Почетна Преглед Помоћ
Регистрација Пријавите се
lcy
/
truenas
1
0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Дрво: dc5ae91a7f
Гране Ознаке
truenas
/
library
/
common
/
templates
/
app_functions
/
_postgres.tpl

_postgres.tpl 4.8 KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148 
  1. {{/* Returns a postgres pod with init container for fixing permissions
    2. 

  2. and a pre-upgrade job to backup the database */}}
    3. 

  3. {{/* Call this template:
    4. 

  4. {{ include "ix.v1.common.app.postgres" (dict "name" "postgres" "secretName" "postgres-creds" "backupPath" "/postgres_backup" "resources" .Values.resources) }}
    5. 

  5. 

  6. name (optional): Name of the postgres pod/container (default: postgres)
    7. 

  7. secretName (required): Name of the secret containing the postgres credentials
    8. 

  8. backupPath (optional): Path to store the backup, it's the container's path (default: /postgres_backup)
    9. 

  9. resources (required): Resources for the postgres container
    10. 

  10. */}}
    11. 

  11. {{- define "ix.v1.common.app.postgres" -}}
    12. 

  12.   {{- $name := .name | default "postgres" -}}
    13. 

  13.   {{- $secretName := (required "Postgres - Secret Name is required" .secretName) -}}
    14. 

  14.   {{- $backupPath := .backupPath | default "/postgres_backup" -}}
    15. 

  15.   {{- $ixChartContext := .ixChartContext -}}
    16. 

  16.   {{- $resources := (required "Postgres - Resources are required" .resources) }}
    17. 

  17. {{ $name }}:
    18. 

  18.   enabled: true
    19. 

  19.   type: Deployment
    20. 

  20.   podSpec:
    21. 

  21.     containers:
    22. 

  22.       {{ $name }}:
    23. 

  23.         enabled: true
    24. 

  24.         primary: true
    25. 

  25.         imageSelector: postgresImage
    26. 

  26.         securityContext:
    27. 

  27.           runAsUser: 999
    28. 

  28.           runAsGroup: 999
    29. 

  29.           readOnlyRootFilesystem: false
    30. 

  30.         resources:
    31. 

  31.           limits:
    32. 

  32.             cpu: {{ $resources.limits.cpu }}
    33. 

  33.             memory: {{ $resources.limits.memory }}
    34. 

  34.         envFrom:
    35. 

  35.           - secretRef:
    36. 

  36.               name: {{ $secretName }}
    37. 

  37.         probes:
    38. 

  38.           liveness:
    39. 

  39.             enabled: true
    40. 

  40.             type: exec
    41. 

  41.             command:
    42. 

  42.               - sh
    43. 

  43.               - -c
    44. 

  44.               - "until pg_isready -U ${POSTGRES_USER} -h localhost; do sleep 2; done"
    45. 

  45.           readiness:
    46. 

  46.             enabled: true
    47. 

  47.             type: exec
    48. 

  48.             command:
    49. 

  49.               - sh
    50. 

  50.               - -c
    51. 

  51.               - "until pg_isready -U ${POSTGRES_USER} -h localhost; do sleep 2; done"
    52. 

  52.           startup:
    53. 

  53.             enabled: true
    54. 

  54.             type: exec
    55. 

  55.             command:
    56. 

  56.               - sh
    57. 

  57.               - -c
    58. 

  58.               - "until pg_isready -U ${POSTGRES_USER} -h localhost; do sleep 2; done"
    59. 

  59.     initContainers:
    60. 

  60.     {{- include "ix.v1.common.app.permissions" (dict "UID" 999 "GID" 999) | nindent 6 }}
    61. 

  61. {{- $enableBackupJob := false -}}
    62. 

  62. {{- if hasKey $ixChartContext "isUpgrade" -}}
    63. 

  63.   {{- if $ixChartContext.isUpgrade -}}
    64. 

  64.     {{- $enableBackupJob = true -}}
    65. 

  65.   {{- end -}}
    66. 

  66. {{- else -}}
    67. 

  67.   {{/*
    68. 

  68.     If the key is not present in ixChartContext,
    69. 

  69.     means we are outside SCALE (Probably CI),
    70. 

  70.     let upgrade job run
    71. 

  71.   */}}
    72. 

  72.   {{- $enableBackupJob = true -}}
    73. 

  73. {{- end }}
    74. 

  74. postgresbackup:
    75. 

  75.   enabled: {{ $enableBackupJob }}
    76. 

  76.   type: Job
    77. 

  77.   annotations:
    78. 

  78.     "helm.sh/hook": pre-upgrade
    79. 

  79.     "helm.sh/hook-weight": "1"
    80. 

  80.     "helm.sh/hook-delete-policy": hook-succeeded
    81. 

  81.   podSpec:
    82. 

  82.     restartPolicy: Never
    83. 

  83.     containers:
    84. 

  84.       postgresbackup:
    85. 

  85.         enabled: true
    86. 

  86.         primary: true
    87. 

  87.         imageSelector: postgresImage
    88. 

  88.         securityContext:
    89. 

  89.           runAsUser: 999
    90. 

  90.           runAsGroup: 999
    91. 

  91.           readOnlyRootFilesystem: false
    92. 

  92.         probes:
    93. 

  93.           liveness:
    94. 

  94.             enabled: false
    95. 

  95.           readiness:
    96. 

  96.             enabled: false
    97. 

  97.           startup:
    98. 

  98.             enabled: false
    99. 

  99.         resources:
    100. 

  100.           limits:
    101. 

  101.             cpu: 2000m
    102. 

  102.             memory: 2Gi
    103. 

  103.         envFrom:
    104. 

  104.           - secretRef:
    105. 

  105.               name: {{ $secretName }}
    106. 

  106.         command:
    107. 

  107.           - sh
    108. 

  108.           - -c
    109. 

  109.           - |
    110. 

  110.             until pg_isready -U ${POSTGRES_USER} -h ${POSTGRES_HOST}; do sleep 2; done
    111. 

  111.             echo "Creating backup of ${POSTGRES_DB} database"
    112. 

  112.             pg_dump --dbname=${POSTGRES_URL} --file {{ $backupPath }}/${POSTGRES_DB}_$(date +%Y-%m-%d_%H-%M-%S).sql || echo "Failed to create backup"
    113. 

  113.             echo "Backup finished"
    114. 

  114.     initContainers:
    115. 

  115.     {{- include "ix.v1.common.app.permissions" (dict "UID" 999 "GID" 999 "type" "init") | nindent 6 }}
    116. 

  116. {{- end -}}
    117. 

  117. 

  118. {{/* Returns a postgres-wait container for waiting for postgres to be ready */}}
    119. 

  119. {{/* Call this template:
    120. 

  120. {{ include "ix.v1.common.app.postgresWait" (dict "name" "postgres-wait" "secretName" "postgres-creds") }}
    121. 

  121. 

  122. name (optional): Name of the postgres-wait container (default: postgres-wait)
    123. 

  123. secretName (required): Name of the secret containing the postgres credentials
    124. 

  124. */}}
    125. 

  125. 

  126. {{- define "ix.v1.common.app.postgresWait" -}}
    127. 

  127.   {{- $name := .name | default "postgres-wait" -}}
    128. 

  128.   {{- $secretName := (required "Postgres-Wait - Secret Name is required" .secretName) }}
    129. 

  129. {{ $name }}:
    130. 

  130.   enabled: true
    131. 

  131.   type: init
    132. 

  132.   imageSelector: postgresImage
    133. 

  133.   envFrom:
    134. 

  134.     - secretRef:
    135. 

  135.         name: {{ $secretName }}
    136. 

  136.   resources:
    137. 

  137.     limits:
    138. 

  138.       cpu: 500m
    139. 

  139.       memory: 256Mi
    140. 

  140.   command: bash
    141. 

  141.   args:
    142. 

  142.     - -c
    143. 

  143.     - |
    144. 

  144.       echo "Waiting for postgres to be ready"
    145. 

  145.       until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} -d ${POSTGRES_DB}; do
    146. 

  146.         sleep 2
    147. 

  147.       done
    148. 

  148. {{- end -}}
    149.