kubernetes/common/postgres/templates/statefulset.yaml

{{/*
# Copyright © 2018 Amdocs, AT&T, Bell Canada
# #
# # Licensed under the Apache License, Version 2.0 (the "License");
# # you may not use this file except in compliance with the License.
# # You may obtain a copy of the License at
# #
# #       http://www.apache.org/licenses/LICENSE-2.0
# #
# # Unless required by applicable law or agreed to in writing, software
# # distributed under the License is distributed on an "AS IS" BASIS,
# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# # See the License for the specific language governing permissions and
# # limitations under the License.
*/}}
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
  name: {{ include "common.fullname" . }}
  namespace: {{ include "common.namespace" . }}
  labels:
    app: {{ include "common.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
spec:
  serviceName: {{ .Values.service.name }}
  replicas: {{ .Values.replicaCount }}
  template:
    metadata:
      labels:
        app: {{ include "common.name" . }}
        release: {{ .Release.Name }}
    spec:
      initContainers:
      - command:
        - /bin/sh
        - -c
        - |
          for i in $(seq 0 $(({{ .Values.replicaCount }}-1))); do
            if [ ! -d /podroot/data$i ]; then
              mkdir -p /podroot/data$i;
              chown 26:26 /podroot/data$i;
              chmod 700 /podroot/data$i;
            fi;
          done
        env:
        - name: POD_NAME
          valueFrom: { fieldRef: { fieldPath: metadata.name } }
        securityContext:
          privileged: true
        image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        name: init-sysctl
        volumeMounts:
        - name: {{ include "common.fullname" . }}-init
          mountPath: /podroot/
      containers:
      - name: {{ include "common.name" . }}
        image: "{{ .Values.postgresRepository }}/{{ .Values.image }}"
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        ports:
        - containerPort: {{ .Values.service.internalPort }}
          name: postgres
        # disable liveness probe when breakpoints set in debugger
        # so K8s doesn't restart unresponsive container
        {{- if eq .Values.liveness.enabled true }}
        livenessProbe:
          tcpSocket:
            port: {{ .Values.service.internalPort }}
          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
          periodSeconds: {{ .Values.liveness.periodSeconds }}
          timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
        {{end -}}
        readinessProbe:
          tcpSocket:
            port: {{ .Values.service.internalPort }}
          initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
          periodSeconds: {{ .Values.readiness.periodSeconds }}
        env:
        - name: PGHOST
          value: /tmp
        - name: PG_PRIMARY_USER
          value: primaryuser
        - name: PG_MODE
          value: set
        - name: PG_PRIMARY_HOST
          value: "{{.Values.container.name.primary}}"
        - name: PG_REPLICA_HOST
          value: "{{.Values.container.name.replica}}"
        - name: PG_PRIMARY_PORT
          value: "{{.Values.service.internalPort}}"
        - name: PG_PRIMARY_PASSWORD
          valueFrom:
            secretKeyRef:
              name: {{ template "common.fullname" . }}
              key: pg-primary-password
        - name: PG_USER
          value: "{{.Values.config.pgUserName}}"
        - name: PG_PASSWORD
          valueFrom:
            secretKeyRef:
              name: {{ template "common.fullname" . }}
              key: pg-user-password
        - name: PG_DATABASE
          value: "{{.Values.config.pgDatabase}}"
        - name: PG_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: {{ template "common.fullname" . }}
              key: pg-root-password
        volumeMounts:
        - mountPath: /pgdata
          name: {{ include "common.fullname" . }}-data
        - mountPath: /backup
          name: {{ include "common.fullname" . }}-backup
          readOnly: true
        resources:
{{ include "common.resources" . | indent 12 }}
        {{- if .Values.nodeSelector }}
        nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
        {{- end -}}
        {{- if .Values.affinity }}
        affinity:
{{ toYaml .Values.affinity | indent 10 }}
        {{- end }}
      volumes:
      - name: localtime
        hostPath:
          path: /etc/localtime
      - name: {{ include "common.fullname" . }}-init
        hostPath:
          path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountInitPath }}
      - name: {{ include "common.fullname" . }}-backup
        emptyDir: {}
#{{ if not .Values.persistence.enabled }}
      - name: {{ include "common.fullname" . }}-data
        emptyDir: {}
#{{ else }}
  volumeClaimTemplates:
  - metadata:
      name: {{ include "common.fullname" . }}-data
      labels:
        name: {{ include "common.fullname" . }}
    spec:
      accessModes: [ {{ .Values.persistence.accessMode }} ]
      storageClassName: {{ include "common.fullname" . }}-data
      resources:
        requests:
          storage: {{ .Values.persistence.size }}
      selector:
        matchLabels:
          name: {{ include "common.fullname" . }}
#{{ end }}