drycc-addons
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/Chart.yaml‎
Lines changed: 27 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/Chart.yaml‎
Lines changed: 27 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/README.md‎
Lines changed: 151 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/README.md‎
Lines changed: 151 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt‎
Lines changed: 25 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl‎
Lines changed: 43 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml‎
Lines changed: 12 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml‎
Lines changed: 45 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml‎
Lines changed: 45 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml‎
Lines changed: 49 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml‎
Lines changed: 49 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml‎
Lines changed: 19 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml‎
Lines changed: 16 additions & 0 deletions b/‎addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml‎
Lines changed: 16 additions & 0 deletions
@@ -0,0 +1,27 @@
+annotations:
+  category: Database
+apiVersion: v2
+appVersion: "15"
+dependencies:
+  - name: common
+    repository: oci://registry.drycc.cc/charts
+    version: ~1.1.1
+description: PostgreSQL (Postgres) is an open source object-relational database known for reliability and data integrity. ACID-compliant, it supports foreign keys, joins, views, triggers and stored procedures.
+engine: gotpl
+home: https://github.com/bitnami/charts/tree/master/bitnami/postgresql
+icon: https://bitnami.com/assets/stacks/postgresql/img/postgresql-stack-220x234.png
+keywords:
+  - postgresql
+  - postgres
+  - database
+  - sql
+  - replication
+  - cluster
+maintainers:
+  - email: zhang.eamon@hotmail.com
+    name: zhangeamon
+name: postgresql
+sources:
+  - https://github.com/drycc-addons/
+  - https://www.postgresql.org/
+version: 15.4.1
@@ -0,0 +1,151 @@
+# ⚠️ Repo Archive Notice
+
+As of Nov 13, 2020, charts in this repo will no longer be updated.
+For more information, see the Helm Charts [Deprecation and Archive Notice](https://github.com/helm/charts#%EF%B8%8F-deprecation-and-archive-notice), and [Update](https://helm.sh/blog/charts-repo-deprecation/).
+
+# Patroni Helm Chart
+
+This directory contains a Kubernetes chart to deploy a five node [Patroni](https://github.com/zalando/patroni/) cluster using a [Spilo](https://github.com/zalando/spilo) and a StatefulSet.
+
+
+## Prerequisites Details
+* Kubernetes 1.9+
+* PV support on the underlying infrastructure
+
+## StatefulSet Details
+* https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/
+
+## StatefulSet Caveats
+* https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#limitations
+
+
+## Chart Details
+This chart will do the following:
+
+* Implement a HA scalable PostgreSQL 10 cluster using a Kubernetes StatefulSet.
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```console
+$ helm repo add 
+$ helm dependency update
+$ helm install --name my-release postgresql-cluster
+```
+
+To install the chart with randomly generated passwords:
+
+```console
+$ helm install --name my-release postgresql-cluster \
+  --set credentials.superuser="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)",credentials.admin="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)",credentials.standby="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)"
+```
+
+## Connecting to PostgreSQL
+
+Your access point is a cluster IP. In order to access it spin up another pod:
+
+```console
+$ kubectl run -i --tty --rm psql --image=postgres --restart=Never -- bash -il
+```
+
+Then, from inside the pod, connect to PostgreSQL:
+
+```console
+$ psql -U admin -h my-release-patroni.default.svc.cluster.local postgres
+<admin password from values.yaml>
+postgres=>
+```
+
+## Configuration
+
+The following table lists the configurable parameters of the patroni chart and their default values.
+
+|       Parameter                   |           Description                       |                         Default                     |
+|-----------------------------------|---------------------------------------------|-----------------------------------------------------|
+| `nameOverride`                    | Override the name of the chart              | `nil`                                               |
+| `fullnameOverride`                | Override the fullname of the chart          | `nil`                                               |
+| `replicaCount`                    | Amount of pods to spawn                     | `5`                                                 |
+| `image.repository`                | The image to pull                           | `registry.opensource.zalan.do/acid/spilo-10`        |
+| `image.tag`                       | The version of the image to pull            | `1.5-p5`                                            |
+| `image.pullPolicy`                | The pull policy                             | `IfNotPresent`                                      |
+| `credentials.superuser`           | Password of the superuser                   | `tea`                                               |
+| `credentials.admin`               | Password of the admin                       | `cola`                                              |
+| `credentials.standby`             | Password of the replication user            | `pinacolada`                                        |
+| `kubernetes.dcs.enable`           | Using Kubernetes as DCS                     | `true`                                              |
+| `kubernetes.configmaps.enable`    | Using Kubernetes configmaps instead of endpoints | `false`                                        |
+| `etcd.enable`                     | Using etcd as DCS                           | `false`                                             |
+| `etcd.deployChart`                | Deploy etcd chart                           | `false`                                             |
+| `etcd.host`                       | Host name of etcd cluster                   | `nil`                                               |
+| `etcd.discovery`                  | Domain name of etcd cluster                 | `nil`                                               |
+| `zookeeper.enable`                | Using ZooKeeper as DCS                      | `false`                                             |
+| `zookeeper.deployChart`           | Deploy ZooKeeper chart                      | `false`                                             |
+| `zookeeper.hosts`                 | List of ZooKeeper cluster members           | `host1:port1,host2:port,etc...`                     |
+| `consul.enable`                   | Using Consul as DCS                         | `false`                                             |
+| `consul.deployChart`              | Deploy Consul chart                         | `false`                                             |
+| `consul.host`                     | Host name of consul cluster                 | `nil`                                               |
+| `env`                             | Extra custom environment variables          | `{}`                                                |
+| `walE.enable`                     | Use of Wal-E tool for base backup/restore   | `false`                                             |
+| `walE.scheduleCronJob`            | Schedule of Wal-E backups                   | `00 01 * * *`                                       |
+| `walE.retainBackups`              | Number of base backups to retain            | `2`                                                 |
+| `walE.s3Bucket:`                  | Amazon S3 bucket used for wal-e backups     | `nil`                                               |
+| `walE.gcsBucket`                  | GCS storage used for Wal-E backups          | `nil`                                               |
+| `walE.kubernetesSecret`           | K8s secret name for provider bucket         | `nil`                                               |
+| `walE.backupThresholdMegabytes`   | Maximum size of the WAL segments accumulated after the base backup to consider WAL-E restore instead of pg_basebackup | `1024` |
+| `walE.backupThresholdPercentage`  | Maximum ratio (in percents) of the accumulated WAL files to the base backup to consider WAL-E restore instead of pg_basebackup | `30` |
+| `resources`                       | Any resources you wish to assign to the pod | `{}`                                                |
+| `nodeSelector`                    | Node label to use for scheduling            | `{}`                                                |
+| `tolerations`                     | List of node taints to tolerate             | `[]`                                                |
+| `affinityTemplate`                | A template string to use to generate the affinity settings | Anti-affinity preferred on hostname  |
+| `affinity`                        | Affinity settings. Overrides `affinityTemplate` if set. | `{}`                                    |
+| `schedulerName`                   | Alternate scheduler name                    | `nil`                                               |
+| `persistentVolume.accessModes`    | Persistent Volume access modes              | `[ReadWriteOnce]`                                   |
+| `persistentVolume.annotations`    | Annotations for Persistent Volume Claim`    | `{}`                                                |
+| `persistentVolume.mountPath`      | Persistent Volume mount root path           | `/home/postgres/pgdata`                             |
+| `persistentVolume.size`           | Persistent Volume size                      | `2Gi`                                               |
+| `persistentVolume.storageClass`   | Persistent Volume Storage Class             | `volume.alpha.kubernetes.io/storage-class: default` |
+| `persistentVolume.subPath`        | Subdirectory of Persistent Volume to mount  | `""`                                                |
+| `rbac.create`                     | Create required role and rolebindings       | `true`                                              |
+| `serviceAccount.create`           | If true, create a new service account	      | `true`                                              |
+| `serviceAccount.name`             | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | `nil` |
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
+
+```console
+$ helm install --name my-release -f values.yaml incubator/patroni
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
+
+## Cleanup
+
+To remove the spawned pods you can run a simple `helm delete <release-name>`.
+
+Helm will however preserve created persistent volume claims,
+to also remove them execute the commands below.
+
+```console
+$ release=<release-name>
+$ helm delete $release
+$ kubectl delete pvc -l release=$release
+```
+
+## Internals
+
+Patroni is responsible for electing a PostgreSQL master pod by leveraging the
+DCS of your choice. After election it adds a `spilo-role=master` label to the
+elected master and set the label to `spilo-role=replica` for all replicas.
+Simultaneously it will update the `<release-name>-patroni` endpoint to let the
+service route traffic to the elected master.
+
+```console
+$ kubectl get pods -l spilo-role -L spilo-role
+NAME                   READY     STATUS    RESTARTS   AGE       SPILO-ROLE
+my-release-patroni-0   1/1       Running   0          9m        replica
+my-release-patroni-1   1/1       Running   0          9m        master
+my-release-patroni-2   1/1       Running   0          8m        replica
+my-release-patroni-3   1/1       Running   0          8m        replica
+my-release-patroni-4   1/1       Running   0          8m        replica
+```
@@ -0,0 +1,25 @@
+Patroni can be accessed via port 5432 on the following DNS name from within your cluster:
+{{ template "patroni.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
+
+To get your password for superuser run:
+
+    # superuser password
+    PGPASSWORD_SUPERUSER=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "patroni.fullname" . }} -o jsonpath="{.data.password-superuser}" | base64 --decode)
+
+    # admin password
+    PGPASSWORD_ADMIN=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "patroni.fullname" . }} -o jsonpath="{.data.password-admin}" | base64 --decode)
+
+To connect to your database:
+
+1. Run a postgres pod and connect using the psql cli:
+    # login as superuser
+    kubectl run -i --tty --rm psql --image=postgres \
+      --env "PGPASSWORD=$PGPASSWORD_SUPERUSER" \
+      --command -- psql -U postgres \
+      -h {{ template "patroni.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local postgres
+
+    # login as admin
+    kubectl run -i -tty --rm psql --image=postgres \
+      --env "PGPASSWORD=$PGPASSWORD_ADMIN" \
+      --command -- psql -U admin \
+      -h {{ template "patroni.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local postgres
@@ -0,0 +1,43 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "patroni.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "patroni.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "patroni.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use.
+*/}}
+{{- define "patroni.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "patroni.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "patroni.fullname" . }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels:
+    app: {{ template "patroni.fullname" . }}
+    chart: {{ template "patroni.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    cluster-name: {{ template "patroni.fullname" . }}
+subsets: []
@@ -0,0 +1,45 @@
+{{- /*
+Copyright VMware, Inc.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if .Values.networkPolicy.enabled }}
+kind: NetworkPolicy
+apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }}
+metadata:
+  name: {{ template "common.names.fullname" . }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+spec:
+  podSelector:
+    matchLabels:
+      {{- include "common.labels.matchLabels" . | nindent 6 }}
+  ingress:
+    # Allow inbound connections
+    - ports:
+      - port: 5432
+      {{- if and .Values.metrics.enabled }}
+      - port: {{ .Values.metrics.service.port }}
+      {{ end }} 
+      {{- if or .Values.networkPolicy.allowCurrentNamespace .Values.networkPolicy.allowNamespaces }}
+      from:
+      {{- if .Values.networkPolicy.allowCurrentNamespace }}
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: {{ .Release.Namespace }}
+      {{- end }}
+      {{- range $namespace := .Values.networkPolicy.allowNamespaces }}
+      {{- if $namespace }}
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: {{ $namespace }}
+      {{- end }}
+      {{- end }}
+  {{- end }}
+{{- end }}
@@ -0,0 +1,49 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "patroni.fullname" . }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels:
+    app: {{ template "patroni.fullname" . }}
+    chart: {{ template "patroni.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+rules:
+- apiGroups: [""]
+  resources: ["configmaps"]
+  verbs:
+  - create
+  - get
+  - list
+  - patch
+  - update
+  - watch
+  # delete is required only for 'patronictl remove'
+  - delete
+- apiGroups: [""]
+  resources: ["services"]
+  verbs:
+  - create
+- apiGroups: [""]
+  resources: ["endpoints"]
+  verbs:
+  - create
+  - get
+  - patch
+  - update
+  # the following three privileges are necessary only when using endpoints
+  - list
+  - watch
+  # delete is required only for for 'patronictl remove'
+  - delete
+  - deletecollection
+- apiGroups: [""]
+  resources: ["pods"]
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+  - watch
+{{- end }}
@@ -0,0 +1,19 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "patroni.fullname" . }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels:
+    app: {{ template "patroni.fullname" . }}
+    chart: {{ template "patroni.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "patroni.serviceAccountName" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "patroni.fullname" . }}
+{{- end }}
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "patroni.fullname" . }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels:
+    app: {{ template "patroni.fullname" . }}
+    chart: {{ template "patroni.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    cluster-name: {{ template "patroni.fullname" . }}
+type: Opaque
+data:
+  password-superuser: {{ .Values.credentials.superuser | b64enc }}
+  password-admin: {{ .Values.credentials.admin | b64enc }}
+  password-replication: {{ .Values.credentials.standby | b64enc }}