114 lines
3.4 KiB
YAML
114 lines
3.4 KiB
YAML
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: {{ include "invy.fullname" . }}-db
|
|
labels:
|
|
{{- include "invy.labels" . | nindent 4 }}
|
|
app.kubernetes.io/component: database
|
|
spec:
|
|
serviceName: {{ include "invy.fullname" . }}-db-headless
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
{{- include "invy.selectorLabels" . | nindent 6 }}
|
|
app.kubernetes.io/component: database
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "invy.selectorLabels" . | nindent 8 }}
|
|
app.kubernetes.io/component: database
|
|
spec:
|
|
securityContext:
|
|
fsGroup: 999
|
|
initContainers:
|
|
- name: fix-permissions
|
|
image: busybox:latest
|
|
command:
|
|
- sh
|
|
- -c
|
|
- |
|
|
chown -R 999:999 /var/lib/postgresql/data || true
|
|
chmod 700 /var/lib/postgresql/data || true
|
|
volumeMounts:
|
|
- name: postgres-data
|
|
mountPath: /var/lib/postgresql/data
|
|
securityContext:
|
|
runAsUser: 0
|
|
containers:
|
|
- name: postgres
|
|
securityContext:
|
|
runAsUser: 999
|
|
runAsNonRoot: true
|
|
image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
|
|
imagePullPolicy: {{ .Values.postgres.image.pullPolicy }}
|
|
ports:
|
|
- name: postgres
|
|
containerPort: {{ .Values.postgres.port }}
|
|
protocol: TCP
|
|
env:
|
|
- name: POSTGRES_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "invy.fullname" . }}-secrets
|
|
key: postgres-user
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "invy.fullname" . }}-secrets
|
|
key: postgres-password
|
|
- name: POSTGRES_DB
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "invy.fullname" . }}-secrets
|
|
key: postgres-database
|
|
- name: PGDATA
|
|
value: /var/lib/postgresql/data/pgdata
|
|
volumeMounts:
|
|
- name: postgres-data
|
|
mountPath: /var/lib/postgresql/data
|
|
- name: postgres-run
|
|
mountPath: /var/run/postgresql
|
|
- name: init-script
|
|
mountPath: /docker-entrypoint-initdb.d
|
|
resources:
|
|
{{- toYaml .Values.postgres.resources | nindent 12 }}
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- pg_isready -U $(POSTGRES_USER) -h /var/run/postgresql
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- pg_isready -U $(POSTGRES_USER) -h /var/run/postgresql
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|
|
volumes:
|
|
- name: init-script
|
|
configMap:
|
|
name: {{ include "invy.fullname" . }}-db-schema
|
|
- name: postgres-run
|
|
emptyDir: {}
|
|
{{- if .Values.postgres.persistence.enabled }}
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: postgres-data
|
|
spec:
|
|
accessModes:
|
|
- {{ .Values.postgres.persistence.accessMode }}
|
|
{{- if .Values.postgres.persistence.storageClass }}
|
|
storageClassName: {{ .Values.postgres.persistence.storageClass }}
|
|
{{- end }}
|
|
resources:
|
|
requests:
|
|
storage: {{ .Values.postgres.persistence.size }}
|
|
{{- else }}
|
|
- name: postgres-data
|
|
emptyDir: {}
|
|
{{- end }}
|