mirror of
https://github.com/bitnami/charts.git
synced 2026-03-11 15:37:20 +08:00
97fee8da2c
* [bitnami/postgresql-ha] Add labels and init DB scripts secret Signed-off-by: Steven Sheehy <steven.sheehy@hedera.com>
221 lines
10 KiB
YAML
221 lines
10 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "postgresql-ha.pgpool" . }}
|
|
labels: {{ include "postgresql-ha.labels" . | nindent 4 }}
|
|
app.kubernetes.io/component: pgpool
|
|
{{- if .Values.pgpool.labels }}
|
|
{{- include "postgresql-ha.tplValue" (dict "value" .Values.pgpool.labels "context" $) | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
replicas: {{ .Values.pgpool.replicaCount }}
|
|
selector:
|
|
matchLabels: {{ include "postgresql-ha.matchLabels" . | nindent 6 }}
|
|
app.kubernetes.io/component: pgpool
|
|
template:
|
|
metadata:
|
|
labels: {{ include "postgresql-ha.labels" . | nindent 8 }}
|
|
app.kubernetes.io/component: pgpool
|
|
{{- if .Values.pgpool.podLabels }}
|
|
{{- include "postgresql-ha.tplValue" (dict "value" .Values.pgpool.podLabels "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.pgpool.podAnnotations }}
|
|
annotations: {{- include "postgresql-ha.tplValue" (dict "value" .Values.pgpool.podAnnotations "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
spec:
|
|
{{- include "postgresql-ha.imagePullSecrets" . | indent 6 }}
|
|
{{- if .Values.pgpool.affinity }}
|
|
affinity: {{- include "postgresql-ha.tplValue" (dict "value" .Values.pgpool.affinity "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.pgpool.nodeSelector }}
|
|
nodeSelector: {{- include "postgresql-ha.tplValue" (dict "value" .Values.pgpool.nodeSelector "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
priorityClassName: {{ .Values.pgpool.priorityClassName }}
|
|
{{- if .Values.pgpool.tolerations }}
|
|
tolerations: {{- include "postgresql-ha.tplValue" (dict "value" .Values.pgpool.tolerations "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.pgpool.securityContext.enabled }}
|
|
securityContext:
|
|
fsGroup: {{ .Values.pgpool.securityContext.fsGroup }}
|
|
{{- end }}
|
|
# Auxiliar vars to populate environment variables
|
|
{{- $postgresqlReplicaCount := int .Values.postgresql.replicaCount }}
|
|
{{- $postgresqlFullname := include "postgresql-ha.postgresql" . }}
|
|
{{- $postgresqlHeadlessServiceName := printf "%s-headless" (include "postgresql-ha.postgresql" .) }}
|
|
{{- $releaseNamespace := .Release.Namespace }}
|
|
{{- $clusterDomain:= .Values.clusterDomain }}
|
|
containers:
|
|
- name: pgpool
|
|
image: {{ include "postgresql-ha.pgpoolImage" . }}
|
|
imagePullPolicy: {{ .Values.pgpoolImage.pullPolicy | quote }}
|
|
{{- if .Values.pgpool.securityContext.enabled }}
|
|
securityContext:
|
|
runAsUser: {{ .Values.pgpool.securityContext.runAsUser }}
|
|
{{- end }}
|
|
env:
|
|
- name: BITNAMI_DEBUG
|
|
value: {{ ternary "true" "false" .Values.pgpoolImage.debug | quote }}
|
|
- name: PGPOOL_BACKEND_NODES
|
|
value: {{range $e, $i := until $postgresqlReplicaCount }}{{ $i }}:{{ $postgresqlFullname }}-{{ $i }}.{{ $postgresqlHeadlessServiceName }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:5432,{{ end }}
|
|
- name: PGPOOL_SR_CHECK_USER
|
|
value: {{ (include "postgresql-ha.postgresqlRepmgrUsername" .) | quote }}
|
|
{{- if .Values.postgresql.usePasswordFile }}
|
|
- name: PGPOOL_SR_CHECK_PASSWORD_FILE
|
|
value: "/opt/bitnami/pgpool/secrets/pgpool-sr-check-password"
|
|
{{- else }}
|
|
- name: PGPOOL_SR_CHECK_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "postgresql-ha.postgresqlSecretName" . }}
|
|
key: repmgr-password
|
|
{{- end }}
|
|
- name: PGPOOL_ENABLE_LOAD_BALANCING
|
|
value: {{ ternary "yes" "no" .Values.pgpool.useLoadBalancing | quote }}
|
|
- name: PGPOOL_ENABLE_LDAP
|
|
value: {{ ternary "yes" "no" .Values.ldap.enabled | quote }}
|
|
{{- if .Values.ldap.enabled }}
|
|
- name: LDAP_URI
|
|
value: {{ .Values.ldap.uri | quote }}
|
|
- name: LDAP_BASE
|
|
value: {{ .Values.ldap.base | quote }}
|
|
- name: LDAP_BIND_DN
|
|
value: {{ .Values.ldap.binddn | quote }}
|
|
- name: LDAP_BIND_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "postgresql-ha.ldapSecretName" . }}
|
|
key: bind-password
|
|
{{- if .Values.ldap.bslookup }}
|
|
- name: LDAP_BASE_LOOKUP
|
|
value: {{ .Values.ldap.bslookup | quote }}
|
|
{{- end }}
|
|
{{- if .Values.ldap.scope }}
|
|
- name: LDAP_SCOPE
|
|
value: {{ .Values.ldap.scope | quote }}
|
|
{{- end }}
|
|
{{- if .Values.ldap.tlsReqcert }}
|
|
- name: LDAP_TLS_REQCERT
|
|
value: {{ .Values.ldap.tlsReqcert | quote }}
|
|
{{- end }}
|
|
- name: LDAP_NSS_INITGROUPS_IGNOREUSERS
|
|
value: {{ .Values.ldap.nssInitgroupsIgnoreusers | quote }}
|
|
{{- end }}
|
|
- name: PGPOOL_POSTGRES_USERNAME
|
|
value: {{ (include "postgresql-ha.postgresqlUsername" .) | quote }}
|
|
{{- if .Values.postgresql.usePasswordFile }}
|
|
- name: PGPOOL_POSTGRES_PASSWORD_FILE
|
|
value: "/opt/bitnami/pgpool/secrets/pgpool-password"
|
|
{{- else }}
|
|
- name: PGPOOL_POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "postgresql-ha.postgresqlSecretName" . }}
|
|
key: postgresql-password
|
|
{{- end }}
|
|
- name: PGPOOL_ADMIN_USERNAME
|
|
value: {{ (include "postgresql-ha.pgpoolAdminUsername" .) | quote }}
|
|
{{- if .Values.pgpool.usePasswordFile }}
|
|
- name: PGPOOL_ADMIN_PASSWORD_FILE
|
|
value: "/opt/bitnami/pgpool/secrets/admin-password"
|
|
{{- else }}
|
|
- name: PGPOOL_ADMIN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "postgresql-ha.pgpoolSecretName" . }}
|
|
key: admin-password
|
|
{{- end }}
|
|
{{- if .Values.pgpool.maxPool }}
|
|
- name: PGPOOL_MAX_POOL
|
|
value: {{ .Values.pgpool.maxPool | quote }}
|
|
{{- end }}
|
|
{{- if .Values.pgpool.numInitChildren }}
|
|
- name: PGPOOL_NUM_INIT_CHILDREN
|
|
value: {{ .Values.pgpool.numInitChildren | quote }}
|
|
{{- end }}
|
|
ports:
|
|
- name: postgresql
|
|
containerPort: 5432
|
|
protocol: TCP
|
|
{{- if and .Values.pgpool.livenessProbe.enabled (not .Values.ldap.enabled) }}
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- /opt/bitnami/scripts/pgpool/healthcheck.sh
|
|
initialDelaySeconds: {{ .Values.pgpool.livenessProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ .Values.pgpool.livenessProbe.periodSeconds }}
|
|
timeoutSeconds: {{ .Values.pgpool.livenessProbe.timeoutSeconds }}
|
|
successThreshold: {{ .Values.pgpool.livenessProbe.successThreshold }}
|
|
failureThreshold: {{ .Values.pgpool.livenessProbe.failureThreshold }}
|
|
{{- end }}
|
|
{{- if and .Values.pgpool.readinessProbe.enabled (not .Values.ldap.enabled) }}
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- bash
|
|
- -ec
|
|
- PGPASSWORD=${PGPOOL_POSTGRES_PASSWORD} psql -U {{ (include "postgresql-ha.postgresqlUsername" .) | quote }} {{- if not (empty (include "postgresql-ha.postgresqlDatabase" .)) }} -d {{ (include "postgresql-ha.postgresqlDatabase" .) | quote }}{{- end }} -h 127.0.0.1 -tA -c "SELECT 1" >/dev/null
|
|
initialDelaySeconds: {{ .Values.pgpool.readinessProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ .Values.pgpool.readinessProbe.periodSeconds }}
|
|
timeoutSeconds: {{ .Values.pgpool.readinessProbe.timeoutSeconds }}
|
|
successThreshold: {{ .Values.pgpool.readinessProbe.successThreshold }}
|
|
failureThreshold: {{ .Values.pgpool.readinessProbe.failureThreshold }}
|
|
{{- end }}
|
|
{{- if .Values.pgpool.resources }}
|
|
resources: {{- toYaml .Values.pgpool.resources | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
{{- if or (.Files.Glob "files/pgpool.conf") .Values.pgpool.configuration }}
|
|
- name: pgpool-config
|
|
mountPath: /opt/bitnami/pgpool/conf/
|
|
{{- end }}
|
|
{{- if or (.Files.Glob "files/pgpool-entrypoint-initdb.d/*.sh") .Values.pgpool.initdbScripts .Values.pgpool.initdbScriptsCM }}
|
|
- name: custom-init-scripts
|
|
mountPath: /docker-entrypoint-initdb.d/
|
|
{{- end }}
|
|
{{- if .Values.pgpool.initdbScriptsSecret }}
|
|
- name: custom-init-scripts-secret
|
|
mountPath: /docker-entrypoint-initdb.d/secret
|
|
{{- end }}
|
|
{{- if .Values.postgresql.usePasswordFile }}
|
|
- name: postgresql-password
|
|
mountPath: /opt/bitnami/pgpool/secrets/
|
|
{{- end }}
|
|
{{- if .Values.pgpool.usePasswordFile }}
|
|
- name: pgpool-password
|
|
mountPath: /opt/bitnami/pgpool/secrets/
|
|
{{- end }}
|
|
volumes:
|
|
{{- if or (.Files.Glob "files/pgpool.conf") .Values.pgpool.configuration }}
|
|
- name: pgpool-config
|
|
configMap:
|
|
name: {{ include "postgresql-ha.pgpoolConfigurationCM" . }}
|
|
{{- end }}
|
|
{{- if or (.Files.Glob "files/pgpool-entrypoint-initdb.d/*.sh") .Values.pgpool.initdbScripts .Values.pgpool.initdbScriptsCM }}
|
|
- name: custom-init-scripts
|
|
configMap:
|
|
name: {{ template "postgresql-ha.pgpoolInitdbScriptsCM" . }}
|
|
{{- end }}
|
|
{{- if .Values.pgpool.initdbScriptsSecret }}
|
|
- name: custom-init-scripts-secret
|
|
secret:
|
|
secretName: {{ template "postgresql-ha.pgpoolInitdbScriptsSecret" . }}
|
|
{{- end }}
|
|
{{- if .Values.postgresql.usePasswordFile }}
|
|
- name: postgresql-password
|
|
secret:
|
|
secretName: {{ include "postgresql-ha.postgresqlSecretName" . }}
|
|
items:
|
|
- key: postgresql-password
|
|
path: pgpool-password
|
|
- key: repmgr-password
|
|
path: pgpool-sr-check-password
|
|
{{- end }}
|
|
{{- if .Values.pgpool.usePasswordFile }}
|
|
- name: pgpool-password
|
|
secret:
|
|
secretName: {{ include "postgresql-ha.pgpoolSecretName" . }}
|
|
items:
|
|
- key: admin-password
|
|
path: admin-password
|
|
{{- end }}
|