1 apiVersion: {{ template "postgresql.statefulset.apiVersion" . }}
4 name: {{ template "postgresql.master.fullname" . }}
6 app: {{ template "postgresql.name" . }}
7 chart: {{ template "postgresql.chart" . }}
8 release: {{ .Release.Name | quote }}
9 heritage: {{ .Release.Service | quote }}
10 {{- with .Values.master.labels }}
11 {{ toYaml . | indent 4 }}
13 {{- with .Values.master.annotations }}
15 {{ toYaml . | indent 4 }}
18 serviceName: {{ template "postgresql.fullname" . }}-headless
21 type: {{ .Values.updateStrategy.type }}
22 {{- if (eq "Recreate" .Values.updateStrategy.type) }}
27 app: {{ template "postgresql.name" . }}
28 release: {{ .Release.Name | quote }}
32 name: {{ template "postgresql.fullname" . }}
34 app: {{ template "postgresql.name" . }}
35 chart: {{ template "postgresql.chart" . }}
36 release: {{ .Release.Name | quote }}
37 heritage: {{ .Release.Service | quote }}
39 {{- with .Values.master.podLabels }}
40 {{ toYaml . | indent 8 }}
42 {{- with .Values.master.podAnnotations }}
44 {{ toYaml . | indent 8 }}
47 {{- if .Values.schedulerName }}
48 schedulerName: "{{ .Values.schedulerName }}"
50 {{- include "postgresql.imagePullSecrets" . | indent 6 }}
51 {{- if .Values.master.nodeSelector }}
53 {{ toYaml .Values.master.nodeSelector | indent 8 }}
55 {{- if .Values.master.affinity }}
57 {{ toYaml .Values.master.affinity | indent 8 }}
59 {{- if .Values.master.tolerations }}
61 {{ toYaml .Values.master.tolerations | indent 8 }}
63 {{- if .Values.terminationGracePeriodSeconds }}
64 terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
66 {{- if .Values.securityContext.enabled }}
68 fsGroup: {{ .Values.securityContext.fsGroup }}
70 {{- if .Values.serviceAccount.enabled }}
71 serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name }}
73 {{- if or .Values.master.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
75 {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
76 - name: init-chmod-data
77 image: {{ template "postgresql.volumePermissions.image" . }}
78 imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}"
79 {{- if .Values.resources }}
80 resources: {{- toYaml .Values.resources | nindent 12 }}
86 mkdir -p {{ .Values.persistence.mountPath }}/data
87 chmod 700 {{ .Values.persistence.mountPath }}/data
88 find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
89 xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}
90 {{- if .Values.shmVolume.enabled }}
94 runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
97 mountPath: {{ .Values.persistence.mountPath }}
98 subPath: {{ .Values.persistence.subPath }}
99 {{- if .Values.shmVolume.enabled }}
104 {{- if .Values.master.extraInitContainers }}
105 {{ tpl .Values.master.extraInitContainers . | indent 8 }}
108 {{- if .Values.master.priorityClassName }}
109 priorityClassName: {{ .Values.master.priorityClassName }}
112 - name: {{ template "postgresql.fullname" . }}
113 image: {{ template "postgresql.image" . }}
114 imagePullPolicy: "{{ .Values.image.pullPolicy }}"
115 {{- if .Values.resources }}
116 resources: {{- toYaml .Values.resources | nindent 12 }}
118 {{- if .Values.securityContext.enabled }}
120 runAsUser: {{ .Values.securityContext.runAsUser }}
123 - name: BITNAMI_DEBUG
124 value: {{ ternary "true" "false" .Values.image.debug | quote }}
125 - name: POSTGRESQL_PORT_NUMBER
126 value: "{{ template "postgresql.port" . }}"
127 - name: POSTGRESQL_VOLUME_DIR
128 value: "{{ .Values.persistence.mountPath }}"
129 {{- if .Values.postgresqlInitdbArgs }}
130 - name: POSTGRES_INITDB_ARGS
131 value: {{ .Values.postgresqlInitdbArgs | quote }}
133 {{- if .Values.postgresqlInitdbWalDir }}
134 - name: POSTGRES_INITDB_WALDIR
135 value: {{ .Values.postgresqlInitdbWalDir | quote }}
137 {{- if .Values.initdbUser }}
138 - name: POSTGRESQL_INITSCRIPTS_USERNAME
139 value: {{ .Values.initdbUser }}
141 {{- if .Values.initdbPassword }}
142 - name: POSTGRESQL_INITSCRIPTS_PASSWORD
143 value: .Values.initdbPassword
145 {{- if .Values.persistence.mountPath }}
147 value: {{ .Values.postgresqlDataDir | quote }}
149 {{- if .Values.replication.enabled }}
150 - name: POSTGRES_REPLICATION_MODE
152 - name: POSTGRES_REPLICATION_USER
153 value: {{ include "postgresql.replication.username" . | quote }}
154 {{- if .Values.usePasswordFile }}
155 - name: POSTGRES_REPLICATION_PASSWORD_FILE
156 value: "/opt/bitnami/postgresql/secrets/postgresql-replication-password"
158 - name: POSTGRES_REPLICATION_PASSWORD
161 name: {{ template "postgresql.secretName" . }}
162 key: postgresql-replication-password
164 {{- if not (eq .Values.replication.synchronousCommit "off")}}
165 - name: POSTGRES_SYNCHRONOUS_COMMIT_MODE
166 value: {{ .Values.replication.synchronousCommit | quote }}
167 - name: POSTGRES_NUM_SYNCHRONOUS_REPLICAS
168 value: {{ .Values.replication.numSynchronousReplicas | quote }}
170 - name: POSTGRES_CLUSTER_APP_NAME
171 value: {{ .Values.replication.applicationName }}
173 {{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }}
174 {{- if .Values.usePasswordFile }}
175 - name: POSTGRES_POSTGRES_PASSWORD_FILE
176 value: "/opt/bitnami/postgresql/secrets/postgresql-postgres-password"
178 - name: POSTGRES_POSTGRES_PASSWORD
181 name: {{ template "postgresql.secretName" . }}
182 key: postgresql-postgres-password
185 - name: POSTGRES_USER
186 value: {{ include "postgresql.username" . | quote }}
187 {{- if .Values.usePasswordFile }}
188 - name: POSTGRES_PASSWORD_FILE
189 value: "/opt/bitnami/postgresql/secrets/postgresql-password"
191 - name: POSTGRES_PASSWORD
194 name: {{ template "postgresql.secretName" . }}
195 key: postgresql-password
197 {{- if (include "postgresql.database" .) }}
199 value: {{ (include "postgresql.database" .) | quote }}
201 {{- if .Values.extraEnv }}
202 {{- include "postgresql.tplValue" (dict "value" .Values.extraEnv "context" $) | nindent 12 }}
204 - name: POSTGRESQL_ENABLE_LDAP
205 value: {{ ternary "yes" "no" .Values.ldap.enabled | quote }}
206 {{- if .Values.ldap.enabled }}
207 - name: POSTGRESQL_LDAP_SERVER
208 value: {{ .Values.ldap.server }}
209 - name: POSTGRESQL_LDAP_PORT
210 value: {{ .Values.ldap.port | quote }}
211 - name: POSTGRESQL_LDAP_SCHEME
212 value: {{ .Values.ldap.scheme }}
213 {{- if .Values.ldap.tls }}
214 - name: POSTGRESQL_LDAP_TLS
217 - name: POSTGRESQL_LDAP_PREFIX
218 value: {{ .Values.ldap.prefix | quote }}
219 - name: POSTGRESQL_LDAP_SUFFIX
220 value: {{ .Values.ldap.suffix | quote}}
221 - name: POSTGRESQL_LDAP_BASE_DN
222 value: {{ .Values.ldap.baseDN }}
223 - name: POSTGRESQL_LDAP_BIND_DN
224 value: {{ .Values.ldap.bindDN }}
225 {{- if (not (empty .Values.ldap.bind_password)) }}
226 - name: POSTGRESQL_LDAP_BIND_PASSWORD
229 name: {{ template "postgresql.secretName" . }}
230 key: postgresql-ldap-password
232 - name: POSTGRESQL_LDAP_SEARCH_ATTR
233 value: {{ .Values.ldap.search_attr }}
234 - name: POSTGRESQL_LDAP_SEARCH_FILTER
235 value: {{ .Values.ldap.search_filter }}
236 - name: POSTGRESQL_LDAP_URL
237 value: {{ .Values.ldap.url }}
240 - name: tcp-postgresql
241 containerPort: {{ template "postgresql.port" . }}
242 {{- if .Values.livenessProbe.enabled }}
248 {{- if (include "postgresql.database" .) }}
249 - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
251 - exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
253 initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
254 periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
255 timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
256 successThreshold: {{ .Values.livenessProbe.successThreshold }}
257 failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
259 {{- if .Values.readinessProbe.enabled }}
266 {{- include "postgresql.readinessProbeCommand" . | nindent 16 }}
267 initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
268 periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
269 timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
270 successThreshold: {{ .Values.readinessProbe.successThreshold }}
271 failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
274 {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
275 - name: custom-init-scripts
276 mountPath: /docker-entrypoint-initdb.d/
278 {{- if .Values.initdbScriptsSecret }}
279 - name: custom-init-scripts-secret
280 mountPath: /docker-entrypoint-initdb.d/secret
282 {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }}
283 - name: postgresql-extended-config
284 mountPath: /bitnami/postgresql/conf/conf.d/
286 {{- if .Values.usePasswordFile }}
287 - name: postgresql-password
288 mountPath: /opt/bitnami/postgresql/secrets/
290 {{- if .Values.shmVolume.enabled }}
294 {{- if .Values.persistence.enabled }}
296 mountPath: {{ .Values.persistence.mountPath }}
297 subPath: {{ .Values.persistence.subPath }}
299 {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap }}
300 - name: postgresql-config
301 mountPath: /bitnami/postgresql/conf
303 {{- if .Values.master.extraVolumeMounts }}
304 {{- toYaml .Values.master.extraVolumeMounts | nindent 12 }}
306 {{- if .Values.metrics.enabled }}
308 image: {{ template "postgresql.metrics.image" . }}
309 imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
310 {{- if .Values.metrics.securityContext.enabled }}
312 runAsUser: {{ .Values.metrics.securityContext.runAsUser }}
315 {{- $database := required "In order to enable metrics you need to specify a database (.Values.postgresqlDatabase or .Values.global.postgresql.postgresqlDatabase)" (include "postgresql.database" .) }}
316 - name: DATA_SOURCE_URI
317 value: {{ printf "127.0.0.1:%d/%s?sslmode=disable" (int (include "postgresql.port" .)) $database | quote }}
318 {{- if .Values.usePasswordFile }}
319 - name: DATA_SOURCE_PASS_FILE
320 value: "/opt/bitnami/postgresql/secrets/postgresql-password"
322 - name: DATA_SOURCE_PASS
325 name: {{ template "postgresql.secretName" . }}
326 key: postgresql-password
328 - name: DATA_SOURCE_USER
329 value: {{ template "postgresql.username" . }}
330 {{- if .Values.livenessProbe.enabled }}
335 initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
336 periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
337 timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
338 successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
339 failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
341 {{- if .Values.readinessProbe.enabled }}
346 initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
347 periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
348 timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
349 successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
350 failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
353 {{- if .Values.usePasswordFile }}
354 - name: postgresql-password
355 mountPath: /opt/bitnami/postgresql/secrets/
357 {{- if .Values.metrics.customMetrics }}
358 - name: custom-metrics
361 args: ["--extend.query-path", "/conf/custom-metrics.yaml"]
366 {{- if .Values.metrics.resources }}
367 resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
371 {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap}}
372 - name: postgresql-config
374 name: {{ template "postgresql.configurationCM" . }}
376 {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }}
377 - name: postgresql-extended-config
379 name: {{ template "postgresql.extendedConfigurationCM" . }}
381 {{- if .Values.usePasswordFile }}
382 - name: postgresql-password
384 secretName: {{ template "postgresql.secretName" . }}
386 {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
387 - name: custom-init-scripts
389 name: {{ template "postgresql.initdbScriptsCM" . }}
391 {{- if .Values.initdbScriptsSecret }}
392 - name: custom-init-scripts-secret
394 secretName: {{ template "postgresql.initdbScriptsSecret" . }}
396 {{- if .Values.master.extraVolumes }}
397 {{- toYaml .Values.master.extraVolumes | nindent 8 }}
399 {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }}
400 - name: custom-metrics
402 name: {{ template "postgresql.metricsCM" . }}
404 {{- if .Values.shmVolume.enabled }}
410 {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
412 persistentVolumeClaim:
413 {{- with .Values.persistence.existingClaim }}
414 claimName: {{ tpl . $ }}
416 {{- else if not .Values.persistence.enabled }}
419 {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
420 volumeClaimTemplates:
423 {{- with .Values.persistence.annotations }}
425 {{- range $key, $value := . }}
426 {{ $key }}: {{ $value }}
431 {{- range .Values.persistence.accessModes }}
436 storage: {{ .Values.persistence.size | quote }}
437 {{ include "postgresql.storageClass" . }}