{{- if .Values.replication.enabled }}
-apiVersion: apps/v1
+apiVersion: {{ template "postgresql.statefulset.apiVersion" . }}
kind: StatefulSet
metadata:
name: "{{ template "postgresql.fullname" . }}-slave"
chart: {{ template "postgresql.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
+{{- with .Values.slave.labels }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+{{- with .Values.slave.annotations }}
+ annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
spec:
serviceName: {{ template "postgresql.fullname" . }}-headless
replicas: {{ .Values.replication.slaveReplicas }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
role: slave
+{{- with .Values.slave.podLabels }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- with .Values.slave.podAnnotations }}
+ annotations:
+{{ toYaml . | indent 8 }}
+{{- end }}
spec:
- {{- if .Values.securityContext.enabled }}
- securityContext:
- fsGroup: {{ .Values.securityContext.fsGroup }}
- runAsUser: {{ .Values.securityContext.runAsUser }}
- {{- end }}
- {{- if .Values.image.pullSecrets }}
- imagePullSecrets:
- {{- range .Values.image.pullSecrets }}
- - name: {{ . }}
- {{- end}}
+ {{- if .Values.schedulerName }}
+ schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
+{{- include "postgresql.imagePullSecrets" . | indent 6 }}
{{- if .Values.slave.nodeSelector }}
nodeSelector:
{{ toYaml .Values.slave.nodeSelector | indent 8 }}
{{- if .Values.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
{{- end }}
- {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
+ {{- if .Values.securityContext.enabled }}
+ securityContext:
+ fsGroup: {{ .Values.securityContext.fsGroup }}
+ {{- end }}
+ {{- if .Values.serviceAccount.enabled }}
+ serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name}}
+ {{- end }}
+ {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
initContainers:
- - name: init-chmod-data
- image: {{ template "postgresql.volumePermissions.image" . }}
- imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}"
- resources:
-{{ toYaml .Values.resources | indent 10 }}
- command:
- - sh
- - -c
- - |
- chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} /bitnami
- if [ -d /bitnami/postgresql/data ]; then
- chmod 0700 /bitnami/postgresql/data;
- fi
- securityContext:
- runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
- volumeMounts:
- - name: data
- mountPath: /bitnami/postgresql
+ {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
+ - name: init-chmod-data
+ image: {{ template "postgresql.volumePermissions.image" . }}
+ imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}"
+ {{- if .Values.resources }}
+ resources: {{- toYaml .Values.resources | nindent 12 }}
+ {{- end }}
+ command:
+ - /bin/sh
+ - -c
+ - |
+ mkdir -p {{ .Values.persistence.mountPath }}/data
+ chmod 700 {{ .Values.persistence.mountPath }}/data
+ find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
+ xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}
+ {{- if .Values.shmVolume.enabled }}
+ chmod -R 777 /dev/shm
+ {{- end }}
+ securityContext:
+ runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
+ volumeMounts:
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ subPath: {{ .Values.persistence.subPath }}
+ {{- if .Values.shmVolume.enabled }}
+ - name: dshm
+ mountPath: /dev/shm
+ {{- end }}
+ {{- end }}
+ {{- if .Values.slave.extraInitContainers }}
+{{ tpl .Values.slave.extraInitContainers . | indent 8 }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.slave.priorityClassName }}
+ priorityClassName: {{ .Values.slave.priorityClassName }}
{{- end }}
containers:
- - name: {{ template "postgresql.fullname" . }}
- image: {{ template "postgresql.image" . }}
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- resources:
-{{ toYaml .Values.resources | indent 10 }}
- env:
- {{- if .Values.image.debug}}
- - name: BASH_DEBUG
- value: "1"
- - name: NAMI_DEBUG
- value: "1"
- {{- end }}
- - name: POSTGRESQL_REPLICATION_MODE
- value: "slave"
- - name: POSTGRESQL_REPLICATION_USER
- value: {{ .Values.replication.user | quote }}
+ - name: {{ template "postgresql.fullname" . }}
+ image: {{ template "postgresql.image" . }}
+ imagePullPolicy: "{{ .Values.image.pullPolicy }}"
+ {{- if .Values.resources }}
+ resources: {{- toYaml .Values.resources | nindent 12 }}
+ {{- end }}
+ {{- if .Values.securityContext.enabled }}
+ securityContext:
+ runAsUser: {{ .Values.securityContext.runAsUser }}
+ {{- end }}
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" .Values.image.debug | quote }}
+ - name: POSTGRESQL_VOLUME_DIR
+ value: "{{ .Values.persistence.mountPath }}"
+ - name: POSTGRESQL_PORT_NUMBER
+ value: "{{ template "postgresql.port" . }}"
+ {{- if .Values.persistence.mountPath }}
+ - name: PGDATA
+ value: {{ .Values.postgresqlDataDir | quote }}
+ {{- end }}
+ - name: POSTGRES_REPLICATION_MODE
+ value: "slave"
+ - name: POSTGRES_REPLICATION_USER
+ value: {{ include "postgresql.replication.username" . | quote }}
+ {{- if .Values.usePasswordFile }}
+ - name: POSTGRES_REPLICATION_PASSWORD_FILE
+ value: "/opt/bitnami/postgresql/secrets/postgresql-replication-password"
+ {{- else }}
+ - name: POSTGRES_REPLICATION_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "postgresql.secretName" . }}
+ key: postgresql-replication-password
+ {{- end }}
+ - name: POSTGRES_CLUSTER_APP_NAME
+ value: {{ .Values.replication.applicationName }}
+ - name: POSTGRES_MASTER_HOST
+ value: {{ template "postgresql.fullname" . }}
+ - name: POSTGRES_MASTER_PORT_NUMBER
+ value: {{ include "postgresql.port" . | quote }}
+ {{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }}
+ {{- if .Values.usePasswordFile }}
+ - name: POSTGRES_POSTGRES_PASSWORD_FILE
+ value: "/opt/bitnami/postgresql/secrets/postgresql-postgres-password"
+ {{- else }}
+ - name: POSTGRES_POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "postgresql.secretName" . }}
+ key: postgresql-postgres-password
+ {{- end }}
+ {{- end }}
+ {{- if .Values.usePasswordFile }}
+ - name: POSTGRES_PASSWORD_FILE
+ value: "/opt/bitnami/postgresql/secrets/postgresql-password"
+ {{- else }}
+ - name: POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "postgresql.secretName" . }}
+ key: postgresql-password
+ {{- end }}
+ ports:
+ - name: tcp-postgresql
+ containerPort: {{ template "postgresql.port" . }}
+ {{- if .Values.livenessProbe.enabled }}
+ livenessProbe:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ {{- if (include "postgresql.database" .) }}
+ - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+ {{- else }}
+ - exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+ {{- end }}
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+ {{- end }}
+ {{- if .Values.readinessProbe.enabled }}
+ readinessProbe:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - -e
+ {{- include "postgresql.readinessProbeCommand" . | nindent 16 }}
+ initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+ {{- end }}
+ volumeMounts:
+ {{- if .Values.usePasswordFile }}
+ - name: postgresql-password
+ mountPath: /opt/bitnami/postgresql/secrets/
+ {{- end }}
+ {{- if .Values.shmVolume.enabled }}
+ - name: dshm
+ mountPath: /dev/shm
+ {{- end }}
+ {{- if .Values.persistence.enabled }}
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ subPath: {{ .Values.persistence.subPath }}
+ {{ end }}
+ {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }}
+ - name: postgresql-extended-config
+ mountPath: /bitnami/postgresql/conf/conf.d/
+ {{- end }}
+ {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap }}
+ - name: postgresql-config
+ mountPath: /bitnami/postgresql/conf
+ {{- end }}
+ {{- if .Values.slave.extraVolumeMounts }}
+ {{- toYaml .Values.slave.extraVolumeMounts | nindent 12 }}
+ {{- end }}
+ volumes:
{{- if .Values.usePasswordFile }}
- - name: POSTGRESQL_REPLICATION_PASSWORD_FILE
- value: "/opt/bitnami/postgresql/secrets/postgresql-replication-password"
- {{- else }}
- - name: POSTGRESQL_REPLICATION_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "postgresql.secretName" . }}
- key: postgresql-replication-password
+ - name: postgresql-password
+ secret:
+ secretName: {{ template "postgresql.secretName" . }}
{{- end }}
- - name: POSTGRESQL_CLUSTER_APP_NAME
- value: {{ .Values.replication.applicationName }}
- - name: POSTGRESQL_MASTER_HOST
- value: {{ template "postgresql.fullname" . }}
- - name: POSTGRESQL_MASTER_PORT_NUMBER
- value: {{ .Values.service.port | quote }}
- ports:
- - name: postgresql
- containerPort: {{ .Values.service.port }}
- {{- if .Values.livenessProbe.enabled }}
- livenessProbe:
- exec:
- command:
- - sh
- - -c
- {{- if .Values.postgresqlDatabase }}
- - exec pg_isready -U {{ .Values.postgresqlUsername | quote }} -d {{ .Values.postgresqlDatabase | quote }} -h localhost
- {{- else }}
- - exec pg_isready -U {{ .Values.postgresqlUsername | quote }} -h localhost
- {{- end }}
- initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
- successThreshold: {{ .Values.livenessProbe.successThreshold }}
- failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+ {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap}}
+ - name: postgresql-config
+ configMap:
+ name: {{ template "postgresql.configurationCM" . }}
{{- end }}
- {{- if .Values.readinessProbe.enabled }}
- readinessProbe:
- exec:
- command:
- - sh
- - -c
- {{- if .Values.postgresqlDatabase }}
- - exec pg_isready -U {{ .Values.postgresqlUsername | quote }} -d {{ .Values.postgresqlDatabase | quote }} -h localhost
- {{- else }}
- - exec pg_isready -U {{ .Values.postgresqlUsername | quote }} -h localhost
- {{- end }}
- initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
- successThreshold: {{ .Values.readinessProbe.successThreshold }}
- failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+ {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.postgresqlExtendedConf .Values.extendedConfConfigMap }}
+ - name: postgresql-extended-config
+ configMap:
+ name: {{ template "postgresql.extendedConfigurationCM" . }}
{{- end }}
- volumeMounts:
- {{- if .Values.usePasswordFile }}
- - name: postgresql-password
- mountPath: /opt/bitnami/postgresql/secrets
- {{ end }}
- {{- if .Values.persistence.enabled }}
+ {{- if .Values.shmVolume.enabled }}
+ - name: dshm
+ emptyDir:
+ medium: Memory
+ sizeLimit: 1Gi
+ {{- end }}
+ {{- if not .Values.persistence.enabled }}
- name: data
- mountPath: {{ .Values.persistence.mountPath }}
- {{ end }}
- {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.extendedConfConfigMap }}
- - name: postgresql-extended-config
- mountPath: /bitnami/postgresql/conf/conf.d/
+ emptyDir: {}
{{- end }}
- {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap }}
- - name: postgresql-config
- mountPath: /bitnami/postgresql/conf
+ {{- if .Values.slave.extraVolumes }}
+ {{- toYaml .Values.slave.extraVolumes | nindent 8 }}
{{- end }}
- volumes:
- {{- if .Values.usePasswordFile }}
- - name: postgresql-password
- secret:
- secretName: {{ template "postgresql.secretName" . }}
- {{ end }}
- {{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap}}
- - name: postgresql-config
- configMap:
- name: {{ template "postgresql.configurationCM" . }}
- {{- end }}
- {{- if or (.Files.Glob "files/conf.d/*.conf") .Values.extendedConfConfigMap }}
- - name: postgresql-extended-config
- configMap:
- name: {{ template "postgresql.extendedConfigurationCM" . }}
- {{- end }}
- {{- if not .Values.persistence.enabled }}
- - name: data
- emptyDir: {}
- {{- end }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
+ {{- if (eq "Recreate" .Values.updateStrategy.type) }}
+ rollingUpdate: null
+ {{- end }}
{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- metadata:
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- {{- if .Values.persistence.storageClass }}
- {{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
- {{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
- {{- end }}
- {{- end }}
+ {{ include "postgresql.storageClass" . }}
{{- end }}
{{- end }}