Created
September 5, 2019 23:10
-
-
Save stephenhillier/2e8aa15f34cb26d40700529a923012cf to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: template.openshift.io/v1 | |
| kind: Template | |
| metadata: | |
| annotations: | |
| description: |- | |
| Patroni Postgresql database cluster, with persistent storage. | |
| iconClass: icon-postgresql | |
| openshift.io/display-name: Patroni Postgresql (Persistent) | |
| openshift.io/long-description: This template deploys a patroni postgresql HA | |
| cluster with persistent storage. | |
| tags: postgresql | |
| name: patroni-pgsql-persistent | |
| labels: | |
| app: wally${SUFFIX} | |
| instance: ${NAME}${SUFFIX} | |
| component: database | |
| name: ${NAME}${SUFFIX} | |
| version: "10" | |
| objects: | |
| - apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| creationTimestamp: null | |
| labels: | |
| cluster-name: ${NAME}${SUFFIX} | |
| name: ${NAME}-master${SUFFIX} | |
| spec: | |
| ports: | |
| - port: 5432 | |
| # name: 'postgresql' | |
| protocol: TCP | |
| targetPort: 5432 | |
| selector: | |
| cluster-name: ${NAME}${SUFFIX} | |
| role: master | |
| app.kubernetes.io/name: patroni | |
| sessionAffinity: None | |
| type: ClusterIP | |
| status: | |
| loadBalancer: {} | |
| - apiVersion: apps/v1 | |
| kind: StatefulSet | |
| metadata: | |
| creationTimestamp: null | |
| generation: 3 | |
| labels: | |
| cluster-name: ${NAME}${SUFFIX} | |
| name: ${NAME}${SUFFIX} | |
| spec: | |
| podManagementPolicy: OrderedReady | |
| replicas: ${{REPLICAS}} | |
| revisionHistoryLimit: 10 | |
| selector: | |
| matchLabels: | |
| statefulset: ${NAME}${SUFFIX} | |
| serviceName: ${NAME}${SUFFIX} | |
| template: | |
| metadata: | |
| creationTimestamp: null | |
| labels: | |
| statefulset: ${NAME}${SUFFIX} | |
| cluster-name: ${NAME}${SUFFIX} | |
| app.kubernetes.io/name: patroni | |
| annotations: | |
| prometheus.io/scrape: "true" | |
| prometheus.io/port: "9187" | |
| spec: | |
| affinity: | |
| podAntiAffinity: | |
| requiredDuringSchedulingIgnoredDuringExecution: | |
| - labelSelector: | |
| matchExpressions: | |
| - key: statefulset | |
| operator: In | |
| values: | |
| - ${NAME}${SUFFIX} | |
| topologyKey: "kubernetes.io/hostname" | |
| containers: | |
| - env: | |
| - name: DATA_SOURCE_URI | |
| value: 'localhost:5432/wally?sslmode=disable' | |
| - name: DATA_SOURCE_USER | |
| valueFrom: | |
| secretKeyRef: | |
| key: app-db-username | |
| name: wally-psql | |
| - name: DATA_SOURCE_PASS | |
| valueFrom: | |
| secretKeyRef: | |
| key: app-db-password | |
| name: wally-psql | |
| image: wrouesnel/postgres_exporter | |
| imagePullPolicy: Always | |
| name: pg-exporter | |
| ports: | |
| - containerPort: 9187 | |
| protocol: TCP | |
| resources: {} | |
| terminationMessagePath: /dev/termination-log | |
| terminationMessagePolicy: File | |
| - env: | |
| #TODO: Remove POD_IP in favor of PATRONI_KUBERNETES_POD_IP | |
| - name: POD_IP | |
| valueFrom: | |
| fieldRef: | |
| apiVersion: v1 | |
| fieldPath: status.podIP | |
| - name: PATRONI_KUBERNETES_NAMESPACE | |
| valueFrom: | |
| fieldRef: | |
| apiVersion: v1 | |
| fieldPath: metadata.namespace | |
| - name: PATRONI_KUBERNETES_LABELS | |
| value: '{"cluster-name": "${NAME}${SUFFIX}", "app.kubernetes.io/name": "patroni"}' | |
| - name: PATRONI_SUPERUSER_USERNAME | |
| valueFrom: | |
| secretKeyRef: | |
| key: superuser-username | |
| name: ${NAME} | |
| - name: PATRONI_SUPERUSER_PASSWORD | |
| valueFrom: | |
| secretKeyRef: | |
| key: superuser-password | |
| name: ${NAME} | |
| - name: PATRONI_REPLICATION_USERNAME | |
| valueFrom: | |
| secretKeyRef: | |
| key: replication-username | |
| name: ${NAME} | |
| - name: PATRONI_REPLICATION_PASSWORD | |
| valueFrom: | |
| secretKeyRef: | |
| key: replication-password | |
| name: ${NAME} | |
| - name: APP_USER | |
| valueFrom: | |
| secretKeyRef: | |
| key: app-db-username | |
| name: ${NAME} | |
| - name: APP_PASSWORD | |
| valueFrom: | |
| secretKeyRef: | |
| key: app-db-password | |
| name: ${NAME} | |
| - name: APP_DATABASE | |
| valueFrom: | |
| secretKeyRef: | |
| key: app-db-name | |
| name: ${NAME} | |
| - name: PATRONI_SCOPE | |
| value: ${NAME}${SUFFIX} | |
| - name: PATRONI_NAME | |
| valueFrom: | |
| fieldRef: | |
| apiVersion: v1 | |
| fieldPath: metadata.name | |
| - name: PATRONI_LOG_LEVEL | |
| value: WARNING | |
| - name: PATRONI_POSTGRESQL_DATA_DIR | |
| value: /home/postgres/pgdata/pgroot/data | |
| - name: PATRONI_POSTGRESQL_PGPASS | |
| value: /tmp/pgpass | |
| - name: PATRONI_POSTGRESQL_LISTEN | |
| value: 0.0.0.0:5432 | |
| - name: PATRONI_RESTAPI_LISTEN | |
| value: 0.0.0.0:8008 | |
| image: docker-registry.default.svc:5000/${IMAGE_STREAM_NAMESPACE}/patroni-postgis:10-2.5 | |
| # Because we are using image reference to a tag, we need to always pull the image otherwise | |
| # we end up with outdated/out-of-sync image depending on the node where it is running | |
| imagePullPolicy: Always | |
| name: postgresql | |
| ports: | |
| - containerPort: 8008 | |
| protocol: TCP | |
| - containerPort: 5432 | |
| protocol: TCP | |
| resources: | |
| requests: | |
| cpu: ${CPU_REQUEST} | |
| memory: ${MEMORY_REQUEST} | |
| limits: | |
| cpu: ${CPU_LIMIT} | |
| memory: ${MEMORY_LIMIT} | |
| terminationMessagePath: /dev/termination-log | |
| terminationMessagePolicy: File | |
| readinessProbe: | |
| initialDelaySeconds: 5 | |
| timeoutSeconds: 5 | |
| failureThreshold: 4 | |
| exec: | |
| command: | |
| - /usr/share/scripts/patroni/health_check.sh | |
| volumeMounts: | |
| - mountPath: /home/postgres/pgdata | |
| name: postgresql | |
| dnsPolicy: ClusterFirst | |
| restartPolicy: Always | |
| schedulerName: default-scheduler | |
| securityContext: {} | |
| serviceAccountName: ${NAME}${SUFFIX} | |
| terminationGracePeriodSeconds: 0 | |
| updateStrategy: | |
| type: RollingUpdate | |
| volumeClaimTemplates: | |
| - metadata: | |
| annotations: | |
| volume.beta.kubernetes.io/storage-class: ${STORAGE_CLASS} | |
| labels: | |
| app: ${NAME}${SUFFIX} | |
| name: postgresql | |
| spec: | |
| storageClassName: ${STORAGE_CLASS} | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: ${PVC_SIZE} | |
| - apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| labels: | |
| cluster-name: ${NAME}${SUFFIX} | |
| name: ${NAME}${SUFFIX} | |
| - apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: Role | |
| metadata: | |
| labels: | |
| cluster-name: ${NAME}${SUFFIX} | |
| name: ${NAME}${SUFFIX} | |
| rules: | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - services | |
| verbs: | |
| - create | |
| - get | |
| - list | |
| - patch | |
| - update | |
| - watch | |
| - delete | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - configmaps | |
| verbs: | |
| - create | |
| - get | |
| - list | |
| - patch | |
| - update | |
| - watch | |
| - delete | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - endpoints | |
| verbs: | |
| - get | |
| - patch | |
| - update | |
| - create | |
| - list | |
| - watch | |
| - delete | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - pods | |
| verbs: | |
| - get | |
| - list | |
| - patch | |
| - update | |
| - watch | |
| - apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: RoleBinding | |
| metadata: | |
| labels: | |
| cluster-name: ${NAME}${SUFFIX} | |
| name: ${NAME}${SUFFIX} | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: Role | |
| name: ${NAME}${SUFFIX} | |
| subjects: | |
| - kind: ServiceAccount | |
| name: ${NAME}${SUFFIX} | |
| parameters: | |
| - description: The name of the application for labelling all artifacts. | |
| displayName: Application Name | |
| name: NAME | |
| value: wally-psql | |
| - description: Number of replicas to start with | |
| name: REPLICAS | |
| value: '3' | |
| - name: SUFFIX | |
| description: A suffix appended to all artifact's name (NAME) | |
| - description: Starting amount of CPU the container can use. | |
| displayName: CPU REQUEST | |
| name: CPU_REQUEST | |
| value: '250m' | |
| - description: Maximum amount of CPU the container can use. | |
| displayName: CPU Limit | |
| name: CPU_LIMIT | |
| value: '1' | |
| - description: Starting amount of memory the container can use. | |
| displayName: Memory Request | |
| name: MEMORY_REQUEST | |
| value: 512Mi | |
| - description: Maximum amount of memory the container can use. | |
| displayName: Memory Limit | |
| name: MEMORY_LIMIT | |
| value: 1Gi | |
| - description: The OpenShift Namespace where the patroni and postgresql ImageStream | |
| resides. | |
| displayName: ImageStream Namespace | |
| name: IMAGE_STREAM_NAMESPACE | |
| required: true | |
| value: bfpeyx-tools | |
| - name: IMAGE_STREAM_TAG | |
| description: Patroni ImageTag | |
| value: patroni-postgis:latest | |
| - description: The size of the persistent volume to create. | |
| displayName: Persistent Volume Size | |
| name: PVC_SIZE | |
| value: 1Gi | |
| - name: STORAGE_CLASS | |
| value: gluster-block | |
| - name: IMAGE_REGISTRY | |
| value: docker-registry.default.svc:5000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment