blob: 456aa32bc0d6933dfa0b7d38cdac0d066a0492a9 [file] [log] [blame]
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +01001{{/*
2# Copyright © 2018 Amdocs, AT&T, Bell Canada
3# Copyright © 2020 Samsung Electronics
4# #
5# # Licensed under the Apache License, Version 2.0 (the "License");
6# # you may not use this file except in compliance with the License.
7# # You may obtain a copy of the License at
8# #
9# # http://www.apache.org/licenses/LICENSE-2.0
10# #
11# # Unless required by applicable law or agreed to in writing, software
12# # distributed under the License is distributed on an "AS IS" BASIS,
13# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# # See the License for the specific language governing permissions and
15# # limitations under the License.
16*/}}
17
18{{- define "common.postgres.deployment" -}}
19 {{- $dot := .dot }}
20 {{- $pgMode := .pgMode }}
milaszkibdcb4162020-07-07 11:28:15 +000021apiVersion: apps/v1
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010022kind: Deployment
23metadata:
24 name: {{ include "common.fullname" $dot }}-{{ $pgMode }}
25 namespace: {{ include "common.namespace" $dot }}
26 labels:
27 app: {{ include "common.name" $dot }}-{{ $pgMode }}
28 chart: {{ $dot.Chart.Name }}-{{ $dot.Chart.Version | replace "+" "_" }}
29 release: {{ include "common.release" $dot }}
30 heritage: {{ $dot.Release.Service }}
31 name: "{{ index $dot.Values "container" "name" $pgMode }}"
32spec:
33 serviceName: {{ $dot.Values.service.name }}
34 replicas: 1
milaszkibdcb4162020-07-07 11:28:15 +000035 selector:
36 matchLabels:
37 app: {{ include "common.name" $dot }}-{{ $pgMode }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010038 template:
39 metadata:
40 labels:
41 app: {{ include "common.name" $dot }}-{{ $pgMode }}
42 release: {{ include "common.release" $dot }}
43 name: "{{ index $dot.Values "container" "name" $pgMode }}"
44 spec:
45 initContainers:
Krzysztof Opasiak17547342020-03-10 23:53:31 +010046 - command:
47 - sh
48 args:
49 - -c
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020050 - |
51 function prepare_password {
52 echo -n $1 | sed -e "s/'/''/g"
53 }
54 export PG_PRIMARY_PASSWORD=`prepare_password $PG_PRIMARY_PASSWORD_INPUT`;
55 export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
56 export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
57 cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done
Krzysztof Opasiak17547342020-03-10 23:53:31 +010058 env:
59 - name: PG_PRIMARY_USER
60 value: primaryuser
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020061 - name: PG_PRIMARY_PASSWORD_INPUT
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010062 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +010063 - name: PG_USER
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010064 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020065 - name: PG_PASSWORD_INPUT
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010066 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +010067 - name: PG_DATABASE
68 value: "{{ $dot.Values.config.pgDatabase }}"
Krzysztof Opasiakb0a2d3b2020-05-25 15:38:48 +020069 - name: PG_ROOT_PASSWORD_INPUT
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +010070 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +010071 volumeMounts:
72 - mountPath: /config-input/setup.sql
73 name: config
74 subPath: setup.sql
75 - mountPath: /config
76 name: pgconf
77 image: "{{ $dot.Values.global.envsubstImage }}"
78 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
79 name: {{ include "common.name" $dot }}-update-config
80
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +010081 - name: init-sysctl
82 command:
83 - /bin/sh
84 - -c
85 - |
86 chown 26:26 /podroot/;
87 chmod 700 /podroot/;
88 image: {{ $dot.Values.global.busyboxRepository | default $dot.Values.busyboxRepository }}/{{ $dot.Values.busyboxImage }}
89 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
90 volumeMounts:
91 - name: {{ include "common.fullname" $dot }}-data
92 mountPath: /podroot/
93 containers:
94 - name: {{ include "common.name" $dot }}
95 image: "{{ $dot.Values.postgresRepository }}/{{ $dot.Values.image }}"
96 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
97 ports:
98 - containerPort: {{ $dot.Values.service.internalPort }}
99 name: {{ $dot.Values.service.portName }}
100 # disable liveness probe when breakpoints set in debugger
101 # so K8s doesn't restart unresponsive container
102 {{- if eq $dot.Values.liveness.enabled true }}
103 livenessProbe:
104 tcpSocket:
105 port: {{ $dot.Values.service.internalPort }}
106 initialDelaySeconds: {{ $dot.Values.liveness.initialDelaySeconds }}
107 periodSeconds: {{ $dot.Values.liveness.periodSeconds }}
108 timeoutSeconds: {{ $dot.Values.liveness.timeoutSeconds }}
109 {{- end }}
110 readinessProbe:
111 tcpSocket:
112 port: {{ $dot.Values.service.internalPort }}
113 initialDelaySeconds: {{ $dot.Values.readiness.initialDelaySeconds }}
114 periodSeconds: {{ $dot.Values.readiness.periodSeconds }}
115 env:
116 - name: PGHOST
117 value: /tmp
118 - name: PG_PRIMARY_USER
119 value: primaryuser
120 - name: PG_MODE
121 value: {{ $pgMode }}
122 - name: PG_PRIMARY_HOST
123 value: "{{ $dot.Values.container.name.primary }}"
124 - name: PG_REPLICA_HOST
125 value: "{{ $dot.Values.container.name.replica }}"
126 - name: PG_PRIMARY_PORT
127 value: "{{ $dot.Values.service.internalPort }}"
128 - name: PG_PRIMARY_PASSWORD
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100129 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100130 - name: PG_USER
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100131 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100132 - name: PG_PASSWORD
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100133 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100134 - name: PG_DATABASE
135 value: "{{ $dot.Values.config.pgDatabase }}"
136 - name: PG_ROOT_PASSWORD
Krzysztof Opasiakc0a57f82020-03-23 15:50:13 +0100137 {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100138 volumeMounts:
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100139 - name: config
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100140 mountPath: /pgconf/pool_hba.conf
141 subPath: pool_hba.conf
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100142 - name: pgconf
143 mountPath: /pgconf/setup.sql
144 subPath: setup.sql
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100145 - mountPath: /pgdata
146 name: {{ include "common.fullname" $dot }}-data
147 - mountPath: /backup
148 name: {{ include "common.fullname" $dot }}-backup
149 readOnly: true
150 resources:
151{{ include "common.resources" $dot | indent 12 }}
152 {{- if $dot.Values.nodeSelector }}
153 nodeSelector:
154{{ toYaml $dot.Values.nodeSelector | indent 10 }}
155 {{- end -}}
156 {{- if $dot.Values.affinity }}
157 affinity:
158{{ toYaml $dot.Values.affinity | indent 10 }}
159 {{- end }}
160 volumes:
161 - name: localtime
162 hostPath:
163 path: /etc/localtime
164 - name: {{ include "common.fullname" $dot }}-backup
165 emptyDir: {}
166 - name: {{ include "common.fullname" $dot }}-data
167{{- if $dot.Values.persistence.enabled }}
168 persistentVolumeClaim:
169 claimName: {{ include "common.fullname" $dot }}-{{ $pgMode }}
170{{- else }}
171 emptyDir: {}
172{{ end }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100173 - name: config
Krzysztof Opasiak56ca8852020-02-04 16:07:20 +0100174 configMap:
175 name: {{ include "common.fullname" $dot }}
Krzysztof Opasiak17547342020-03-10 23:53:31 +0100176 - name: pgconf
177 emptyDir:
178 medium: Memory
179{{- end -}}