From 3380426584fc23483c87a5935d56ccdb6abe1cc1 Mon Sep 17 00:00:00 2001 From: Amit Solanki Date: Wed, 9 Nov 2022 05:16:30 +0530 Subject: [PATCH] Added helm chart for postgres read replicas --- k8s/postgres-replica/Chart.yaml | 5 ++ k8s/postgres-replica/templates/NOTES.txt | 8 ++ .../templates/pgprimary-secret.yaml | 7 ++ .../templates/pgroot-secret.yaml | 7 ++ .../templates/pguser-secret.yaml | 7 ++ .../templates/primary-pod.yaml | 77 ++++++++++++++++++ .../templates/primary-pv.yaml | 12 +++ .../templates/primary-pvc.yaml | 10 +++ .../templates/primary-service.yaml | 20 +++++ .../templates/replica-deployment.yaml | 81 +++++++++++++++++++ .../templates/replica-service.yaml | 18 +++++ k8s/postgres-replica/values.yaml | 32 ++++++++ 12 files changed, 284 insertions(+) create mode 100644 k8s/postgres-replica/Chart.yaml create mode 100644 k8s/postgres-replica/templates/NOTES.txt create mode 100644 k8s/postgres-replica/templates/pgprimary-secret.yaml create mode 100644 k8s/postgres-replica/templates/pgroot-secret.yaml create mode 100644 k8s/postgres-replica/templates/pguser-secret.yaml create mode 100644 k8s/postgres-replica/templates/primary-pod.yaml create mode 100644 k8s/postgres-replica/templates/primary-pv.yaml create mode 100644 k8s/postgres-replica/templates/primary-pvc.yaml create mode 100644 k8s/postgres-replica/templates/primary-service.yaml create mode 100644 k8s/postgres-replica/templates/replica-deployment.yaml create mode 100644 k8s/postgres-replica/templates/replica-service.yaml create mode 100644 k8s/postgres-replica/values.yaml diff --git a/k8s/postgres-replica/Chart.yaml b/k8s/postgres-replica/Chart.yaml new file mode 100644 index 000000000..36d4ab969 --- /dev/null +++ b/k8s/postgres-replica/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +name: primary-replica +description: Deploy a basic postgres primary and replica cluster +version: 5.2.1 +appVersion: 5.2.1 diff --git a/k8s/postgres-replica/templates/NOTES.txt b/k8s/postgres-replica/templates/NOTES.txt new file mode 100644 index 000000000..64a11de67 --- /dev/null +++ b/k8s/postgres-replica/templates/NOTES.txt @@ -0,0 +1,8 @@ +Thank you for installing {{ .Chart.Name }} chart. + +Your release is named {{ .Release.Name }}. + +To learn more about the release, try: + + $ helm status {{ .Release.Name }} + $ helm get {{ .Release.Name }} diff --git a/k8s/postgres-replica/templates/pgprimary-secret.yaml b/k8s/postgres-replica/templates/pgprimary-secret.yaml new file mode 100644 index 000000000..e46246029 --- /dev/null +++ b/k8s/postgres-replica/templates/pgprimary-secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: pgprimary-secret +data: + username: bWFzdGVy + password: cGFzc3dvcmQ= diff --git a/k8s/postgres-replica/templates/pgroot-secret.yaml b/k8s/postgres-replica/templates/pgroot-secret.yaml new file mode 100644 index 000000000..57a3aa67a --- /dev/null +++ b/k8s/postgres-replica/templates/pgroot-secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: pgroot-secret +data: + username: cGd1c2VyMQ== + password: cGFzc3dvcmQ= diff --git a/k8s/postgres-replica/templates/pguser-secret.yaml b/k8s/postgres-replica/templates/pguser-secret.yaml new file mode 100644 index 000000000..f1434e715 --- /dev/null +++ b/k8s/postgres-replica/templates/pguser-secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: pguser-secret +data: + username: cGd1c2VyMQ== + password: cGFzc3dvcmQ= diff --git a/k8s/postgres-replica/templates/primary-pod.yaml b/k8s/postgres-replica/templates/primary-pod.yaml new file mode 100644 index 000000000..8de95e123 --- /dev/null +++ b/k8s/postgres-replica/templates/primary-pod.yaml @@ -0,0 +1,77 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{.Values.container.name.primary}}" + labels: + name: "{{.Values.container.name.primary}}" + # The "heritage" label is used to track which tool deployed a given chart. + # It is useful for admins who want to see what releases a particular tool + # is responsible for. + heritage: {{.Release.Service | quote }} + # The "release" convention makes it easy to tie a release to all of the + # Kubernetes resources that were created as part of that release. + release: {{.Release.Name | quote }} + # This makes it easy to audit chart usage. + chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + "helm.sh/created": {{.Release.Time.Seconds | quote }} +spec: + # This shows how to use a simple value. This will look for a passed-in value + # called restartPolicy. If it is not found, it will use the default value. + # {{default "Never" .restartPolicy}} is a slightly optimized version of the + # more conventional syntax: {{.restartPolicy | default "Never"}} + restartPolicy: {{default "Never" .Values.restartPolicy}} + containers: + - name: {{.Values.container.name.primary}} + image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}" + ports: + - containerPort: {{.Values.container.port}} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: primary + - name: PG_PRIMARY_PORT + value: "{{.Values.container.port}}" + - name: PG_PRIMARY_PASSWORD + value: "{{.Values.credentials.primary}}" + - name: PG_USER + value: testuser + - name: PG_PASSWORD + value: "{{.Values.credentials.user}}" + - name: PG_DATABASE + value: userdb + - name: PG_ROOT_PASSWORD + value: "{{.Values.credentials.root}}" + resources: + requests: + cpu: {{ .Values.resources.cpu }} + memory: {{ .Values.resources.memory }} + volumeMounts: + - mountPath: /pgdata + name: pgdata + - mountPath: /backup + name: backup + readOnly: true + - mountPath: /pguser + name: pguser-volume + - mountPath: /pgprimary + name: pgprimary-volume + - mountPath: /pgroot + name: pgroot-volume + volumes: + - emptyDir: {} + name: pgdata + - emptyDir: {} + name: backup + - name: pguser-volume + secret: + secretName: pguser-secret + - name: pgprimary-volume + secret: + secretName: pgprimary-secret + - name: pgroot-volume + secret: + secretName: pgroot-secret diff --git a/k8s/postgres-replica/templates/primary-pv.yaml b/k8s/postgres-replica/templates/primary-pv.yaml new file mode 100644 index 000000000..0fcf054c9 --- /dev/null +++ b/k8s/postgres-replica/templates/primary-pv.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{.Values.pv.name}} +spec: + capacity: + storage: {{.Values.pv.storage}} + accessModes: + - {{.Values.pv.mode}} + hostPath: + path: "{{.Values.pv.path}}" + persistentVolumeReclaimPolicy: Retain diff --git a/k8s/postgres-replica/templates/primary-pvc.yaml b/k8s/postgres-replica/templates/primary-pvc.yaml new file mode 100644 index 000000000..18272cf55 --- /dev/null +++ b/k8s/postgres-replica/templates/primary-pvc.yaml @@ -0,0 +1,10 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{.Values.pvc.name}} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{.Values.pv.storage}} diff --git a/k8s/postgres-replica/templates/primary-service.yaml b/k8s/postgres-replica/templates/primary-service.yaml new file mode 100644 index 000000000..09c20ff8c --- /dev/null +++ b/k8s/postgres-replica/templates/primary-service.yaml @@ -0,0 +1,20 @@ +# This is a service gateway to the replica set created by the deployment. +# Take a look at the deployment.yaml for general notes about this chart. +apiVersion: v1 +kind: Service +metadata: + name: "{{.Values.container.name.primary}}" + labels: + name: "{{.Values.container.name.primary}}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{.Chart.Name}}-{{.Chart.Version}}" +spec: + type: "{{.Values.serviceType}}" + ports: + - port: {{.Values.container.port}} + targetPort: {{.Values.container.port}} + protocol: TCP + name: postgres + selector: + name: "{{.Values.container.name.primary}}" diff --git a/k8s/postgres-replica/templates/replica-deployment.yaml b/k8s/postgres-replica/templates/replica-deployment.yaml new file mode 100644 index 000000000..511fd9342 --- /dev/null +++ b/k8s/postgres-replica/templates/replica-deployment.yaml @@ -0,0 +1,81 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: "{{.Values.container.name.replica}}" + labels: + name: "{{.Values.container.name.replica}}" + heritage: {{.Release.Service | quote }} + release: {{.Release.Name | quote }} + chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + "helm.sh/created": {{.Release.Time.Seconds | quote }} +spec: + replicas: 1 + selector: + matchLabels: + name: "{{.Values.container.name.replica}}" + template: + metadata: + labels: + name: "{{.Values.container.name.replica}}" + name: "{{.Values.container.name.replica}}" + spec: + containers: + - env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_HOST + value: "{{.Values.container.name.primary}}" + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: replica + - name: PG_PRIMARY_PORT + value: "{{.Values.container.port}}" + - name: PG_PRIMARY_PASSWORD + value: "{{.Values.credentials.primary}}" + - name: PG_USER + value: testuser + - name: PG_PASSWORD + value: "{{.Values.credentials.user}}" + - name: PG_DATABASE + value: userdb + - name: PG_ROOT_PASSWORD + value: "{{.Values.credentials.root}}" + image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}" + imagePullPolicy: IfNotPresent + name: "{{.Values.container.name.replica}}" + ports: + - containerPort: {{.Values.container.port}} + protocol: TCP + terminationMessagePath: /dev/termination-log + volumeMounts: + - mountPath: /pgdata + name: pgdata + - mountPath: /backup + name: backup + readOnly: true + - mountPath: /pguser + name: pguser-volume + - mountPath: /pgprimary + name: pgprimary-volume + - mountPath: /pgroot + name: pgroot-volume + dnsPolicy: ClusterFirst + restartPolicy: Always + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: pgdata + - emptyDir: {} + name: backup + - name: pguser-volume + secret: + secretName: pguser-secret + - name: pgprimary-volume + secret: + secretName: pgprimary-secret + - name: pgroot-volume + secret: + secretName: pgroot-secret diff --git a/k8s/postgres-replica/templates/replica-service.yaml b/k8s/postgres-replica/templates/replica-service.yaml new file mode 100644 index 000000000..80ae1fc73 --- /dev/null +++ b/k8s/postgres-replica/templates/replica-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{.Values.container.name.replica}}" + labels: + name: "{{.Values.container.name.replica}}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{.Chart.Name}}-{{.Chart.Version}}" +spec: + type: "{{.Values.serviceType}}" + ports: + - port: {{.Values.container.port}} + targetPort: {{.Values.container.port}} + protocol: TCP + name: postgres + selector: + name: "{{.Values.container.name.replica}}" diff --git a/k8s/postgres-replica/values.yaml b/k8s/postgres-replica/values.yaml new file mode 100644 index 000000000..a35d3c40f --- /dev/null +++ b/k8s/postgres-replica/values.yaml @@ -0,0 +1,32 @@ +name: primary-replica + +container: + port: 5432 + name: + primary: primary + replica: replica + +credentials: + primary: password + root: password + user: password + +serviceType: ClusterIP + +image: + repository: crunchydata + container: crunchy-postgres + tag: ubi8-14.6-0 + +pv: + storage: 400M + name: primary-pv + mode: ReadWriteMany + path: /data + +pvc: + name: primary-pvc + +resources: + cpu: 200m + memory: 512Mi