{{- if .Values.postgresql.enabled }} apiVersion: v1 kind: Secret metadata: name: {{ include "clawith.fullname" . }}-postgresql namespace: {{ .Values.global.namespace }} labels: {{- include "clawith.labels" . | nindent 4 }} app.kubernetes.io/component: postgresql type: Opaque data: postgres-password: {{ .Values.postgresql.auth.password | b64enc | quote }} --- {{- if and .Values.postgresql.primary.persistence.enabled (not .Values.postgresql.primary.persistence.existingClaim) }} apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ include "clawith.fullname" . }}-postgresql-data namespace: {{ .Values.global.namespace }} labels: {{- include "clawith.labels" . | nindent 4 }} app.kubernetes.io/component: postgresql spec: accessModes: - {{ .Values.postgresql.primary.persistence.accessMode }} {{- if .Values.postgresql.primary.persistence.storageClass }} storageClassName: {{ .Values.postgresql.primary.persistence.storageClass }} {{- end }} resources: requests: storage: {{ .Values.postgresql.primary.persistence.size }} {{- end }} --- apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "clawith.fullname" . }}-postgresql namespace: {{ .Values.global.namespace }} labels: {{- include "clawith.labels" . | nindent 4 }} app.kubernetes.io/component: postgresql spec: serviceName: {{ include "clawith.fullname" . }}-postgresql-hl replicas: 1 selector: matchLabels: {{- include "clawith.selectorLabels" . | nindent 6 }} app.kubernetes.io/component: postgresql template: metadata: labels: {{- include "clawith.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: postgresql spec: {{- with .Values.postgresql.primary.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} containers: - name: postgresql image: "{{ .Values.postgresql.image.registry }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}" imagePullPolicy: {{ .Values.postgresql.image.pullPolicy }} {{- with .Values.postgresql.primary.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} {{- end }} env: - name: BITNAMI_DEBUG value: "false" - name: POSTGRESQL_PORT_NUMBER value: "{{ .Values.postgresql.primary.service.port }}" - name: POSTGRESQL_VOLUME_DIR value: /bitnami/postgresql - name: PGDATA value: /bitnami/postgresql/data - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: {{ include "clawith.fullname" . }}-postgresql key: postgres-password - name: POSTGRES_DB value: {{ .Values.postgresql.auth.database | quote }} - name: POSTGRESQL_ENABLE_LDAP value: "no" - name: POSTGRESQL_ENABLE_TLS value: "no" - name: POSTGRESQL_LOG_HOSTNAME value: "false" - name: POSTGRESQL_LOG_CONNECTIONS value: "false" - name: POSTGRESQL_LOG_DISCONNECTIONS value: "false" - name: POSTGRESQL_PGAUDIT_LOG_CATALOG value: "off" - name: POSTGRESQL_CLIENT_MIN_MESSAGES value: error - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES value: pgaudit ports: - name: tcp-postgresql containerPort: {{ .Values.postgresql.primary.service.port }} livenessProbe: exec: command: - /bin/sh - '-c' - exec pg_isready -U "{{ .Values.postgresql.auth.username }}" -d "dbname={{ .Values.postgresql.auth.database }}" -h 127.0.0.1 -p {{ .Values.postgresql.primary.service.port }} initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 readinessProbe: exec: command: - /bin/sh - '-c' - '-e' - | exec pg_isready -U "{{ .Values.postgresql.auth.username }}" -d "dbname={{ .Values.postgresql.auth.database }}" -h 127.0.0.1 -p {{ .Values.postgresql.primary.service.port }} [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 {{- with .Values.postgresql.primary.resources }} resources: {{- toYaml . | nindent 10 }} {{- end }} volumeMounts: - name: dshm mountPath: /dev/shm {{- if .Values.postgresql.primary.persistence.enabled }} - name: data mountPath: /bitnami/postgresql {{- end }} volumes: - name: dshm emptyDir: medium: Memory {{- if .Values.postgresql.primary.persistence.enabled }} - name: data persistentVolumeClaim: claimName: {{ .Values.postgresql.primary.persistence.existingClaim | default (printf "%s-postgresql-data" (include "clawith.fullname" .)) }} {{- end }} --- apiVersion: v1 kind: Service metadata: name: {{ include "clawith.fullname" . }}-postgresql namespace: {{ .Values.global.namespace }} labels: {{- include "clawith.labels" . | nindent 4 }} app.kubernetes.io/component: postgresql spec: type: {{ .Values.postgresql.primary.service.type }} selector: {{- include "clawith.selectorLabels" . | nindent 4 }} app.kubernetes.io/component: postgresql ports: - name: tcp-postgresql port: {{ .Values.postgresql.primary.service.port }} targetPort: tcp-postgresql --- apiVersion: v1 kind: Service metadata: name: {{ include "clawith.fullname" . }}-postgresql-hl namespace: {{ .Values.global.namespace }} labels: {{- include "clawith.labels" . | nindent 4 }} app.kubernetes.io/component: postgresql spec: type: ClusterIP clusterIP: None selector: {{- include "clawith.selectorLabels" . | nindent 4 }} app.kubernetes.io/component: postgresql ports: - name: tcp-postgresql port: {{ .Values.postgresql.primary.service.port }} targetPort: tcp-postgresql {{- end }}