-## Global Docker image registry
-### Please, note that this will override the image registry for all the images, including dependencies, configured to use the global value
-###
-## global:
-## imageRegistry:
+## Global Docker image parameters
+## Please, note that this will override the image parameters, including dependencies, configured to use the global value
+## Current available global Docker image parameters: imageRegistry and imagePullSecrets
+##
+global:
+ postgresql: {}
+# imageRegistry: myRegistryName
+# imagePullSecrets:
+# - myRegistryKeySecretName
+# storageClass: myStorageClass
## Bitnami PostgreSQL image version
## ref: https://hub.docker.com/r/bitnami/postgresql/tags/
image:
registry: docker.io
repository: bitnami/postgresql
- tag: 10.6.0
+ tag: 11.6.0-debian-9-r0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
- pullPolicy: Always
-
+ pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
- # - myRegistrKeySecretName
+ # - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and NAMI debugging in minideb
## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging
debug: false
+## String to partially override postgresql.fullname template (will maintain the release name)
+##
+# nameOverride:
+
+## String to fully override postgresql.fullname template
+##
+# fullnameOverride:
+
##
## Init containers parameters:
## volumePermissions: Change the owner of the persist volume mountpoint to RunAsUser:fsGroup
image:
registry: docker.io
repository: bitnami/minideb
- tag: latest
+ tag: stretch
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ##
+ # pullSecrets:
+ # - myRegistryKeySecretName
## Init container Security Context
securityContext:
runAsUser: 0
+## Use an alternate scheduler, e.g. "stork".
+## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+##
+# schedulerName:
+
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
fsGroup: 1001
runAsUser: 1001
+## Pod Service Account
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+serviceAccount:
+ enabled: false
+ ## Name of an already existing service account. Setting this value disables the automatic service account creation.
+ # name:
+
replication:
enabled: true
user: repl_user
## Replication Cluster application name. Useful for defining multiple replication policies
applicationName: my_application
-## PostgreSQL admin user
+## PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`)
+## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-user-on-first-run (see note!)
+# postgresqlPostgresPassword:
+
+## PostgreSQL user (has superuser privileges if username is `postgres`)
## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run
postgresqlUsername: postgres
##
# postgresqlPassword:
+## PostgreSQL password using existing secret
+## existingSecret: secret
+
+## Mount PostgreSQL secret as a file instead of passing environment variable
+# usePasswordFile: false
+
## Create a database
## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-on-first-run
##
# postgresqlDatabase:
-## PostgreSQL password using existing secret
-## existingSecret: secret
+## PostgreSQL data dir
+## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md
+##
+postgresqlDataDir: /bitnami/postgresql/data
-## Mount PostgreSQL secret as a file instead of passing environment variable
-# usePasswordFile: false
+## An array to add extra environment variables
+## For example:
+## extraEnv:
+## - name: FOO
+## value: "bar"
+##
+# extraEnv:
+extraEnv: []
+
+## Specify extra initdb args
+## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md
+##
+# postgresqlInitdbArgs:
+
+## Specify a custom location for the PostgreSQL transaction log
+## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md
+##
+# postgresqlInitdbWalDir:
## PostgreSQL configuration
## Specify runtime configuration parameters as a dict, using camelCase, e.g.
# extendedConfConfigMap:
## initdb scripts
-## Specify dictionnary of scripts to be run at first boot
+## Specify dictionary of scripts to be run at first boot
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
##
# initdbScripts:
-# my_init_script.sh:|
+# my_init_script.sh: |
# #!/bin/sh
# echo "Do something."
+## Specify the PostgreSQL username and password to execute the initdb scripts
+# initdbUser:
+# initdbPassword:
+
## ConfigMap with scripts to be run at first boot
## NOTE: This will override initdbScripts
# initdbScriptsConfigMap:
+## Secret with scripts to be run at first boot (in case it contains sensitive information)
+## NOTE: This can work along initdbScripts or initdbScriptsConfigMap
+# initdbScriptsSecret:
+
+## Optional duration in seconds the pod needs to terminate gracefully.
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
+##
+# terminationGracePeriodSeconds: 30
+
+## LDAP configuration
+##
+ldap:
+ enabled: false
+ url: ""
+ server: ""
+ port: ""
+ prefix: ""
+ suffix: ""
+ baseDN: ""
+ bindDN: ""
+ bind_password:
+ search_attr: ""
+ search_filter: ""
+ scheme: ""
+ tls: false
+
## PostgreSQL service configuration
service:
## PosgresSQL service type
type: ClusterIP
+ # clusterIP: None
port: 5432
## Specify the nodePort value for the LoadBalancer and NodePort service types.
##
# nodePort:
- ## Provide any additional annotations which may be required. This can be used to
+ ## Provide any additional annotations which may be required.
+ ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
annotations: {}
## Set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
# loadBalancerIP:
+ ## Load Balancer sources
+ ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
+ ##
+ # loadBalancerSourceRanges:
+ # - 10.10.10.0/24
+
+## Start master and slave(s) pod(s) without limitations on shm memory.
+## By default docker and containerd (and possibly other container runtimes)
+## limit `/dev/shm` to `64M` (see e.g. the
+## [docker issue](https://github.com/docker-library/postgres/issues/416) and the
+## [containerd issue](https://github.com/containerd/containerd/issues/3654),
+## which could be not enough if PostgreSQL uses parallel workers heavily.
+## If this option is present and value is `true`,
+## to the target database pod will be mounted a new tmpfs volume to remove
+## this limitation.
+shmVolume:
+ enabled: true
+
## PostgreSQL data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
enabled: true
## A manually managed Persistent Volume and Claim
## If defined, PVC must be created manually before volume will be bound
+ ## The value is evaluated as a template, so, for example, the name can depend on .Release or .Chart
+ ##
# existingClaim:
+
+ ## The path the volume will be mounted at, useful when using different
+ ## PostgreSQL images.
+ ##
mountPath: /bitnami/postgresql
+
+ ## The subdirectory of the volume to mount to, useful in dev environments
+ ## and one PV for multiple services.
+ ##
+ subPath: ""
+
# storageClass: "-"
accessModes:
- ReadWriteOnce
## PostgreSQL Master parameters
##
master:
- ## Node, affinity and tolerations labels for pod assignment
+ ## Node, affinity, tolerations, and priorityclass settings for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
+ ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption
nodeSelector: {}
affinity: {}
tolerations: []
+ labels: {}
+ annotations: {}
+ podLabels: {}
+ podAnnotations: {}
+ priorityClassName: ""
+ ## Additional PostgreSQL Master Volume mounts
+ ##
+ extraVolumeMounts: []
+ ## Additional PostgreSQL Master Volumes
+ ##
+ extraVolumes: []
##
## PostgreSQL Slave parameters
##
slave:
- ## Node, affinity and tolerations labels for pod assignment
+ ## Node, affinity, tolerations, and priorityclass settings for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
+ ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption
nodeSelector: {}
affinity: {}
tolerations: []
+ labels: {}
+ annotations: {}
+ podLabels: {}
+ podAnnotations: {}
+ priorityClassName: ""
+ ## Additional PostgreSQL Slave Volume mounts
+ ##
+ extraVolumeMounts: []
+ ## Additional PostgreSQL Slave Volumes
+ ##
+ extraVolumes: []
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
cpu: 250m
networkPolicy:
- ## Enable creation of NetworkPolicy resources.
+ ## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
##
enabled: false
##
allowExternal: true
+ ## if explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace
+ ## and that match other criteria, the ones that have the good label, can reach the DB.
+ ## But sometimes, we want the DB to be accessible to clients from other namespaces, in this case, we can use this
+ ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added.
+ ##
+ # explicitNamespacesSelector:
+ # matchLabels:
+ # role: frontend
+ # matchExpressions:
+ # - {key: role, operator: In, values: [frontend]}
+
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
prometheus.io/scrape: "true"
prometheus.io/port: "9187"
loadBalancerIP:
+ serviceMonitor:
+ enabled: false
+ additionalLabels: {}
+ # namespace: monitoring
+ # interval: 30s
+ # scrapeTimeout: 10s
+ ## Custom PrometheusRule to be defined
+ ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
+ ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
+ prometheusRule:
+ enabled: false
+ additionalLabels: {}
+ namespace: ""
+ rules: []
+ ## These are just examples rules, please adapt them to your needs.
+ ## Make sure to constraint the rules to the current postgresql service.
+ # - alert: HugeReplicationLag
+ # expr: pg_replication_lag{service="{{ template "postgresql.fullname" . }}-metrics"} / 3600 > 1
+ # for: 1m
+ # labels:
+ # severity: critical
+ # annotations:
+ # description: replication for {{ template "postgresql.fullname" . }} PostgreSQL is lagging by {{ "{{ $value }}" }} hour(s).
+ # summary: PostgreSQL replication is lagging by {{ "{{ $value }}" }} hour(s).
image:
registry: docker.io
- repository: wrouesnel/postgres_exporter
- tag: v0.4.6
+ repository: bitnami/postgres-exporter
+ tag: 0.7.0-debian-9-r12
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
- # - myRegistrKeySecretName
-
+ # - myRegistryKeySecretName
+ ## Define additional custom metrics
+ ## ref: https://github.com/wrouesnel/postgres_exporter#adding-new-metrics-via-a-config-file
+ # customMetrics:
+ # pg_database:
+ # query: "SELECT d.datname AS name, CASE WHEN pg_catalog.has_database_privilege(d.datname, 'CONNECT') THEN pg_catalog.pg_database_size(d.datname) ELSE 0 END AS size FROM pg_catalog.pg_database d where datname not in ('template0', 'template1', 'postgres')"
+ # metrics:
+ # - name:
+ # usage: "LABEL"
+ # description: "Name of the database"
+ # - size_bytes:
+ # usage: "GAUGE"
+ # description: "Size of the database in bytes"
+ ## Pod Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ ##
+ securityContext:
+ enabled: false
+ runAsUser: 1001
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
## Configure extra options for liveness and readiness probes
livenessProbe:
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
-
-# Define custom environment variables to pass to the image here
-extraEnv: {}