kjuulh/clank-postgres
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

feat: add basic pgo

Browse Source
This commit is contained in:
Kasper Juul Hermansen
2023-04-06 02:21:56 +02:00
commit ebd0fcf700
128 changed files with 61656 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
postgres-operator-examples-main/helm/install/.gitattributes vendored Normal file
View File

@@ -0,0 +1,3 @@
# https://github.com/github/linguist/issues/4905
# https://github.com/github/linguist/issues/5092#issuecomment-730262298
/templates/*.tpl linguist-language=handlebars

1
postgres-operator-examples-main/helm/install/.helmignore Normal file
View File

@@ -0,0 +1 @@
.git*

8
postgres-operator-examples-main/helm/install/Chart.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v2
name: pgo
description: Installer for PGO, the open source Postgres Operator from Crunchy Data
type: application
# The version below should match the version on the PostgresCluster CRD
version: 5.3.1
appVersion: 5.3.1

1075
postgres-operator-examples-main/helm/install/crds/postgres-operator.crunchydata.com_pgupgrades.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

15254
postgres-operator-examples-main/helm/install/crds/postgres-operator.crunchydata.com_postgresclusters.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

31
postgres-operator-examples-main/helm/install/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,31 @@
Thank you for deploying PGO v{{ .Chart.AppVersion }}!
((((((((((((((((((((((
(((((((((((((%%%%%%%(((((((((((((((
(((((((((((%%% %%%%((((((((((((
(((((((((((%%( (((( ( %%%(((((((((((
(((((((((((((%% (( ,(( %%%(((((((((((
(((((((((((((((%% *%%/ %%%%%%%((((((((((
(((((((((((((((((((%%(( %%%%%%%%%%#(((((%%%%%%%%%%#((((((((((((
((((((((((((((((((%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%((((((((((((((
*((((((((((((((((((((%%%%%% /%%%%%%%%%%%%%%%%%%%((((((((((((((((
(((((((((((((((((((((((%%%/ .%, %%%((((((((((((((((((,
((((((((((((((((((((((% %#(((((((((((((((((
(((((((((((((((%%%%%% #%(((((((((((((((((
((((((((((((((%% %%(((((((((((((((,
((((((((((((%%%#% % %%(((((((((((((((
((((((((((((%. % % #((((((((((((((
(((((((((((%% % %%* %(((((((((((((
#(###(###(#%% %%% %% %%% #%%#(###(###(#
###########%%%%% /%%%%%%%%%%%%% %% %%%%% ,%%#######
###############%% %%%%%% %%% %%%%%%%% %%#####
################%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %%##
################%% %%%%%%%%%%%%%%%%% %%%% %
##############%# %% (%%%%%%% %%%%%%
#############% %%%%% %%%%%%%%%%%
###########% %%%%%%%%%%% %%%%%%%%%
#########%% %% %%%%%%%%%%%%%%%#
########%% %% %%%%%%%%%
######%% %% %%%%%%
####%%% %%%%% %
%% %%%%

94
postgres-operator-examples-main/helm/install/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,94 @@
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "install.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Crunchy labels
*/}}
{{- define "install.clusterLabels" -}}
postgres-operator.crunchydata.com/control-plane: {{ .Chart.Name }}
{{- end }}
{{- define "install.upgradeLabels" -}}
postgres-operator.crunchydata.com/control-plane: {{ .Chart.Name }}-upgrade
{{- end }}
{{/*
Common labels
*/}}
{{- define "install.labels" -}}
helm.sh/chart: {{ include "install.chart" . }}
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "install.serviceAccountName" -}}
{{ .Chart.Name }}
{{- end }}
{{/*
Create the name of the Role/ClusterRole to use
*/}}
{{- define "install.roleName" -}}
{{ .Chart.Name }}
{{- end }}
{{/*
Create the name of the RoleBinding/ClusterRoleBinding to use
*/}}
{{- define "install.roleBindingName" -}}
{{ .Chart.Name }}
{{- end }}
{{/*
Create the kind for rolebindings. Will be RoleBinding in single
namespace mode or ClusterRoleBinding by default.
*/}}
{{- define "install.roleBindingKind" -}}
{{- if .Values.singleNamespace -}}
RoleBinding
{{- else -}}
ClusterRoleBinding
{{- end }}
{{- end }}
{{/*
Create the kind for role. Will be Role in single
namespace mode or ClusterRole by default.
*/}}
{{- define "install.roleKind" -}}
{{- if .Values.singleNamespace -}}
Role
{{- else -}}
ClusterRole
{{- end }}
{{- end }}
{{- define "install.imagePullSecrets" -}}
{{/* Earlier versions required the full structure of PodSpec.ImagePullSecrets */}}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.imagePullSecrets }}
{{- else if .Values.imagePullSecretNames }}
imagePullSecrets:
{{- range .Values.imagePullSecretNames }}
- name: {{ . | quote }}
{{- end }}{{/* range */}}
{{- end }}{{/* if */}}
{{- end }}{{/* define */}}
{{- define "install.relatedImages" -}}
{{- range $id, $object := .Values.relatedImages }}
- name: RELATED_IMAGE_{{ $id | upper }}
value: {{ $object.image | quote }}
{{- end }}
{{- end }}

45
postgres-operator-examples-main/helm/install/templates/manager-upgrade.yaml Normal file
View File

@@ -0,0 +1,45 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Chart.Name }}-upgrade
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.upgradeLabels" . | nindent 4 }}
spec:
replicas: 1
strategy: { type: Recreate }
selector:
matchLabels:
{{- include "install.upgradeLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "install.upgradeLabels" . | nindent 8 }}
spec:
{{- include "install.imagePullSecrets" . | indent 6 }}
serviceAccountName: {{ include "install.serviceAccountName" . }}-upgrade
containers:
- name: operator
image: {{ required ".Values.controllerImages.upgrade is required" .Values.controllerImages.upgrade | quote }}
env:
- name: CRUNCHY_DEBUG
value: {{ .Values.debug | ne false | quote }}
{{- if .Values.singleNamespace }}
- name: PGO_TARGET_NAMESPACE
valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } }
{{- end }}
{{- if .Values.workers }}
- name: PGO_WORKERS
value: {{ .Values.workers | quote }}
{{- end }}
{{- include "install.relatedImages" . | indent 8 }}
{{- if .Values.resources.upgrade }}
resources:
{{- toYaml .Values.resources.upgrade | nindent 10 }}
{{- end }}
securityContext:
allowPrivilegeEscalation: false
capabilities: { drop: [ALL] }
readOnlyRootFilesystem: true
runAsNonRoot: true

51
postgres-operator-examples-main/helm/install/templates/manager.yaml Normal file
View File

@@ -0,0 +1,51 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Chart.Name }}
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.clusterLabels" . | nindent 4 }}
spec:
replicas: 1
strategy: { type: Recreate }
selector:
matchLabels:
{{- include "install.clusterLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "install.clusterLabels" . | nindent 8 }}
spec:
{{- include "install.imagePullSecrets" . | indent 6 }}
serviceAccountName: {{ include "install.serviceAccountName" . }}
containers:
- name: operator
image: {{ required ".Values.controllerImages.cluster is required" .Values.controllerImages.cluster | quote }}
env:
- name: CRUNCHY_DEBUG
value: {{ .Values.debug | ne false | quote }}
- name: PGO_NAMESPACE
valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } }
{{- if .Values.singleNamespace }}
- name: PGO_TARGET_NAMESPACE
valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } }
{{- end }}
{{- if .Values.workers }}
- name: PGO_WORKERS
value: {{ .Values.workers | quote }}
{{- end }}
{{- include "install.relatedImages" . | indent 8 }}
{{- if .Values.disable_check_for_upgrades }}
- name: CHECK_FOR_UPGRADES
value: "false"
{{- end }}
{{- if .Values.resources.controller }}
resources:
{{- toYaml .Values.resources.controller | nindent 10 }}
{{- end }}
securityContext:
allowPrivilegeEscalation: false
capabilities: { drop: [ALL] }
readOnlyRootFilesystem: true
runAsNonRoot: true

71
postgres-operator-examples-main/helm/install/templates/role-upgrade.yaml Normal file
View File

@@ -0,0 +1,71 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: {{ include "install.roleKind" . }}
metadata:
name: {{ include "install.roleName" . }}-upgrade
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.upgradeLabels" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- endpoints
verbs:
- delete
- get
- list
- watch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- list
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades
verbs:
- get
- list
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades/finalizers
verbs:
- patch
- update
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades/status
verbs:
- get
- patch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters
verbs:
- get
- list
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/status
verbs:
- patch

136
postgres-operator-examples-main/helm/install/templates/role.yaml Normal file
View File

@@ -0,0 +1,136 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: {{ include "install.roleKind" . }}
metadata:
name: {{ include "install.roleName" . }}
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.clusterLabels" . | nindent 4 }}
rules:
- apiGroups:
- ''
resources:
- configmaps
- persistentvolumeclaims
- secrets
- services
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- endpoints
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- endpoints/restricted
- pods/exec
verbs:
- create
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ''
resources:
- pods
verbs:
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- serviceaccounts
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- apps
resources:
- deployments
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters
verbs:
- get
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/finalizers
verbs:
- update
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/status
verbs:
- patch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- get
- list
- patch
- watch

32
postgres-operator-examples-main/helm/install/templates/role_binding.yaml Normal file
View File

@@ -0,0 +1,32 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: {{ include "install.roleBindingKind" . }}
metadata:
name: {{ include "install.roleBindingName" . }}
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.clusterLabels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: {{ include "install.roleKind" . }}
name: {{ include "install.roleName" . }}
subjects:
- kind: ServiceAccount
name: {{ include "install.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: {{ include "install.roleBindingKind" . }}
metadata:
name: {{ include "install.roleBindingName" . }}-upgrade
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.upgradeLabels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: {{ include "install.roleKind" . }}
name: {{ include "install.roleName" . }}-upgrade
subjects:
- kind: ServiceAccount
name: {{ include "install.serviceAccountName" . }}-upgrade
namespace: {{ .Release.Namespace }}

16
postgres-operator-examples-main/helm/install/templates/service_account.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "install.serviceAccountName" . }}
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.clusterLabels" . | nindent 4 }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "install.serviceAccountName" . }}-upgrade
labels:
{{- include "install.labels" . | nindent 4 }}
{{- include "install.upgradeLabels" . | nindent 4 }}

47
postgres-operator-examples-main/helm/install/values.yaml Normal file
View File

@@ -0,0 +1,47 @@
---
# controllerImages are used to run the PostgresCluster and PGUpgrade controllers.
controllerImages:
cluster: registry.developers.crunchydata.com/crunchydata/postgres-operator:ubi8-5.3.1-0
upgrade: registry.developers.crunchydata.com/crunchydata/postgres-operator-upgrade:ubi8-5.3.1-0
# relatedImages are used when an image is omitted from PostgresCluster or PGUpgrade specs.
relatedImages:
postgres_15:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-15.2-0
postgres_15_gis_3.3:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-15.2-3.3-0
postgres_14:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.7-0
postgres_14_gis_3.1:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.7-3.1-0
postgres_14_gis_3.2:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.7-3.2-0
postgres_14_gis_3.3:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.7-3.3-0
pgadmin:
image: registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-4.30-10
pgbackrest:
image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.41-4
pgbouncer:
image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.18-0
pgexporter:
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.3.1-0
pgupgrade:
image: registry.developers.crunchydata.com/crunchydata/crunchy-upgrade:ubi8-5.3.1-0
# singleNamespace controls where PGO watches for PostgresClusters. When false,
# PGO watches for and responds to PostgresClusters in all namespaces. When true,
# PGO watches only the namespace in which it is installed.
singleNamespace: false
# debug allows you to enable or disable the "debug" level of logging.
debug: true
# imagePullSecretNames is a list of secret names to use for pulling controller images.
# More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
imagePullSecretNames: []
# Resource configuration of the PostgresCluster and PGUpgrade controllers.
resources:
controller: {}
upgrade: {}

7
postgres-operator-examples-main/helm/postgres/Chart.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v2
name: postgrescluster
description: A Helm chart for Kubernetes
type: application
# The version below should match the version on the PostgresCluster CRD
version: 5.3.1
appVersion: 5.3.1

31
postgres-operator-examples-main/helm/postgres/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,31 @@
Thank you for deploying a Crunchy PostgreSQL cluster!
((((((((((((((((((((((
(((((((((((((%%%%%%%(((((((((((((((
(((((((((((%%% %%%%((((((((((((
(((((((((((%%( (((( ( %%%(((((((((((
(((((((((((((%% (( ,(( %%%(((((((((((
(((((((((((((((%% *%%/ %%%%%%%((((((((((
(((((((((((((((((((%%(( %%%%%%%%%%#(((((%%%%%%%%%%#((((((((((((
((((((((((((((((((%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%((((((((((((((
*((((((((((((((((((((%%%%%% /%%%%%%%%%%%%%%%%%%%((((((((((((((((
(((((((((((((((((((((((%%%/ .%, %%%((((((((((((((((((,
((((((((((((((((((((((% %#(((((((((((((((((
(((((((((((((((%%%%%% #%(((((((((((((((((
((((((((((((((%% %%(((((((((((((((,
((((((((((((%%%#% % %%(((((((((((((((
((((((((((((%. % % #((((((((((((((
(((((((((((%% % %%* %(((((((((((((
#(###(###(#%% %%% %% %%% #%%#(###(###(#
###########%%%%% /%%%%%%%%%%%%% %% %%%%% ,%%#######
###############%% %%%%%% %%% %%%%%%%% %%#####
################%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %%##
################%% %%%%%%%%%%%%%%%%% %%%% %
##############%# %% (%%%%%%% %%%%%%
#############% %%%%% %%%%%%%%%%%
###########% %%%%%%%%%%% %%%%%%%%%
#########%% %% %%%%%%%%%%%%%%%#
########%% %% %%%%%%%%%
######%% %% %%%%%%
####%%% %%%%% %
%% %%%%

12
postgres-operator-examples-main/helm/postgres/templates/_azure.tpl Normal file
View File

@@ -0,0 +1,12 @@
{{/* Allow for Azure secret information to be stored in a Secret */}}
{{- define "postgres.azure" }}
[global]
{{- if .azure }}
{{- if .azure.account }}
repo{{ add .index 1 }}-azure-account={{ .azure.account }}
{{- end }}
{{- if .azure.key }}
repo{{ add .index 1 }}-azure-key={{ .azure.key }}
{{- end }}
{{- end }}
{{ end }}

7
postgres-operator-examples-main/helm/postgres/templates/_gcs.tpl Normal file
View File

@@ -0,0 +1,7 @@
{{/* Allow for GCS secret information to be stored in a Secret */}}
{{- define "postgres.gcs" }}
[global]
{{- if .gcs }}
repo{{ add .index 1 }}-gcs-key=/etc/pgbackrest/conf.d/gcs-key.json
{{- end }}
{{ end }}

18
postgres-operator-examples-main/helm/postgres/templates/_s3.tpl Normal file
View File

@@ -0,0 +1,18 @@
{{/* Allow for S3 secret information to be stored in a Secret */}}
{{- define "postgres.s3" }}
[global]
{{- if .s3 }}
{{- if .s3.key }}
repo{{ add .index 1 }}-s3-key={{ .s3.key }}
{{- end }}
{{- if .s3.keySecret }}
repo{{ add .index 1 }}-s3-key-secret={{ .s3.keySecret }}
{{- end }}
{{- if .s3.keyType }}
repo{{ add .index 1 }}-s3-key-type={{ .s3.keyType }}
{{- end }}
{{- if .s3.encryptionPassphrase }}
repo{{ add .index 1 }}-cipher-pass={{ .s3.encryptionPassphrase }}
{{- end }}
{{- end }}
{{ end }}

41
postgres-operator-examples-main/helm/postgres/templates/pgbackrest-secret.yaml Normal file
View File

@@ -0,0 +1,41 @@
{{- if or .Values.multiBackupRepos .Values.s3 .Values.gcs .Values.azure }}
apiVersion: v1
kind: Secret
metadata:
name: {{ default .Release.Name .Values.name }}-pgbackrest-secret
type: Opaque
data:
{{- if .Values.multiBackupRepos }}
{{- range $index, $repo := .Values.multiBackupRepos }}
{{- if $repo.s3 }}
{{- $args := dict "s3" $repo.s3 "index" $index }}
s3.conf: |-
{{ include "postgres.s3" $args | b64enc }}
{{- else if $repo.gcs }}
{{- $args := dict "gcs" $repo.gcs "index" $index }}
gcs.conf: |-
{{ include "postgres.gcs" $args | b64enc }}
gcs-key.json: |-
{{ $repo.gcs.key | b64enc }}
{{- else if $repo.azure }}
{{- $args := dict "azure" $repo.azure "index" $index }}
azure.conf: |-
{{ include "postgres.azure" $args | b64enc }}
{{- end }}
{{- end }}
{{- else if .Values.s3 }}
{{- $args := dict "s3" .Values.s3 "index" 0 }}
s3.conf: |-
{{ include "postgres.s3" $args | b64enc }}
{{- else if .Values.gcs }}
{{- $args := dict "gcs" .Values.gcs "index" 0 }}
gcs.conf: |-
{{ include "postgres.gcs" $args | b64enc }}
gcs-key.json: |-
{{ .Values.gcs.key | b64enc }}
{{- else if .Values.azure }}
{{- $args := dict "azure" .Values.azure "index" 0 }}
azure.conf: |-
{{ include "postgres.azure" $args | b64enc }}
{{- end }}
{{- end }}

214
postgres-operator-examples-main/helm/postgres/templates/postgres.yaml Normal file
View File

@@ -0,0 +1,214 @@
apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
metadata:
name: {{ default .Release.Name .Values.name }}
spec:
postgresVersion: {{ required "You must set the version of Postgres to deploy." .Values.postgresVersion }}
{{- if .Values.postGISVersion }}
postGISVersion: {{ quote .Values.postGISVersion }}
{{- end }}
{{- if .Values.imagePostgres }}
image: {{ .Values.imagePostgres | quote }}
{{- end }}
{{- if .Values.port }}
port: {{ .Values.port }}
{{- end }}
{{- if .Values.instances }}
instances:
{{ toYaml .Values.instances | indent 4 }}
{{- else }}
instances:
- name: {{ default "instance1" .Values.instanceName | quote }}
replicas: {{ default 1 .Values.instanceReplicas }}
dataVolumeClaimSpec:
{{- if .Values.instanceStorageClassName }}
storageClassName: {{ .Values.instanceStorageClassName | quote }}
{{- end }}
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: {{ default "1Gi" .Values.instanceSize | quote }}
{{- if or .Values.instanceMemory .Values.instanceCPU }}
resources:
limits:
cpu: {{ default "" .Values.instanceCPU | quote }}
memory: {{ default "" .Values.instanceMemory | quote }}
{{- end }}
{{- end }}
backups:
pgbackrest:
{{- if .Values.imagePgBackRest }}
image: {{ .Values.imagePgBackRest | quote }}
{{- end }}
{{- if .Values.pgBackRestConfig }}
{{ toYaml .Values.pgBackRestConfig | indent 6 }}
{{- else if .Values.multiBackupRepos }}
configuration:
- secret:
name: {{ default .Release.Name .Values.name }}-pgbackrest-secret
global:
{{- range $index, $repo := .Values.multiBackupRepos }}
{{- if or $repo.s3 $repo.gcs $repo.azure }}
repo{{ add $index 1 }}-path: /pgbackrest/{{ $.Release.Namespace }}/{{ default $.Release.Name $.Values.name }}/repo{{ add $index 1 }}
{{- end }}
{{- end }}
repos:
{{- range $index, $repo := .Values.multiBackupRepos }}
- name: repo{{ add $index 1 }}
{{- if $repo.volume }}
volume:
volumeClaimSpec:
{{- if $repo.volume.backupsStorageClassName }}
storageClassName: {{ .Values.backupsStorageClassName | quote }}
{{- end }}
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: {{ default "1Gi" $repo.volume.backupsSize | quote }}
{{- else if $repo.s3 }}
s3:
bucket: {{ $repo.s3.bucket | quote }}
endpoint: {{ $repo.s3.endpoint | quote }}
region: {{ $repo.s3.region | quote }}
{{- else if $repo.gcs }}
gcs:
bucket: {{ $repo.gcs.bucket | quote }}
{{- else if $repo.azure }}
azure:
container: {{ $repo.azure.container | quote }}
{{- end }}
{{- end }}
{{- else if .Values.s3 }}
configuration:
- secret:
name: {{ default .Release.Name .Values.name }}-pgbackrest-secret
global:
repo1-path: /pgbackrest/{{ .Release.Namespace }}/{{ default .Release.Name .Values.name }}/repo1
{{- if .Values.s3.encryptionPassphrase }}
repo1-cipher-type: aes-256-cbc
{{- end }}
repos:
- name: repo1
s3:
bucket: {{ .Values.s3.bucket | quote }}
endpoint: {{ .Values.s3.endpoint | quote }}
region: {{ .Values.s3.region | quote }}
{{- else if .Values.gcs }}
configuration:
- secret:
name: {{ default .Release.Name .Values.name }}-pgbackrest-secret
global:
repo1-path: /pgbackrest/{{ .Release.Namespace }}/{{ default .Release.Name .Values.name }}/repo1
repos:
- name: repo1
gcs:
bucket: {{ .Values.gcs.bucket | quote }}
{{- else if .Values.azure }}
configuration:
- secret:
name: {{ default .Release.Name .Values.name }}-pgbackrest-secret
global:
repo1-path: /pgbackrest/{{ .Release.Namespace }}/{{ default .Release.Name .Values.name }}/repo1
repos:
- name: repo1
azure:
container: {{ .Values.azure.container | quote }}
{{- else }}
repos:
- name: repo1
volume:
volumeClaimSpec:
{{- if .Values.backupsStorageClassName }}
storageClassName: {{ .Values.backupsStorageClassName | quote }}
{{- end }}
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: {{ default "1Gi" .Values.backupsSize | quote }}
{{- end }}
{{- if or .Values.pgBouncerReplicas .Values.pgBouncerConfig }}
proxy:
pgBouncer:
{{- if .Values.imagePgBouncer }}
image: {{ .Values.imagePgBouncer | quote }}
{{- end }}
{{- if .Values.pgBouncerConfig }}
{{ toYaml .Values.pgBouncerConfig | indent 6 }}
{{- else }}
replicas: {{ .Values.pgBouncerReplicas }}
{{- end }}
{{- end }}
{{- if .Values.patroni }}
patroni:
{{ toYaml .Values.patroni | indent 4 }}
{{- end }}
{{- if .Values.users }}
users:
{{ toYaml .Values.users | indent 4 }}
{{- end }}
{{- if .Values.service }}
service:
{{ toYaml .Values.service | indent 4 }}
{{- end }}
{{- if .Values.dataSource }}
dataSource:
{{ toYaml .Values.dataSource | indent 4 }}
{{- end }}
{{- if .Values.databaseInitSQL }}
databaseInitSQL:
name: {{ required "A ConfigMap name is required for running bootstrap SQL." .Values.databaseInitSQL.name | quote }}
key: {{ required "A key in a ConfigMap containing any bootstrap SQL is required." .Values.databaseInitSQL.key | quote }}
{{- end }}
{{- if .Values.imagePullPolicy }}
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.imagePullSecrets | indent 4 }}
{{- end }}
{{- if .Values.disableDefaultPodScheduling }}
disableDefaultPodScheduling: true
{{- end }}
{{- if .Values.metadata }}
metadata:
{{ toYaml .Values.metadata | indent 4 }}
{{- end }}
{{- if .Values.monitoring }}
monitoring:
pgmonitor:
exporter:
image: {{ default "" .Values.imageExporter | quote }}
{{- if .Values.monitoringConfig }}
{{ toYaml .Values.monitoringConfig | indent 8 }}
{{- end }}
{{- end }}
{{- if .Values.shutdown }}
shutdown: true
{{- end }}
{{- if .Values.standby }}
standby:
enabled: {{ .Values.standby.enabled }}
repoName: {{ .Values.standby.repoName }}
host: {{ .Values.standby.host }}
port: {{ .Values.standby.port }}
{{- end }}
{{- if .Values.supplementalGroups }}
supplementalGroups:
{{ toYaml .Values.supplementalGroups | indent 4 }}
{{- end }}
{{- if .Values.openshift }}
openshift: true
{{- else if eq .Values.openshift false }}
openshift: false
{{- end }}
{{- if .Values.customTLSSecret }}
customTLSSecret:
{{ toYaml .Values.customTLSSecret | indent 4 }}
{{- end }}
{{- if .Values.customReplicationTLSSecret }}
customReplicationTLSSecret:
{{ toYaml .Values.customReplicationTLSSecret | indent 4 }}
{{- end }}

312
postgres-operator-examples-main/helm/postgres/values.yaml Normal file
View File

@@ -0,0 +1,312 @@
# For a full explanation of how to set up the custom resource, please refer to
# the documentation:
# https://access.crunchydata.com/documentation/postgres-operator/v5/
###########
# General #
###########
# name is the name of the cluster. This defaults to the name of the Helm
# release.
name: clank
# postgresVersion sets the version to deploy. This version number needs to be
# available as one of the "RELATED_IMAGE_POSTGRES_..." images as part of the PGO
# installation if you want to deploy the image without setting the "postgres"
# image variable. This value is required.
postgresVersion: 15
# postGISVersion if sets and coupled with a PostGIS enabled container, enables
# PostGIS. This version number needs to be available as one of the
# "RELATED_IMAGE_POSTGRES_..." images as part of the PGO installation if you
# want to deploy the image without setting the "postgres" image variable.
# postGISVersion: 3.1
# NOTE: pgBackRest is enabled by default. It must be set in
# "RELATED_IMAGE_PGBACKREST" on the PGO deployment, otherwise you will need to
# override the "pgBackRest" image.
# pgBouncerReplicas sets the number of pgBouncer instances to deploy. The
# default is 0. You need to set this to at least 1 to deploy pgBouncer or set
# "pgBouncerConfig". Setting "pgBouncerConfig" will override the value of
# pgBouncerReplicas. The "RELATED_IMAGE_PGBOUNCER" in the PGO deployment must be
# set if you want to enable this without explicitly setting "pgBouncer".
# pgBouncerReplicas: 1
# monitoring enables the ability to monitor the Postgres cluster through a
# metrics exporter than can be scraped by Prometheus. This defaults to the value
# below.
monitoring: true
###################
# Image Overrides #
###################
# imagePostgres can be a Postgres or GIS-enabled Postgres image. This defaults to the
# below value. "postgresVersion" needs to match the version of Postgres that is
# used here. If using the GIS-enabled Postgres image, you need to ensure
# "postGISVersion" matches the version of PostGIS used.
# imagePostgres: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.7-0
# imagePgBackRest is the pgBackRest backup utility image. This defaults to the
# below value.
# imagePgBackRest: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.41-4
# imagePgBouncer is the image for the PgBouncer connection pooler. This defaults
# to the below value.
# imagePgBouncer: registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.18-0
# imageExporter is the image name for the exporter used as a part of monitoring.
# This defaults to the value below.
# imageExporter: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.3.1-0
###########################
# Basic Postgres Settings #
###########################
# instanceName lets you set the name of your instances. This defaults to
# the value below. Setting "instances" overrides this value.
# instanceName: instance1
# instanceSize sets the size of the volume that contains the data. This defaults
# to the value below. Settings "instances" overrides this value.
# instanceSize: 1Gi
# instanceStorageClassName sets the storage class for the volume that contains the data.
# This defaults to the "default" storage class defined in the cluster.
# See: 'kubectl get storageclasses.storage.k8s.io | grep default'
# Settings "instances" overrides this value.
# instanceStorageClassName: "hostpath"
# instanceMemory sets the memory limit for the Postgres instances. This defaults
# to no limit being set, but an example value is set below. Settings "instances"
# overrides this value.
# instanceMemory: 2Gi
# instanceCPU sets the CPU limit for the Postgres instances. This defaults to
# no limit being set, but an example value is set below. Setting "instances"
# overrides this value.
# instanceCPU: 1000m
# instanceReplicas lets you set the total number of Postgres replicas. This
# defaults to the value below. More than on replica enables high availability
# (HA). Settings "instances" overrides this value.
# instanceReplicas: 1
##############################
# Advanced Postgres Settings #
##############################
# instances allows you to define one or more Postgres instance sets. By default,
# PGO will only deploy a single instance. Each instance set has similar
# characteristics to the other instances in the set, e.g. storage size, resource
# etc. You can have multiple replicas within an instance set.
#
# This allows you to fully customize the topology of your Postgres instances.
#
# For example, to set up an instance set with HA (due to the default pod
# topology spread constraints)
#
# instances:
# - name: pgha1
# replicas: 2
# dataVolumeClaimSpec:
# accessModes:
# - "ReadWriteOnce"
# resources:
# requests:
# storage: 1Gi
# instances: {}
# port sets the port that Postgres listens on. Defaults to 5432.
# port: 5432
# patroni lets you set the Patroni configuration for the Postgres cluster.
# for example, to set up synchronous replication:
# patroni:
# dynamicConfiguration:
# synchronous_mode: true
# postgresql:
# parameters:
# synchronous_commit: "on"
# patroni: {}
# users sets any custom Postgres users and databases that they have access to
# as well as any permissions assoicated with the user account.
# users: {}
# dataSource specifies a data source for bootstrapping a Postgres cluster.
# dataSource: {}
# customTLSSecret references a Secret that contains the relevant information for
# bringing external TLS artifacts to a PostgreSQL cluster. This provides the
# TLS for the cluster itself.
# customTLSSecret: {}
# customReplicationTLSSecret references a Secret that contains the relevant
# information for bringing external TLS artifacts to a PostgreSQL cluster. This
# provides the information for the replication user.
# customReplicationTLSSecret: {}
# databaseInitSQL referencs a ConfigMap that contains a SQL file that should be
# run a cluster bootstrap.
# databaseInitSQL:
# name: bootstrap-sql
# key: bootstrap.sql
# standby sets whether or not to run this as a standby cluster. Setting "enabled" to
# "true" eunables the standby cluster while "repoName" points to a pgBackRest
# archive to replay WAL files from, and "host" and "port" point to a primary
# cluster from which to stream data.
# standby:
# enabled: false
# repoName: repo1
# host: "192.0.2.2"
# port: 5432
# shutdown when set scales the entire workload to zero. By default this is not
# set.
# shutdown: true
#################################
# Backups / pgBackRest Settings #
#################################
# backupsSize sets the storage size of the backups to a volume in Kubernetes.
# can be overridden by "pgBackRestConfig", if set. Defaults to the value below.
# backupsSize: 1Gi
# backupsStorageClassName sets the storage class to a class existing in Kubernetes.
# Defaults to the "default" storage class defined in the cluster.
# Can be overridden by "pgBackRestConfig", if set.
# backupsStorageClassName: "hostpath"
# s3 allows for AWS S3 or an S3 compatible storage system to be used for
# backups. This allows for a quick setup with S3; if you need more advanced
# setup, use pgBackRestConfig.
# s3:
# # bucket specifies the S3 bucket to use,
# bucket: ""
# # endpoint specifies the S3 endpoint to use.
# endpoint: ""
# # region specifies the S3 region to use. If your S3 storage system does not
# # use "region", fill this in with a random vaule.
# region: ""
# # key is the S3 key. This is stored in a Secret.
# key: ""
# # keySecret is the S3 key secret. This is stored in a Secret.
# keySecret: ""
# # keyType can be configured to enable IAM integration via AssumeRole
# keyType: ""
# # encryptionPassphrase is an optional parameter to enable encrypted backups
# # with pgBackRest. This is encrypted by pgBackRest and does not use S3's
# # built-in encrpytion system.
# encryptionPassphrase: ""
# gcs allows for Google Cloud Storage (GCS) to be used for backups. This allows
# for a quick setup with GCS; if you need a more advanced setup, use
# "pgBackRestConfig".
# gcs:
# # bucket is the name of the GCS bucket that the backups will be stored in.
# bucket: ""
# # key is a multi-line string that contains the GCS key, which is a JSON
# # structure.
# key: |
# {}
# azure allows for Azure Blob Storage to be used for backups. This allows
# for a quick setup with Azure Blob Storage; if you need a more advanced setup,
# use "pgBackRestConfig".
# azure:
# # account is the name of the Azure account to be used.
# account: ""
# # key is the Secret key used associated with the Azure acount.
# key: ""
# # container is the Azure container that the backups will be stored in.
# container: ""
# multiBackupRepos allows for backing up to multiple repositories. This is
# effectively uses the "quickstarts" for each of the backup types (volume, s3,
# gcs, azure). You can have any permutation of these types. You can set up to 4.
# can be overwritten by "pgBackRestConfig".
#
# You can't set "multiBackupRepos" and any of the individual quickstarts at the
# same time. "multiBackupRepos" will take precedence.
#
# Below is an example that enables one of each backup type. Note all of the
# available quickstart options are presented below; please see the backup types
# if you want to see how each option works.
# multiBackupRepos:
# - volume:
# backupsSize: 1Gi
# - s3:
# bucket: ""
# endpoint: ""
# region: ""
# key: ""
# keySecret: ""
# keyType: ""
# - gcs:
# bucket: ""
# key: |
# {}
# - azure:
# account: ""
# key: ""
# container: ""
# pgBackRestConfig allows for the configuration of every pgBackRest option
# except for "image", which is set by "pgBackRest".
# pgBackRestConfig: {}
################################
# Pooling / pgBouncer Settings #
################################
# pgBouncerConfig sets all of the pgBouncer portion of the spec except for
# image. To set image, you need to set the "pgBouncer" setting.
# pgBouncerConfig: {}
#######################
# Monitoring Settings #
#######################
# monitoringConfig sets all of the monitoring portion of the spec except for the
# image. To set the image, which also enables monitoring, you need to set the
# "monitoring" setting.
# monitoringConfig: {}
#######################
# Kubernetes Settings #
#######################
# metadata contains any metadata that should be applied to all PGO managed
# objects in this Postgres cluster. This includes "annotations" and "labels" as
# subkeys.
# metadata: {}
# service customizes the Service that exposes the Postgres primary.
# service: {}
# imagePullPolicy sets the pull policy for all the images. This defaults to
# the Kubernetes heuristic:
# https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting
# imagePullPolicy: IfNotPresent
# imagePullSecrets references Secrets that credentials for pulling image from
# private repositories
# imagePullSecrets: []
# supplementalGroups sets any group IDs that should be assigned to
# Pods, particularly around file system contraints within a system
# supplementalGroups: []
# disableDefaultPodScheduling if set to true, will disable any of the default
# scheduling constraints for Pods, such as the default Pod Topology Spread
# Constraints. If set to false or unset, the default scheduling constraints will
# be used in addition to any customizations that are added in.
# disableDefaultPodScheduling: false
# openshift can set explicitly if this is an OpenShift cluster, or a cluster
# that uses a SecurityContextConstraint. This usually does not need to be set,
# but you may want to explicitly set it to "false" when using a SCC like
# "anyuid"
# openshift: false