+++ /dev/null
-## Global Docker image parameters
-## Please, note that this will override the image parameters, including dependencies, configured to use the global value
-## Current available global Docker image parameters: imageRegistry and imagePullSecrets
-##
-global:
- postgresql: {}
-# imageRegistry: myRegistryName
-# imagePullSecrets:
-# - myRegistryKeySecretName
-# storageClass: myStorageClass
-
-## Bitnami PostgreSQL image version
-## ref: https://hub.docker.com/r/bitnami/postgresql/tags/
-##
-image:
- registry: docker.io
- repository: bitnami/postgresql
- tag: 11.6.0-debian-9-r0
- ## Specify a imagePullPolicy
- ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
- ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
- ##
- pullPolicy: IfNotPresent
- ## Optionally specify an array of imagePullSecrets.
- ## Secrets must be manually created in the namespace.
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- ##
- # pullSecrets:
- # - myRegistryKeySecretName
-
- ## Set to true if you would like to see extra information on logs
- ## It turns BASH and NAMI debugging in minideb
- ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging
- debug: false
-
-## String to partially override postgresql.fullname template (will maintain the release name)
-##
-# nameOverride:
-
-## String to fully override postgresql.fullname template
-##
-# fullnameOverride:
-
-##
-## Init containers parameters:
-## volumePermissions: Change the owner of the persist volume mountpoint to RunAsUser:fsGroup
-##
-volumePermissions:
- enabled: true
- image:
- registry: docker.io
- repository: bitnami/minideb
- tag: stretch
- ## Specify a imagePullPolicy
- ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
- ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
- ##
- pullPolicy: Always
- ## Optionally specify an array of imagePullSecrets.
- ## Secrets must be manually created in the namespace.
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- ##
- # pullSecrets:
- # - myRegistryKeySecretName
- ## Init container Security Context
- securityContext:
- runAsUser: 0
-
-## Use an alternate scheduler, e.g. "stork".
-## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
-##
-# schedulerName:
-
-## Pod Security Context
-## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-##
-securityContext:
- enabled: true
- fsGroup: 1001
- runAsUser: 1001
-
-## Pod Service Account
-## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
-serviceAccount:
- enabled: false
- ## Name of an already existing service account. Setting this value disables the automatic service account creation.
- # name:
-
-replication:
- enabled: true
- user: repl_user
- password: repl_password
- slaveReplicas: 2
- ## Set synchronous commit mode: on, off, remote_apply, remote_write and local
- ## ref: https://www.postgresql.org/docs/9.6/runtime-config-wal.html#GUC-WAL-LEVEL
- synchronousCommit: "on"
- ## From the number of `slaveReplicas` defined above, set the number of those that will have synchronous replication
- ## NOTE: It cannot be > slaveReplicas
- numSynchronousReplicas: 1
- ## Replication Cluster application name. Useful for defining multiple replication policies
- applicationName: my_application
-
-## PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`)
-## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-user-on-first-run (see note!)
-# postgresqlPostgresPassword:
-
-## PostgreSQL user (has superuser privileges if username is `postgres`)
-## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run
-postgresqlUsername: postgres
-
-## PostgreSQL password
-## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run
-##
-# postgresqlPassword:
-
-## PostgreSQL password using existing secret
-## existingSecret: secret
-
-## Mount PostgreSQL secret as a file instead of passing environment variable
-# usePasswordFile: false
-
-## Create a database
-## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-on-first-run
-##
-# postgresqlDatabase:
-
-## PostgreSQL data dir
-## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md
-##
-postgresqlDataDir: /bitnami/postgresql/data
-
-## An array to add extra environment variables
-## For example:
-## extraEnv:
-## - name: FOO
-## value: "bar"
-##
-# extraEnv:
-extraEnv: []
-
-## Specify extra initdb args
-## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md
-##
-# postgresqlInitdbArgs:
-
-## Specify a custom location for the PostgreSQL transaction log
-## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md
-##
-# postgresqlInitdbWalDir:
-
-## PostgreSQL configuration
-## Specify runtime configuration parameters as a dict, using camelCase, e.g.
-## {"sharedBuffers": "500MB"}
-## Alternatively, you can put your postgresql.conf under the files/ directory
-## ref: https://www.postgresql.org/docs/current/static/runtime-config.html
-##
-# postgresqlConfiguration:
-
-## PostgreSQL extended configuration
-## As above, but _appended_ to the main configuration
-## Alternatively, you can put your *.conf under the files/conf.d/ directory
-## https://github.com/bitnami/bitnami-docker-postgresql#allow-settings-to-be-loaded-from-files-other-than-the-default-postgresqlconf
-##
-# postgresqlExtendedConf:
-
-## PostgreSQL client authentication configuration
-## Specify content for pg_hba.conf
-## Default: do not create pg_hba.conf
-## Alternatively, you can put your pg_hba.conf under the files/ directory
-# pgHbaConfiguration: |-
-# local all all trust
-# host all all localhost trust
-# host mydatabase mysuser 192.168.0.0/24 md5
-
-## ConfigMap with PostgreSQL configuration
-## NOTE: This will override postgresqlConfiguration and pgHbaConfiguration
-# configurationConfigMap:
-
-## ConfigMap with PostgreSQL extended configuration
-# extendedConfConfigMap:
-
-## initdb scripts
-## Specify dictionary of scripts to be run at first boot
-## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
-##
-# initdbScripts:
-# my_init_script.sh: |
-# #!/bin/sh
-# echo "Do something."
-
-## Specify the PostgreSQL username and password to execute the initdb scripts
-# initdbUser:
-# initdbPassword:
-
-## ConfigMap with scripts to be run at first boot
-## NOTE: This will override initdbScripts
-# initdbScriptsConfigMap:
-
-## Secret with scripts to be run at first boot (in case it contains sensitive information)
-## NOTE: This can work along initdbScripts or initdbScriptsConfigMap
-# initdbScriptsSecret:
-
-## Optional duration in seconds the pod needs to terminate gracefully.
-## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
-##
-# terminationGracePeriodSeconds: 30
-
-## LDAP configuration
-##
-ldap:
- enabled: false
- url: ""
- server: ""
- port: ""
- prefix: ""
- suffix: ""
- baseDN: ""
- bindDN: ""
- bind_password:
- search_attr: ""
- search_filter: ""
- scheme: ""
- tls: false
-
-## PostgreSQL service configuration
-service:
- ## PosgresSQL service type
- type: ClusterIP
- # clusterIP: None
- port: 5432
-
- ## Specify the nodePort value for the LoadBalancer and NodePort service types.
- ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
- ##
- # nodePort:
-
- ## Provide any additional annotations which may be required.
- ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
- annotations: {}
- ## Set the LoadBalancer service type to internal only.
- ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
- ##
- # loadBalancerIP:
-
- ## Load Balancer sources
- ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
- ##
- # loadBalancerSourceRanges:
- # - 10.10.10.0/24
-
-## Start master and slave(s) pod(s) without limitations on shm memory.
-## By default docker and containerd (and possibly other container runtimes)
-## limit `/dev/shm` to `64M` (see e.g. the
-## [docker issue](https://github.com/docker-library/postgres/issues/416) and the
-## [containerd issue](https://github.com/containerd/containerd/issues/3654),
-## which could be not enough if PostgreSQL uses parallel workers heavily.
-## If this option is present and value is `true`,
-## to the target database pod will be mounted a new tmpfs volume to remove
-## this limitation.
-shmVolume:
- enabled: true
-
-## PostgreSQL data Persistent Volume Storage Class
-## If defined, storageClassName: <storageClass>
-## If set to "-", storageClassName: "", which disables dynamic provisioning
-## If undefined (the default) or set to null, no storageClassName spec is
-## set, choosing the default provisioner. (gp2 on AWS, standard on
-## GKE, AWS & OpenStack)
-##
-persistence:
- enabled: true
- ## A manually managed Persistent Volume and Claim
- ## If defined, PVC must be created manually before volume will be bound
- ## The value is evaluated as a template, so, for example, the name can depend on .Release or .Chart
- ##
- # existingClaim:
-
- ## The path the volume will be mounted at, useful when using different
- ## PostgreSQL images.
- ##
- mountPath: /bitnami/postgresql
-
- ## The subdirectory of the volume to mount to, useful in dev environments
- ## and one PV for multiple services.
- ##
- subPath: ""
-
- # storageClass: "-"
- accessModes:
- - ReadWriteOnce
- size: 8Gi
- annotations: {}
-
-## updateStrategy for PostgreSQL StatefulSet and its slaves StatefulSets
-## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
-updateStrategy:
- type: RollingUpdate
-
-##
-## PostgreSQL Master parameters
-##
-master:
- ## Node, affinity, tolerations, and priorityclass settings for pod assignment
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
- ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption
- nodeSelector: {}
- affinity: {}
- tolerations: []
- labels: {}
- annotations: {}
- podLabels: {}
- podAnnotations: {}
- priorityClassName: ""
- ## Additional PostgreSQL Master Volume mounts
- ##
- extraVolumeMounts: []
- ## Additional PostgreSQL Master Volumes
- ##
- extraVolumes: []
-
-##
-## PostgreSQL Slave parameters
-##
-slave:
- ## Node, affinity, tolerations, and priorityclass settings for pod assignment
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
- ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption
- nodeSelector: {}
- affinity: {}
- tolerations: []
- labels: {}
- annotations: {}
- podLabels: {}
- podAnnotations: {}
- priorityClassName: ""
- ## Additional PostgreSQL Slave Volume mounts
- ##
- extraVolumeMounts: []
- ## Additional PostgreSQL Slave Volumes
- ##
- extraVolumes: []
-
-## Configure resource requests and limits
-## ref: http://kubernetes.io/docs/user-guide/compute-resources/
-##
-resources:
- requests:
- memory: 256Mi
- cpu: 250m
-
-networkPolicy:
- ## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
- ##
- enabled: false
-
- ## The Policy model to apply. When set to false, only pods with the correct
- ## client label will have network access to the port PostgreSQL is listening
- ## on. When true, PostgreSQL will accept connections from any source
- ## (with the correct destination port).
- ##
- allowExternal: true
-
- ## if explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace
- ## and that match other criteria, the ones that have the good label, can reach the DB.
- ## But sometimes, we want the DB to be accessible to clients from other namespaces, in this case, we can use this
- ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added.
- ##
- # explicitNamespacesSelector:
- # matchLabels:
- # role: frontend
- # matchExpressions:
- # - {key: role, operator: In, values: [frontend]}
-
-## Configure extra options for liveness and readiness probes
-## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
-livenessProbe:
- enabled: true
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 6
- successThreshold: 1
-
-readinessProbe:
- enabled: true
- initialDelaySeconds: 5
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 6
- successThreshold: 1
-
-## Configure metrics exporter
-##
-metrics:
- enabled: true
- # resources: {}
- service:
- type: ClusterIP
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/port: "9187"
- loadBalancerIP:
- serviceMonitor:
- enabled: false
- additionalLabels: {}
- # namespace: monitoring
- # interval: 30s
- # scrapeTimeout: 10s
- ## Custom PrometheusRule to be defined
- ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
- ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
- prometheusRule:
- enabled: false
- additionalLabels: {}
- namespace: ""
- rules: []
- ## These are just examples rules, please adapt them to your needs.
- ## Make sure to constraint the rules to the current postgresql service.
- # - alert: HugeReplicationLag
- # expr: pg_replication_lag{service="{{ template "postgresql.fullname" . }}-metrics"} / 3600 > 1
- # for: 1m
- # labels:
- # severity: critical
- # annotations:
- # description: replication for {{ template "postgresql.fullname" . }} PostgreSQL is lagging by {{ "{{ $value }}" }} hour(s).
- # summary: PostgreSQL replication is lagging by {{ "{{ $value }}" }} hour(s).
- image:
- registry: docker.io
- repository: bitnami/postgres-exporter
- tag: 0.7.0-debian-9-r12
- pullPolicy: IfNotPresent
- ## Optionally specify an array of imagePullSecrets.
- ## Secrets must be manually created in the namespace.
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- ##
- # pullSecrets:
- # - myRegistryKeySecretName
- ## Define additional custom metrics
- ## ref: https://github.com/wrouesnel/postgres_exporter#adding-new-metrics-via-a-config-file
- # customMetrics:
- # pg_database:
- # query: "SELECT d.datname AS name, CASE WHEN pg_catalog.has_database_privilege(d.datname, 'CONNECT') THEN pg_catalog.pg_database_size(d.datname) ELSE 0 END AS size FROM pg_catalog.pg_database d where datname not in ('template0', 'template1', 'postgres')"
- # metrics:
- # - name:
- # usage: "LABEL"
- # description: "Name of the database"
- # - size_bytes:
- # usage: "GAUGE"
- # description: "Size of the database in bytes"
- ## Pod Security Context
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
- ##
- securityContext:
- enabled: false
- runAsUser: 1001
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
- ## Configure extra options for liveness and readiness probes
- livenessProbe:
- enabled: true
- initialDelaySeconds: 5
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 6
- successThreshold: 1
-
- readinessProbe:
- enabled: true
- initialDelaySeconds: 5
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 6
- successThreshold: 1
Code Review / ric-plt / ric-dep.git / blobdiff