blob: 1051aaff0bddd4bf1cd0704783080f045e132540 [file] [log] [blame]
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +01001{{/*
2# Copyright © 2018 Amdocs, AT&T, Bell Canada
3# Copyright © 2020 Samsung Electronics
Abdelmuhaimen Seaudi988aeed2021-09-23 21:11:44 +00004# Copyright © 2021 Orange
Bruno Sakoto1ed3d262021-03-05 18:11:00 -05005# Modifications Copyright (C) 2021 Bell Canada.
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +01006# #
7# # Licensed under the Apache License, Version 2.0 (the "License");
8# # you may not use this file except in compliance with the License.
9# # You may obtain a copy of the License at
10# #
11# # http://www.apache.org/licenses/LICENSE-2.0
12# #
13# # Unless required by applicable law or agreed to in writing, software
14# # distributed under the License is distributed on an "AS IS" BASIS,
15# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16# # See the License for the specific language governing permissions and
17# # limitations under the License.
18*/}}
19
20{{- define "common.postgres.deployment" -}}
21 {{- $dot := .dot }}
22 {{- $pgMode := .pgMode }}
milaszkibdcb4162020-07-07 11:28:15 +000023apiVersion: apps/v1
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010024kind: Deployment
25metadata:
26 name: {{ include "common.fullname" $dot }}-{{ $pgMode }}
27 namespace: {{ include "common.namespace" $dot }}
28 labels:
29 app: {{ include "common.name" $dot }}-{{ $pgMode }}
30 chart: {{ $dot.Chart.Name }}-{{ $dot.Chart.Version | replace "+" "_" }}
31 release: {{ include "common.release" $dot }}
32 heritage: {{ $dot.Release.Service }}
33 name: "{{ index $dot.Values "container" "name" $pgMode }}"
34spec:
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010035 replicas: 1
Bruno Sakoto6b41d872022-03-31 08:51:59 -040036 strategy:
37 type: Recreate
milaszkibdcb4162020-07-07 11:28:15 +000038 selector:
39 matchLabels:
40 app: {{ include "common.name" $dot }}-{{ $pgMode }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010041 template:
42 metadata:
43 labels:
44 app: {{ include "common.name" $dot }}-{{ $pgMode }}
45 release: {{ include "common.release" $dot }}
46 name: "{{ index $dot.Values "container" "name" $pgMode }}"
47 spec:
andreas-geisslerf84cccd2021-07-07 15:40:41 +020048 imagePullSecrets:
49 - name: "{{ include "common.namespace" $dot }}-docker-registry-key"
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010050 initContainers:
Krzysztof Opasiak17547342020-03-10 23:53:31 +010051 - command:
52 - sh
53 args:
54 - -c
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020055 - |
56 function prepare_password {
57 echo -n $1 | sed -e "s/'/''/g"
58 }
59 export PG_PRIMARY_PASSWORD=`prepare_password $PG_PRIMARY_PASSWORD_INPUT`;
60 export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
61 export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
62 cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done
Krzysztof Opasiak17547342020-03-10 23:53:31 +010063 env:
64 - name: PG_PRIMARY_USER
65 value: primaryuser
Tomasz Pietruszkiewicze24ed0b2021-03-18 11:14:06 +010066 - name: MODE
67 value: postgres
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020068 - name: PG_PRIMARY_PASSWORD_INPUT
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010069 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +010070 - name: PG_USER
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010071 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020072 - name: PG_PASSWORD_INPUT
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010073 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +010074 - name: PG_DATABASE
75 value: "{{ $dot.Values.config.pgDatabase }}"
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020076 - name: PG_ROOT_PASSWORD_INPUT
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010077 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +010078 volumeMounts:
79 - mountPath: /config-input/setup.sql
80 name: config
81 subPath: setup.sql
82 - mountPath: /config
83 name: pgconf
Sylvain Desbureaux6a1ae6c2020-11-19 17:23:14 +010084 image: {{ include "repositoryGenerator.image.envsubst" $dot }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +010085 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
86 name: {{ include "common.name" $dot }}-update-config
87
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010088 - name: init-sysctl
89 command:
90 - /bin/sh
91 - -c
92 - |
93 chown 26:26 /podroot/;
94 chmod 700 /podroot/;
Sylvain Desbureaux6a1ae6c2020-11-19 17:23:14 +010095 image: {{ include "repositoryGenerator.image.busybox" $dot }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010096 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
97 volumeMounts:
98 - name: {{ include "common.fullname" $dot }}-data
99 mountPath: /podroot/
100 containers:
101 - name: {{ include "common.name" $dot }}
Sylvain Desbureaux6a1ae6c2020-11-19 17:23:14 +0100102 image: {{ include "repositoryGenerator.image.postgres" $dot }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100103 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
104 ports:
105 - containerPort: {{ $dot.Values.service.internalPort }}
106 name: {{ $dot.Values.service.portName }}
107 # disable liveness probe when breakpoints set in debugger
108 # so K8s doesn't restart unresponsive container
109 {{- if eq $dot.Values.liveness.enabled true }}
110 livenessProbe:
111 tcpSocket:
112 port: {{ $dot.Values.service.internalPort }}
113 initialDelaySeconds: {{ $dot.Values.liveness.initialDelaySeconds }}
114 periodSeconds: {{ $dot.Values.liveness.periodSeconds }}
115 timeoutSeconds: {{ $dot.Values.liveness.timeoutSeconds }}
116 {{- end }}
117 readinessProbe:
118 tcpSocket:
119 port: {{ $dot.Values.service.internalPort }}
120 initialDelaySeconds: {{ $dot.Values.readiness.initialDelaySeconds }}
121 periodSeconds: {{ $dot.Values.readiness.periodSeconds }}
122 env:
123 - name: PGHOST
124 value: /tmp
125 - name: PG_PRIMARY_USER
126 value: primaryuser
Tomasz Pietruszkiewicze24ed0b2021-03-18 11:14:06 +0100127 - name: MODE
128 value: postgres
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100129 - name: PG_MODE
130 value: {{ $pgMode }}
131 - name: PG_PRIMARY_HOST
Abdelmuhaimen Seaudi988aeed2021-09-23 21:11:44 +0000132 value: "{{ $dot.Values.service.name2 }}"
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100133 - name: PG_REPLICA_HOST
Abdelmuhaimen Seaudi988aeed2021-09-23 21:11:44 +0000134 value: "{{ $dot.Values.service.name3 }}"
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100135 - name: PG_PRIMARY_PORT
136 value: "{{ $dot.Values.service.internalPort }}"
137 - name: PG_PRIMARY_PASSWORD
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100138 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100139 - name: PG_USER
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100140 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100141 - name: PG_PASSWORD
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100142 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100143 - name: PG_DATABASE
144 value: "{{ $dot.Values.config.pgDatabase }}"
145 - name: PG_ROOT_PASSWORD
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100146 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
Bruno Sakoto1ed3d262021-03-05 18:11:00 -0500147 - name: PGDATA_PATH_OVERRIDE
148 value: "{{ $dot.Values.config.pgDataPath }}"
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100149 volumeMounts:
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100150 - name: config
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100151 mountPath: /pgconf/pool_hba.conf
152 subPath: pool_hba.conf
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100153 - name: pgconf
154 mountPath: /pgconf/setup.sql
155 subPath: setup.sql
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100156 - mountPath: /pgdata
157 name: {{ include "common.fullname" $dot }}-data
158 - mountPath: /backup
159 name: {{ include "common.fullname" $dot }}-backup
160 readOnly: true
Sylvain Desbureaux335781f2020-09-23 10:31:50 +0200161 resources: {{ include "common.resources" $dot | nindent 12 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100162 {{- if $dot.Values.nodeSelector }}
163 nodeSelector:
164{{ toYaml $dot.Values.nodeSelector | indent 10 }}
165 {{- end -}}
166 {{- if $dot.Values.affinity }}
167 affinity:
168{{ toYaml $dot.Values.affinity | indent 10 }}
169 {{- end }}
170 volumes:
171 - name: localtime
172 hostPath:
173 path: /etc/localtime
174 - name: {{ include "common.fullname" $dot }}-backup
175 emptyDir: {}
176 - name: {{ include "common.fullname" $dot }}-data
177{{- if $dot.Values.persistence.enabled }}
178 persistentVolumeClaim:
179 claimName: {{ include "common.fullname" $dot }}-{{ $pgMode }}
180{{- else }}
181 emptyDir: {}
182{{ end }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100183 - name: config
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100184 configMap:
185 name: {{ include "common.fullname" $dot }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100186 - name: pgconf
187 emptyDir:
188 medium: Memory
189{{- end -}}