--- /dev/null
+{{- if .Values.replication.enabled }}
+apiVersion: {{ template "postgresql.statefulset.apiVersion" . }}
+kind: StatefulSet
+metadata:
+ name: "{{ template "postgresql.fullname" . }}-slave"
+ labels:
+ app: {{ template "postgresql.name" . }}
+ chart: {{ template "postgresql.chart" . }}
+ release: {{ .Release.Name | quote }}
+ heritage: {{ .Release.Service | quote }}
+{{- with .Values.slave.labels }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+{{- with .Values.slave.annotations }}
+ annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+ serviceName: {{ template "postgresql.fullname" . }}-headless
+ replicas: {{ .Values.replication.slaveReplicas }}
+ selector:
+ matchLabels:
+ app: {{ template "postgresql.name" . }}
+ release: {{ .Release.Name | quote }}
+ role: slave
+ template:
+ metadata:
+ name: {{ template "postgresql.fullname" . }}
+ labels:
+ app: {{ template "postgresql.name" . }}
+ chart: {{ template "postgresql.chart" . }}
+ release: {{ .Release.Name | quote }}
+ heritage: {{ .Release.Service | quote }}
+ role: slave
+{{- with .Values.slave.podLabels }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- with .Values.slave.podAnnotations }}
+ annotations:
+{{ toYaml . | indent 8 }}
+{{- end }}
+ spec:
+ {{- if .Values.schedulerName }}
+ schedulerName: "{{ .Values.schedulerName }}"
+ {{- end }}
+{{- include "postgresql.imagePullSecrets" . | indent 6 }}
+ {{- if .Values.slave.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.slave.nodeSelector | indent 8 }}
+ {{- end }}
+ {{- if .Values.slave.affinity }}
+ affinity:
+{{ toYaml .Values.slave.affinity | indent 8 }}
+ {{- end }}
+ {{- if .Values.slave.tolerations }}
+ tolerations:
+{{ toYaml .Values.slave.tolerations | indent 8 }}
+ {{- end }}
+ {{- if .Values.terminationGracePeriodSeconds }}
+ terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
+ {{- end }}
+ {{- if .Values.securityContext.enabled }}
+ securityContext:
+ fsGroup: {{ .Values.securityContext.fsGroup }}
+ {{- end }}
+ {{- if .Values.serviceAccount.enabled }}
+ serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name}}
+ {{- end }}
+ {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
+ initContainers:
+ {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
+ - name: init-chmod-data
+ image: {{ template "postgresql.volumePermissions.image" . }}
+ imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}"
+ {{- if .Values.resources }}
+ resources: {{- toYaml .Values.resources | nindent 12 }}
+ {{- end }}
+ command:
+ - /bin/sh
+ - -c
+ - |
+ mkdir -p {{ .Values.persistence.mountPath }}/data
+ chmod 700 {{ .Values.persistence.mountPath }}/data
+ find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
+ xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}
+ {{- if .Values.shmVolume.enabled }}
+ chmod -R 777 /dev/shm
+ {{- end }}
+ securityContext:
+ runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
+ volumeMounts:
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ subPath: {{ .Values.persistence.subPath }}
+ {{- if .Values.shmVolume.enabled }}
+ - name: dshm
+ mountPath: /dev/shm
+ {{- end }}
+ {{- end }}
+ {{- if .Values.slave.extraInitContainers }}
+{{ tpl .Values.slave.extraInitContainers . | indent 8 }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.slave.priorityClassName }}
+ priorityClassName: {{ .Values.slave.priorityClassName }}
+ {{- end }}
+ containers:
+ - name: {{ template "postgresql.fullname" . }}
+ image: {{ template "postgresql.image" . }}
+ imagePullPolicy: "{{ .Values.image.pullPolicy }}"
+ {{- if .Values.resources }}
+ resources: {{- toYaml .Values.resources | nindent 12 }}
+ {{- end }}
+ {{- if .Values.securityContext.enabled }}
+ securityContext:
+ runAsUser: {{ .Values.securityContext.runAsUser }}
+ {{- end }}
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" .Values.image.debug | quote }}
+ - name: POSTGRESQL_VOLUME_DIR
+ value: "{{ .Values.persistence.mountPath }}"
+ - name: POSTGRESQL_PORT_NUMBER
+ value: "{{ template "postgresql.port" . }}"
+ {{- if .Values.persistence.mountPath }}
+ - name: PGDATA
+ value: {{ .Values.postgresqlDataDir | quote }}
+ {{- end }}
+ - name: POSTGRES_REPLICATION_MODE
+ value: "slave"
+ - name: POSTGRES_REPLICATION_USER
+ value: {{ include "postgresql.replication.username" . | quote }}
+ {{- if .Values.usePasswordFile }}
+ - name: POSTGRES_REPLICATION_PASSWORD_FILE
+ value: "/opt/bitnami/postgresql/secrets/postgresql-replication-password"
+ {{- else }}
+ - name: POSTGRES_REPLICATION_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "postgresql.secretName" . }}
+ key: postgresql-replication-password
+ {{- end }}
+ - name: POSTGRES_CLUSTER_APP_NAME
+ value: {{ .Values.replication.applicationName }}
+ - name: POSTGRES_MASTER_HOST
+ value: {{ template "postgresql.fullname" . }}
+ - name: POSTGRES_MASTER_PORT_NUMBER
+ value: {{ include "postgresql.port" . | quote }}
+ {{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }}
+ {{- if .Values.usePasswordFile }}
+ - name: POSTGRES_POSTGRES_PASSWORD_FILE
+ value: "/opt/bitnami/postgresql/secrets/postgresql-postgres-password"
+ {{- else }}
+ - name: POSTGRES_POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "postgresql.secretName" . }}
+ key: postgresql-postgres-password
+ {{- end }}
+ {{- end }}
+ {{- if .Values.usePasswordFile }}
+ - name: POSTGRES_PASSWORD_FILE
+ value: "/opt/bitnami/postgresql/secrets/postgresql-password"
+ {{- else }}
+ - name: POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "postgresql.secretName" . }}
+ key: postgresql-password
+ {{- end }}
+ ports:
+ - name: tcp-postgresql
+ containerPort: {{ template "postgresql.port" . }}
+ {{- if .Values.livenessProbe.enabled }}
+ livenessProbe:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ {{- if (include "postgresql.database" .) }}
+ - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+ {{- else }}
+ - exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+ {{- end }}
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+ {{- end }}
+ {{- if .Values.readinessProbe.enabled }}
+ readinessProbe:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - -e
+ {{- include "postgresql.readinessProbeCommand" . | nindent 16 }}
+ initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+ {{- end }}
+ volumeMounts:
+ {{- if .Values.usePasswordFile }}
+ - name: postgresql-password
+ mountPath: /opt/bitnami/postgresql/secrets/
+ {{- end }}
+ {{- if .Values.shmVolume.enabled }}
+ - name: dshm
+ mountPath: /dev/shm
+ {{- end }}
+ {{- if .Values.persistence.enabled }}
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ subPath: {{ .Values.persistence.subPath }}
+ {{ end }}
+ {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }}
+ - name: postgresql-extended-config
+ mountPath: /bitnami/postgresql/conf/conf.d/
+ {{- end }}
+ {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap }}
+ - name: postgresql-config
+ mountPath: /bitnami/postgresql/conf
+ {{- end }}
+ {{- if .Values.slave.extraVolumeMounts }}
+ {{- toYaml .Values.slave.extraVolumeMounts | nindent 12 }}
+ {{- end }}
+ volumes:
+ {{- if .Values.usePasswordFile }}
+ - name: postgresql-password
+ secret:
+ secretName: {{ template "postgresql.secretName" . }}
+ {{- end }}
+ {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap}}
+ - name: postgresql-config
+ configMap:
+ name: {{ template "postgresql.configurationCM" . }}
+ {{- end }}
+ {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }}
+ - name: postgresql-extended-config
+ configMap:
+ name: {{ template "postgresql.extendedConfigurationCM" . }}
+ {{- end }}
+ {{- if .Values.shmVolume.enabled }}
+ - name: dshm
+ emptyDir:
+ medium: Memory
+ sizeLimit: 1Gi
+ {{- end }}
+ {{- if not .Values.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- end }}
+ {{- if .Values.slave.extraVolumes }}
+ {{- toYaml .Values.slave.extraVolumes | nindent 8 }}
+ {{- end }}
+ updateStrategy:
+ type: {{ .Values.updateStrategy.type }}
+ {{- if (eq "Recreate" .Values.updateStrategy.type) }}
+ rollingUpdate: null
+ {{- end }}
+{{- if .Values.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: data
+ {{- with .Values.persistence.annotations }}
+ annotations:
+ {{- range $key, $value := . }}
+ {{ $key }}: {{ $value }}
+ {{- end }}
+ {{- end }}
+ spec:
+ accessModes:
+ {{- range .Values.persistence.accessModes }}
+ - {{ . | quote }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+ {{ include "postgresql.storageClass" . }}
+{{- end }}
+{{- end }}