRIDE + value: "{{ $dot.Values.config.pgDataPath }}" volumeMounts: - - name: pool-hba-conf + - name: config mountPath: /pgconf/pool_hba.conf subPath: pool_hba.conf + - name: pgconf + mountPath: /pgconf/setup.sql + subPath: setup.sql - mountPath: /pgdata name: {{ include "common.fullname" $dot }}-data - mountPath: /backup name: {{ include "common.fullname" $dot }}-backup readOnly: true - resources: -{{ include "common.resources" $dot | indent 12 }} + resources: {{ include "common.resources" $dot | nindent 12 }} {{- if $dot.Values.nodeSelector }} nodeSelector: {{ toYaml $dot.Values.nodeSelector | indent 10 }} @@ -129,7 +171,10 @@ spec: {{- else }} emptyDir: {} {{ end }} - - name: pool-hba-conf + - name: config configMap: name: {{ include "common.fullname" $dot }} -{{- end -}} \ No newline at end of file + - name: pgconf + emptyDir: + medium: Memory +{{- end -}}