chore(postgresql-cluster):organize code structure

Author: EamonZhang

addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl

@@ -43,10 +43,10 @@ Create the name of the service account to use.
 {{- end -}}
 
 {{/*
-Return true if a configmap object should be created for MySQL Secondary
+Return true if a configmap object should be created for Postgresql HA patroni
 */}}
 {{- define "patroni.createConfigmap" -}}
-{{- if and .Values.configuration }}
+{{- if and .Values.preInitScript }}
     {{- true -}}
 {{- else -}}
 {{- end -}}
@@ -90,6 +90,13 @@ Create patroni envs.
     secretKeyRef:
       name: {{ template "patroni.fullname" . }}
       key: password-replication
+- name: PATRONI_REWIND_USERNAME
+  value: rewinder
+- name: PATRONI_REWIND_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "patroni.fullname" . }}
+      key: password-rewind
 - name: PATRONI_SCOPE
   value: {{ template "patroni.fullname" . }}
 - name: PATRONI_NAME
@@ -104,6 +111,23 @@ Create patroni envs.
   value: '0.0.0.0:5432'
 - name: PATRONI_RESTAPI_LISTEN
   value: '0.0.0.0:8008'
+
+- name: DATABASE_NAME
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "patroni.fullname" . }}
+      key: data-name
+- name: DATABASE_USER
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "patroni.fullname" . }}
+      key: data-user
+- name: DATABASE_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "patroni.fullname" . }}
+      key: data-password
+
 {{- end -}}
 
 {{/*

addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml

@@ -13,7 +13,8 @@ metadata:
   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
   {{- end }}
 data:
-  patroni.sh: |-
-    {{- include "common.tplvalues.render" ( dict "value" .Values.configuration "context" $ ) | nindent 4 }}
-{{- end -}}
-
+  pre_init.sh: |-
+    {{- include "common.tplvalues.render" ( dict "value" .Values.preInitScript "context" $ ) | nindent 4 }}
+  post_init.sh: |- 
+    {{- include "common.tplvalues.render" ( dict "value" .Values.postInitScript "context" $ ) | nindent 4 }}
+{{- end -}}

addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml

@@ -12,5 +12,8 @@ metadata:
 type: Opaque
 data:
   password-superuser: {{ .Values.credentials.superuser | b64enc }}
-  password-admin: {{ .Values.credentials.admin | b64enc }}
-  password-replication: {{ .Values.credentials.standby | b64enc }}
+  password-rewind: {{ .Values.credentials.rewind | b64enc }}
+  password-replication: {{ .Values.credentials.replication | b64enc }} 
+  data-user: {{ .Values.dataname.username | b64enc }}
+  data-name: {{ .Values.dataname.dbname | b64enc }}
+  data-password: {{ .Values.dataname.password | b64enc }}

addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml

@@ -85,7 +85,7 @@ spec:
         volumeMounts:
         - name: storage-volume
           mountPath: "{{ .Values.persistentVolume.mountPath }}"
-        - mountPath: "/opt/drycc/scripts/patroni/"
+        - mountPath: "/opt/drycc/postgresql/scripts/"
           name: patroni-config
           # readOnly: true
         {{- if .Values.walE.enable }}

addons/postgresql-cluster/15/chart/postgresql/values.yaml

@@ -3,18 +3,23 @@ replicaCount: 3
 image:
   # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2
   # https://github.com/zalando/spilo/tree/master/postgres-appliance
-  repository: registry.drycc.cc/drycc-addons/patroni
-  tag: 3.2
+  repository: registry.drycc.cc/drycc-addons/postgresql-patroni
+  tag: 15
   # IfNotPresent , Always
   pullPolicy: 'IfNotPresent'
 
-# Credentials used by Patroni
+# Credentials used by Patroni , passwd
 # https://github.com/zalando/patroni/blob/master/docs/SETTINGS.rst#postgresql
 # https://github.com/zalando/spilo/blob/master/ENVIRONMENT.rst
 credentials:
   superuser: tea
-  admin: cola
-  standby: reppasswd
+  rewind: cola
+  replication: reppasswd
+
+dataname:
+  dbname: db1
+  username: us1
+  password: 111w
 
 # Distribution Configuration stores
 # Please note that only one of the following stores should be enabled.
@@ -30,8 +35,8 @@ env: {}
 #
 #custom patroni.yaml used by patroni boot
 # configuration: {}
-configuration: |
-  cat > /home/postgres/patroni.yml <<__EOF__
+preInitScript: |
+  cat > /opt/drycc/postgresql/patroni.yml <<__EOF__
   log:
     level: DEBUG
   bootstrap:
@@ -40,12 +45,13 @@ configuration: |
         use_pg_rewind: true
         use_slots: true
         pg_hba:
+        - local all all  peer
         - host all all 0.0.0.0/0 scram-sha-256
         - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256
         parameters:
           wal_level: hot_standby
           hot_standby: "on"
-          max_connections: 1000
+          max_connections: 1005
           max_worker_processes: 8
           wal_keep_segments: 8
           max_wal_senders: 10
@@ -56,23 +62,52 @@ configuration: |
           track_commit_timestamp: "off"
           archive_mode: "on"
           archive_timeout: 1800s
+          archive_command: /bin/true
+          # timescaledb.license: 'timescale'
+          shared_preload_libraries: 'auto_explain,pg_stat_statements'
     initdb:
-    - auth-host: scram-sha-256
-    - auth-local: trust
-    - encoding: UTF8
-    - locale: en_US.UTF-8
-    - data-checksums
+      - auth-host: scram-sha-256
+      - auth-local: trust
+      - encoding: UTF8
+      - locale: en_US.UTF-8
+      - data-checksums
+    post_bootstrap: sh /opt/drycc/postgresql/scripts/post_init.sh
   restapi:
     connect_address: '${PATRONI_KUBERNETES_POD_IP}:8008'
   postgresql:
     connect_address: '${PATRONI_KUBERNETES_POD_IP}:5432'
     authentication:
       superuser:
+        username: postgres
         password: '${PATRONI_SUPERUSER_PASSWORD}'
       replication:
+        username: standby
         password: '${PATRONI_REPLICATION_PASSWORD}'
+      rewind:  # Has no effect on postgres 10 and lower
+        username: rewinder
+        password: '${PATRONI_REWIND_USERNAME}'
+  watchdog:
+    mode: off
   __EOF__
 
+postInitScript: |
+  #!/bin/bash
+  set -Eeu
+  # Create monitor user
+  psql -w -c  "CREATE USER tea_mon WITH ROLE pg_monitor"
+  # Create init database & user 
+  if [[( -n "$DATABASE_USER") &&  ( -n "$DATABASE_PASSWORD") && ( -n "$DATABASE_NAME")]]; then
+    echo "Creating user ${DATABASE_USER}"
+    psql -w -c "create user ${DATABASE_USER} WITH LOGIN ENCRYPTED PASSWORD '${DATABASE_PASSWORD}'"
+    echo "Creating database ${DATABASE_NAME} "
+    psql -w -c "CREATE DATABASE ${DATABASE_NAME} OWNER ${DATABASE_USER} CONNECTION LIMIT 1000"
+    psql -w -d ${DATABASE_NAME} -c "create extension postgis"
+    psql -w -c  "CHECKPOINT;CHECKPOINT;"
+  else
+    echo "Skipping user creation"
+    echo "Skipping database creation"
+  fi
+
 walE:
   # Specifies whether Wal-E should be enabled
   enable: false

addons/postgresql-cluster/15/plans/standard-10/bind.yaml

@@ -0,0 +1,34 @@
+credential:
+  {{- if (eq .Values.router.service.type "LoadBalancer") }}
+  - name: host
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.host }' 
+  - name: database
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.database }' 
+  - name: password
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.password }' 
+  - name: username
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.username }' 
+  - name: portro
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.portro }'
+  - name: portrw
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.portrw }' 
+  {{- end }}
+

addons/postgresql-cluster/15/plans/standard-10/create-instance-schema.json

@@ -0,0 +1,12 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema#",
+  "type": "object",
+  "properties": {
+    "imagePullPolicy": {
+      "type": "string",
+      "enum": ["Always", "IfNotPresent", "Never"],
+      "default": "IfNotPresent",
+      "title": "Image pull policy"
+    }
+  }
+}

addons/postgresql-cluster/15/plans/standard-10/meta.yaml

@@ -0,0 +1,6 @@
+name: "standard-10"
+id: 2b455154-8725-482a-95b2-a193c180d9b5
+description: "Mysql Cluster standard-10 plan: Disk 10Gi ,vCPUs 1 , RAM 2G , DB MAX Connection 600"
+displayName: "standard-10"
+bindable: true
+maximum_polling_duration: 1800

addons/postgresql-cluster/15/plans/standard-10/values.yaml

@@ -0,0 +1,61 @@
+## @param fullnameOverride String to fully override common.names.fullname template
+##
+fullnameOverride: hb-mysql-cluster-standard-10
+
+## MinIO® containers' resource requests and limits
+## ref: https://kubernetes.io/docs/user-guide/compute-resources/
+## We usually recommend not to specify default resources and to leave this as a conscious
+## choice for the user. This also increases chances charts run on environments with little
+## resources, such as Minikube. If you do want to specify resources, uncomment the following
+## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+## @param resources.limits The resources limits for the MinIO® container
+## @param resources.requests The requested resources for the MinIO® container
+##
+primary: 
+  maxConnectionLimit: 600
+  resources:
+    limits:
+      cpu: 1000m
+      memory: 1024Mi
+    requests:
+      cpu: 1000m
+      memory: 1024Mi
+  
+
+## @section Persistence parameters
+
+## Enable persistence using Persistent Volume Claims
+## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/
+##
+  persistence:
+    ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir
+    ##
+    enabled: true
+    ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas
+    ## NOTE: When it's set the rest of persistence parameters are ignored
+    ##
+    existingClaim: ""
+    ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class
+    ## If defined, storageClassName: <storageClass>
+    ## If set to "-", storageClassName: "", which disables dynamic provisioning
+    ## If undefined (the default) or set to null, no storageClassName spec is
+    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
+    ##   GKE, AWS & OpenStack)
+    ##
+    storageClass: ""
+    ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations
+    ##
+    annotations: {}
+    ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes
+    ##
+    accessModes:
+      - ReadWriteOnce
+    ## @param primary.persistence.size MySQL primary persistent volume size
+    ##
+    size: 10Gi
+    ## @param primary.persistence.selector Selector to match an existing Persistent Volume
+    ## selector:
+    ##   matchLabels:
+    ##     app: my-app
+    ##
+    selector: {}

addons/postgresql-cluster/15/plans/standard-20/bind.yaml

@@ -0,0 +1,34 @@
+credential:
+  {{- if (eq .Values.router.service.type "LoadBalancer") }}
+  - name: host
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.host }' 
+  - name: database
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.database }' 
+  - name: password
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.username }' 
+  - name: username
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.username }' 
+  - name: portro
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.portro }'
+  - name: portrw
+    valueFrom:
+      secretKeyRef:
+        name: {{ template "common.names.fullname" . }}-svcbind-custom-user
+        jsonpath: '{ .data.portrw }' 
+  {{- end }}
+