{{- if .Values.replication.enabled }} apiVersion: {{ template "postgresql.statefulset.apiVersion" . }} kind: StatefulSet metadata: name: "{{ template "postgresql.fullname" . }}-slave" labels: app: {{ template "postgresql.name" . }} chart: {{ template "postgresql.chart" . }} release: {{ .Release.Name | quote }} heritage: {{ .Release.Service | quote }} {{- with .Values.slave.labels }} {{ toYaml . | indent 4 }} {{- end }} {{- with .Values.slave.annotations }} annotations: {{ toYaml . | indent 4 }} {{- end }} spec: serviceName: {{ template "postgresql.fullname" . }}-headless replicas: {{ .Values.replication.slaveReplicas }} selector: matchLabels: app: {{ template "postgresql.name" . }} release: {{ .Release.Name | quote }} role: slave template: metadata: name: {{ template "postgresql.fullname" . }} labels: app: {{ template "postgresql.name" . }} chart: {{ template "postgresql.chart" . }} release: {{ .Release.Name | quote }} heritage: {{ .Release.Service | quote }} role: slave {{- with .Values.slave.podLabels }} {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.slave.podAnnotations }} annotations: {{ toYaml . | indent 8 }} {{- end }} spec: {{- if .Values.schedulerName }} schedulerName: "{{ .Values.schedulerName }}" {{- end }} {{- include "postgresql.imagePullSecrets" . | indent 6 }} {{- if .Values.slave.nodeSelector }} nodeSelector: {{ toYaml .Values.slave.nodeSelector | indent 8 }} {{- end }} {{- if .Values.slave.affinity }} affinity: {{ toYaml .Values.slave.affinity | indent 8 }} {{- end }} {{- if .Values.slave.tolerations }} tolerations: {{ toYaml .Values.slave.tolerations | indent 8 }} {{- end }} {{- if .Values.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} {{- end }} {{- if .Values.securityContext.enabled }} securityContext: fsGroup: {{ .Values.securityContext.fsGroup }} {{- end }} {{- if .Values.serviceAccount.enabled }} serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name}} {{- end }} {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }} initContainers: {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }} - name: init-chmod-data image: {{ template "postgresql.volumePermissions.image" . }} imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}" {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} command: - /bin/sh - -c - | mkdir -p {{ .Values.persistence.mountPath }}/data chmod 700 {{ .Values.persistence.mountPath }}/data find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \ xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} {{- if .Values.shmVolume.enabled }} chmod -R 777 /dev/shm {{- end }} securityContext: runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} volumeMounts: - name: data mountPath: {{ .Values.persistence.mountPath }} subPath: {{ .Values.persistence.subPath }} {{- if .Values.shmVolume.enabled }} - name: dshm mountPath: /dev/shm {{- end }} {{- end }} {{- if .Values.slave.extraInitContainers }} {{ tpl .Values.slave.extraInitContainers . | indent 8 }} {{- end }} {{- end }} {{- if .Values.slave.priorityClassName }} priorityClassName: {{ .Values.slave.priorityClassName }} {{- end }} containers: - name: {{ template "postgresql.fullname" . }} image: {{ template "postgresql.image" . }} imagePullPolicy: "{{ .Values.image.pullPolicy }}" {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} {{- if .Values.securityContext.enabled }} securityContext: runAsUser: {{ .Values.securityContext.runAsUser }} {{- end }} env: - name: BITNAMI_DEBUG value: {{ ternary "true" "false" .Values.image.debug | quote }} - name: POSTGRESQL_VOLUME_DIR value: "{{ .Values.persistence.mountPath }}" - name: POSTGRESQL_PORT_NUMBER value: "{{ template "postgresql.port" . }}" {{- if .Values.persistence.mountPath }} - name: PGDATA value: {{ .Values.postgresqlDataDir | quote }} {{- end }} - name: POSTGRES_REPLICATION_MODE value: "slave" - name: POSTGRES_REPLICATION_USER value: {{ include "postgresql.replication.username" . | quote }} {{- if .Values.usePasswordFile }} - name: POSTGRES_REPLICATION_PASSWORD_FILE value: "/opt/bitnami/postgresql/secrets/postgresql-replication-password" {{- else }} - name: POSTGRES_REPLICATION_PASSWORD valueFrom: secretKeyRef: name: {{ template "postgresql.secretName" . }} key: postgresql-replication-password {{- end }} - name: POSTGRES_CLUSTER_APP_NAME value: {{ .Values.replication.applicationName }} - name: POSTGRES_MASTER_HOST value: {{ template "postgresql.fullname" . }} - name: POSTGRES_MASTER_PORT_NUMBER value: {{ include "postgresql.port" . | quote }} {{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }} {{- if .Values.usePasswordFile }} - name: POSTGRES_POSTGRES_PASSWORD_FILE value: "/opt/bitnami/postgresql/secrets/postgresql-postgres-password" {{- else }} - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: name: {{ template "postgresql.secretName" . }} key: postgresql-postgres-password {{- end }} {{- end }} {{- if .Values.usePasswordFile }} - name: POSTGRES_PASSWORD_FILE value: "/opt/bitnami/postgresql/secrets/postgresql-password" {{- else }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: {{ template "postgresql.secretName" . }} key: postgresql-password {{- end }} ports: - name: tcp-postgresql containerPort: {{ template "postgresql.port" . }} {{- if .Values.livenessProbe.enabled }} livenessProbe: exec: command: - /bin/sh - -c {{- if (include "postgresql.database" .) }} - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }} {{- else }} - exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }} {{- end }} initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.livenessProbe.successThreshold }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} {{- end }} {{- if .Values.readinessProbe.enabled }} readinessProbe: exec: command: - /bin/sh - -c - -e {{- include "postgresql.readinessProbeCommand" . | nindent 16 }} initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} {{- end }} volumeMounts: {{- if .Values.usePasswordFile }} - name: postgresql-password mountPath: /opt/bitnami/postgresql/secrets/ {{- end }} {{- if .Values.shmVolume.enabled }} - name: dshm mountPath: /dev/shm {{- end }} {{- if .Values.persistence.enabled }} - name: data mountPath: {{ .Values.persistence.mountPath }} subPath: {{ .Values.persistence.subPath }} {{ end }} {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }} - name: postgresql-extended-config mountPath: /bitnami/postgresql/conf/conf.d/ {{- end }} {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap }} - name: postgresql-config mountPath: /bitnami/postgresql/conf {{- end }} {{- if .Values.slave.extraVolumeMounts }} {{- toYaml .Values.slave.extraVolumeMounts | nindent 12 }} {{- end }} volumes: {{- if .Values.usePasswordFile }} - name: postgresql-password secret: secretName: {{ template "postgresql.secretName" . }} {{- end }} {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap}} - name: postgresql-config configMap: name: {{ template "postgresql.configurationCM" . }} {{- end }} {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }} - name: postgresql-extended-config configMap: name: {{ template "postgresql.extendedConfigurationCM" . }} {{- end }} {{- if .Values.shmVolume.enabled }} - name: dshm emptyDir: medium: Memory sizeLimit: 1Gi {{- end }} {{- if not .Values.persistence.enabled }} - name: data emptyDir: {} {{- end }} {{- if .Values.slave.extraVolumes }} {{- toYaml .Values.slave.extraVolumes | nindent 8 }} {{- end }} updateStrategy: type: {{ .Values.updateStrategy.type }} {{- if (eq "Recreate" .Values.updateStrategy.type) }} rollingUpdate: null {{- end }} {{- if .Values.persistence.enabled }} volumeClaimTemplates: - metadata: name: data {{- with .Values.persistence.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value }} {{- end }} {{- end }} spec: accessModes: {{- range .Values.persistence.accessModes }} - {{ . | quote }} {{- end }} resources: requests: storage: {{ .Values.persistence.size | quote }} {{ include "postgresql.storageClass" . }} {{- end }} {{- end }}