Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / 2281b5b618d13330c2aea46d033b25b38c5567d8 / . / kube / postgres_v.libsonnet
blob: 1e156f4ef8a18a9fe0ac5ed940aa4141347abe3b [file] [log] [blame]
# PostgreSQL on Kubernetes, with versioned names
local kube = import "kube.libsonnet";
{
local postgres = self,
local cfg = postgres.cfg,
cfg:: {
namespace: error "namespace must be set",
appName: error "app name must be set",
storageClassName: "waw-hdd-paranoid-2",
prefix: "", # if set, should be 'foo-'
version: "10.4", # valid version tag for https://hub.docker.com/_/postgres/
image: "postgres:" + cfg.version,
database: error "database must be set",
username: error "username must be set",
# not literal, instead ref for env (like { secretKeyRef: ... })
password: error "password must be set",
storageSize: "30Gi",
# This option can be used to customize initial database creation. For
# available options see: https://www.postgresql.org/docs/9.5/app-initdb.html
# Changing this option in already existing deployments will not affect
# existing database.
initdbArgs: null,
# Extra postgres configuration options passed on startup. Accepts only
# string values.
# Example: { max_connections: "300" }
opts: {},
},
safeVersion:: std.strReplace(cfg.version, ".", "-"),
makeName(suffix):: cfg.prefix + suffix + postgres.safeVersion,
metadata:: {
namespace: cfg.namespace,
labels: {
"app.kubernetes.io/name": cfg.appName,
"app.kubernetes.io/managed-by": "kubecfg",
"app.kubernetes.io/component": "postgres_v",
"hswaw.net/postgres-version": postgres.safeVersion,
},
},
volumeClaim: kube.PersistentVolumeClaim(postgres.makeName("postgres")) {
metadata+: postgres.metadata,
spec+: {
storageClassName: cfg.storageClassName,
accessModes: [ "ReadWriteOnce" ],
resources: {
requests: {
storage: cfg.storageSize,
},
},
},
},
deployment: kube.Deployment(postgres.makeName("postgres")) {
metadata+: postgres.metadata,
spec+: {
replicas: 1,
template+: {
spec+: {
volumes_: {
data: kube.PersistentVolumeClaimVolume(postgres.volumeClaim),
},
containers_: {
postgres: kube.Container(postgres.makeName("postgres")) {
image: cfg.image,
ports_: {
client: { containerPort: 5432 },
},
env_: {
POSTGRES_DB: cfg.database,
POSTGRES_USER: cfg.username,
POSTGRES_PASSWORD: cfg.password,
PGDATA: "/var/lib/postgresql/data/pgdata",
} + if cfg.initdbArgs != null then {
POSTGRES_INITDB_ARGS: cfg.initdbArgs,
} else {},
args: std.flatMap(
function(k) ["-c", "%s=%s" % [k, cfg.opts[k]]],
std.objectFields(cfg.opts),
),
volumeMounts_: {
data: { mountPath: "/var/lib/postgresql/data" },
},
},
},
securityContext: {
runAsUser: 999,
},
},
},
},
},
svc: kube.Service(postgres.makeName("postgres")) {
metadata+: postgres.metadata,
target_pod:: postgres.deployment.spec.template,
spec+: {
ports: [
{ name: "client", port: 5432, targetPort: 5432, protocol: "TCP" },
],
type: "ClusterIP",
},
},
bouncer: {
deployment: kube.Deployment(postgres.makeName("bouncer")) {
metadata+: postgres.metadata {
labels+: {
"app.kubernetes.io/component": "bouncer_v",
}
},
spec+: {
replicas: 1,
template+: {
spec+: {
containers_: {
bouncer: kube.Container(postgres.makeName("bouncer")) {
image: "edoburu/pgbouncer:1.11.0",
ports_: {
client: { containerPort: 5432 },
},
env: [
{ name: "POSTGRES_PASSWORD", valueFrom: cfg.password },
{ name: "DATABASE_URL", value: "postgres://%s:$(POSTGRES_PASSWORD)@%s/%s" % [cfg.username, postgres.svc.host, cfg.database] },
],
},
},
},
},
},
},
svc: kube.Service(postgres.makeName("bouncer")) {
metadata+: postgres.metadata {
labels+: {
"app.kubernetes.io/component": "bouncer",
}
},
target_pod:: postgres.bouncer.deployment.spec.template,
spec+: {
ports: [
{ name: "client", port: 5432, targetPort: 5432, protocol: "TCP" },
],
type: "ClusterIP",
},
},
},
}