From b71f147ff75b22a6aa67f13e8b9acd3bd2fc21cf Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 10 Oct 2023 17:30:38 +0800 Subject: [PATCH 01/48] chore(mysql-cluster): modify networkpolicy --- .../templates/networkpolicy.yaml | 31 ++++++++--------- .../8.0/chart/mysql-cluster/values.yaml | 33 +++++++++---------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml index 45a67db3..827f8311 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml @@ -23,23 +23,24 @@ spec: ingress: # Allow inbound connections - ports: - - port: {{ .Values.primary.service.ports.mysql }} - {{- if not .Values.networkPolicy.allowExternal }} + - port: {{ .Values.router.service.portrw }} + - port: {{ .Values.router.service.portro }} + {{- if and .Values.metrics.enabled }} + - port: {{ .Values.metrics.service.port }} + {{ end }} + {{- if or .Values.networkPolicy.allowCurrentNamespace .Values.networkPolicy.allowNamespaces }} from: - - podSelector: + {{- if .Values.networkPolicy.allowCurrentNamespace }} + - namespaceSelector: matchLabels: - {{ template "common.names.fullname" . }}-client: "true" - {{- if .Values.networkPolicy.explicitNamespacesSelector }} - namespaceSelector: -{{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }} - {{- end }} - - podSelector: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + {{- end }} + {{- range $namespace := .Values.networkPolicy.allowNamespaces }} + {{- if $namespace }} + - namespaceSelector: matchLabels: - {{- include "common.labels.matchLabels" . | nindent 14 }} + kubernetes.io/metadata.name: {{ $namespace }} {{- end }} - {{- if .Values.metrics.enabled }} - # Allow prometheus scrapes - - ports: - - port: 9104 - {{- end }} + {{- end }} + {{- end }} {{- end }} diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml index cdbfd0a3..ebfe4ed2 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml @@ -971,28 +971,16 @@ rbac: networkPolicy: ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources ## - enabled: false + enabled: true ## @param networkPolicy.allowExternal The Policy model to apply. ## When set to false, only pods with the correct ## client label will have network access to the port MySQL is listening ## on. When true, MySQL will accept connections from any source ## (with the correct destination port). ## - allowExternal: true - ## @param networkPolicy.explicitNamespacesSelector A Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed to MySQL - ## If explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace - ## and that match other criteria, the ones that have the good label, can reach the DB. - ## But sometimes, we want the DB to be accessible to clients from other namespaces, in this case, we can use this - ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added. - ## - ## Example: - ## explicitNamespacesSelector: - ## matchLabels: - ## role: frontend - ## matchExpressions: - ## - {key: role, operator: In, values: [frontend]} - ## - explicitNamespacesSelector: {} + allowCurrentNamespace: true + allowNamespaces: [] + ## @section Volume Permissions parameters @@ -1035,7 +1023,7 @@ volumePermissions: metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## - enabled: false + enabled: true ## @param metrics.image.registry Exporter image registry ## @param metrics.image.repository Exporter image repository ## @param metrics.image.tag Exporter image tag (immutable tags are recommended) @@ -1132,6 +1120,17 @@ metrics: ## cpu: 100m ## memory: 256Mi requests: {} + containerSecurityContext: + enabled: true + runAsUser: 1001 + runAsGroup: 0 + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Mysqld Prometheus exporter liveness probe ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## @param metrics.livenessProbe.enabled Enable livenessProbe From d30010a82334ad1a5d6345a43ff3b578e084e79a Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 10 Oct 2023 17:33:07 +0800 Subject: [PATCH 02/48] fix(prometheus): fix typo --- addons/prometheus/2/{plan => plans}/standard-1-2/bind.yaml | 0 .../2/{plan => plans}/standard-1-2/create-instance-schema.json | 0 addons/prometheus/2/{plan => plans}/standard-1-2/meta.yaml | 0 addons/prometheus/2/{plan => plans}/standard-1-2/values.yaml | 0 4 files changed, 0 insertions(+), 0 deletions(-) rename addons/prometheus/2/{plan => plans}/standard-1-2/bind.yaml (100%) rename addons/prometheus/2/{plan => plans}/standard-1-2/create-instance-schema.json (100%) rename addons/prometheus/2/{plan => plans}/standard-1-2/meta.yaml (100%) rename addons/prometheus/2/{plan => plans}/standard-1-2/values.yaml (100%) diff --git a/addons/prometheus/2/plan/standard-1-2/bind.yaml b/addons/prometheus/2/plans/standard-1-2/bind.yaml similarity index 100% rename from addons/prometheus/2/plan/standard-1-2/bind.yaml rename to addons/prometheus/2/plans/standard-1-2/bind.yaml diff --git a/addons/prometheus/2/plan/standard-1-2/create-instance-schema.json b/addons/prometheus/2/plans/standard-1-2/create-instance-schema.json similarity index 100% rename from addons/prometheus/2/plan/standard-1-2/create-instance-schema.json rename to addons/prometheus/2/plans/standard-1-2/create-instance-schema.json diff --git a/addons/prometheus/2/plan/standard-1-2/meta.yaml b/addons/prometheus/2/plans/standard-1-2/meta.yaml similarity index 100% rename from addons/prometheus/2/plan/standard-1-2/meta.yaml rename to addons/prometheus/2/plans/standard-1-2/meta.yaml diff --git a/addons/prometheus/2/plan/standard-1-2/values.yaml b/addons/prometheus/2/plans/standard-1-2/values.yaml similarity index 100% rename from addons/prometheus/2/plan/standard-1-2/values.yaml rename to addons/prometheus/2/plans/standard-1-2/values.yaml From 842cb24e279faaf75683363681d3a1f83bb78071 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 12 Oct 2023 09:41:04 +0800 Subject: [PATCH 03/48] chore(prometheus): add plans 50 --- .../{standard-1-2 => standard-10}/bind.yaml | 0 .../create-instance-schema.json | 0 .../{standard-1-2 => standard-10}/meta.yaml | 0 .../{standard-1-2 => standard-10}/values.yaml | 0 .../prometheus/2/plans/standard-50/bind.yaml | 34 +++++++++++++++++++ .../standard-50/create-instance-schema.json | 12 +++++++ .../prometheus/2/plans/standard-50/meta.yaml | 6 ++++ .../2/plans/standard-50/values.yaml | 7 ++++ 8 files changed, 59 insertions(+) rename addons/prometheus/2/plans/{standard-1-2 => standard-10}/bind.yaml (100%) rename addons/prometheus/2/plans/{standard-1-2 => standard-10}/create-instance-schema.json (100%) rename addons/prometheus/2/plans/{standard-1-2 => standard-10}/meta.yaml (100%) rename addons/prometheus/2/plans/{standard-1-2 => standard-10}/values.yaml (100%) create mode 100644 addons/prometheus/2/plans/standard-50/bind.yaml create mode 100644 addons/prometheus/2/plans/standard-50/create-instance-schema.json create mode 100644 addons/prometheus/2/plans/standard-50/meta.yaml create mode 100644 addons/prometheus/2/plans/standard-50/values.yaml diff --git a/addons/prometheus/2/plans/standard-1-2/bind.yaml b/addons/prometheus/2/plans/standard-10/bind.yaml similarity index 100% rename from addons/prometheus/2/plans/standard-1-2/bind.yaml rename to addons/prometheus/2/plans/standard-10/bind.yaml diff --git a/addons/prometheus/2/plans/standard-1-2/create-instance-schema.json b/addons/prometheus/2/plans/standard-10/create-instance-schema.json similarity index 100% rename from addons/prometheus/2/plans/standard-1-2/create-instance-schema.json rename to addons/prometheus/2/plans/standard-10/create-instance-schema.json diff --git a/addons/prometheus/2/plans/standard-1-2/meta.yaml b/addons/prometheus/2/plans/standard-10/meta.yaml similarity index 100% rename from addons/prometheus/2/plans/standard-1-2/meta.yaml rename to addons/prometheus/2/plans/standard-10/meta.yaml diff --git a/addons/prometheus/2/plans/standard-1-2/values.yaml b/addons/prometheus/2/plans/standard-10/values.yaml similarity index 100% rename from addons/prometheus/2/plans/standard-1-2/values.yaml rename to addons/prometheus/2/plans/standard-10/values.yaml diff --git a/addons/prometheus/2/plans/standard-50/bind.yaml b/addons/prometheus/2/plans/standard-50/bind.yaml new file mode 100644 index 00000000..5ee819d9 --- /dev/null +++ b/addons/prometheus/2/plans/standard-50/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + serviceRef: + name: {{ printf "%s-router" (include "common.names.fullname" .) }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + {{- end }} + diff --git a/addons/prometheus/2/plans/standard-50/create-instance-schema.json b/addons/prometheus/2/plans/standard-50/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/prometheus/2/plans/standard-50/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-50/meta.yaml b/addons/prometheus/2/plans/standard-50/meta.yaml new file mode 100644 index 00000000..0baaf0f9 --- /dev/null +++ b/addons/prometheus/2/plans/standard-50/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-50" +id: eb7b3f73-dd94-4d05-8a48-63e7775f534d +description: "Prometheus Cluster standard-50 plan persistence size 50Gi." +displayName: "50Gi" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/prometheus/2/plans/standard-50/values.yaml b/addons/prometheus/2/plans/standard-50/values.yaml new file mode 100644 index 00000000..0dc80c4f --- /dev/null +++ b/addons/prometheus/2/plans/standard-50/values.yaml @@ -0,0 +1,7 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-prometheus-standard-50 + +server: + persistence: + size: 50Gi \ No newline at end of file From 4155cdf4f1a0cd6eb8df499fd79f57ff7ef5dd61 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 16 Oct 2023 14:16:44 +0800 Subject: [PATCH 04/48] chore(mysql-cluster): add networkpolicy --- .../chart/mysql-cluster/templates/networkpolicy.yaml | 1 + .../mysql-cluster/templates/primary/statefulset.yaml | 2 +- .../mysql-cluster/8.0/chart/mysql-cluster/values.yaml | 10 +++++----- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml index 827f8311..74013298 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/networkpolicy.yaml @@ -25,6 +25,7 @@ spec: - ports: - port: {{ .Values.router.service.portrw }} - port: {{ .Values.router.service.portro }} + - port: 24901 {{- if and .Values.metrics.enabled }} - port: {{ .Values.metrics.service.port }} {{ end }} diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml index 79694e68..56b3ec79 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml @@ -298,7 +298,7 @@ spec: if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi - MYSQLD_EXPORTER_PASSWORD=${password_aux} /bin/mysqld_exporter --mysqld.address=localhost:3306 --mysqld.username=root {{- range .Values.metrics.extraArgs.primary }} {{ . }} {{- end }} + MYSQLD_EXPORTER_PASSWORD=${password_aux} /opt/drycc/mysqld_exporter/bin/mysqld_exporter --mysqld.address=localhost:3306 --mysqld.username=root {{- range .Values.metrics.extraArgs.primary }} {{ . }} {{- end }} {{- end }} ports: - name: metrics diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml index ebfe4ed2..9d5e4293 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml @@ -971,7 +971,7 @@ rbac: networkPolicy: ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources ## - enabled: true + enabled: true ## @param networkPolicy.allowExternal The Policy model to apply. ## When set to false, only pods with the correct ## client label will have network access to the port MySQL is listening @@ -1023,7 +1023,7 @@ volumePermissions: metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## - enabled: true + enabled: true ## @param metrics.image.registry Exporter image registry ## @param metrics.image.repository Exporter image repository ## @param metrics.image.tag Exporter image tag (immutable tags are recommended) @@ -1032,9 +1032,9 @@ metrics: ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array ## image: - registry: docker.io - repository: drycc/mysqld-exporter - tag: 0.14.0-debian-11-r45 + registry: registry.drycc.cc + repository: drycc-addons/mysqld-exporter + tag: 0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. From f333fe78dd171a94c34f4d75e93a23cd2fc52cdf Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 16 Oct 2023 15:03:23 +0800 Subject: [PATCH 05/48] chore(prometheus): add networkpolicy --- .../2/chart/prometheus/templates/bind.yaml | 34 ++++++++++++++ .../prometheus/templates/networkpolicy.yaml | 47 +++++++++++++++++++ .../prometheus/2/chart/prometheus/values.yaml | 18 ++++++- .../prometheus/2/plans/standard-10/bind.yaml | 42 +++++++---------- .../prometheus/2/plans/standard-50/bind.yaml | 4 +- 5 files changed, 117 insertions(+), 28 deletions(-) create mode 100644 addons/prometheus/2/chart/prometheus/templates/bind.yaml create mode 100644 addons/prometheus/2/chart/prometheus/templates/networkpolicy.yaml diff --git a/addons/prometheus/2/chart/prometheus/templates/bind.yaml b/addons/prometheus/2/chart/prometheus/templates/bind.yaml new file mode 100644 index 00000000..8528bf3e --- /dev/null +++ b/addons/prometheus/2/chart/prometheus/templates/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.server.service.type "LoadBalancer") }} + - name: host + valueFrom: + serviceRef: + name: {{ printf "%s" (include "common.names.fullname" .) }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + {{- end }} + diff --git a/addons/prometheus/2/chart/prometheus/templates/networkpolicy.yaml b/addons/prometheus/2/chart/prometheus/templates/networkpolicy.yaml new file mode 100644 index 00000000..1ef0125d --- /dev/null +++ b/addons/prometheus/2/chart/prometheus/templates/networkpolicy.yaml @@ -0,0 +1,47 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + {{- include "common.labels.matchLabels" . | nindent 6 }} + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.alertmanager.service.ports.http }} + - port: {{ .Values.alertmanager.service.ports.cluster }} + - port: {{ .Values.alertmanager.containerPorts.http }} + - port: {{ .Values.alertmanager.containerPorts.cluster }} + - port: {{ .Values.server.containerPorts.http }} + - port: {{ .Values.server.service.ports.http }} + {{- if or .Values.networkPolicy.allowCurrentNamespace .Values.networkPolicy.allowNamespaces }} + from: + {{- if .Values.networkPolicy.allowCurrentNamespace }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + {{- end }} + {{- range $namespace := .Values.networkPolicy.allowNamespaces }} + {{- if $namespace }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ $namespace }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/prometheus/2/chart/prometheus/values.yaml b/addons/prometheus/2/chart/prometheus/values.yaml index 5d24a56a..206aeabe 100644 --- a/addons/prometheus/2/chart/prometheus/values.yaml +++ b/addons/prometheus/2/chart/prometheus/values.yaml @@ -360,7 +360,7 @@ alertmanager: ingress: ## @param alertmanager.ingress.enabled Enable ingress record generation for Alertmanager ## - enabled: false + enabled: true ## @param alertmanager.ingress.pathType Ingress path type ## pathType: ImplementationSpecific @@ -1225,7 +1225,7 @@ server: ingress: ## @param server.ingress.enabled Enable ingress record generation for Prometheus ## - enabled: false + enabled: true ## @param server.ingress.pathType Ingress path type ## pathType: ImplementationSpecific @@ -1460,6 +1460,20 @@ server: ## rules: [] +## Prometheus Nework Policy configuration +## +networkPolicy: + ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources + ## + enabled: true + ## @param networkPolicy.allowExternal The Policy model to apply. + ## When set to false, only pods with the correct + ## client label will have network access to the port MySQL is listening + ## on. When true, MySQL will accept connections from any source + ## (with the correct destination port). + ## + allowCurrentNamespace: true + allowNamespaces: [] ## @section Init Container Parameters ## diff --git a/addons/prometheus/2/plans/standard-10/bind.yaml b/addons/prometheus/2/plans/standard-10/bind.yaml index 5ee819d9..c6efaaba 100644 --- a/addons/prometheus/2/plans/standard-10/bind.yaml +++ b/addons/prometheus/2/plans/standard-10/bind.yaml @@ -1,34 +1,28 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} + {{- if (eq .Values.server.service.type "LoadBalancer") }} - name: host valueFrom: serviceRef: - name: {{ printf "%s-router" (include "common.names.fullname" .) }} + name: {{ printf "%s" (include "common.names.fullname" .) }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: database + - name: port valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - - name: password - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: username - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: portrw + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .spec.ports.port }' + {{- end }} + +alertmanager + + {{- if (eq .Values.alertmanager.service.type "LoadBalancer") }} + - name: host valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - - name: portro + serviceRef: + name: {{ printf "%s" (include "common.names.fullname" .) }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: port valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portro }' - {{- end }} - + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .spec.ports.port }' + {{- end }} \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-50/bind.yaml b/addons/prometheus/2/plans/standard-50/bind.yaml index 5ee819d9..3e652f1c 100644 --- a/addons/prometheus/2/plans/standard-50/bind.yaml +++ b/addons/prometheus/2/plans/standard-50/bind.yaml @@ -1,9 +1,9 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} + {{- if (eq .Values.service.type "LoadBalancer") }} - name: host valueFrom: serviceRef: - name: {{ printf "%s-router" (include "common.names.fullname" .) }} + name: {{ printf "%s" (include "common.names.fullname" .) }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - name: database valueFrom: From 14de943df62001dd7fdfc2373671c5162c69e9de Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 18 Oct 2023 14:57:47 +0800 Subject: [PATCH 06/48] chore(promtheus): service discovery in namespace --- .../prometheus/templates/_scrape_config.tpl | 3 +- .../2/chart/prometheus/templates/bind.yaml | 34 ----------- .../prometheus/2/chart/prometheus/values.yaml | 57 +++++++++++++++++-- 3 files changed, 54 insertions(+), 40 deletions(-) delete mode 100644 addons/prometheus/2/chart/prometheus/templates/bind.yaml diff --git a/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl b/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl index ea669ead..7fb0e110 100644 --- a/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl +++ b/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl @@ -12,6 +12,7 @@ Usage: kubernetes_sd_configs: - role: endpoints namespaces: + own_namespace: true names: - {{ include "common.names.namespace" .context }} metrics_path: /metrics @@ -83,4 +84,4 @@ relabel_configs: - __tmp_hash regex: 0 action: keep -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/addons/prometheus/2/chart/prometheus/templates/bind.yaml b/addons/prometheus/2/chart/prometheus/templates/bind.yaml deleted file mode 100644 index 8528bf3e..00000000 --- a/addons/prometheus/2/chart/prometheus/templates/bind.yaml +++ /dev/null @@ -1,34 +0,0 @@ -credential: - {{- if (eq .Values.server.service.type "LoadBalancer") }} - - name: host - valueFrom: - serviceRef: - name: {{ printf "%s" (include "common.names.fullname" .) }} - jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: database - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - - name: password - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: username - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: portrw - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - - name: portro - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portro }' - {{- end }} - diff --git a/addons/prometheus/2/chart/prometheus/values.yaml b/addons/prometheus/2/chart/prometheus/values.yaml index 206aeabe..a551fa68 100644 --- a/addons/prometheus/2/chart/prometheus/values.yaml +++ b/addons/prometheus/2/chart/prometheus/values.yaml @@ -628,6 +628,9 @@ server: {{- if .Values.server.extraScrapeConfigs}} {{- include "common.tplvalues.render" (dict "value" .Values.server.extraScrapeConfigs "context" $) | nindent 2 }} {{- end }} + {{- if .Values.server.dsScrapeConfigs}} + {{- include "common.tplvalues.render" (dict "value" .Values.server.dsScrapeConfigs "context" $) | nindent 2 }} + {{- end }} {{- if or .Values.alertmanager.enabled .Values.server.alertingEndpoints}} alerting: alertmanagers: @@ -649,7 +652,50 @@ server: ## @param server.extraScrapeConfigs Promethus configuration, useful to declare new scrape_configs. This content will be merged with the 'server.configuration' value and stored in the the prometheus.yaml file. ## ref: ## - extraScrapeConfigs: [] + extraScrapeConfigs: [] + dsScrapeConfigs: + - job_name: 'service-endpoints' + honor_labels: true + kubernetes_sd_configs: + - role: endpoints + namespaces: + own_namespace: true + names: + - default + relabel_configs: + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape_slow] + action: drop + regex: true + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] + action: replace + target_label: __scheme__ + regex: (https?) + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] + action: replace + target_label: __address__ + regex: (.+?)(?::\d+)?;(\d+) + replacement: $1:$2 + - action: labelmap + regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) + replacement: __param_$1 + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - source_labels: [__meta_kubernetes_namespace] + action: replace + target_label: namespace + - source_labels: [__meta_kubernetes_service_name] + action: replace + target_label: service + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: node ## @param server.replicaCount Number of Prometheus replicas to deploy ## replicaCount: 1 @@ -824,7 +870,7 @@ server: ## StrategyType ## Can be set to RollingUpdate or Recreate ## - type: RollingUpdate + type: Recreate ## @param server.priorityClassName Prometheus pods' priorityClassName ## @@ -1465,7 +1511,7 @@ server: networkPolicy: ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources ## - enabled: true + enabled: true ## @param networkPolicy.allowExternal The Policy model to apply. ## When set to false, only pods with the correct ## client label will have network access to the port MySQL is listening @@ -1473,7 +1519,8 @@ networkPolicy: ## (with the correct destination port). ## allowCurrentNamespace: true - allowNamespaces: [] + allowNamespaces: + - traefik ## @section Init Container Parameters ## @@ -1521,4 +1568,4 @@ volumePermissions: ## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed) ## containerSecurityContext: - runAsUser: 0 \ No newline at end of file + runAsUser: 0 From 58ce2cb1700478e79b045cad88a8fe1b238a2cdf Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 25 Oct 2023 11:49:13 +0800 Subject: [PATCH 07/48] chore(mysql-cluster): plans 10 --- .../templates/primary/statefulset.yaml | 4 ++++ .../8.0/chart/mysql-cluster/values.yaml | 8 ++++++-- .../8.0/plans/standard-10/values.yaml | 16 +++++++++------- 3 files changed, 19 insertions(+), 9 deletions(-) diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml index 56b3ec79..49b8c703 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml @@ -156,6 +156,10 @@ spec: - name: MYSQL_DATABASE value: {{ .Values.auth.database | quote }} {{- end }} + {{- if and .Values.auth.createDatabase .Values.auth.database }} + - name: MAX_CONNECTION_LIMIT + value: {{ .Values.maxConnectionLimit | quote }} + {{- end }} {{- if or (eq .Values.architecture "replication") (eq .Values.architecture "mgr") }} - name: MYSQL_REPLICATION_MODE value: "master" diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml index 9d5e4293..3199eede 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml @@ -149,7 +149,7 @@ auth: ## initdbScripts: ## my_init_script.sh: | ## #!/bin/bash -## echo "Do something." +## echo "Do something." ## initdbScripts: int-mysql.sh: | @@ -181,6 +181,8 @@ initdbScripts: echo loose-group_replication_group_seeds="$svc_mgr_host-0.$svc_mgr_host:24901,$svc_mgr_host-1.$svc_mgr_host:24901,$svc_mgr_host-2.$svc_mgr_host:24901" >> $base_conf_file echo plugin_load_add='group_replication.so' >> $base_conf_file + + echo max_connections=$MAX_CONNECTION_LIMIT ## @param initdbScriptsConfigMap ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) ## @@ -211,10 +213,12 @@ primary: ## @param primary.configuration [string] Configure MySQL Primary with a custom my.cnf file ## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file ## + maxConnectionLimit: 2000 + configuration: |- [mysqld] # server - max_connections=500 + max_connections=10000 default_authentication_plugin=caching_sha2_password skip-name-resolve relay-log=relay-log diff --git a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml index baca4920..e8d14da0 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml @@ -11,13 +11,15 @@ fullnameOverride: hb-mysql-cluster-standard-10 ## @param resources.limits The resources limits for the MinIO® container ## @param resources.requests The requested resources for the MinIO® container ## -resources: - limits: - cpu: 1000m - memory: 1024Mi - requests: - cpu: 100m - memory: 512Mi +primary: + resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 100m + memory: 512Mi + ## @section Persistence parameters From 7c93cee8b35b03477f674658fdd6ed9f88ddbb62 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 25 Oct 2023 15:11:19 +0800 Subject: [PATCH 08/48] chore(mysql-cluster): add max_connection_limit --- .../chart/mysql-cluster/templates/primary/statefulset.yaml | 5 +++-- addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml index 49b8c703..24d81878 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml @@ -156,9 +156,9 @@ spec: - name: MYSQL_DATABASE value: {{ .Values.auth.database | quote }} {{- end }} - {{- if and .Values.auth.createDatabase .Values.auth.database }} + {{- if .Values.primary.maxConnectionLimit }} - name: MAX_CONNECTION_LIMIT - value: {{ .Values.maxConnectionLimit | quote }} + value: {{ .Values.primary.maxConnectionLimit | quote }} {{- end }} {{- if or (eq .Values.architecture "replication") (eq .Values.architecture "mgr") }} - name: MYSQL_REPLICATION_MODE @@ -397,3 +397,4 @@ spec: selector: {{- include "common.tplvalues.render" (dict "value" .Values.primary.persistence.selector "context" $) | nindent 10 }} {{- end -}} {{- end }} + diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml index 3199eede..a33e364c 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml @@ -182,7 +182,7 @@ initdbScripts: echo plugin_load_add='group_replication.so' >> $base_conf_file - echo max_connections=$MAX_CONNECTION_LIMIT + echo max_connections=$MAX_CONNECTION_LIMIT >> $base_conf_file ## @param initdbScriptsConfigMap ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) ## From ae4809d6a88a8f4c9949139b7fa9a169fc1d7553 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 25 Oct 2023 16:06:56 +0800 Subject: [PATCH 09/48] chore(mysql-cluster): add plans --- .../8.0/plans/standard-10/bind.yaml | 9 ++- .../8.0/plans/standard-10/meta.yaml | 2 +- .../8.0/plans/standard-10/values.yaml | 7 ++- .../8.0/plans/standard-100/bind.yaml | 34 +++++++++++ .../standard-100/create-instance-schema.json | 12 ++++ .../8.0/plans/standard-100/meta.yaml | 6 ++ .../8.0/plans/standard-100/values.yaml | 61 +++++++++++++++++++ .../8.0/plans/standard-20/bind.yaml | 34 +++++++++++ .../standard-20/create-instance-schema.json | 12 ++++ .../8.0/plans/standard-20/meta.yaml | 6 ++ .../8.0/plans/standard-20/values.yaml | 61 +++++++++++++++++++ .../8.0/plans/standard-200/bind.yaml | 34 +++++++++++ .../standard-200/create-instance-schema.json | 12 ++++ .../8.0/plans/standard-200/meta.yaml | 6 ++ .../8.0/plans/standard-200/values.yaml | 61 +++++++++++++++++++ .../8.0/plans/standard-400/bind.yaml | 34 +++++++++++ .../standard-400/create-instance-schema.json | 12 ++++ .../8.0/plans/standard-400/meta.yaml | 6 ++ .../8.0/plans/standard-400/values.yaml | 61 +++++++++++++++++++ .../8.0/plans/standard-50/bind.yaml | 34 +++++++++++ .../standard-50/create-instance-schema.json | 12 ++++ .../8.0/plans/standard-50/meta.yaml | 6 ++ .../8.0/plans/standard-50/values.yaml | 60 ++++++++++++++++++ .../8.0/plans/standard-800/bind.yaml | 34 +++++++++++ .../standard-800/create-instance-schema.json | 12 ++++ .../8.0/plans/standard-800/meta.yaml | 6 ++ .../8.0/plans/standard-800/values.yaml | 61 +++++++++++++++++++ 27 files changed, 689 insertions(+), 6 deletions(-) create mode 100644 addons/mysql-cluster/8.0/plans/standard-100/bind.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-100/create-instance-schema.json create mode 100644 addons/mysql-cluster/8.0/plans/standard-100/meta.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-100/values.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-20/bind.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-20/create-instance-schema.json create mode 100644 addons/mysql-cluster/8.0/plans/standard-20/meta.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-20/values.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-200/bind.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-200/create-instance-schema.json create mode 100644 addons/mysql-cluster/8.0/plans/standard-200/meta.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-200/values.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-400/bind.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-400/create-instance-schema.json create mode 100644 addons/mysql-cluster/8.0/plans/standard-400/meta.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-400/values.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-50/bind.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-50/create-instance-schema.json create mode 100644 addons/mysql-cluster/8.0/plans/standard-50/meta.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-50/values.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-800/bind.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-800/create-instance-schema.json create mode 100644 addons/mysql-cluster/8.0/plans/standard-800/meta.yaml create mode 100644 addons/mysql-cluster/8.0/plans/standard-800/values.yaml diff --git a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml index fa1ceb8e..e8b99314 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml @@ -20,10 +20,15 @@ credential: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: port + - name: portro valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.port }' + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' {{- end }} diff --git a/addons/mysql-cluster/8.0/plans/standard-10/meta.yaml b/addons/mysql-cluster/8.0/plans/standard-10/meta.yaml index 426c302e..6c738828 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/meta.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/meta.yaml @@ -1,6 +1,6 @@ name: "standard-10" id: 2b455154-8725-482a-95b2-a193c180d9b5 -description: "Mysql Cluster standard-10 plan which limit persistence size 10Gi." +description: "Mysql Cluster standard-10 plan: Disk 10Gi ,vCPUs 1 , RAM 2G , DB MAX Connection 600" displayName: "standard-10" bindable: true maximum_polling_duration: 1800 diff --git a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml index e8d14da0..f90075a8 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml @@ -12,14 +12,15 @@ fullnameOverride: hb-mysql-cluster-standard-10 ## @param resources.requests The requested resources for the MinIO® container ## primary: + maxConnectionLimit: 600 resources: limits: cpu: 1000m memory: 1024Mi requests: - cpu: 100m - memory: 512Mi - + cpu: 1000m + memory: 1024Mi + ## @section Persistence parameters diff --git a/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml new file mode 100644 index 00000000..e8b99314 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/mysql-cluster/8.0/plans/standard-100/create-instance-schema.json b/addons/mysql-cluster/8.0/plans/standard-100/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-100/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-100/meta.yaml b/addons/mysql-cluster/8.0/plans/standard-100/meta.yaml new file mode 100644 index 00000000..1856a446 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-100/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-100" +id: 8205e5d3-a954-4c68-a570-efa8c607c1d7 +description: "Mysql Cluster standard-100 plan: Disk 100Gi ,vCPUs 4 , RAM 16G , DB MAX Connection 4000" +displayName: "standard-100" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/mysql-cluster/8.0/plans/standard-100/values.yaml b/addons/mysql-cluster/8.0/plans/standard-100/values.yaml new file mode 100644 index 00000000..1c6b865b --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-100/values.yaml @@ -0,0 +1,61 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-100 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 4000 + resources: + limits: + cpu: 4000m + memory: 16Gi + requests: + cpu: 4000m + memory: 16Gi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 100Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} diff --git a/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml new file mode 100644 index 00000000..e8b99314 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/mysql-cluster/8.0/plans/standard-20/create-instance-schema.json b/addons/mysql-cluster/8.0/plans/standard-20/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-20/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-20/meta.yaml b/addons/mysql-cluster/8.0/plans/standard-20/meta.yaml new file mode 100644 index 00000000..e749a7db --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-20/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-20" +id: 95fd7cf2-f2fb-46c9-b3fc-9e7f48899dcc +description: "Mysql Cluster standard-20 plan: Disk 20Gi ,vCPUs 2 , RAM 4G , DB MAX Connection 1000" +displayName: "standard-20" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/mysql-cluster/8.0/plans/standard-20/values.yaml b/addons/mysql-cluster/8.0/plans/standard-20/values.yaml new file mode 100644 index 00000000..d9422e70 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-20/values.yaml @@ -0,0 +1,61 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-20 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 1000 + resources: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 2000m + memory: 4Gi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 20Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} diff --git a/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml new file mode 100644 index 00000000..e8b99314 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/mysql-cluster/8.0/plans/standard-200/create-instance-schema.json b/addons/mysql-cluster/8.0/plans/standard-200/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-200/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-200/meta.yaml b/addons/mysql-cluster/8.0/plans/standard-200/meta.yaml new file mode 100644 index 00000000..b857ef1e --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-200/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-200" +id: 8205e5d3-a954-4c68-a570-efa8c607c1d7 +description: "Mysql Cluster standard-200 plan: Disk 200Gi ,vCPUs 8 , RAM 32G , DB MAX Connection 8000" +displayName: "standard-200" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/mysql-cluster/8.0/plans/standard-200/values.yaml b/addons/mysql-cluster/8.0/plans/standard-200/values.yaml new file mode 100644 index 00000000..baf7e8a9 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-200/values.yaml @@ -0,0 +1,61 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-200 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 8000 + resources: + limits: + cpu: 8000m + memory: 32Gi + requests: + cpu: 8000m + memory: 32Gi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 200Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} diff --git a/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml new file mode 100644 index 00000000..e8b99314 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/mysql-cluster/8.0/plans/standard-400/create-instance-schema.json b/addons/mysql-cluster/8.0/plans/standard-400/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-400/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-400/meta.yaml b/addons/mysql-cluster/8.0/plans/standard-400/meta.yaml new file mode 100644 index 00000000..c802ccc6 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-400/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-400" +id: f96fb7d8-3012-4175-931e-902e26697441 +description: "Mysql Cluster standard-400 plan: Disk 400Gi ,vCPUs 16 , RAM 64G , DB MAX Connection 1600" +displayName: "standard-400" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/mysql-cluster/8.0/plans/standard-400/values.yaml b/addons/mysql-cluster/8.0/plans/standard-400/values.yaml new file mode 100644 index 00000000..2cc0d06e --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-400/values.yaml @@ -0,0 +1,61 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-400 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 1600 + resources: + limits: + cpu: 16000m + memory: 64Gi + requests: + cpu: 16000m + memory: 64Gi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 400Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} diff --git a/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml new file mode 100644 index 00000000..e8b99314 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/mysql-cluster/8.0/plans/standard-50/create-instance-schema.json b/addons/mysql-cluster/8.0/plans/standard-50/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-50/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-50/meta.yaml b/addons/mysql-cluster/8.0/plans/standard-50/meta.yaml new file mode 100644 index 00000000..a6d4e5bd --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-50/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-50" +id: 6f69bee2-6de2-4baf-bbe1-27844a2998b2 +description: "Mysql Cluster standard-10 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" +displayName: "standard-50" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/mysql-cluster/8.0/plans/standard-50/values.yaml b/addons/mysql-cluster/8.0/plans/standard-50/values.yaml new file mode 100644 index 00000000..bc9fd336 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-50/values.yaml @@ -0,0 +1,60 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-50 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 2000 + resources: + limits: + cpu: 2000m + memory: 8Gi + requests: + cpu: 2000m + memory: 8Gi + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 50Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} diff --git a/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml new file mode 100644 index 00000000..e8b99314 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/mysql-cluster/8.0/plans/standard-800/create-instance-schema.json b/addons/mysql-cluster/8.0/plans/standard-800/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-800/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-800/meta.yaml b/addons/mysql-cluster/8.0/plans/standard-800/meta.yaml new file mode 100644 index 00000000..72806d97 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-800/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-800" +id: 829768aa-f287-42ee-b98c-db40ec670d38 +description: "Mysql Cluster standard-800 plan: Disk 800Gi ,vCPUs 32 , RAM 128G , DB MAX Connection 32000" +displayName: "standard-800" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/mysql-cluster/8.0/plans/standard-800/values.yaml b/addons/mysql-cluster/8.0/plans/standard-800/values.yaml new file mode 100644 index 00000000..82a515d7 --- /dev/null +++ b/addons/mysql-cluster/8.0/plans/standard-800/values.yaml @@ -0,0 +1,61 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-800 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 32000 + resources: + limits: + cpu: 32000m + memory: 128Gi + requests: + cpu: 32000m + memory: 128Gi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 800Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} From 8a97c7ed3aaf794c1b614b3828415242f749cda5 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 25 Oct 2023 17:00:36 +0800 Subject: [PATCH 10/48] chore(prometheus): support discovery addons in namespaces --- .../prometheus/templates/_scrape_config.tpl | 44 ++++++++++++++ .../prometheus/2/chart/prometheus/values.yaml | 57 ++++--------------- 2 files changed, 55 insertions(+), 46 deletions(-) diff --git a/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl b/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl index 7fb0e110..316031e2 100644 --- a/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl +++ b/addons/prometheus/2/chart/prometheus/templates/_scrape_config.tpl @@ -85,3 +85,47 @@ relabel_configs: regex: 0 action: keep {{- end -}} + +{{- define "addons.ds_scrape_config" -}} +honor_labels: true +kubernetes_sd_configs: + - role: endpoints + namespaces: + own_namespace: true + names: + - {{ include "common.names.namespace" .context }} +relabel_configs: + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape_slow] + action: drop + regex: true + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] + action: replace + target_label: __scheme__ + regex: (https?) + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] + action: replace + target_label: __address__ + regex: (.+?)(?::\d+)?;(\d+) + replacement: $1:$2 + - action: labelmap + regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) + replacement: __param_$1 + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - source_labels: [__meta_kubernetes_namespace] + action: replace + target_label: namespace + - source_labels: [__meta_kubernetes_service_name] + action: replace + target_label: service + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: node +{{- end -}} diff --git a/addons/prometheus/2/chart/prometheus/values.yaml b/addons/prometheus/2/chart/prometheus/values.yaml index a551fa68..fb195934 100644 --- a/addons/prometheus/2/chart/prometheus/values.yaml +++ b/addons/prometheus/2/chart/prometheus/values.yaml @@ -625,12 +625,16 @@ server: - job_name: alertmanager {{- include "prometheus.scrape_config" (dict "component" "alertmanager" "context" $) | nindent 4 }} {{- end }} + {{- if .Values.scrapeAddons.enabled }} + - job_name: addons + {{- include "addons.ds_scrape_config" (dict "context" $) | nindent 4 }} + {{- end }} {{- if .Values.server.extraScrapeConfigs}} {{- include "common.tplvalues.render" (dict "value" .Values.server.extraScrapeConfigs "context" $) | nindent 2 }} {{- end }} - {{- if .Values.server.dsScrapeConfigs}} - {{- include "common.tplvalues.render" (dict "value" .Values.server.dsScrapeConfigs "context" $) | nindent 2 }} - {{- end }} + # {{- if .Values.server.dsScrapeConfigs}} + # {{- include "common.tplvalues.render" (dict "value" .Values.server.dsScrapeConfigs "context" $) | nindent 2 }} + # {{- end }} {{- if or .Values.alertmanager.enabled .Values.server.alertingEndpoints}} alerting: alertmanagers: @@ -653,49 +657,7 @@ server: ## ref: ## extraScrapeConfigs: [] - dsScrapeConfigs: - - job_name: 'service-endpoints' - honor_labels: true - kubernetes_sd_configs: - - role: endpoints - namespaces: - own_namespace: true - names: - - default - relabel_configs: - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape_slow] - action: drop - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] - action: replace - target_label: __scheme__ - regex: (https?) - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] - action: replace - target_label: __address__ - regex: (.+?)(?::\d+)?;(\d+) - replacement: $1:$2 - - action: labelmap - regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) - replacement: __param_$1 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: namespace - - source_labels: [__meta_kubernetes_service_name] - action: replace - target_label: service - - source_labels: [__meta_kubernetes_pod_node_name] - action: replace - target_label: node + ## @param server.replicaCount Number of Prometheus replicas to deploy ## replicaCount: 1 @@ -1569,3 +1531,6 @@ volumePermissions: ## containerSecurityContext: runAsUser: 0 + +scrapeAddons: + enable: true From 187ec9991af7c2bc26e58b9f3cfb686d4ed40092 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 25 Oct 2023 17:33:57 +0800 Subject: [PATCH 11/48] fix(prometheus): is enabled scrape addons metrics --- addons/prometheus/2/chart/prometheus/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/prometheus/2/chart/prometheus/values.yaml b/addons/prometheus/2/chart/prometheus/values.yaml index fb195934..21331135 100644 --- a/addons/prometheus/2/chart/prometheus/values.yaml +++ b/addons/prometheus/2/chart/prometheus/values.yaml @@ -1533,4 +1533,4 @@ volumePermissions: runAsUser: 0 scrapeAddons: - enable: true + enabled: true From 3a2818243cbcf7f58a6cd822db11716dc5b89545 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 2 Nov 2023 10:36:19 +0800 Subject: [PATCH 12/48] feat(drycc-addons): add postgresql-cluster --- .../15/chart/postgresql/Chart.yaml | 27 ++ .../15/chart/postgresql/README.md | 151 +++++++++++ .../15/chart/postgresql/templates/NOTES.txt | 25 ++ .../chart/postgresql/templates/_helpers.tpl | 43 +++ .../15/chart/postgresql/templates/ep.yaml | 12 + .../postgresql/templates/networkpolicy.yaml | 45 +++ .../15/chart/postgresql/templates/role.yaml | 49 ++++ .../postgresql/templates/rolebinding.yaml | 19 ++ .../15/chart/postgresql/templates/sec.yaml | 16 ++ .../postgresql/templates/serviceaccount.yaml | 12 + .../postgresql/templates/statefulset.yaml | 256 ++++++++++++++++++ .../postgresql/templates/svc-config.yaml | 11 + .../chart/postgresql/templates/svc-relp.yaml | 21 ++ .../15/chart/postgresql/templates/svc.yaml | 18 ++ .../15/chart/postgresql/values.yaml | 147 ++++++++++ addons/postgresql-cluster/15/meta.yaml | 20 ++ 16 files changed, 872 insertions(+) create mode 100644 addons/postgresql-cluster/15/chart/postgresql/Chart.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/README.md create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/serviceaccount.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/svc-config.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/svc-relp.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql/values.yaml create mode 100644 addons/postgresql-cluster/15/meta.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml b/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml new file mode 100644 index 00000000..f0397f67 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml @@ -0,0 +1,27 @@ +annotations: + category: Database +apiVersion: v2 +appVersion: "15" +dependencies: + - name: common + repository: oci://registry.drycc.cc/charts + version: ~1.1.1 +description: PostgreSQL (Postgres) is an open source object-relational database known for reliability and data integrity. ACID-compliant, it supports foreign keys, joins, views, triggers and stored procedures. +engine: gotpl +home: https://github.com/bitnami/charts/tree/master/bitnami/postgresql +icon: https://bitnami.com/assets/stacks/postgresql/img/postgresql-stack-220x234.png +keywords: + - postgresql + - postgres + - database + - sql + - replication + - cluster +maintainers: + - email: zhang.eamon@hotmail.com + name: zhangeamon +name: postgresql +sources: + - https://github.com/drycc-addons/ + - https://www.postgresql.org/ +version: 15.4.1 diff --git a/addons/postgresql-cluster/15/chart/postgresql/README.md b/addons/postgresql-cluster/15/chart/postgresql/README.md new file mode 100644 index 00000000..8d44fca1 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/README.md @@ -0,0 +1,151 @@ +# ⚠️ Repo Archive Notice + +As of Nov 13, 2020, charts in this repo will no longer be updated. +For more information, see the Helm Charts [Deprecation and Archive Notice](https://github.com/helm/charts#%EF%B8%8F-deprecation-and-archive-notice), and [Update](https://helm.sh/blog/charts-repo-deprecation/). + +# Patroni Helm Chart + +This directory contains a Kubernetes chart to deploy a five node [Patroni](https://github.com/zalando/patroni/) cluster using a [Spilo](https://github.com/zalando/spilo) and a StatefulSet. + + +## Prerequisites Details +* Kubernetes 1.9+ +* PV support on the underlying infrastructure + +## StatefulSet Details +* https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ + +## StatefulSet Caveats +* https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#limitations + + +## Chart Details +This chart will do the following: + +* Implement a HA scalable PostgreSQL 10 cluster using a Kubernetes StatefulSet. + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add +$ helm dependency update +$ helm install --name my-release postgresql-cluster +``` + +To install the chart with randomly generated passwords: + +```console +$ helm install --name my-release postgresql-cluster \ + --set credentials.superuser="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)",credentials.admin="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)",credentials.standby="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)" +``` + +## Connecting to PostgreSQL + +Your access point is a cluster IP. In order to access it spin up another pod: + +```console +$ kubectl run -i --tty --rm psql --image=postgres --restart=Never -- bash -il +``` + +Then, from inside the pod, connect to PostgreSQL: + +```console +$ psql -U admin -h my-release-patroni.default.svc.cluster.local postgres + +postgres=> +``` + +## Configuration + +The following table lists the configurable parameters of the patroni chart and their default values. + +| Parameter | Description | Default | +|-----------------------------------|---------------------------------------------|-----------------------------------------------------| +| `nameOverride` | Override the name of the chart | `nil` | +| `fullnameOverride` | Override the fullname of the chart | `nil` | +| `replicaCount` | Amount of pods to spawn | `5` | +| `image.repository` | The image to pull | `registry.opensource.zalan.do/acid/spilo-10` | +| `image.tag` | The version of the image to pull | `1.5-p5` | +| `image.pullPolicy` | The pull policy | `IfNotPresent` | +| `credentials.superuser` | Password of the superuser | `tea` | +| `credentials.admin` | Password of the admin | `cola` | +| `credentials.standby` | Password of the replication user | `pinacolada` | +| `kubernetes.dcs.enable` | Using Kubernetes as DCS | `true` | +| `kubernetes.configmaps.enable` | Using Kubernetes configmaps instead of endpoints | `false` | +| `etcd.enable` | Using etcd as DCS | `false` | +| `etcd.deployChart` | Deploy etcd chart | `false` | +| `etcd.host` | Host name of etcd cluster | `nil` | +| `etcd.discovery` | Domain name of etcd cluster | `nil` | +| `zookeeper.enable` | Using ZooKeeper as DCS | `false` | +| `zookeeper.deployChart` | Deploy ZooKeeper chart | `false` | +| `zookeeper.hosts` | List of ZooKeeper cluster members | `host1:port1,host2:port,etc...` | +| `consul.enable` | Using Consul as DCS | `false` | +| `consul.deployChart` | Deploy Consul chart | `false` | +| `consul.host` | Host name of consul cluster | `nil` | +| `env` | Extra custom environment variables | `{}` | +| `walE.enable` | Use of Wal-E tool for base backup/restore | `false` | +| `walE.scheduleCronJob` | Schedule of Wal-E backups | `00 01 * * *` | +| `walE.retainBackups` | Number of base backups to retain | `2` | +| `walE.s3Bucket:` | Amazon S3 bucket used for wal-e backups | `nil` | +| `walE.gcsBucket` | GCS storage used for Wal-E backups | `nil` | +| `walE.kubernetesSecret` | K8s secret name for provider bucket | `nil` | +| `walE.backupThresholdMegabytes` | Maximum size of the WAL segments accumulated after the base backup to consider WAL-E restore instead of pg_basebackup | `1024` | +| `walE.backupThresholdPercentage` | Maximum ratio (in percents) of the accumulated WAL files to the base backup to consider WAL-E restore instead of pg_basebackup | `30` | +| `resources` | Any resources you wish to assign to the pod | `{}` | +| `nodeSelector` | Node label to use for scheduling | `{}` | +| `tolerations` | List of node taints to tolerate | `[]` | +| `affinityTemplate` | A template string to use to generate the affinity settings | Anti-affinity preferred on hostname | +| `affinity` | Affinity settings. Overrides `affinityTemplate` if set. | `{}` | +| `schedulerName` | Alternate scheduler name | `nil` | +| `persistentVolume.accessModes` | Persistent Volume access modes | `[ReadWriteOnce]` | +| `persistentVolume.annotations` | Annotations for Persistent Volume Claim` | `{}` | +| `persistentVolume.mountPath` | Persistent Volume mount root path | `/home/postgres/pgdata` | +| `persistentVolume.size` | Persistent Volume size | `2Gi` | +| `persistentVolume.storageClass` | Persistent Volume Storage Class | `volume.alpha.kubernetes.io/storage-class: default` | +| `persistentVolume.subPath` | Subdirectory of Persistent Volume to mount | `""` | +| `rbac.create` | Create required role and rolebindings | `true` | +| `serviceAccount.create` | If true, create a new service account | `true` | +| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | `nil` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +$ helm install --name my-release -f values.yaml incubator/patroni +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +## Cleanup + +To remove the spawned pods you can run a simple `helm delete `. + +Helm will however preserve created persistent volume claims, +to also remove them execute the commands below. + +```console +$ release= +$ helm delete $release +$ kubectl delete pvc -l release=$release +``` + +## Internals + +Patroni is responsible for electing a PostgreSQL master pod by leveraging the +DCS of your choice. After election it adds a `spilo-role=master` label to the +elected master and set the label to `spilo-role=replica` for all replicas. +Simultaneously it will update the `-patroni` endpoint to let the +service route traffic to the elected master. + +```console +$ kubectl get pods -l spilo-role -L spilo-role +NAME READY STATUS RESTARTS AGE SPILO-ROLE +my-release-patroni-0 1/1 Running 0 9m replica +my-release-patroni-1 1/1 Running 0 9m master +my-release-patroni-2 1/1 Running 0 8m replica +my-release-patroni-3 1/1 Running 0 8m replica +my-release-patroni-4 1/1 Running 0 8m replica +``` diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt b/addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt new file mode 100644 index 00000000..22a4f2d2 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt @@ -0,0 +1,25 @@ +Patroni can be accessed via port 5432 on the following DNS name from within your cluster: +{{ template "patroni.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local + +To get your password for superuser run: + + # superuser password + PGPASSWORD_SUPERUSER=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "patroni.fullname" . }} -o jsonpath="{.data.password-superuser}" | base64 --decode) + + # admin password + PGPASSWORD_ADMIN=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "patroni.fullname" . }} -o jsonpath="{.data.password-admin}" | base64 --decode) + +To connect to your database: + +1. Run a postgres pod and connect using the psql cli: + # login as superuser + kubectl run -i --tty --rm psql --image=postgres \ + --env "PGPASSWORD=$PGPASSWORD_SUPERUSER" \ + --command -- psql -U postgres \ + -h {{ template "patroni.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local postgres + + # login as admin + kubectl run -i -tty --rm psql --image=postgres \ + --env "PGPASSWORD=$PGPASSWORD_ADMIN" \ + --command -- psql -U admin \ + -h {{ template "patroni.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local postgres diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl new file mode 100644 index 00000000..2b1b6d45 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl @@ -0,0 +1,43 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "patroni.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "patroni.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "patroni.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use. +*/}} +{{- define "patroni.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "patroni.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml new file mode 100644 index 00000000..23b7b2eb --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ template "patroni.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + cluster-name: {{ template "patroni.fullname" . }} +subsets: [] diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml new file mode 100644 index 00000000..06617f8a --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml @@ -0,0 +1,45 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + {{- include "common.labels.matchLabels" . | nindent 6 }} + ingress: + # Allow inbound connections + - ports: + - port: 5432 + {{- if and .Values.metrics.enabled }} + - port: {{ .Values.metrics.service.port }} + {{ end }} + {{- if or .Values.networkPolicy.allowCurrentNamespace .Values.networkPolicy.allowNamespaces }} + from: + {{- if .Values.networkPolicy.allowCurrentNamespace }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + {{- end }} + {{- range $namespace := .Values.networkPolicy.allowNamespaces }} + {{- if $namespace }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ $namespace }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml new file mode 100644 index 00000000..c81b39a8 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml @@ -0,0 +1,49 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "patroni.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: [""] + resources: ["configmaps"] + verbs: + - create + - get + - list + - patch + - update + - watch + # delete is required only for 'patronictl remove' + - delete +- apiGroups: [""] + resources: ["services"] + verbs: + - create +- apiGroups: [""] + resources: ["endpoints"] + verbs: + - create + - get + - patch + - update + # the following three privileges are necessary only when using endpoints + - list + - watch + # delete is required only for for 'patronictl remove' + - delete + - deletecollection +- apiGroups: [""] + resources: ["pods"] + verbs: + - get + - list + - patch + - update + - watch +{{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml new file mode 100644 index 00000000..d09de1c8 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml @@ -0,0 +1,19 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "patroni.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +subjects: + - kind: ServiceAccount + name: {{ template "patroni.serviceAccountName" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "patroni.fullname" . }} +{{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml new file mode 100644 index 00000000..40082291 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "patroni.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + cluster-name: {{ template "patroni.fullname" . }} +type: Opaque +data: + password-superuser: {{ .Values.credentials.superuser | b64enc }} + password-admin: {{ .Values.credentials.admin | b64enc }} + password-replication: {{ .Values.credentials.standby | b64enc }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/serviceaccount.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/serviceaccount.yaml new file mode 100644 index 00000000..819bb983 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "patroni.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml new file mode 100644 index 00000000..ce657a5e --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml @@ -0,0 +1,256 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ template "patroni.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + cluster-name: {{ template "patroni.fullname" . }} +spec: + serviceName: {{ template "patroni.fullname" . }} + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "patroni.fullname" . }} + release: {{ .Release.Name }} + cluster-name: {{ template "patroni.fullname" . }} + template: + metadata: + name: {{ template "patroni.fullname" . }} + labels: + app: {{ template "patroni.fullname" . }} + release: {{ .Release.Name }} + cluster-name: {{ template "patroni.fullname" . }} + spec: + serviceAccountName: {{ template "patroni.serviceAccountName" . }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- if .Values.kubernetes.dcs.enable }} + - name: PATRONI_KUBERNETES_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: PATRONI_KUBERNETES_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: PATRONI_KUBERNETES_BYPASS_API_SERVICE + value: 'true' + - name: PATRONI_KUBERNETES_USE_ENDPOINTS + value: 'true' + - name: PATRONI_KUBERNETES_LABELS + value: '{app: {{ template "patroni.fullname" . }},release: {{ .Release.Name }},cluster-name: {{ template "patroni.fullname" . }}}' + - name: PATRONI_SUPERUSER_USERNAME + value: postgres + - name: PATRONI_SUPERUSER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: password-superuser + - name: PATRONI_REPLICATION_USERNAME + value: standby + - name: PATRONI_REPLICATION_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: password-replication + - name: PATRONI_SCOPE + value: {{ template "patroni.fullname" . }} + - name: PATRONI_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: PATRONI_POSTGRESQL_DATA_DIR + value: "{{ .Values.persistentVolume.mountPath }}/data" + - name: PATRONI_POSTGRESQL_PGPASS + value: /tmp/pgpass + - name: PATRONI_POSTGRESQL_LISTEN + value: '0.0.0.0:5432' + - name: PATRONI_RESTAPI_LISTEN + value: '0.0.0.0:8008' + + {{- if .Values.kubernetes.configmaps.enable }} + - name: KUBERNETES_USE_CONFIGMAPS + value: "true" + {{- end }} + {{- end }} + {{- if .Values.etcd.enable }} + {{- if .Values.etcd.deployChart }} + - name: ETCD_DISCOVERY_DOMAIN + value: {{default (printf "%s-etcd" .Release.Name | trunc 63) .Values.etcd.discovery }} + {{- else }} + - name: ETCD_HOST + value: {{ .Values.etcd.host | quote }} + {{- end }} + {{- else if .Values.zookeeper.enable }} + {{- if .Values.zookeeper.deployChart }} + - name: ZOOKEEPER_HOSTS + value: {{(printf "'%s-zookeeper-headless:2181'" .Release.Name | trunc 63)}} + {{- else }} + - name: ZOOKEEPER_HOSTS + value: {{ .Values.zookeeper.hosts | quote }} + {{- end }} + {{- else if .Values.consul.enable }} + {{- if .Values.consul.deployChart }} + - name: PATRONI_CONSUL_HOST + value: {{(printf "'%s-consul'" .Release.Name | trunc 63)}} + {{- else }} + - name: PATRONI_CONSUL_HOST + value: {{ .Values.consul.host | quote }} + {{- end }} + {{- end }} + - name: SCOPE + value: {{ template "patroni.fullname" . }} + {{- if .Values.walE.enable }} + - name: USE_WALE + value: {{ .Values.walE.enable | quote }} + {{- if .Values.walE.scheduleCronJob }} + - name: BACKUP_SCHEDULE + value: {{ .Values.walE.scheduleCronJob | quote}} + {{- end }} + {{- if .Values.walE.retainBackups }} + - name: BACKUP_NUM_TO_RETAIN + value: {{ .Values.walE.retainBackups | quote}} + {{- end }} + {{- if .Values.walE.s3Bucket }} + - name: WAL_S3_BUCKET + value: {{ .Values.walE.s3Bucket | quote }} + {{else if .Values.walE.gcsBucket }} + - name: WAL_GCS_BUCKET + value: {{ .Values.walE.gcsBucket | quote }} + {{- if .Values.walE.kubernetesSecret }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: "/etc/credentials/{{.Values.walE.kubernetesSecret}}.json" + {{- end }} + {{- end }} + {{- if .Values.walE.backupThresholdMegabytes }} + - name: WALE_BACKUP_THRESHOLD_MEGABYTES + value: {{ .Values.walE.backupThresholdMegabytes | quote }} + {{- end }} + {{- if .Values.walE.backupThresholdPercentage }} + - name: WALE_BACKUP_THRESHOLD_PERCENTAGE + value: {{ .Values.walE.backupThresholdPercentage | quote }} + {{- end }} + {{- else }} + - name: USE_WALE + value: "" + {{- end }} + - name: PGROOT + value: "{{ .Values.persistentVolume.mountPath }}/pgroot" + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- if .Values.env }} + {{- range $key, $val := .Values.env }} + - name: {{ $key | quote | upper }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + readinessProbe: + httpGet: + scheme: HTTP + path: /readiness + port: 8008 + initialDelaySeconds: 3 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 8008 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + ports: + - containerPort: 8008 + protocol: TCP + - containerPort: 5432 + protocol: TCP + volumeMounts: + - name: storage-volume + mountPath: "{{ .Values.persistentVolume.mountPath }}" + volumeMounts: "{{ .Values.persistentVolume.subPath }}" + # - mountPath: /etc/patroni + # name: patroni-config + # readOnly: true + {{- if .Values.walE.enable }} + {{- if .Values.walE.kubernetesSecret }} + - name: {{ .Values.walE.kubernetesSecret }} + mountPath: /etc/credentials + readOnly: true + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 10 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName }} + {{- end }} + {{- if .Values.affinity }} + affinity: +{{ .Values.affinity | toYaml | indent 8 }} + {{- else if .Values.affinityTemplate }} + affinity: +{{ tpl .Values.affinityTemplate . | indent 8 }} + {{- end }} + volumes: + - name: patroni-config + secret: + secretName: {{ template "patroni.fullname" . }} + {{- if .Values.walE.enable }} + {{- if .Values.walE.kubernetesSecret }} + - name: {{ .Values.walE.kubernetesSecret }} + secret: + secretName: {{ .Values.walE.kubernetesSecret }} + {{- end }} + {{- end }} + {{- if not .Values.persistentVolume.enabled }} + - name: storage-volume + emptyDir: {} + {{- end }} + {{- if .Values.persistentVolume.enabled }} + volumeClaimTemplates: + - metadata: + name: storage-volume + annotations: + {{- if .Values.persistentVolume.annotations }} +{{ toYaml .Values.persistentVolume.annotations | indent 8 }} + {{- end }} + labels: + app: {{ template "patroni.fullname" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + spec: + accessModes: +{{ toYaml .Values.persistentVolume.accessModes | indent 8 }} + resources: + requests: + storage: "{{ .Values.persistentVolume.size }}" + {{- if .Values.persistentVolume.storageClass }} + {{- if (eq "-" .Values.persistentVolume.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistentVolume.storageClass }}" + {{- end }} + {{- end }} + {{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/svc-config.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/svc-config.yaml new file mode 100644 index 00000000..442be2f3 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/svc-config.yaml @@ -0,0 +1,11 @@ +# headless service to avoid deletion of patronidemo-config endpoint +apiVersion: v1 +kind: Service +metadata: + name: {{ template "patroni.fullname" . }}-config + labels: + app: {{ template "patroni.fullname" . }} + release: {{ .Release.Name }} + cluster-name: {{ template "patroni.fullname" . }} +spec: + clusterIP: None diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/svc-relp.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/svc-relp.yaml new file mode 100644 index 00000000..cccaf8ce --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/svc-relp.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "patroni.fullname" . }}-repl + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + cluster-name: {{ template "patroni.fullname" . }} + role: replica +spec: + type: ClusterIP + selector: + app: {{ template "patroni.fullname" . }} + cluster-name: {{ template "patroni.fullname" . }} + role: replica + ports: + - port: 5432 + targetPort: 5432 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml new file mode 100644 index 00000000..430a6a8f --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "patroni.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + app: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + cluster-name: {{ template "patroni.fullname" . }} +spec: + type: ClusterIP + ports: + - name: postgresql + port: 5432 + targetPort: postgresql + protocol: TCP diff --git a/addons/postgresql-cluster/15/chart/postgresql/values.yaml b/addons/postgresql-cluster/15/chart/postgresql/values.yaml new file mode 100644 index 00000000..1be7c5f6 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/values.yaml @@ -0,0 +1,147 @@ +replicaCount: 3 + +image: + # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2 + # https://github.com/zalando/spilo/tree/master/postgres-appliance + repository: registry.drycc.cc/drycc-addons/patroni + tag: 3.2 + pullPolicy: 'IfNotPresent' + +# Credentials used by Patroni +# https://github.com/zalando/patroni/blob/master/docs/SETTINGS.rst#postgresql +# https://github.com/zalando/spilo/blob/master/ENVIRONMENT.rst +credentials: + superuser: tea + admin: cola + standby: reppasswd + +# Distribution Configuration stores +# Please note that only one of the following stores should be enabled. +kubernetes: + dcs: + enable: true + configmaps: + enable: false +etcd: + enable: false + deployChart: false + # If not deploying etcd chart, fill-in value for etcd service + # ..svc.cluster.local + host: + # Leave blank to use vendored etcd chart + discovery: +zookeeper: + enable: false + deployChart: false + # If not deploying etcd chart, fill-in list of ZooKeeper members in format: + # 'host1:port1','host2:port2','etc...' + hosts: +consul: + enable: false + deployChart: false + # Leave blank to use vendored consul chart + hosts: + +# Extra custom environment variables. +env: {} + +walE: + # Specifies whether Wal-E should be enabled + enable: false + # Cron schedule for doing base backups + scheduleCronJob: 00 01 * * * + # Amount of base backups to retain + retainBackups: 2 + # Path to the S3 or GCS bucket used for WAL-E base backups + s3Bucket: + gcsBucket: + # Name of the secret that holds the credentials to the bucket + kubernetesSecret: + # Maximum size of the WAL segments accumulated after the base backup to + # consider WAL-E restore instead of pg_basebackup + backupThresholdMegabytes: 1024 + # Maximum ratio (in percents) of the accumulated WAL files to the base backup + # to consider WAL-E restore instead of pg_basebackup + backupThresholdPercentage: 30 + +persistentVolume: + enabled: false + size: 10G + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + subPath: "" + mountPath: "/home/postgres/pgdata" + annotations: {} + accessModes: + - ReadWriteOnce + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 1000m + memory: 1Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 1000m + memory: 1Gi + +# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +nodeSelector: {} + +# https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +tolerations: [] + +# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +affinityTemplate: | + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + app: {{ template "patroni.name" . }} + release: {{ .Release.Name | quote }} +affinity: {} + +## Use an alternate scheduler, e.g. "stork". +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +# schedulerName: + +rbac: + # Specifies whether RBAC resources should be created + create: true + +serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + +## Postgresql Prometheus exporter parameters +## +metrics: + enabled: false +## Postgresql Nework Policy configuration +## +networkPolicy: + ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources + ## + enabled: false + ## @param networkPolicy.allowExternal The Policy model to apply. + ## When set to false, only pods with the correct + ## client label will have network access to the port MySQL is listening + ## on. When true, MySQL will accept connections from any source + ## (with the correct destination port). + ## + allowCurrentNamespace: true + allowNamespaces: [] \ No newline at end of file diff --git a/addons/postgresql-cluster/15/meta.yaml b/addons/postgresql-cluster/15/meta.yaml new file mode 100644 index 00000000..f7e21529 --- /dev/null +++ b/addons/postgresql-cluster/15/meta.yaml @@ -0,0 +1,20 @@ +name: postgresql-cluster +version: 15.0 +id: 5cfb0abf-276c-445b-9060-9aa964ede87d +description: "postgresql-cluster" +displayName: "postgresql-cluster-15.0" +metadata: + displayName: "postgresql-cluster-15.0" + provider: + name: drycc + supportURL: https://www.postgresql.org/ + documentationURL: https://github.com/drycc-addons/drycc-docker-postgresql-cluster +tags: postgresql-cluster +bindable: true +instances_retrievable: true +bindings_retrievable: true +plan_updateable: true +allow_parameters: +- name: "networkPolicy.allowNamespaces" + description: "networkPolicy allowNamespaces config for values.yaml" +archive: false \ No newline at end of file From c317ad3ac5802173ffcae6cd2ffa63a3d90fed9f Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 3 Nov 2023 09:13:06 +0800 Subject: [PATCH 13/48] chore(postgresql-cluster): move patroni env to helper --- .../chart/postgresql/templates/_helpers.tpl | 95 +++++++++++++ .../postgresql/templates/statefulset.yaml | 131 ++---------------- .../15/chart/postgresql/values.yaml | 24 +--- 3 files changed, 111 insertions(+), 139 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl index 2b1b6d45..f684f499 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl @@ -41,3 +41,98 @@ Create the name of the service account to use. {{ default "default" .Values.serviceAccount.name }} {{- end -}} {{- end -}} + +{{/* +Create patroni envs. +*/}} +{{- define "patroni.envs" }} +{{- if .Values.kubernetes.configmaps.enable }} +- name: KUBERNETES_USE_CONFIGMAPS + value: "true" +{{- end }} +{{- if .Values.kubernetes.endpoints.enable }} +- name: PATRONI_KUBERNETES_USE_ENDPOINTS + value: 'true' +{{- end }} +- name: PATRONI_KUBERNETES_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP +- name: PATRONI_KUBERNETES_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace +- name: PATRONI_KUBERNETES_BYPASS_API_SERVICE + value: 'true' +- name: PATRONI_KUBERNETES_LABELS + value: '{app: {{ template "patroni.fullname" . }},release: {{ .Release.Name }},cluster-name: {{ template "patroni.fullname" . }}}' +- name: PATRONI_SUPERUSER_USERNAME + value: postgres +- name: PATRONI_SUPERUSER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: password-superuser +- name: PATRONI_REPLICATION_USERNAME + value: standby +- name: PATRONI_REPLICATION_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: password-replication +- name: PATRONI_SCOPE + value: {{ template "patroni.fullname" . }} +- name: PATRONI_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name +- name: PATRONI_POSTGRESQL_DATA_DIR + value: "{{ .Values.persistentVolume.mountPath }}/data" +- name: PATRONI_POSTGRESQL_PGPASS + value: /tmp/pgpass +- name: PATRONI_POSTGRESQL_LISTEN + value: '0.0.0.0:5432' +- name: PATRONI_RESTAPI_LISTEN + value: '0.0.0.0:8008' +{{- end -}} + +{{/* +Create wale envs. +*/}} +{{- define "wale.envs" }} +{{- if .Values.walE.enable }} +- name: USE_WALE + value: {{ .Values.walE.enable | quote }} +{{- if .Values.walE.scheduleCronJob }} +- name: BACKUP_SCHEDULE + value: {{ .Values.walE.scheduleCronJob | quote}} +{{- end }} +{{- if .Values.walE.retainBackups }} +- name: BACKUP_NUM_TO_RETAIN + value: {{ .Values.walE.retainBackups | quote}} +{{- end }} +{{- if .Values.walE.s3Bucket }} +- name: WAL_S3_BUCKET + value: {{ .Values.walE.s3Bucket | quote }} +{{else if .Values.walE.gcsBucket }} +- name: WAL_GCS_BUCKET + value: {{ .Values.walE.gcsBucket | quote }} +{{- if .Values.walE.kubernetesSecret }} +- name: GOOGLE_APPLICATION_CREDENTIALS + value: "/etc/credentials/{{.Values.walE.kubernetesSecret}}.json" +{{- end }} + +{{- if .Values.walE.backupThresholdMegabytes }} +- name: WALE_BACKUP_THRESHOLD_MEGABYTES + value: {{ .Values.walE.backupThresholdMegabytes | quote }} +{{- end }} +{{- if .Values.walE.backupThresholdPercentage }} +- name: WALE_BACKUP_THRESHOLD_PERCENTAGE + value: {{ .Values.walE.backupThresholdPercentage | quote }} +{{- end }} +{{- else }} +- name: USE_WALE + value: "" +{{- end }} +{{- end }} +{{- end -}} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml index ce657a5e..14895620 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml @@ -31,123 +31,7 @@ spec: image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: - {{- if .Values.kubernetes.dcs.enable }} - - name: PATRONI_KUBERNETES_POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: PATRONI_KUBERNETES_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: PATRONI_KUBERNETES_BYPASS_API_SERVICE - value: 'true' - - name: PATRONI_KUBERNETES_USE_ENDPOINTS - value: 'true' - - name: PATRONI_KUBERNETES_LABELS - value: '{app: {{ template "patroni.fullname" . }},release: {{ .Release.Name }},cluster-name: {{ template "patroni.fullname" . }}}' - - name: PATRONI_SUPERUSER_USERNAME - value: postgres - - name: PATRONI_SUPERUSER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "patroni.fullname" . }} - key: password-superuser - - name: PATRONI_REPLICATION_USERNAME - value: standby - - name: PATRONI_REPLICATION_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "patroni.fullname" . }} - key: password-replication - - name: PATRONI_SCOPE - value: {{ template "patroni.fullname" . }} - - name: PATRONI_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: PATRONI_POSTGRESQL_DATA_DIR - value: "{{ .Values.persistentVolume.mountPath }}/data" - - name: PATRONI_POSTGRESQL_PGPASS - value: /tmp/pgpass - - name: PATRONI_POSTGRESQL_LISTEN - value: '0.0.0.0:5432' - - name: PATRONI_RESTAPI_LISTEN - value: '0.0.0.0:8008' - - {{- if .Values.kubernetes.configmaps.enable }} - - name: KUBERNETES_USE_CONFIGMAPS - value: "true" - {{- end }} - {{- end }} - {{- if .Values.etcd.enable }} - {{- if .Values.etcd.deployChart }} - - name: ETCD_DISCOVERY_DOMAIN - value: {{default (printf "%s-etcd" .Release.Name | trunc 63) .Values.etcd.discovery }} - {{- else }} - - name: ETCD_HOST - value: {{ .Values.etcd.host | quote }} - {{- end }} - {{- else if .Values.zookeeper.enable }} - {{- if .Values.zookeeper.deployChart }} - - name: ZOOKEEPER_HOSTS - value: {{(printf "'%s-zookeeper-headless:2181'" .Release.Name | trunc 63)}} - {{- else }} - - name: ZOOKEEPER_HOSTS - value: {{ .Values.zookeeper.hosts | quote }} - {{- end }} - {{- else if .Values.consul.enable }} - {{- if .Values.consul.deployChart }} - - name: PATRONI_CONSUL_HOST - value: {{(printf "'%s-consul'" .Release.Name | trunc 63)}} - {{- else }} - - name: PATRONI_CONSUL_HOST - value: {{ .Values.consul.host | quote }} - {{- end }} - {{- end }} - - name: SCOPE - value: {{ template "patroni.fullname" . }} - {{- if .Values.walE.enable }} - - name: USE_WALE - value: {{ .Values.walE.enable | quote }} - {{- if .Values.walE.scheduleCronJob }} - - name: BACKUP_SCHEDULE - value: {{ .Values.walE.scheduleCronJob | quote}} - {{- end }} - {{- if .Values.walE.retainBackups }} - - name: BACKUP_NUM_TO_RETAIN - value: {{ .Values.walE.retainBackups | quote}} - {{- end }} - {{- if .Values.walE.s3Bucket }} - - name: WAL_S3_BUCKET - value: {{ .Values.walE.s3Bucket | quote }} - {{else if .Values.walE.gcsBucket }} - - name: WAL_GCS_BUCKET - value: {{ .Values.walE.gcsBucket | quote }} - {{- if .Values.walE.kubernetesSecret }} - - name: GOOGLE_APPLICATION_CREDENTIALS - value: "/etc/credentials/{{.Values.walE.kubernetesSecret}}.json" - {{- end }} - {{- end }} - {{- if .Values.walE.backupThresholdMegabytes }} - - name: WALE_BACKUP_THRESHOLD_MEGABYTES - value: {{ .Values.walE.backupThresholdMegabytes | quote }} - {{- end }} - {{- if .Values.walE.backupThresholdPercentage }} - - name: WALE_BACKUP_THRESHOLD_PERCENTAGE - value: {{ .Values.walE.backupThresholdPercentage | quote }} - {{- end }} - {{- else }} - - name: USE_WALE - value: "" - {{- end }} - - name: PGROOT - value: "{{ .Values.persistentVolume.mountPath }}/pgroot" - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + {{- include "patroni.envs" . | indent 8 }} {{- if .Values.env }} {{- range $key, $val := .Values.env }} - name: {{ $key | quote | upper }} @@ -174,6 +58,18 @@ spec: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 + lifecycle: + preStop: + exec: + command: + - /usr/bin/env + - bash + - -c + - | + # switch leader pod if the current pod is the leader + if curl --fail http://localhost:8008/read-write; then + init-stack patronictl switchover --force + fi ports: - containerPort: 8008 protocol: TCP @@ -182,7 +78,6 @@ spec: volumeMounts: - name: storage-volume mountPath: "{{ .Values.persistentVolume.mountPath }}" - volumeMounts: "{{ .Values.persistentVolume.subPath }}" # - mountPath: /etc/patroni # name: patroni-config # readOnly: true diff --git a/addons/postgresql-cluster/15/chart/postgresql/values.yaml b/addons/postgresql-cluster/15/chart/postgresql/values.yaml index 1be7c5f6..f7bdc8a7 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/values.yaml @@ -5,6 +5,7 @@ image: # https://github.com/zalando/spilo/tree/master/postgres-appliance repository: registry.drycc.cc/drycc-addons/patroni tag: 3.2 + # IfNotPresent , Always pullPolicy: 'IfNotPresent' # Credentials used by Patroni @@ -18,29 +19,10 @@ credentials: # Distribution Configuration stores # Please note that only one of the following stores should be enabled. kubernetes: - dcs: + endpoints: enable: true configmaps: enable: false -etcd: - enable: false - deployChart: false - # If not deploying etcd chart, fill-in value for etcd service - # ..svc.cluster.local - host: - # Leave blank to use vendored etcd chart - discovery: -zookeeper: - enable: false - deployChart: false - # If not deploying etcd chart, fill-in list of ZooKeeper members in format: - # 'host1:port1','host2:port2','etc...' - hosts: -consul: - enable: false - deployChart: false - # Leave blank to use vendored consul chart - hosts: # Extra custom environment variables. env: {} @@ -136,7 +118,7 @@ metrics: networkPolicy: ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources ## - enabled: false + enabled: true ## @param networkPolicy.allowExternal The Policy model to apply. ## When set to false, only pods with the correct ## client label will have network access to the port MySQL is listening From 9891e1050911ce0c4e2f19453956acb2287f3d9e Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 6 Nov 2023 11:00:32 +0800 Subject: [PATCH 14/48] chore(postgresql-cluster):adjust patroni config use configmap --- .../chart/postgresql/templates/_helpers.tpl | 10 ++++ .../chart/postgresql/templates/configmap.yaml | 19 ++++++++ .../15/chart/postgresql/templates/ep.yaml | 12 ----- .../postgresql/templates/networkpolicy.yaml | 6 +-- .../postgresql/templates/statefulset.yaml | 17 +++++-- .../15/chart/postgresql/values.yaml | 46 +++++++++++++++++++ 6 files changed, 88 insertions(+), 22 deletions(-) create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml delete mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl index f684f499..8e146ffd 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl @@ -42,6 +42,16 @@ Create the name of the service account to use. {{- end -}} {{- end -}} +{{/* +Return true if a configmap object should be created for MySQL Secondary +*/}} +{{- define "patroni.createConfigmap" -}} +{{- if and .Values.configuration }} + {{- true -}} +{{- else -}} +{{- end -}} +{{- end -}} + {{/* Create patroni envs. */}} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml new file mode 100644 index 00000000..5f26b266 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{- if (include "patroni.createConfigmap" .) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "common.names.fullname" . }}-cm + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + cluster-name: {{ template "patroni.fullname" . }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + patroni.sh: |- + {{- include "common.tplvalues.render" ( dict "value" .Values.configuration "context" $ ) | nindent 4 }} +{{- end -}} + diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml deleted file mode 100644 index 23b7b2eb..00000000 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/ep.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Endpoints -metadata: - name: {{ template "patroni.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: - app: {{ template "patroni.fullname" . }} - chart: {{ template "patroni.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - cluster-name: {{ template "patroni.fullname" . }} -subsets: [] diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml index 06617f8a..a6d317e6 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml @@ -1,8 +1,3 @@ -{{- /* -Copyright VMware, Inc. -SPDX-License-Identifier: APACHE-2.0 -*/}} - {{- if .Values.networkPolicy.enabled }} kind: NetworkPolicy apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }} @@ -13,6 +8,7 @@ metadata: {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} + cluster-name: {{ template "patroni.fullname" . }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml index 14895620..4bf6e766 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml @@ -26,10 +26,17 @@ spec: cluster-name: {{ template "patroni.fullname" . }} spec: serviceAccountName: {{ template "patroni.serviceAccountName" . }} + + # securityContext: + # runAsUser: postgres + # fsGroup: postgres containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + # securityContext: + # runAsUser: postgres + # fsGroup: postgres env: {{- include "patroni.envs" . | indent 8 }} {{- if .Values.env }} @@ -78,9 +85,9 @@ spec: volumeMounts: - name: storage-volume mountPath: "{{ .Values.persistentVolume.mountPath }}" - # - mountPath: /etc/patroni - # name: patroni-config - # readOnly: true + - mountPath: "/opt/drycc/scripts/patroni/" + name: patroni-config + # readOnly: true {{- if .Values.walE.enable }} {{- if .Values.walE.kubernetesSecret }} - name: {{ .Values.walE.kubernetesSecret }} @@ -110,8 +117,8 @@ spec: {{- end }} volumes: - name: patroni-config - secret: - secretName: {{ template "patroni.fullname" . }} + configMap: + name: {{ template "common.names.fullname" . }}-cm {{- if .Values.walE.enable }} {{- if .Values.walE.kubernetesSecret }} - name: {{ .Values.walE.kubernetesSecret }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/values.yaml b/addons/postgresql-cluster/15/chart/postgresql/values.yaml index f7bdc8a7..6e159f91 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/values.yaml @@ -27,6 +27,52 @@ kubernetes: # Extra custom environment variables. env: {} +# +#custom patroni.yaml used by patroni boot +# configuration: {} +configuration: | + cat > /home/postgres/patroni.yml <<__EOF__ + log: + level: DEBUG + bootstrap: + dcs: + postgresql: + use_pg_rewind: true + use_slots: true + pg_hba: + - host all all 0.0.0.0/0 scram-sha-256 + - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 + parameters: + wal_level: hot_standby + hot_standby: "on" + max_connections: 1000 + max_worker_processes: 8 + wal_keep_segments: 8 + max_wal_senders: 10 + max_replication_slots: 10 + max_prepared_transactions: 0 + max_locks_per_transaction: 64 + wal_log_hints: "on" + track_commit_timestamp: "off" + archive_mode: "on" + archive_timeout: 1800s + initdb: + - auth-host: scram-sha-256 + - auth-local: trust + - encoding: UTF8 + - locale: en_US.UTF-8 + - data-checksums + restapi: + connect_address: '${PATRONI_KUBERNETES_POD_IP}:8008' + postgresql: + connect_address: '${PATRONI_KUBERNETES_POD_IP}:5432' + authentication: + superuser: + password: '${PATRONI_SUPERUSER_PASSWORD}' + replication: + password: '${PATRONI_REPLICATION_PASSWORD}' + __EOF__ + walE: # Specifies whether Wal-E should be enabled enable: false From 4f1a35012c0b68a506175ebb649b6c66d71487a4 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 9 Nov 2023 13:35:34 +0800 Subject: [PATCH 15/48] chore(postgresql-cluster):organize code structure --- .../chart/postgresql/templates/_helpers.tpl | 28 ++++++++- .../chart/postgresql/templates/configmap.yaml | 9 +-- .../15/chart/postgresql/templates/sec.yaml | 7 ++- .../postgresql/templates/statefulset.yaml | 2 +- .../15/chart/postgresql/values.yaml | 61 +++++++++++++++---- .../15/plans/standard-10/bind.yaml | 34 +++++++++++ .../standard-10/create-instance-schema.json | 12 ++++ .../15/plans/standard-10/meta.yaml | 6 ++ .../15/plans/standard-10/values.yaml | 61 +++++++++++++++++++ .../15/plans/standard-20/bind.yaml | 34 +++++++++++ .../standard-20/create-instance-schema.json | 12 ++++ .../15/plans/standard-20/meta.yaml | 6 ++ .../15/plans/standard-20/values.yaml | 61 +++++++++++++++++++ 13 files changed, 311 insertions(+), 22 deletions(-) create mode 100644 addons/postgresql-cluster/15/plans/standard-10/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-10/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-10/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-10/values.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-20/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-20/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-20/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-20/values.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl index 8e146ffd..41b3a94d 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl @@ -43,10 +43,10 @@ Create the name of the service account to use. {{- end -}} {{/* -Return true if a configmap object should be created for MySQL Secondary +Return true if a configmap object should be created for Postgresql HA patroni */}} {{- define "patroni.createConfigmap" -}} -{{- if and .Values.configuration }} +{{- if and .Values.preInitScript }} {{- true -}} {{- else -}} {{- end -}} @@ -90,6 +90,13 @@ Create patroni envs. secretKeyRef: name: {{ template "patroni.fullname" . }} key: password-replication +- name: PATRONI_REWIND_USERNAME + value: rewinder +- name: PATRONI_REWIND_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: password-rewind - name: PATRONI_SCOPE value: {{ template "patroni.fullname" . }} - name: PATRONI_NAME @@ -104,6 +111,23 @@ Create patroni envs. value: '0.0.0.0:5432' - name: PATRONI_RESTAPI_LISTEN value: '0.0.0.0:8008' + +- name: DATABASE_NAME + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: data-name +- name: DATABASE_USER + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: data-user +- name: DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: data-password + {{- end -}} {{/* diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml index 5f26b266..877d5879 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml @@ -13,7 +13,8 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} data: - patroni.sh: |- - {{- include "common.tplvalues.render" ( dict "value" .Values.configuration "context" $ ) | nindent 4 }} -{{- end -}} - + pre_init.sh: |- + {{- include "common.tplvalues.render" ( dict "value" .Values.preInitScript "context" $ ) | nindent 4 }} + post_init.sh: |- + {{- include "common.tplvalues.render" ( dict "value" .Values.postInitScript "context" $ ) | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml index 40082291..89214502 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml @@ -12,5 +12,8 @@ metadata: type: Opaque data: password-superuser: {{ .Values.credentials.superuser | b64enc }} - password-admin: {{ .Values.credentials.admin | b64enc }} - password-replication: {{ .Values.credentials.standby | b64enc }} + password-rewind: {{ .Values.credentials.rewind | b64enc }} + password-replication: {{ .Values.credentials.replication | b64enc }} + data-user: {{ .Values.dataname.username | b64enc }} + data-name: {{ .Values.dataname.dbname | b64enc }} + data-password: {{ .Values.dataname.password | b64enc }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml index 4bf6e766..29fdbed9 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml @@ -85,7 +85,7 @@ spec: volumeMounts: - name: storage-volume mountPath: "{{ .Values.persistentVolume.mountPath }}" - - mountPath: "/opt/drycc/scripts/patroni/" + - mountPath: "/opt/drycc/postgresql/scripts/" name: patroni-config # readOnly: true {{- if .Values.walE.enable }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/values.yaml b/addons/postgresql-cluster/15/chart/postgresql/values.yaml index 6e159f91..679f4072 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/values.yaml @@ -3,18 +3,23 @@ replicaCount: 3 image: # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2 # https://github.com/zalando/spilo/tree/master/postgres-appliance - repository: registry.drycc.cc/drycc-addons/patroni - tag: 3.2 + repository: registry.drycc.cc/drycc-addons/postgresql-patroni + tag: 15 # IfNotPresent , Always pullPolicy: 'IfNotPresent' -# Credentials used by Patroni +# Credentials used by Patroni , passwd # https://github.com/zalando/patroni/blob/master/docs/SETTINGS.rst#postgresql # https://github.com/zalando/spilo/blob/master/ENVIRONMENT.rst credentials: superuser: tea - admin: cola - standby: reppasswd + rewind: cola + replication: reppasswd + +dataname: + dbname: db1 + username: us1 + password: 111w # Distribution Configuration stores # Please note that only one of the following stores should be enabled. @@ -30,8 +35,8 @@ env: {} # #custom patroni.yaml used by patroni boot # configuration: {} -configuration: | - cat > /home/postgres/patroni.yml <<__EOF__ +preInitScript: | + cat > /opt/drycc/postgresql/patroni.yml <<__EOF__ log: level: DEBUG bootstrap: @@ -40,12 +45,13 @@ configuration: | use_pg_rewind: true use_slots: true pg_hba: + - local all all peer - host all all 0.0.0.0/0 scram-sha-256 - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 parameters: wal_level: hot_standby hot_standby: "on" - max_connections: 1000 + max_connections: 1005 max_worker_processes: 8 wal_keep_segments: 8 max_wal_senders: 10 @@ -56,23 +62,52 @@ configuration: | track_commit_timestamp: "off" archive_mode: "on" archive_timeout: 1800s + archive_command: /bin/true + # timescaledb.license: 'timescale' + shared_preload_libraries: 'auto_explain,pg_stat_statements' initdb: - - auth-host: scram-sha-256 - - auth-local: trust - - encoding: UTF8 - - locale: en_US.UTF-8 - - data-checksums + - auth-host: scram-sha-256 + - auth-local: trust + - encoding: UTF8 + - locale: en_US.UTF-8 + - data-checksums + post_bootstrap: sh /opt/drycc/postgresql/scripts/post_init.sh restapi: connect_address: '${PATRONI_KUBERNETES_POD_IP}:8008' postgresql: connect_address: '${PATRONI_KUBERNETES_POD_IP}:5432' authentication: superuser: + username: postgres password: '${PATRONI_SUPERUSER_PASSWORD}' replication: + username: standby password: '${PATRONI_REPLICATION_PASSWORD}' + rewind: # Has no effect on postgres 10 and lower + username: rewinder + password: '${PATRONI_REWIND_USERNAME}' + watchdog: + mode: off __EOF__ +postInitScript: | + #!/bin/bash + set -Eeu + # Create monitor user + psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor" + # Create init database & user + if [[( -n "$DATABASE_USER") && ( -n "$DATABASE_PASSWORD") && ( -n "$DATABASE_NAME")]]; then + echo "Creating user ${DATABASE_USER}" + psql -w -c "create user ${DATABASE_USER} WITH LOGIN ENCRYPTED PASSWORD '${DATABASE_PASSWORD}'" + echo "Creating database ${DATABASE_NAME} " + psql -w -c "CREATE DATABASE ${DATABASE_NAME} OWNER ${DATABASE_USER} CONNECTION LIMIT 1000" + psql -w -d ${DATABASE_NAME} -c "create extension postgis" + psql -w -c "CHECKPOINT;CHECKPOINT;" + else + echo "Skipping user creation" + echo "Skipping database creation" + fi + walE: # Specifies whether Wal-E should be enabled enable: false diff --git a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml new file mode 100644 index 00000000..e5b14d98 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.password }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/postgresql-cluster/15/plans/standard-10/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-10/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-10/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-10/meta.yaml b/addons/postgresql-cluster/15/plans/standard-10/meta.yaml new file mode 100644 index 00000000..6c738828 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-10/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-10" +id: 2b455154-8725-482a-95b2-a193c180d9b5 +description: "Mysql Cluster standard-10 plan: Disk 10Gi ,vCPUs 1 , RAM 2G , DB MAX Connection 600" +displayName: "standard-10" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-10/values.yaml b/addons/postgresql-cluster/15/plans/standard-10/values.yaml new file mode 100644 index 00000000..f90075a8 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-10/values.yaml @@ -0,0 +1,61 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-10 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 600 + resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 1000m + memory: 1024Mi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 10Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} diff --git a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml new file mode 100644 index 00000000..e8b99314 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml @@ -0,0 +1,34 @@ +credential: + {{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: host + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.host }' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.database }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.username }' + - name: portro + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portro }' + - name: portrw + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }}-svcbind-custom-user + jsonpath: '{ .data.portrw }' + {{- end }} + diff --git a/addons/postgresql-cluster/15/plans/standard-20/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-20/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-20/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-20/meta.yaml b/addons/postgresql-cluster/15/plans/standard-20/meta.yaml new file mode 100644 index 00000000..e749a7db --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-20/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-20" +id: 95fd7cf2-f2fb-46c9-b3fc-9e7f48899dcc +description: "Mysql Cluster standard-20 plan: Disk 20Gi ,vCPUs 2 , RAM 4G , DB MAX Connection 1000" +displayName: "standard-20" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-20/values.yaml b/addons/postgresql-cluster/15/plans/standard-20/values.yaml new file mode 100644 index 00000000..d9422e70 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-20/values.yaml @@ -0,0 +1,61 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-mysql-cluster-standard-20 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## +primary: + maxConnectionLimit: 1000 + resources: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 2000m + memory: 4Gi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## + persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 20Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} From 324971644e32b2961fa02ca51b8f19e9a55d3540 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 9 Nov 2023 17:40:44 +0800 Subject: [PATCH 16/48] chore(postgresql-cluster): add metrics --- .../postgresql/templates/networkpolicy.yaml | 2 +- .../postgresql/templates/statefulset.yaml | 49 +++++++++++++++++++ .../15/chart/postgresql/templates/svc.yaml | 2 +- .../15/chart/postgresql/values.yaml | 41 ++++++++++++++-- 4 files changed, 87 insertions(+), 7 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml index a6d317e6..3b3baa56 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml @@ -21,7 +21,7 @@ spec: - ports: - port: 5432 {{- if and .Values.metrics.enabled }} - - port: {{ .Values.metrics.service.port }} + - port: {{ .Values.metrics.containerPort }} {{ end }} {{- if or .Values.networkPolicy.allowCurrentNamespace .Values.networkPolicy.allowNamespaces }} from: diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml index 29fdbed9..630fd990 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml @@ -97,6 +97,55 @@ spec: {{- end }} resources: {{ toYaml .Values.resources | indent 10 }} + {{- if .Values.metrics.enabled }} + - name: metrics + image: "{{ .Values.metrics.image.repository }}:{{ .Values.metrics.image.tag }}" + imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} + {{- if .Values.metrics.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.metrics.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.metrics.customMetrics }} + args: ["--extend.query-path", "/conf/custom-metrics.yaml"] + {{- end }} + env: + - name: DATA_SOURCE_NAME + value: {{ printf "postgresql://tea_mon:password@127.0.0.1:5432/%s?sslmode=disable" $.Values.dataname.dbname }} + ports: + - name: http-metrics + containerPort: {{ .Values.metrics.containerPort }} + startupProbe: + initialDelaySeconds: 10 + tcpSocket: + port: http-metrics + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 + livenessProbe: + initialDelaySeconds: 5 + httpGet: + path: / + port: http-metrics + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + readinessProbe: + initialDelaySeconds: 5 + httpGet: + path: / + port: http-metrics + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + {{- if .Values.metrics.resources }} + resources: {{- toYaml .Values.metrics.resources | nindent 12 }} + {{- end }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml index 430a6a8f..301216e1 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml @@ -15,4 +15,4 @@ spec: - name: postgresql port: 5432 targetPort: postgresql - protocol: TCP + protocol: TCP \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql/values.yaml b/addons/postgresql-cluster/15/chart/postgresql/values.yaml index 679f4072..f9f86f8c 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/values.yaml @@ -1,4 +1,6 @@ replicaCount: 3 +diagnosticMode: + enable: false image: # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2 @@ -46,6 +48,7 @@ preInitScript: | use_slots: true pg_hba: - local all all peer + - host all tea_mon 127.0.0.1/32 trust - host all all 0.0.0.0/0 scram-sha-256 - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 parameters: @@ -108,6 +111,39 @@ postInitScript: | echo "Skipping database creation" fi +## Postgresql Prometheus exporter parameters +## +metrics: + enabled: true + image: + repository: registry.drycc.cc/drycc-addons/postgres-exporter + tag: "0" + # IfNotPresent , Always + pullPolicy: 'IfNotPresent' + ## @param metrics.customMetrics Define additional custom metrics + ## ref: https://github.com/wrouesnel/postgres_exporter#adding-new-metrics-via-a-config-file + ## customMetrics: + ## pg_database: + ## query: "SELECT d.datname AS name, CASE WHEN pg_catalog.has_database_privilege(d.datname, 'CONNECT') THEN pg_catalog.pg_database_size(d.datname) ELSE 0 END AS size_bytes FROM pg_catalog.pg_database d where datname not in ('template0', 'template1', 'postgres')" + ## metrics: + ## - name: + ## usage: "LABEL" + ## description: "Name of the database" + ## - size_bytes: + ## usage: "GAUGE" + ## description: "Size of the database in bytes" + ## + customMetrics: {} + containerPort: 9187 + containerSecurityContext: + enabled: false + runAsUser: 1001 + runAsNonRoot: true + customLivenessProbe: {} + customReadinessProbe: + enabled: true + service: port + resources: {} walE: # Specifies whether Wal-E should be enabled enable: false @@ -189,11 +225,6 @@ serviceAccount: # The name of the ServiceAccount to use. # If not set and create is true, a name is generated using the fullname template name: - -## Postgresql Prometheus exporter parameters -## -metrics: - enabled: false ## Postgresql Nework Policy configuration ## networkPolicy: From 53f6af72ed236ad1e815870ad2ae7d69e0254741 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 10 Nov 2023 11:47:43 +0800 Subject: [PATCH 17/48] chore(postgresql-cluster): add metrics --- .../15/chart/postgresql/Chart.yaml | 3 +- .../postgresql/templates/metrics-svc.yaml | 31 +++++++++++++++++++ .../postgresql/templates/statefulset.yaml | 9 ++++-- .../15/chart/postgresql/values.yaml | 16 +++++++++- 4 files changed, 54 insertions(+), 5 deletions(-) create mode 100644 addons/postgresql-cluster/15/chart/postgresql/templates/metrics-svc.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml b/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml index f0397f67..375ae4fe 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml @@ -17,6 +17,7 @@ keywords: - sql - replication - cluster + - patroni maintainers: - email: zhang.eamon@hotmail.com name: zhangeamon @@ -24,4 +25,4 @@ name: postgresql sources: - https://github.com/drycc-addons/ - https://www.postgresql.org/ -version: 15.4.1 +version: 15.3.1 diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/metrics-svc.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/metrics-svc.yaml new file mode 100644 index 00000000..0cd24f48 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/metrics-svc.yaml @@ -0,0 +1,31 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-metrics" (include "patroni.fullname" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.metrics.service.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + sessionAffinity: {{ .Values.metrics.service.sessionAffinity }} + {{- if .Values.metrics.service.clusterIP }} + clusterIP: {{ .Values.metrics.service.clusterIP }} + {{- end }} + ports: + - name: http-metrics + port: {{ .Values.metrics.service.ports.metrics }} + targetPort: http-metrics + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: patroni +{{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml index 630fd990..803b9702 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml @@ -3,7 +3,8 @@ kind: StatefulSet metadata: name: {{ template "patroni.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} - labels: + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: patroni app: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} @@ -13,14 +14,16 @@ spec: serviceName: {{ template "patroni.fullname" . }} replicas: {{ .Values.replicaCount }} selector: - matchLabels: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: patroni app: {{ template "patroni.fullname" . }} release: {{ .Release.Name }} cluster-name: {{ template "patroni.fullname" . }} template: metadata: name: {{ template "patroni.fullname" . }} - labels: + labels: {{- include "common.labels.standard" . | nindent 8 }} + app.kubernetes.io/component: patroni app: {{ template "patroni.fullname" . }} release: {{ .Release.Name }} cluster-name: {{ template "patroni.fullname" . }} diff --git a/addons/postgresql-cluster/15/chart/postgresql/values.yaml b/addons/postgresql-cluster/15/chart/postgresql/values.yaml index f9f86f8c..4d28d660 100644 --- a/addons/postgresql-cluster/15/chart/postgresql/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql/values.yaml @@ -133,6 +133,21 @@ metrics: ## usage: "GAUGE" ## description: "Size of the database in bytes" ## + service: + ports: + metrics: 9187 + clusterIP: "" + ## @param metrics.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/user-guide/services/ + ## + sessionAffinity: None + ## @param metrics.service.annotations [object] Annotations for Prometheus to auto-discover the metrics endpoint + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.service.ports.metrics }}" + customMetrics: {} containerPort: 9187 containerSecurityContext: @@ -142,7 +157,6 @@ metrics: customLivenessProbe: {} customReadinessProbe: enabled: true - service: port resources: {} walE: # Specifies whether Wal-E should be enabled From c7969725b66e4bb86481c4514ef584f0fc1ec8d8 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 10 Nov 2023 11:51:19 +0800 Subject: [PATCH 18/48] chore(postgresql-cluster): rename postgresql to postgresql-cluster --- .../15/chart/{postgresql => postgresql-cluster}/Chart.yaml | 0 .../15/chart/{postgresql => postgresql-cluster}/README.md | 0 .../chart/{postgresql => postgresql-cluster}/templates/NOTES.txt | 0 .../{postgresql => postgresql-cluster}/templates/_helpers.tpl | 0 .../{postgresql => postgresql-cluster}/templates/configmap.yaml | 0 .../{postgresql => postgresql-cluster}/templates/metrics-svc.yaml | 0 .../templates/networkpolicy.yaml | 0 .../chart/{postgresql => postgresql-cluster}/templates/role.yaml | 0 .../{postgresql => postgresql-cluster}/templates/rolebinding.yaml | 0 .../chart/{postgresql => postgresql-cluster}/templates/sec.yaml | 0 .../templates/serviceaccount.yaml | 0 .../{postgresql => postgresql-cluster}/templates/statefulset.yaml | 0 .../{postgresql => postgresql-cluster}/templates/svc-config.yaml | 0 .../{postgresql => postgresql-cluster}/templates/svc-relp.yaml | 0 .../chart/{postgresql => postgresql-cluster}/templates/svc.yaml | 0 .../15/chart/{postgresql => postgresql-cluster}/values.yaml | 0 16 files changed, 0 insertions(+), 0 deletions(-) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/Chart.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/README.md (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/NOTES.txt (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/_helpers.tpl (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/configmap.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/metrics-svc.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/networkpolicy.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/role.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/rolebinding.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/sec.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/serviceaccount.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/statefulset.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/svc-config.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/svc-relp.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/templates/svc.yaml (100%) rename addons/postgresql-cluster/15/chart/{postgresql => postgresql-cluster}/values.yaml (100%) diff --git a/addons/postgresql-cluster/15/chart/postgresql/Chart.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/Chart.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/Chart.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/Chart.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/README.md rename to addons/postgresql-cluster/15/chart/postgresql-cluster/README.md diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/NOTES.txt similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/NOTES.txt rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/NOTES.txt diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/_helpers.tpl rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/configmap.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/configmap.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/configmap.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/metrics-svc.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/metrics-svc.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/metrics-svc.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/metrics-svc.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/networkpolicy.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/role.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/role.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/role.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/rolebinding.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/rolebinding.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/rolebinding.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/sec.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/serviceaccount.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/serviceaccount.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/serviceaccount.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/serviceaccount.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/statefulset.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/svc-config.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-config.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/svc-config.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-config.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/svc-relp.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/svc-relp.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/templates/svc.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml similarity index 100% rename from addons/postgresql-cluster/15/chart/postgresql/values.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml From f57e768f3e9c9b3843a3ab17e031958279745b24 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 15 Nov 2023 15:55:53 +0800 Subject: [PATCH 19/48] chore(postgresql-cluster) add wal-g for backup --- addons/postgresql-cluster/15/chart/cj.yaml | 605 ++++++++++++++++++ .../postgresql-cluster/templates/_helpers.tpl | 68 +- .../postgresql-cluster/templates/cronjob.yaml | 58 ++ .../templates/networkpolicy.yaml | 1 + .../postgresql-cluster/templates/role.yaml | 2 +- .../templates/rolebinding.yaml | 2 +- .../postgresql-cluster/templates/sec.yaml | 2 +- .../templates/serviceaccount.yaml | 2 +- .../templates/statefulset.yaml | 26 +- .../templates/svc-config.yaml | 2 +- .../templates/svc-master.yaml | 24 + .../{metrics-svc.yaml => svc-metrics.yaml} | 1 + .../templates/svc-relp.yaml | 9 +- .../postgresql-cluster/templates/svc.yaml | 14 +- .../15/chart/postgresql-cluster/values.yaml | 42 +- .../15/plans/standard-10/bind.yaml | 2 +- .../15/plans/standard-10/meta.yaml | 4 +- .../15/plans/standard-10/values.yaml | 130 ++-- .../15/plans/standard-20/values.yaml | 2 +- 19 files changed, 865 insertions(+), 131 deletions(-) create mode 100644 addons/postgresql-cluster/15/chart/cj.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml create mode 100644 addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml rename addons/postgresql-cluster/15/chart/postgresql-cluster/templates/{metrics-svc.yaml => svc-metrics.yaml} (96%) diff --git a/addons/postgresql-cluster/15/chart/cj.yaml b/addons/postgresql-cluster/15/chart/cj.yaml new file mode 100644 index 00000000..48880e1c --- /dev/null +++ b/addons/postgresql-cluster/15/chart/cj.yaml @@ -0,0 +1,605 @@ +--- +# Source: postgresql/templates/networkpolicy.yaml +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: release-name-postgresql + namespace: "default" + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: patroni + cluster-name: release-name-postgresql +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: release-name + ingress: + # Allow inbound connections + - ports: + - port: 5432 + - port: 9187 + + from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: default +--- +# Source: postgresql/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: release-name-postgresql + namespace: "default" + labels: + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm +--- +# Source: postgresql/templates/sec.yaml +apiVersion: v1 +kind: Secret +metadata: + name: release-name-postgresql + namespace: "default" + labels: + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm + cluster-name: release-name-postgresql +type: Opaque +data: + password-superuser: dGVh + password-rewind: Y29sYQ== + password-replication: cmVwcGFzc3dk + data-user: dXMx + data-name: ZGIx + data-password: MTExdw== +--- +# Source: postgresql/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: release-name-postgresql-cm + namespace: "default" + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + cluster-name: release-name-postgresql +data: + pre_init.sh: |- + cat > /opt/drycc/postgresql/patroni.yml <<__EOF__ + log: + level: DEBUG + bootstrap: + dcs: + postgresql: + use_pg_rewind: true + use_slots: true + pg_hba: + - local all all peer + - host all tea_mon 127.0.0.1/32 trust + - host all all 0.0.0.0/0 scram-sha-256 + - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 + parameters: + wal_level: hot_standby + hot_standby: "on" + max_connections: 1005 + max_worker_processes: 8 + wal_keep_segments: 8 + max_wal_senders: 10 + max_replication_slots: 10 + max_prepared_transactions: 0 + max_locks_per_transaction: 64 + wal_log_hints: "on" + track_commit_timestamp: "off" + archive_mode: "on" + archive_timeout: 1800s + archive_command: /bin/true + # timescaledb.license: 'timescale' + shared_preload_libraries: 'auto_explain,pg_stat_statements' + initdb: + - auth-host: scram-sha-256 + - auth-local: trust + - encoding: UTF8 + - locale: en_US.UTF-8 + - data-checksums + post_bootstrap: sh /opt/drycc/postgresql/scripts/post_init.sh + restapi: + connect_address: '${PATRONI_KUBERNETES_POD_IP}:8008' + postgresql: + connect_address: '${PATRONI_KUBERNETES_POD_IP}:5432' + authentication: + superuser: + username: postgres + password: '${PATRONI_SUPERUSER_PASSWORD}' + replication: + username: standby + password: '${PATRONI_REPLICATION_PASSWORD}' + rewind: # Has no effect on postgres 10 and lower + username: rewinder + password: '${PATRONI_REWIND_USERNAME}' + watchdog: + mode: off + __EOF__ + + post_init.sh: |- + #!/bin/bash + set -Eeu + # Create monitor user + psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor" + # Create init database & user + if [[( -n "$DATABASE_USER") && ( -n "$DATABASE_PASSWORD") && ( -n "$DATABASE_NAME")]]; then + echo "Creating user ${DATABASE_USER}" + psql -w -c "create user ${DATABASE_USER} WITH LOGIN ENCRYPTED PASSWORD '${DATABASE_PASSWORD}'" + echo "Creating database ${DATABASE_NAME} " + psql -w -c "CREATE DATABASE ${DATABASE_NAME} OWNER ${DATABASE_USER} CONNECTION LIMIT 1000" + psql -w -d ${DATABASE_NAME} -c "create extension postgis ; create extension pg_stat_statements ; create extension pg_buffercache ;" + psql -w -c "CHECKPOINT;CHECKPOINT;" + else + echo "Skipping user creation" + echo "Skipping database creation" + fi +--- +# Source: postgresql/templates/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: release-name-postgresql + namespace: "default" + labels: + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm +rules: +- apiGroups: [""] + resources: ["configmaps"] + verbs: + - create + - get + - list + - patch + - update + - watch + # delete is required only for 'patronictl remove' + - delete +- apiGroups: [""] + resources: ["services"] + verbs: + - create +- apiGroups: [""] + resources: ["endpoints"] + verbs: + - create + - get + - patch + - update + # the following three privileges are necessary only when using endpoints + - list + - watch + # delete is required only for for 'patronictl remove' + - delete + - deletecollection +- apiGroups: [""] + resources: ["pods"] + verbs: + - get + - list + - patch + - update + - watch +--- +# Source: postgresql/templates/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: release-name-postgresql + namespace: "default" + labels: + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm +subjects: + - kind: ServiceAccount + name: release-name-postgresql +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: release-name-postgresql +--- +# Source: postgresql/templates/svc-config.yaml +# headless service to avoid deletion of patronidemo-config endpoint +apiVersion: v1 +kind: Service +metadata: + name: release-name-postgresql-config + labels: + app: release-name-postgresql + release: release-name + cluster-name: release-name-postgresql +spec: + clusterIP: None +--- +# Source: postgresql/templates/svc-metrics.yaml +apiVersion: v1 +kind: Service +metadata: + name: release-name-postgresql-metrics + namespace: "default" + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: patroni + app.kubernetes.io/component: metrics + annotations: + prometheus.io/port: '9187' + prometheus.io/scrape: "true" +spec: + type: ClusterIP + sessionAffinity: None + ports: + - name: http-metrics + port: 9187 + targetPort: http-metrics + selector: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: release-name + app.kubernetes.io/component: patroni +--- +# Source: postgresql/templates/svc-relp.yaml +apiVersion: v1 +kind: Service +metadata: + name: release-name-postgresql-repl + namespace: "default" + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: patroni + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm + cluster-name: release-name-postgresql + role: replica +spec: + type: LoadBalancer + selector: + app: release-name-postgresql + cluster-name: release-name-postgresql + role: replica + ports: + - port: 5432 + targetPort: 5432 +--- +# Source: postgresql/templates/svc.yaml +apiVersion: v1 +kind: Service +metadata: + name: release-name-postgresql + namespace: "default" + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: patroni + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm + cluster-name: release-name-postgresql + role: master +spec: + type: LoadBalancer + ports: + - name: postgresql + port: 5432 + targetPort: 5432 + protocol: TCP +--- +# Source: postgresql/templates/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: release-name-postgresql + namespace: "default" + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: patroni + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm + cluster-name: release-name-postgresql +spec: + serviceName: release-name-postgresql + replicas: 3 + selector: + matchLabels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: release-name + app.kubernetes.io/component: patroni + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm + cluster-name: release-name-postgresql + template: + metadata: + name: release-name-postgresql + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: patroni + app: release-name-postgresql + chart: postgresql-15.3.1 + release: release-name + heritage: Helm + cluster-name: release-name-postgresql + spec: + serviceAccountName: release-name-postgresql + + # securityContext: + # runAsUser: postgres + # fsGroup: postgres + containers: + - name: postgresql + image: "registry.drycc.cc/drycc-addons/postgresql-patroni:15" + imagePullPolicy: IfNotPresent + # securityContext: + # runAsUser: postgres + # fsGroup: postgres + env: + - name: PATRONI_KUBERNETES_USE_ENDPOINTS + value: 'true' + - name: PATRONI_KUBERNETES_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: PATRONI_KUBERNETES_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: PATRONI_KUBERNETES_BYPASS_API_SERVICE + value: 'true' + - name: PATRONI_KUBERNETES_LABELS + value: '{app: release-name-postgresql,release: release-name,cluster-name: release-name-postgresql}' + - name: PATRONI_SUPERUSER_USERNAME + value: postgres + - name: PATRONI_SUPERUSER_PASSWORD + valueFrom: + secretKeyRef: + name: release-name-postgresql + key: password-superuser + - name: PATRONI_REPLICATION_USERNAME + value: standby + - name: PATRONI_REPLICATION_PASSWORD + valueFrom: + secretKeyRef: + name: release-name-postgresql + key: password-replication + - name: PATRONI_REWIND_USERNAME + value: rewinder + - name: PATRONI_REWIND_PASSWORD + valueFrom: + secretKeyRef: + name: release-name-postgresql + key: password-rewind + - name: PATRONI_SCOPE + value: release-name-postgresql + - name: PATRONI_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: PATRONI_POSTGRESQL_DATA_DIR + value: "/home/postgres/pgdata/data" + - name: PATRONI_POSTGRESQL_PGPASS + value: /tmp/pgpass + - name: PATRONI_POSTGRESQL_LISTEN + value: '0.0.0.0:5432' + - name: PATRONI_RESTAPI_LISTEN + value: '0.0.0.0:8008' + + - name: DATABASE_NAME + valueFrom: + secretKeyRef: + name: release-name-postgresql + key: data-name + - name: DATABASE_USER + valueFrom: + secretKeyRef: + name: release-name-postgresql + key: data-user + - name: DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: release-name-postgresql + key: data-password + readinessProbe: + httpGet: + scheme: HTTP + path: /readiness + port: 8008 + initialDelaySeconds: 3 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 8008 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + lifecycle: + preStop: + exec: + command: + - /usr/bin/env + - bash + - -c + - | + # switch leader pod if the current pod is the leader + if curl --fail http://localhost:8008/read-write; then + init-stack patronictl switchover --force + fi + ports: + - containerPort: 8008 + protocol: TCP + - containerPort: 5432 + protocol: TCP + volumeMounts: + - name: storage-volume + mountPath: "/home/postgres/pgdata" + - mountPath: "/opt/drycc/postgresql/scripts/" + name: patroni-config + # readOnly: true + resources: + limits: + cpu: 100m + memory: 512Mi + requests: + cpu: 100m + memory: 512Mi + - name: metrics + image: "registry.drycc.cc/drycc-addons/postgres-exporter:0" + imagePullPolicy: "IfNotPresent" + env: + - name: DATA_SOURCE_NAME + value: postgresql://tea_mon:password@127.0.0.1:5432/db1?sslmode=disable + ports: + - name: http-metrics + containerPort: 9187 + startupProbe: + initialDelaySeconds: 10 + tcpSocket: + port: http-metrics + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 + livenessProbe: + initialDelaySeconds: 5 + httpGet: + path: / + port: http-metrics + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + readinessProbe: + initialDelaySeconds: 5 + httpGet: + path: / + port: http-metrics + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + resources: + limits: + cpu: 100m + memory: 512Mi + requests: + cpu: 100m + memory: 512Mi + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + app: postgresql + release: "release-name" + + volumes: + - name: patroni-config + configMap: + name: release-name-postgresql-cm + - name: storage-volume + emptyDir: {} +--- +# Source: postgresql/templates/cronjob.yaml +apiVersion: batch/v1 +kind: CronJob +metadata: + name: release-name-postgresql-backup + namespace: "default" + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-15.3.1 + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + cluster-name: release-name-postgresql + +spec: + schedule: "*/1 * * * *" + failedJobsHistoryLimit: 1 + successfulJobsHistoryLimit: 1 + jobTemplate: + spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: postgresql-backup + image: "registry.drycc.cc/drycc-addons/postgresql-patroni:15" + imagePullPolicy: Always + #imagePullPolicy: "IfNotPresent" + command: + - /usr/bin/env + - bash + - -c + - | + echo "sleeping ...." + sleep 10000 + echo "Successfull" + init-stack /opt/drycc/wal-g/bin/wal-g backup-push + init-stack /opt/drycc/wal-g/bin/wal-g delete + env: + - name: USE_WALG + value: "true" + - name: BACKUP_SCHEDULE + value: "eee" + - name: BACKUP_NUM_TO_RETAIN + value: "2" + - name: WALG_BACKUP_THRESHOLD_MEGABYTES + value: "1024" + - name: WALE_BACKUP_THRESHOLD_PERCENTAGE + value: "30" + - name: PGHOST + value: release-name-postgresql-repl + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: release-name-postgresql + key: password-replication + - name: PGUSER + value: standby + - name: PGPORT + value: "5432" diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl index 41b3a94d..c75c3b29 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl @@ -42,6 +42,16 @@ Create the name of the service account to use. {{- end -}} {{- end -}} +{{/* +Return true if a cronjob object should be created for Postgresql HA patroni +*/}} +{{- define "patroni.createCronJob" -}} +{{- if and .Values.walG.enable }} + {{- true -}} +{{- else -}} +{{- end -}} +{{- end -}} + {{/* Return true if a configmap object should be created for Postgresql HA patroni */}} @@ -75,7 +85,7 @@ Create patroni envs. - name: PATRONI_KUBERNETES_BYPASS_API_SERVICE value: 'true' - name: PATRONI_KUBERNETES_LABELS - value: '{app: {{ template "patroni.fullname" . }},release: {{ .Release.Name }},cluster-name: {{ template "patroni.fullname" . }}}' + value: '{application: {{ template "patroni.fullname" . }},release: {{ .Release.Name }},cluster-name: {{ template "patroni.fullname" . }}}' - name: PATRONI_SUPERUSER_USERNAME value: postgres - name: PATRONI_SUPERUSER_PASSWORD @@ -131,42 +141,44 @@ Create patroni envs. {{- end -}} {{/* -Create wale envs. +Create walg envs. */}} -{{- define "wale.envs" }} -{{- if .Values.walE.enable }} -- name: USE_WALE - value: {{ .Values.walE.enable | quote }} -{{- if .Values.walE.scheduleCronJob }} +{{- define "walg.envs" }} +{{- if .Values.walG.enable }} +- name: USE_WALG + value: {{ .Values.walG.enable | quote }} +{{- if .Values.walG.scheduleCronJob }} - name: BACKUP_SCHEDULE - value: {{ .Values.walE.scheduleCronJob | quote}} + value: {{ .Values.walG.scheduleCronJob | quote}} {{- end }} -{{- if .Values.walE.retainBackups }} +{{- if .Values.walG.retainBackups }} - name: BACKUP_NUM_TO_RETAIN - value: {{ .Values.walE.retainBackups | quote}} + value: {{ .Values.walG.retainBackups | quote}} {{- end }} -{{- if .Values.walE.s3Bucket }} -- name: WAL_S3_BUCKET - value: {{ .Values.walE.s3Bucket | quote }} -{{else if .Values.walE.gcsBucket }} -- name: WAL_GCS_BUCKET - value: {{ .Values.walE.gcsBucket | quote }} -{{- if .Values.walE.kubernetesSecret }} -- name: GOOGLE_APPLICATION_CREDENTIALS - value: "/etc/credentials/{{.Values.walE.kubernetesSecret}}.json" +{{- if .Values.walG.backupThresholdMegabytes }} +- name: WALG_BACKUP_THRESHOLD_MEGABYTES + value: {{ .Values.walG.backupThresholdMegabytes | quote }} {{- end }} - -{{- if .Values.walE.backupThresholdMegabytes }} -- name: WALE_BACKUP_THRESHOLD_MEGABYTES - value: {{ .Values.walE.backupThresholdMegabytes | quote }} -{{- end }} -{{- if .Values.walE.backupThresholdPercentage }} +{{- if .Values.walG.backupThresholdPercentage }} - name: WALE_BACKUP_THRESHOLD_PERCENTAGE - value: {{ .Values.walE.backupThresholdPercentage | quote }} + value: {{ .Values.walG.backupThresholdPercentage | quote }} +{{- end }} +{{- if .Values.walG.s3.used }} +- name: AWS_ACCESS_KEY_ID + value: {{ .Values.walG.s3.awsAccessKeyId | quote }} +- name: AWS_SECRET_ACCESS_KEY + value: {{ .Values.walG.s3.awsSecretAccessKey | quote }} +- name: WALG_S3_PREFIX + value: {{ .Values.walG.s3.walGS3Prefix | quote }} +- name: AWS_ENDPOINT + value: {{ .Values.walG.s3.awsEndpoint | quote }} +- name: AWS_S3_FORCE_PATH_STYLE + value: {{ .Values.walG.s3.awsS3ForcePathStyle | quote }} +- name: AWS_REGION + value: {{ .Values.walG.s3.awsRegion | quote }} {{- end }} {{- else }} -- name: USE_WALE +- name: USE_WALG value: "" {{- end }} {{- end }} -{{- end -}} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml new file mode 100644 index 00000000..0bfb4b40 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml @@ -0,0 +1,58 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} +{{- if (include "patroni.createCronJob" .) }} +apiVersion: {{ include "common.capabilities.cronjob.apiVersion" . }} +kind: CronJob +metadata: + name: {{ include "patroni.fullname" . }}-backup + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + application: {{ template "patroni.fullname" . }} + cluster-name: {{ template "patroni.fullname" . }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + +spec: + schedule: "*/1 * * * *" + failedJobsHistoryLimit: 1 + successfulJobsHistoryLimit: 1 + jobTemplate: + spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: {{ .Chart.Name }}-backup + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: Always + #imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + command: + - /usr/bin/env + - bash + - -c + - | + echo "sleeping ...." + sleep 10000 + echo "Successfull" + init-stack /opt/drycc/wal-g/bin/wal-g backup-push + init-stack /opt/drycc/wal-g/bin/wal-g delete + env: + {{- include "walg.envs" . | indent 14 }} + - name: PGHOST + value: {{ include "patroni.fullname" . }}-repl + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: password-replication + - name: PGUSER + value: standby + - name: PGPORT + value: "5432" +{{- end -}} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml index 3b3baa56..dfad66c3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml @@ -8,6 +8,7 @@ metadata: {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} + app.kubernetes.io/component: patroni cluster-name: {{ template "patroni.fullname" . }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/role.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/role.yaml index c81b39a8..8dec5309 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/role.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/role.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "patroni.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} labels: - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/rolebinding.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/rolebinding.yaml index d09de1c8..5e15948f 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/rolebinding.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/rolebinding.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "patroni.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} labels: - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml index 89214502..306e93e7 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml @@ -4,7 +4,7 @@ metadata: name: {{ template "patroni.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} labels: - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/serviceaccount.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/serviceaccount.yaml index 819bb983..e1b2ebf6 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/serviceaccount.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/serviceaccount.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "patroni.serviceAccountName" . }} namespace: {{ include "common.names.namespace" . | quote }} labels: - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 803b9702..335ea342 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -5,7 +5,7 @@ metadata: namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} app.kubernetes.io/component: patroni - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} @@ -16,16 +16,20 @@ spec: selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} app.kubernetes.io/component: patroni - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} + heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} template: metadata: name: {{ template "patroni.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 8 }} app.kubernetes.io/component: patroni - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} + heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} spec: serviceAccountName: {{ template "patroni.serviceAccountName" . }} @@ -91,13 +95,6 @@ spec: - mountPath: "/opt/drycc/postgresql/scripts/" name: patroni-config # readOnly: true - {{- if .Values.walE.enable }} - {{- if .Values.walE.kubernetesSecret }} - - name: {{ .Values.walE.kubernetesSecret }} - mountPath: /etc/credentials - readOnly: true - {{- end }} - {{- end }} resources: {{ toYaml .Values.resources | indent 10 }} {{- if .Values.metrics.enabled }} @@ -171,13 +168,6 @@ spec: - name: patroni-config configMap: name: {{ template "common.names.fullname" . }}-cm - {{- if .Values.walE.enable }} - {{- if .Values.walE.kubernetesSecret }} - - name: {{ .Values.walE.kubernetesSecret }} - secret: - secretName: {{ .Values.walE.kubernetesSecret }} - {{- end }} - {{- end }} {{- if not .Values.persistentVolume.enabled }} - name: storage-volume emptyDir: {} @@ -191,7 +181,7 @@ spec: {{ toYaml .Values.persistentVolume.annotations | indent 8 }} {{- end }} labels: - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-config.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-config.yaml index 442be2f3..5f7b0f60 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-config.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-config.yaml @@ -4,7 +4,7 @@ kind: Service metadata: name: {{ template "patroni.fullname" . }}-config labels: - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} release: {{ .Release.Name }} cluster-name: {{ template "patroni.fullname" . }} spec: diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml new file mode 100644 index 00000000..48dba13d --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "patroni.fullname" . }}-master + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: patroni + application: {{ template "patroni.fullname" . }} + chart: {{ template "patroni.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + cluster-name: {{ template "patroni.fullname" . }} + role: master +spec: + type: LoadBalancer + selector: + application: {{ template "patroni.fullname" . }} + cluster-name: {{ template "patroni.fullname" . }} + role: master + ports: + - name: postgresql + port: 5432 + targetPort: 5432 + protocol: TCP \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/metrics-svc.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-metrics.yaml similarity index 96% rename from addons/postgresql-cluster/15/chart/postgresql-cluster/templates/metrics-svc.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-metrics.yaml index 0cd24f48..862c6a0c 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/metrics-svc.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-metrics.yaml @@ -5,6 +5,7 @@ metadata: name: {{ printf "%s-metrics" (include "patroni.fullname" .) }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: patroni app.kubernetes.io/component: metrics {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml index cccaf8ce..c5861935 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml @@ -3,17 +3,18 @@ kind: Service metadata: name: {{ template "patroni.fullname" . }}-repl namespace: {{ include "common.names.namespace" . | quote }} - labels: - app: {{ template "patroni.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: patroni + application: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} role: replica spec: - type: ClusterIP + type: LoadBalancer selector: - app: {{ template "patroni.fullname" . }} + application: {{ template "patroni.fullname" . }} cluster-name: {{ template "patroni.fullname" . }} role: replica ports: diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml index 301216e1..adc0ab69 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml @@ -3,16 +3,22 @@ kind: Service metadata: name: {{ template "patroni.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} - labels: - app: {{ template "patroni.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: patroni + application: {{ template "patroni.fullname" . }} chart: {{ template "patroni.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} + role: master spec: - type: ClusterIP + type: LoadBalancer + selector: + application: {{ template "patroni.fullname" . }} + cluster-name: {{ template "patroni.fullname" . }} + role: master ports: - name: postgresql port: 5432 - targetPort: postgresql + targetPort: 5432 protocol: TCP \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 4d28d660..43a38eb0 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -1,7 +1,10 @@ -replicaCount: 3 +replicaCount: 1 diagnosticMode: enable: false +service: + type: LoadBalancer + image: # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2 # https://github.com/zalando/spilo/tree/master/postgres-appliance @@ -104,7 +107,7 @@ postInitScript: | psql -w -c "create user ${DATABASE_USER} WITH LOGIN ENCRYPTED PASSWORD '${DATABASE_PASSWORD}'" echo "Creating database ${DATABASE_NAME} " psql -w -c "CREATE DATABASE ${DATABASE_NAME} OWNER ${DATABASE_USER} CONNECTION LIMIT 1000" - psql -w -d ${DATABASE_NAME} -c "create extension postgis" + psql -w -d ${DATABASE_NAME} -c "create extension postgis ; create extension pg_stat_statements ; create extension pg_buffercache ;" psql -w -c "CHECKPOINT;CHECKPOINT;" else echo "Skipping user creation" @@ -114,7 +117,7 @@ postInitScript: | ## Postgresql Prometheus exporter parameters ## metrics: - enabled: true + enabled: false image: repository: registry.drycc.cc/drycc-addons/postgres-exporter tag: "0" @@ -157,17 +160,21 @@ metrics: customLivenessProbe: {} customReadinessProbe: enabled: true - resources: {} -walE: + resources: + limits: + cpu: 100m + memory: 512Mi + # hugepages-2Mi: 4Mi + requests: + cpu: 100m + memory: 512Mi +walG: # Specifies whether Wal-E should be enabled enable: false # Cron schedule for doing base backups scheduleCronJob: 00 01 * * * # Amount of base backups to retain retainBackups: 2 - # Path to the S3 or GCS bucket used for WAL-E base backups - s3Bucket: - gcsBucket: # Name of the secret that holds the credentials to the bucket kubernetesSecret: # Maximum size of the WAL segments accumulated after the base backup to @@ -176,6 +183,13 @@ walE: # Maximum ratio (in percents) of the accumulated WAL files to the base backup # to consider WAL-E restore instead of pg_basebackup backupThresholdPercentage: 30 + s3: + awsAccessKeyID: "xxx" + awsSecretAccessKey: "xx" + walGS3Prefix: "xxx" + awsEndpoint: "xxx" + awsS3ForcePathStyle: "true" + awsRegion: dx-1 persistentVolume: enabled: false @@ -198,12 +212,12 @@ resources: # If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 1000m - memory: 1Gi + cpu: 100m + memory: 512Mi # hugepages-2Mi: 4Mi requests: - cpu: 1000m - memory: 1Gi + cpu: 100m + memory: 512Mi # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector nodeSelector: {} @@ -220,7 +234,7 @@ affinityTemplate: | topologyKey: "kubernetes.io/hostname" labelSelector: matchLabels: - app: {{ template "patroni.name" . }} + application: {{ template "patroni.name" . }} release: {{ .Release.Name | quote }} affinity: {} @@ -244,7 +258,7 @@ serviceAccount: networkPolicy: ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources ## - enabled: true + enabled: false ## @param networkPolicy.allowExternal The Policy model to apply. ## When set to false, only pods with the correct ## client label will have network access to the port MySQL is listening diff --git a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml index e5b14d98..cf57e76b 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml @@ -1,5 +1,5 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} + {{- if (eq .Values.service.type "LoadBalancer") }} - name: host valueFrom: secretKeyRef: diff --git a/addons/postgresql-cluster/15/plans/standard-10/meta.yaml b/addons/postgresql-cluster/15/plans/standard-10/meta.yaml index 6c738828..f5c2257b 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/meta.yaml @@ -1,6 +1,6 @@ name: "standard-10" -id: 2b455154-8725-482a-95b2-a193c180d9b5 -description: "Mysql Cluster standard-10 plan: Disk 10Gi ,vCPUs 1 , RAM 2G , DB MAX Connection 600" +id: 83c3b52e-2685-4362-9ea1-42e170060c78 +description: "Postgresql Cluster standard-10 plan: Disk 10Gi ,vCPUs 1 , RAM 2G , DB MAX Connection 600" displayName: "standard-10" bindable: true maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-10/values.yaml b/addons/postgresql-cluster/15/plans/standard-10/values.yaml index f90075a8..2082d76c 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/values.yaml @@ -1,61 +1,83 @@ ## @param fullnameOverride String to fully override common.names.fullname template ## -fullnameOverride: hb-mysql-cluster-standard-10 +fullnameOverride: hb-postgresql-cluster-standard-10 -## MinIO® containers' resource requests and limits -## ref: https://kubernetes.io/docs/user-guide/compute-resources/ -## We usually recommend not to specify default resources and to leave this as a conscious -## choice for the user. This also increases chances charts run on environments with little -## resources, such as Minikube. If you do want to specify resources, uncomment the following -## lines, adjust them as necessary, and remove the curly braces after 'resources:'. -## @param resources.limits The resources limits for the MinIO® container -## @param resources.requests The requested resources for the MinIO® container -## -primary: - maxConnectionLimit: 600 - resources: +preInitScript: | + cat > /opt/drycc/postgresql/patroni.yml <<__EOF__ + log: + level: DEBUG + bootstrap: + dcs: + postgresql: + use_pg_rewind: true + use_slots: true + pg_hba: + - local all all peer + - host all tea_mon 127.0.0.1/32 trust + - host all all 0.0.0.0/0 scram-sha-256 + - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 + parameters: + wal_level: hot_standby + hot_standby: "on" + max_connections: 1005 + max_worker_processes: 8 + wal_keep_segments: 8 + max_wal_senders: 10 + max_replication_slots: 10 + max_prepared_transactions: 0 + max_locks_per_transaction: 64 + wal_log_hints: "on" + track_commit_timestamp: "off" + archive_mode: "on" + archive_timeout: 1800s + archive_command: /bin/true + # timescaledb.license: 'timescale' + shared_preload_libraries: 'pg_stat_statements' + initdb: + - auth-host: scram-sha-256 + - auth-local: trust + - encoding: UTF8 + - locale: en_US.UTF-8 + - data-checksums + post_bootstrap: sh /opt/drycc/postgresql/scripts/post_init.sh + restapi: + connect_address: '${PATRONI_KUBERNETES_POD_IP}:8008' + postgresql: + connect_address: '${PATRONI_KUBERNETES_POD_IP}:5432' + authentication: + superuser: + username: postgres + password: '${PATRONI_SUPERUSER_PASSWORD}' + replication: + username: standby + password: '${PATRONI_REPLICATION_PASSWORD}' + rewind: # Has no effect on postgres 10 and lower + username: rewinder + password: '${PATRONI_REWIND_USERNAME}' + watchdog: + mode: off + __EOF__ + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 1000m + memory: 1Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 1000m + memory: 1Gi + +persistentVolume: + enabled: true + size: 10G + +metrics: + resources: limits: cpu: 1000m - memory: 1024Mi + memory: 1Gi requests: cpu: 1000m - memory: 1024Mi - - -## @section Persistence parameters - -## Enable persistence using Persistent Volume Claims -## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ -## - persistence: - ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir - ## - enabled: true - ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas - ## NOTE: When it's set the rest of persistence parameters are ignored - ## - existingClaim: "" - ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations - ## - annotations: {} - ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes - ## - accessModes: - - ReadWriteOnce - ## @param primary.persistence.size MySQL primary persistent volume size - ## - size: 10Gi - ## @param primary.persistence.selector Selector to match an existing Persistent Volume - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} + memory: 1Gi diff --git a/addons/postgresql-cluster/15/plans/standard-20/values.yaml b/addons/postgresql-cluster/15/plans/standard-20/values.yaml index d9422e70..12db2471 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/values.yaml @@ -56,6 +56,6 @@ primary: ## @param primary.persistence.selector Selector to match an existing Persistent Volume ## selector: ## matchLabels: - ## app: my-app + ## application: my-app ## selector: {} From 56ce8454d8837add5343e505a9501b2384d5c2d6 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 17 Nov 2023 15:47:53 +0800 Subject: [PATCH 20/48] chore(postgresql-cluster): redirect postgresql log --- addons/postgresql-cluster/15/chart/cj.yaml | 605 ------------------ .../templates/networkpolicy.yaml | 2 +- .../templates/statefulset.yaml | 12 +- .../postgresql-cluster/templates/svc.yaml | 12 +- .../15/chart/postgresql-cluster/values.yaml | 60 +- 5 files changed, 71 insertions(+), 620 deletions(-) delete mode 100644 addons/postgresql-cluster/15/chart/cj.yaml diff --git a/addons/postgresql-cluster/15/chart/cj.yaml b/addons/postgresql-cluster/15/chart/cj.yaml deleted file mode 100644 index 48880e1c..00000000 --- a/addons/postgresql-cluster/15/chart/cj.yaml +++ /dev/null @@ -1,605 +0,0 @@ ---- -# Source: postgresql/templates/networkpolicy.yaml -kind: NetworkPolicy -apiVersion: networking.k8s.io/v1 -metadata: - name: release-name-postgresql - namespace: "default" - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: patroni - cluster-name: release-name-postgresql -spec: - podSelector: - matchLabels: - app.kubernetes.io/name: postgresql - app.kubernetes.io/instance: release-name - ingress: - # Allow inbound connections - - ports: - - port: 5432 - - port: 9187 - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: default ---- -# Source: postgresql/templates/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: release-name-postgresql - namespace: "default" - labels: - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm ---- -# Source: postgresql/templates/sec.yaml -apiVersion: v1 -kind: Secret -metadata: - name: release-name-postgresql - namespace: "default" - labels: - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm - cluster-name: release-name-postgresql -type: Opaque -data: - password-superuser: dGVh - password-rewind: Y29sYQ== - password-replication: cmVwcGFzc3dk - data-user: dXMx - data-name: ZGIx - data-password: MTExdw== ---- -# Source: postgresql/templates/configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: release-name-postgresql-cm - namespace: "default" - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - cluster-name: release-name-postgresql -data: - pre_init.sh: |- - cat > /opt/drycc/postgresql/patroni.yml <<__EOF__ - log: - level: DEBUG - bootstrap: - dcs: - postgresql: - use_pg_rewind: true - use_slots: true - pg_hba: - - local all all peer - - host all tea_mon 127.0.0.1/32 trust - - host all all 0.0.0.0/0 scram-sha-256 - - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 - parameters: - wal_level: hot_standby - hot_standby: "on" - max_connections: 1005 - max_worker_processes: 8 - wal_keep_segments: 8 - max_wal_senders: 10 - max_replication_slots: 10 - max_prepared_transactions: 0 - max_locks_per_transaction: 64 - wal_log_hints: "on" - track_commit_timestamp: "off" - archive_mode: "on" - archive_timeout: 1800s - archive_command: /bin/true - # timescaledb.license: 'timescale' - shared_preload_libraries: 'auto_explain,pg_stat_statements' - initdb: - - auth-host: scram-sha-256 - - auth-local: trust - - encoding: UTF8 - - locale: en_US.UTF-8 - - data-checksums - post_bootstrap: sh /opt/drycc/postgresql/scripts/post_init.sh - restapi: - connect_address: '${PATRONI_KUBERNETES_POD_IP}:8008' - postgresql: - connect_address: '${PATRONI_KUBERNETES_POD_IP}:5432' - authentication: - superuser: - username: postgres - password: '${PATRONI_SUPERUSER_PASSWORD}' - replication: - username: standby - password: '${PATRONI_REPLICATION_PASSWORD}' - rewind: # Has no effect on postgres 10 and lower - username: rewinder - password: '${PATRONI_REWIND_USERNAME}' - watchdog: - mode: off - __EOF__ - - post_init.sh: |- - #!/bin/bash - set -Eeu - # Create monitor user - psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor" - # Create init database & user - if [[( -n "$DATABASE_USER") && ( -n "$DATABASE_PASSWORD") && ( -n "$DATABASE_NAME")]]; then - echo "Creating user ${DATABASE_USER}" - psql -w -c "create user ${DATABASE_USER} WITH LOGIN ENCRYPTED PASSWORD '${DATABASE_PASSWORD}'" - echo "Creating database ${DATABASE_NAME} " - psql -w -c "CREATE DATABASE ${DATABASE_NAME} OWNER ${DATABASE_USER} CONNECTION LIMIT 1000" - psql -w -d ${DATABASE_NAME} -c "create extension postgis ; create extension pg_stat_statements ; create extension pg_buffercache ;" - psql -w -c "CHECKPOINT;CHECKPOINT;" - else - echo "Skipping user creation" - echo "Skipping database creation" - fi ---- -# Source: postgresql/templates/role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: release-name-postgresql - namespace: "default" - labels: - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm -rules: -- apiGroups: [""] - resources: ["configmaps"] - verbs: - - create - - get - - list - - patch - - update - - watch - # delete is required only for 'patronictl remove' - - delete -- apiGroups: [""] - resources: ["services"] - verbs: - - create -- apiGroups: [""] - resources: ["endpoints"] - verbs: - - create - - get - - patch - - update - # the following three privileges are necessary only when using endpoints - - list - - watch - # delete is required only for for 'patronictl remove' - - delete - - deletecollection -- apiGroups: [""] - resources: ["pods"] - verbs: - - get - - list - - patch - - update - - watch ---- -# Source: postgresql/templates/rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: release-name-postgresql - namespace: "default" - labels: - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm -subjects: - - kind: ServiceAccount - name: release-name-postgresql -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: release-name-postgresql ---- -# Source: postgresql/templates/svc-config.yaml -# headless service to avoid deletion of patronidemo-config endpoint -apiVersion: v1 -kind: Service -metadata: - name: release-name-postgresql-config - labels: - app: release-name-postgresql - release: release-name - cluster-name: release-name-postgresql -spec: - clusterIP: None ---- -# Source: postgresql/templates/svc-metrics.yaml -apiVersion: v1 -kind: Service -metadata: - name: release-name-postgresql-metrics - namespace: "default" - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: patroni - app.kubernetes.io/component: metrics - annotations: - prometheus.io/port: '9187' - prometheus.io/scrape: "true" -spec: - type: ClusterIP - sessionAffinity: None - ports: - - name: http-metrics - port: 9187 - targetPort: http-metrics - selector: - app.kubernetes.io/name: postgresql - app.kubernetes.io/instance: release-name - app.kubernetes.io/component: patroni ---- -# Source: postgresql/templates/svc-relp.yaml -apiVersion: v1 -kind: Service -metadata: - name: release-name-postgresql-repl - namespace: "default" - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: patroni - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm - cluster-name: release-name-postgresql - role: replica -spec: - type: LoadBalancer - selector: - app: release-name-postgresql - cluster-name: release-name-postgresql - role: replica - ports: - - port: 5432 - targetPort: 5432 ---- -# Source: postgresql/templates/svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: release-name-postgresql - namespace: "default" - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: patroni - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm - cluster-name: release-name-postgresql - role: master -spec: - type: LoadBalancer - ports: - - name: postgresql - port: 5432 - targetPort: 5432 - protocol: TCP ---- -# Source: postgresql/templates/statefulset.yaml -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: release-name-postgresql - namespace: "default" - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: patroni - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm - cluster-name: release-name-postgresql -spec: - serviceName: release-name-postgresql - replicas: 3 - selector: - matchLabels: - app.kubernetes.io/name: postgresql - app.kubernetes.io/instance: release-name - app.kubernetes.io/component: patroni - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm - cluster-name: release-name-postgresql - template: - metadata: - name: release-name-postgresql - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: patroni - app: release-name-postgresql - chart: postgresql-15.3.1 - release: release-name - heritage: Helm - cluster-name: release-name-postgresql - spec: - serviceAccountName: release-name-postgresql - - # securityContext: - # runAsUser: postgres - # fsGroup: postgres - containers: - - name: postgresql - image: "registry.drycc.cc/drycc-addons/postgresql-patroni:15" - imagePullPolicy: IfNotPresent - # securityContext: - # runAsUser: postgres - # fsGroup: postgres - env: - - name: PATRONI_KUBERNETES_USE_ENDPOINTS - value: 'true' - - name: PATRONI_KUBERNETES_POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: PATRONI_KUBERNETES_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: PATRONI_KUBERNETES_BYPASS_API_SERVICE - value: 'true' - - name: PATRONI_KUBERNETES_LABELS - value: '{app: release-name-postgresql,release: release-name,cluster-name: release-name-postgresql}' - - name: PATRONI_SUPERUSER_USERNAME - value: postgres - - name: PATRONI_SUPERUSER_PASSWORD - valueFrom: - secretKeyRef: - name: release-name-postgresql - key: password-superuser - - name: PATRONI_REPLICATION_USERNAME - value: standby - - name: PATRONI_REPLICATION_PASSWORD - valueFrom: - secretKeyRef: - name: release-name-postgresql - key: password-replication - - name: PATRONI_REWIND_USERNAME - value: rewinder - - name: PATRONI_REWIND_PASSWORD - valueFrom: - secretKeyRef: - name: release-name-postgresql - key: password-rewind - - name: PATRONI_SCOPE - value: release-name-postgresql - - name: PATRONI_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: PATRONI_POSTGRESQL_DATA_DIR - value: "/home/postgres/pgdata/data" - - name: PATRONI_POSTGRESQL_PGPASS - value: /tmp/pgpass - - name: PATRONI_POSTGRESQL_LISTEN - value: '0.0.0.0:5432' - - name: PATRONI_RESTAPI_LISTEN - value: '0.0.0.0:8008' - - - name: DATABASE_NAME - valueFrom: - secretKeyRef: - name: release-name-postgresql - key: data-name - - name: DATABASE_USER - valueFrom: - secretKeyRef: - name: release-name-postgresql - key: data-user - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: release-name-postgresql - key: data-password - readinessProbe: - httpGet: - scheme: HTTP - path: /readiness - port: 8008 - initialDelaySeconds: 3 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 3 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /liveness - port: 8008 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - lifecycle: - preStop: - exec: - command: - - /usr/bin/env - - bash - - -c - - | - # switch leader pod if the current pod is the leader - if curl --fail http://localhost:8008/read-write; then - init-stack patronictl switchover --force - fi - ports: - - containerPort: 8008 - protocol: TCP - - containerPort: 5432 - protocol: TCP - volumeMounts: - - name: storage-volume - mountPath: "/home/postgres/pgdata" - - mountPath: "/opt/drycc/postgresql/scripts/" - name: patroni-config - # readOnly: true - resources: - limits: - cpu: 100m - memory: 512Mi - requests: - cpu: 100m - memory: 512Mi - - name: metrics - image: "registry.drycc.cc/drycc-addons/postgres-exporter:0" - imagePullPolicy: "IfNotPresent" - env: - - name: DATA_SOURCE_NAME - value: postgresql://tea_mon:password@127.0.0.1:5432/db1?sslmode=disable - ports: - - name: http-metrics - containerPort: 9187 - startupProbe: - initialDelaySeconds: 10 - tcpSocket: - port: http-metrics - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 15 - successThreshold: 1 - livenessProbe: - initialDelaySeconds: 5 - httpGet: - path: / - port: http-metrics - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - readinessProbe: - initialDelaySeconds: 5 - httpGet: - path: / - port: http-metrics - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - resources: - limits: - cpu: 100m - memory: 512Mi - requests: - cpu: 100m - memory: 512Mi - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - topologyKey: "kubernetes.io/hostname" - labelSelector: - matchLabels: - app: postgresql - release: "release-name" - - volumes: - - name: patroni-config - configMap: - name: release-name-postgresql-cm - - name: storage-volume - emptyDir: {} ---- -# Source: postgresql/templates/cronjob.yaml -apiVersion: batch/v1 -kind: CronJob -metadata: - name: release-name-postgresql-backup - namespace: "default" - labels: - app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-15.3.1 - app.kubernetes.io/instance: release-name - app.kubernetes.io/managed-by: Helm - cluster-name: release-name-postgresql - -spec: - schedule: "*/1 * * * *" - failedJobsHistoryLimit: 1 - successfulJobsHistoryLimit: 1 - jobTemplate: - spec: - template: - spec: - restartPolicy: OnFailure - containers: - - name: postgresql-backup - image: "registry.drycc.cc/drycc-addons/postgresql-patroni:15" - imagePullPolicy: Always - #imagePullPolicy: "IfNotPresent" - command: - - /usr/bin/env - - bash - - -c - - | - echo "sleeping ...." - sleep 10000 - echo "Successfull" - init-stack /opt/drycc/wal-g/bin/wal-g backup-push - init-stack /opt/drycc/wal-g/bin/wal-g delete - env: - - name: USE_WALG - value: "true" - - name: BACKUP_SCHEDULE - value: "eee" - - name: BACKUP_NUM_TO_RETAIN - value: "2" - - name: WALG_BACKUP_THRESHOLD_MEGABYTES - value: "1024" - - name: WALE_BACKUP_THRESHOLD_PERCENTAGE - value: "30" - - name: PGHOST - value: release-name-postgresql-repl - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: release-name-postgresql - key: password-replication - - name: PGUSER - value: standby - - name: PGPORT - value: "5432" diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml index dfad66c3..8b429517 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml @@ -23,7 +23,7 @@ spec: - port: 5432 {{- if and .Values.metrics.enabled }} - port: {{ .Values.metrics.containerPort }} - {{ end }} + {{ end }} `` {{- if or .Values.networkPolicy.allowCurrentNamespace .Values.networkPolicy.allowNamespaces }} from: {{- if .Values.networkPolicy.allowCurrentNamespace }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 335ea342..8e436be3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -32,8 +32,18 @@ spec: heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} spec: + {{- if .Values.patroni.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.patroni.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.patroni.podAffinityPreset "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.patroni.podAntiAffinityPreset "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.patroni.nodeAffinityPreset.type "key" .Values.patroni.nodeAffinityPreset.key "values" .Values.patroni.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.patroni.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.patroni.nodeSelector "context" $) | nindent 8 }} + {{- end }} serviceAccountName: {{ template "patroni.serviceAccountName" . }} - # securityContext: # runAsUser: postgres # fsGroup: postgres diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml index adc0ab69..77ffd855 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml @@ -10,15 +10,9 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} - role: master spec: type: LoadBalancer - selector: - application: {{ template "patroni.fullname" . }} - cluster-name: {{ template "patroni.fullname" . }} - role: master ports: - - name: postgresql - port: 5432 - targetPort: 5432 - protocol: TCP \ No newline at end of file + - port: 5432 + targetPort: 5432 + protocol: TCP \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 43a38eb0..20d57dc3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -1,4 +1,4 @@ -replicaCount: 1 +replicaCount: 3 diagnosticMode: enable: false @@ -41,9 +41,11 @@ env: {} #custom patroni.yaml used by patroni boot # configuration: {} preInitScript: | + mkdir /home/postgres/pgdata/log + ln -sf /dev/stdout "/home/postgres/pgdata/log/postgresql.csv" cat > /opt/drycc/postgresql/patroni.yml <<__EOF__ log: - level: DEBUG + level: INFO bootstrap: dcs: postgresql: @@ -71,6 +73,14 @@ preInitScript: | archive_command: /bin/true # timescaledb.license: 'timescale' shared_preload_libraries: 'auto_explain,pg_stat_statements' + log_destination: 'csvlog' + log_filename: postgresql.log + logging_collector: on + log_directory: /home/postgres/pgdata/log + log_min_messages: 'info' + log_min_duration_statement: 1000 + log_lock_waits: on + log_statement: 'ddl' initdb: - auth-host: scram-sha-256 - auth-local: trust @@ -114,6 +124,48 @@ postInitScript: | echo "Skipping database creation" fi +patroni: + ## @param patroni.podAnnotations Additional pod annotations for Postgresql patroni pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param patroni.podAffinityPreset Postgresql patroni pod affinity preset. Ignored if `patroni.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param patroni.podAntiAffinityPreset Postgresql patroni pod anti-affinity preset. Ignored if `patroni.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Postgresql Primary node affinity preset + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param patroni.nodeAffinityPreset.type Postgresql patroni node affinity preset type. Ignored if `patroni.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param patroni.nodeAffinityPreset.key Postgresql patroni node label key to match Ignored if `patroni.affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param patroni.nodeAffinityPreset.values Postgresql patroni node label values to match. Ignored if `patroni.affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param patroni.affinity Affinity for Postgresql patroni pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param patroni.nodeSelector Node labels for Postgresql patroni pods assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## Postgresql Prometheus exporter parameters ## metrics: @@ -261,8 +313,8 @@ networkPolicy: enabled: false ## @param networkPolicy.allowExternal The Policy model to apply. ## When set to false, only pods with the correct - ## client label will have network access to the port MySQL is listening - ## on. When true, MySQL will accept connections from any source + ## client label will have network access to the port Postgresql is listening + ## on. When true, Postgresql will accept connections from any source ## (with the correct destination port). ## allowCurrentNamespace: true From 5c95bf455b0c9cdbbc1ba83338422d88ee3baab2 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 22 Nov 2023 09:32:25 +0800 Subject: [PATCH 21/48] chore(postgresql-cluster): add pgbackup --- .../postgresql-cluster/templates/_helpers.tpl | 18 ++++---- .../postgresql-cluster/templates/cronjob.yaml | 25 +++-------- .../templates/statefulset.yaml | 41 ++++++++++++++++++- .../templates/svc-relp.yaml | 8 +++- .../15/chart/postgresql-cluster/values.yaml | 18 ++++---- 5 files changed, 68 insertions(+), 42 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl index c75c3b29..1e4e50bc 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl @@ -43,10 +43,10 @@ Create the name of the service account to use. {{- end -}} {{/* -Return true if a cronjob object should be created for Postgresql HA patroni +Return true if a cronjob object should be created for Postgresql HA patroni ## TODO feature */}} {{- define "patroni.createCronJob" -}} -{{- if and .Values.walG.enable }} +{{- if and .Values.walG.enabled }} {{- true -}} {{- else -}} {{- end -}} @@ -115,13 +115,14 @@ Create patroni envs. fieldPath: metadata.name - name: PATRONI_POSTGRESQL_DATA_DIR value: "{{ .Values.persistentVolume.mountPath }}/data" +- name: PGDATA + value: "{{ .Values.persistentVolume.mountPath }}/data" - name: PATRONI_POSTGRESQL_PGPASS value: /tmp/pgpass - name: PATRONI_POSTGRESQL_LISTEN value: '0.0.0.0:5432' - name: PATRONI_RESTAPI_LISTEN value: '0.0.0.0:8008' - - name: DATABASE_NAME valueFrom: secretKeyRef: @@ -137,20 +138,15 @@ Create patroni envs. secretKeyRef: name: {{ template "patroni.fullname" . }} key: data-password - {{- end -}} {{/* Create walg envs. */}} {{- define "walg.envs" }} -{{- if .Values.walG.enable }} +{{- if .Values.walG.enabled }} - name: USE_WALG - value: {{ .Values.walG.enable | quote }} -{{- if .Values.walG.scheduleCronJob }} -- name: BACKUP_SCHEDULE - value: {{ .Values.walG.scheduleCronJob | quote}} -{{- end }} + value: {{ .Values.walG.enabled | quote }} {{- if .Values.walG.retainBackups }} - name: BACKUP_NUM_TO_RETAIN value: {{ .Values.walG.retainBackups | quote}} @@ -165,7 +161,7 @@ Create walg envs. {{- end }} {{- if .Values.walG.s3.used }} - name: AWS_ACCESS_KEY_ID - value: {{ .Values.walG.s3.awsAccessKeyId | quote }} + value: {{ .Values.walG.s3.awsAccessKeyID | quote }} - name: AWS_SECRET_ACCESS_KEY value: {{ .Values.walG.s3.awsSecretAccessKey | quote }} - name: WALG_S3_PREFIX diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml index 0bfb4b40..39c08de3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml @@ -19,7 +19,7 @@ metadata: {{- end }} spec: - schedule: "*/1 * * * *" + schedule: "{{ .Values.walG.scheduleCronJob }}" failedJobsHistoryLimit: 1 successfulJobsHistoryLimit: 1 jobTemplate: @@ -30,29 +30,14 @@ spec: containers: - name: {{ .Chart.Name }}-backup image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: Always - #imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} command: - /usr/bin/env - bash - -c - | - echo "sleeping ...." - sleep 10000 - echo "Successfull" - init-stack /opt/drycc/wal-g/bin/wal-g backup-push - init-stack /opt/drycc/wal-g/bin/wal-g delete + curl "http://${REPLHOST}:9000/pg_backup" env: - {{- include "walg.envs" . | indent 14 }} - - name: PGHOST - value: {{ include "patroni.fullname" . }}-repl - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ template "patroni.fullname" . }} - key: password-replication - - name: PGUSER - value: standby - - name: PGPORT - value: "5432" + - name: REPLHOST + value: {{ include "patroni.fullname" . }}-repl {{- end -}} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 8e436be3..a14a3139 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -56,6 +56,9 @@ spec: # fsGroup: postgres env: {{- include "patroni.envs" . | indent 8 }} + {{- if .Values.walG.enabled }} + {{- include "walg.envs" . | indent 8 }} + {{- end }} {{- if .Values.env }} {{- range $key, $val := .Values.env }} - name: {{ $key | quote | upper }} @@ -156,7 +159,43 @@ spec: resources: {{- toYaml .Values.metrics.resources | nindent 12 }} {{- end }} {{- end }} - {{- with .Values.nodeSelector }} + {{- if .Values.walG.enabled }} + - name: {{ .Chart.Name }}-backup + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + # securityContext: + # runAsUser: postgres + # fsGroup: postgres + command: + - /usr/bin/env + - bash + - -c + - | + python3 /opt/drycc/postgresql/pgbackup.py 0.0.0.0 9000 + env: + {{- include "walg.envs" . | indent 8 }} + - name: PGHOST + value: localhost + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: password-superuser + - name: PGUSER + value: postgres + - name: PGDATABASE + value: postgres + - name: PGPORT + value: "5432" + - name: PGDATA + value: "{{ .Values.persistentVolume.mountPath }}/data" + ports: + - containerPort: 9000 + volumeMounts: + - name: storage-volume + mountPath: "{{ .Values.persistentVolume.mountPath }}" + {{- end }} + {{- with .Values.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} {{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml index c5861935..ba50b3bd 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml @@ -18,5 +18,9 @@ spec: cluster-name: {{ template "patroni.fullname" . }} role: replica ports: - - port: 5432 - targetPort: 5432 \ No newline at end of file + - name: postgresql + port: 5432 + targetPort: 5432 + - name: pgbackup + port: 9000 + targetPort: 9000 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 20d57dc3..693681bf 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -56,6 +56,7 @@ preInitScript: | - host all tea_mon 127.0.0.1/32 trust - host all all 0.0.0.0/0 scram-sha-256 - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 + - host replication postgres 0.0.0.0/0 scram-sha-256 parameters: wal_level: hot_standby hot_standby: "on" @@ -69,8 +70,8 @@ preInitScript: | wal_log_hints: "on" track_commit_timestamp: "off" archive_mode: "on" - archive_timeout: 1800s - archive_command: /bin/true + archive_timeout: 300s + archive_command: sh /opt/drycc/postgresql/walbackup.sh %f # timescaledb.license: 'timescale' shared_preload_libraries: 'auto_explain,pg_stat_statements' log_destination: 'csvlog' @@ -222,9 +223,9 @@ metrics: memory: 512Mi walG: # Specifies whether Wal-E should be enabled - enable: false + enabled: true # Cron schedule for doing base backups - scheduleCronJob: 00 01 * * * + scheduleCronJob: "*/5 * * * *" # Amount of base backups to retain retainBackups: 2 # Name of the secret that holds the credentials to the bucket @@ -236,10 +237,11 @@ walG: # to consider WAL-E restore instead of pg_basebackup backupThresholdPercentage: 30 s3: - awsAccessKeyID: "xxx" - awsSecretAccessKey: "xx" - walGS3Prefix: "xxx" - awsEndpoint: "xxx" + used: true + awsAccessKeyID: "minioadmin" + awsSecretAccessKey: "minioadmin" + walGS3Prefix: "s3://pg1" + awsEndpoint: "http://10.10.2.11:9000" awsS3ForcePathStyle: "true" awsRegion: dx-1 From b940caa3e413a6986eb15feb41338df9ae6a7569 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 22 Nov 2023 14:27:30 +0800 Subject: [PATCH 22/48] chore(postgresql-cluster): add plans --- .../templates/cm -postgresql.yaml | 18 +++ .../{configmap.yaml => cm-patroni.yaml} | 2 +- .../templates/statefulset.yaml | 7 +- .../15/chart/postgresql-cluster/values.yaml | 28 +++- .../15/plans/standard-10/bind.yaml | 39 +++-- .../15/plans/standard-10/values.yaml | 123 ++++++++-------- .../15/plans/standard-100/bind.yaml | 30 ++++ .../standard-100/create-instance-schema.json | 12 ++ .../15/plans/standard-100/meta.yaml | 6 + .../15/plans/standard-100/values.yaml | 76 ++++++++++ .../15/plans/standard-20/bind.yaml | 40 +++--- .../15/plans/standard-20/meta.yaml | 2 +- .../15/plans/standard-20/values.yaml | 134 ++++++++++-------- .../15/plans/standard-200/bind.yaml | 30 ++++ .../standard-200/create-instance-schema.json | 12 ++ .../15/plans/standard-200/meta.yaml | 6 + .../15/plans/standard-200/values.yaml | 75 ++++++++++ .../15/plans/standard-400/bind.yaml | 30 ++++ .../standard-400/create-instance-schema.json | 12 ++ .../15/plans/standard-400/meta.yaml | 6 + .../15/plans/standard-400/values.yaml | 75 ++++++++++ .../15/plans/standard-50/bind.yaml | 30 ++++ .../standard-50/create-instance-schema.json | 12 ++ .../15/plans/standard-50/meta.yaml | 6 + .../15/plans/standard-50/values.yaml | 76 ++++++++++ .../15/plans/standard-800/bind.yaml | 30 ++++ .../standard-800/create-instance-schema.json | 12 ++ .../15/plans/standard-800/meta.yaml | 6 + .../15/plans/standard-800/values.yaml | 75 ++++++++++ 29 files changed, 837 insertions(+), 173 deletions(-) create mode 100644 addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm -postgresql.yaml rename addons/postgresql-cluster/15/chart/postgresql-cluster/templates/{configmap.yaml => cm-patroni.yaml} (93%) create mode 100644 addons/postgresql-cluster/15/plans/standard-100/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-100/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-100/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-100/values.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-200/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-200/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-200/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-200/values.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-400/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-400/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-400/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-400/values.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-50/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-50/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-50/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-50/values.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-800/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-800/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-800/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-800/values.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm -postgresql.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm -postgresql.yaml new file mode 100644 index 00000000..8aba698a --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm -postgresql.yaml @@ -0,0 +1,18 @@ +{{- if (include "patroni.createConfigmap" .) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "common.names.fullname" . }}-postgresql + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + cluster-name: {{ template "patroni.fullname" . }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + custom_conf.conf: |- + {{- include "common.tplvalues.render" ( dict "value" .Values.postgresql.config "context" $ ) | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/configmap.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-patroni.yaml similarity index 93% rename from addons/postgresql-cluster/15/chart/postgresql-cluster/templates/configmap.yaml rename to addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-patroni.yaml index 877d5879..ad4b5849 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/configmap.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-patroni.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "common.names.fullname" . }}-cm + name: {{ template "common.names.fullname" . }}-patroni namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index a14a3139..0d1ed21a 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -107,6 +107,8 @@ spec: mountPath: "{{ .Values.persistentVolume.mountPath }}" - mountPath: "/opt/drycc/postgresql/scripts/" name: patroni-config + - mountPath: "/opt/drycc/postgresql/config/" + name: postgresql-config # readOnly: true resources: {{ toYaml .Values.resources | indent 10 }} @@ -216,7 +218,10 @@ spec: volumes: - name: patroni-config configMap: - name: {{ template "common.names.fullname" . }}-cm + name: {{ template "common.names.fullname" . }}-patroni + - name: postgresql-config + configMap: + name: {{ template "common.names.fullname" . }}-postgresql {{- if not .Values.persistentVolume.enabled }} - name: storage-volume emptyDir: {} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 693681bf..451cb0ba 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -41,13 +41,23 @@ env: {} #custom patroni.yaml used by patroni boot # configuration: {} preInitScript: | - mkdir /home/postgres/pgdata/log + mkdir -p /home/postgres/pgdata/log ln -sf /dev/stdout "/home/postgres/pgdata/log/postgresql.csv" cat > /opt/drycc/postgresql/patroni.yml <<__EOF__ log: level: INFO + restapi: + listen: 0.0.0.0:8008 + connect_address: 0.0.0.0:8008 + authentication: + username: NzUwNjg3MTEtMDgzOS00YTNkLWEyNjAt + password: YjJjMDNjYjQtMDA0Ny00NTgwLTgwYjMt bootstrap: dcs: + ttl: 30 + loop_wait: 10 + retry_timeout: 10 + maximum_lag_on_failover: 1048576 postgresql: use_pg_rewind: true use_slots: true @@ -57,12 +67,13 @@ preInitScript: | - host all all 0.0.0.0/0 scram-sha-256 - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 - host replication postgres 0.0.0.0/0 scram-sha-256 + custom_conf: '/opt/drycc/postgresql/config/custom_conf.conf' parameters: wal_level: hot_standby hot_standby: "on" max_connections: 1005 max_worker_processes: 8 - wal_keep_segments: 8 + wal_keep_segments: 1024 max_wal_senders: 10 max_replication_slots: 10 max_prepared_transactions: 0 @@ -71,7 +82,7 @@ preInitScript: | track_commit_timestamp: "off" archive_mode: "on" archive_timeout: 300s - archive_command: sh /opt/drycc/postgresql/walbackup.sh %f + archive_command: sh /opt/drycc/postgresql/walbackup.sh %p # timescaledb.license: 'timescale' shared_preload_libraries: 'auto_explain,pg_stat_statements' log_destination: 'csvlog' @@ -124,6 +135,17 @@ postInitScript: | echo "Skipping user creation" echo "Skipping database creation" fi +postgresql: + config: |- + log_min_duration_statement = 1008 + max_wal_size = 4GB + min_wal_size = 4GB + max_connections = 1005 + max_worker_processes = 8 + max_wal_senders = 10 + max_replication_slots = 10 + max_prepared_transactions = 0 + max_locks_per_transaction = 64 patroni: ## @param patroni.podAnnotations Additional pod annotations for Postgresql patroni pods diff --git a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml index cf57e76b..d48323b0 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml @@ -1,34 +1,31 @@ credential: - {{- if (eq .Values.service.type "LoadBalancer") }} +{{- if (eq .Values.service.type "LoadBalancer") }} - name: host valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' + serviceRef: + name: {{ template "common.names.fullname" . }}-master + jsonpath: '{.spec.clusterIPs[*]}' + - name: hostrepl + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{.spec.clusterIPs[*]}' - name: database valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-name }' - name: password valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.password }' + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-password }' - name: username valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: portro - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portro }' - - name: portrw - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-user }' + - name: port + value: 5432 +{{- end }} diff --git a/addons/postgresql-cluster/15/plans/standard-10/values.yaml b/addons/postgresql-cluster/15/plans/standard-10/values.yaml index 2082d76c..b6037e16 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/values.yaml @@ -2,82 +2,75 @@ ## fullnameOverride: hb-postgresql-cluster-standard-10 -preInitScript: | - cat > /opt/drycc/postgresql/patroni.yml <<__EOF__ - log: - level: DEBUG - bootstrap: - dcs: - postgresql: - use_pg_rewind: true - use_slots: true - pg_hba: - - local all all peer - - host all tea_mon 127.0.0.1/32 trust - - host all all 0.0.0.0/0 scram-sha-256 - - host replication ${PATRONI_REPLICATION_USERNAME} 0.0.0.0/0 scram-sha-256 - parameters: - wal_level: hot_standby - hot_standby: "on" - max_connections: 1005 - max_worker_processes: 8 - wal_keep_segments: 8 - max_wal_senders: 10 - max_replication_slots: 10 - max_prepared_transactions: 0 - max_locks_per_transaction: 64 - wal_log_hints: "on" - track_commit_timestamp: "off" - archive_mode: "on" - archive_timeout: 1800s - archive_command: /bin/true - # timescaledb.license: 'timescale' - shared_preload_libraries: 'pg_stat_statements' - initdb: - - auth-host: scram-sha-256 - - auth-local: trust - - encoding: UTF8 - - locale: en_US.UTF-8 - - data-checksums - post_bootstrap: sh /opt/drycc/postgresql/scripts/post_init.sh - restapi: - connect_address: '${PATRONI_KUBERNETES_POD_IP}:8008' - postgresql: - connect_address: '${PATRONI_KUBERNETES_POD_IP}:5432' - authentication: - superuser: - username: postgres - password: '${PATRONI_SUPERUSER_PASSWORD}' - replication: - username: standby - password: '${PATRONI_REPLICATION_PASSWORD}' - rewind: # Has no effect on postgres 10 and lower - username: rewinder - password: '${PATRONI_REWIND_USERNAME}' - watchdog: - mode: off - __EOF__ +postgresql: + config: |- + # Connectivity + max_connections = 980 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '256 MB' + work_mem = '32 MB' + maintenance_work_mem = '320 MB' + huge_pages = off + effective_cache_size = '1 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '15 min' + checkpoint_completion_target = 0.9 + max_wal_size = '1024 MB' + min_wal_size = '512 MB' + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '3650 MB' + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 2 + max_parallel_workers_per_gather = 1 + max_parallel_maintenance_workers = 1 + max_parallel_workers = 2 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 resources: # If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 1000m - memory: 1Gi + memory: 2Gi # hugepages-2Mi: 4Mi requests: cpu: 1000m - memory: 1Gi + memory: 2Gi persistentVolume: enabled: true size: 10G -metrics: - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 1000m - memory: 1Gi diff --git a/addons/postgresql-cluster/15/plans/standard-100/bind.yaml b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml new file mode 100644 index 00000000..619e1429 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml @@ -0,0 +1,30 @@ +credential: +{{- if (eq .Values.service.type "LoadBalancer") }} + - name: host + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-master + jsonpath: '{.spec.clusterIPs[*]}' + - name: hostrepl + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{.spec.clusterIPs[*]}' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-name }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-password }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-user }' + - name: port + value: 5432 +{{- end }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-100/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-100/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-100/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-100/meta.yaml b/addons/postgresql-cluster/15/plans/standard-100/meta.yaml new file mode 100644 index 00000000..8b3352c9 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-100/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-100" +id: c44160a6-5ec4-49e5-af1e-a1c1676871cf +description: "Mysql Cluster standard-100 plan: Disk 100Gi ,vCPUs 4 , RAM 16G , DB MAX Connection 2000" +displayName: "standard-100" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-100/values.yaml b/addons/postgresql-cluster/15/plans/standard-100/values.yaml new file mode 100644 index 00000000..c937e07a --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-100/values.yaml @@ -0,0 +1,76 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-postgresql-cluster-standard-100 + +postgresql: + config: |- + # Connectivity + max_connections = 2000 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '4096 MB' + work_mem = '32 MB' + maintenance_work_mem = '320 MB' + huge_pages = off + effective_cache_size = '11 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '15 min' + checkpoint_completion_target = 0.9 + max_wal_size = '1024 MB' + min_wal_size = '512 MB' + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '3650 MB' + + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 4 + max_parallel_workers_per_gather = 2 + max_parallel_maintenance_workers = 2 + max_parallel_workers = 4 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 4000m + memory: 16Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 4000m + memory: 16Gi + +persistentVolume: + enabled: true + size: 100G diff --git a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml index e8b99314..619e1429 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml @@ -1,34 +1,30 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} +{{- if (eq .Values.service.type "LoadBalancer") }} - name: host valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' + serviceRef: + name: {{ template "common.names.fullname" . }}-master + jsonpath: '{.spec.clusterIPs[*]}' + - name: hostrepl + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{.spec.clusterIPs[*]}' - name: database valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-name }' - name: password valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-password }' - name: username valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: portro - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portro }' - - name: portrw - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-user }' + - name: port + value: 5432 +{{- end }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-20/meta.yaml b/addons/postgresql-cluster/15/plans/standard-20/meta.yaml index e749a7db..e9580d73 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/meta.yaml @@ -1,5 +1,5 @@ name: "standard-20" -id: 95fd7cf2-f2fb-46c9-b3fc-9e7f48899dcc +id: edf8bdfe-b1dc-4f41-b042-801153794df7 description: "Mysql Cluster standard-20 plan: Disk 20Gi ,vCPUs 2 , RAM 4G , DB MAX Connection 1000" displayName: "standard-20" bindable: true diff --git a/addons/postgresql-cluster/15/plans/standard-20/values.yaml b/addons/postgresql-cluster/15/plans/standard-20/values.yaml index 12db2471..f460d01f 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/values.yaml @@ -1,61 +1,77 @@ ## @param fullnameOverride String to fully override common.names.fullname template ## -fullnameOverride: hb-mysql-cluster-standard-20 - -## MinIO® containers' resource requests and limits -## ref: https://kubernetes.io/docs/user-guide/compute-resources/ -## We usually recommend not to specify default resources and to leave this as a conscious -## choice for the user. This also increases chances charts run on environments with little -## resources, such as Minikube. If you do want to specify resources, uncomment the following -## lines, adjust them as necessary, and remove the curly braces after 'resources:'. -## @param resources.limits The resources limits for the MinIO® container -## @param resources.requests The requested resources for the MinIO® container -## -primary: - maxConnectionLimit: 1000 - resources: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 2000m - memory: 4Gi - - -## @section Persistence parameters - -## Enable persistence using Persistent Volume Claims -## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ -## - persistence: - ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir - ## - enabled: true - ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas - ## NOTE: When it's set the rest of persistence parameters are ignored - ## - existingClaim: "" - ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations - ## - annotations: {} - ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes - ## - accessModes: - - ReadWriteOnce - ## @param primary.persistence.size MySQL primary persistent volume size - ## - size: 20Gi - ## @param primary.persistence.selector Selector to match an existing Persistent Volume - ## selector: - ## matchLabels: - ## application: my-app - ## - selector: {} +fullnameOverride: hb-postgresql-cluster-standard-20 + +postgresql: + config: |- + # Connectivity + max_connections = 1000 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '1024 MB' + work_mem = '32 MB' + maintenance_work_mem = '320 MB' + huge_pages = off + effective_cache_size = '3 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '15 min' + checkpoint_completion_target = 0.9 + max_wal_size = '1024 MB' + min_wal_size = '512 MB' + + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '3650 MB' + + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 2 + max_parallel_workers_per_gather = 1 + max_parallel_maintenance_workers = 1 + max_parallel_workers = 2 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 2000m + memory: 4Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 2000m + memory: 4Gi + +persistentVolume: + enabled: true + size: 20G diff --git a/addons/postgresql-cluster/15/plans/standard-200/bind.yaml b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml new file mode 100644 index 00000000..619e1429 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml @@ -0,0 +1,30 @@ +credential: +{{- if (eq .Values.service.type "LoadBalancer") }} + - name: host + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-master + jsonpath: '{.spec.clusterIPs[*]}' + - name: hostrepl + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{.spec.clusterIPs[*]}' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-name }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-password }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-user }' + - name: port + value: 5432 +{{- end }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-200/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-200/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-200/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-200/meta.yaml b/addons/postgresql-cluster/15/plans/standard-200/meta.yaml new file mode 100644 index 00000000..89b4292b --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-200/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-200" +id: a2160ac2-6c35-4162-b8a2-8dfb2e01816f +description: "Mysql Cluster standard-200 plan: Disk 200Gi ,vCPUs 8 , RAM 32G , DB MAX Connection 2000" +displayName: "standard-200" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-200/values.yaml b/addons/postgresql-cluster/15/plans/standard-200/values.yaml new file mode 100644 index 00000000..9db720e6 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-200/values.yaml @@ -0,0 +1,75 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-postgresql-cluster-standard-200 + +postgresql: + config: |- + # Connectivity + max_connections = 2000 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '8192 MB' + work_mem = '32 MB' + maintenance_work_mem = '420 MB' + huge_pages = try # NB! requires also activation of huge pages via kernel params, see here for more: https://www.postgresql.org/docs/current/static/kernel-resources.html#LINUX-HUGE-PAGES + effective_cache_size = '22 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '15 min' + checkpoint_completion_target = 0.9 + max_wal_size = '1024 MB' + min_wal_size = '512 MB' + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '3650 MB' + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 8 + max_parallel_workers_per_gather = 4 + max_parallel_maintenance_workers = 4 + max_parallel_workers = 8 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 8000m + memory: 32Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 8000m + memory: 32Gi + +persistentVolume: + enabled: true + size: 200G diff --git a/addons/postgresql-cluster/15/plans/standard-400/bind.yaml b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml new file mode 100644 index 00000000..619e1429 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml @@ -0,0 +1,30 @@ +credential: +{{- if (eq .Values.service.type "LoadBalancer") }} + - name: host + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-master + jsonpath: '{.spec.clusterIPs[*]}' + - name: hostrepl + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{.spec.clusterIPs[*]}' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-name }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-password }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-user }' + - name: port + value: 5432 +{{- end }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-400/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-400/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-400/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-400/meta.yaml b/addons/postgresql-cluster/15/plans/standard-400/meta.yaml new file mode 100644 index 00000000..b9472699 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-400/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-400" +id: 16bfd3a8-1080-4731-93d0-bd90e6ba6dad +description: "Mysql Cluster standard-400 plan: Disk 400Gi ,vCPUs 16 , RAM 64G , DB MAX Connection 2000" +displayName: "standard-400" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-400/values.yaml b/addons/postgresql-cluster/15/plans/standard-400/values.yaml new file mode 100644 index 00000000..b1afad1d --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-400/values.yaml @@ -0,0 +1,75 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-postgresql-cluster-standard-400 + +postgresql: + config: |- + # Connectivity + max_connections = 2000 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '16384 MB' + work_mem = '32 MB' + maintenance_work_mem = '520 MB' + huge_pages = try # NB! requires also activation of huge pages via kernel params, see here for more: https://www.postgresql.org/docs/current/static/kernel-resources.html#LINUX-HUGE-PAGES + effective_cache_size = '45 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '15 min' + checkpoint_completion_target = 0.9 + max_wal_size = '1024 MB' + min_wal_size = '512 MB' + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '3650 MB' + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 16 + max_parallel_workers_per_gather = 8 + max_parallel_maintenance_workers = 8 + max_parallel_workers = 16 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 16000m + memory: 64Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 16000m + memory: 64Gi + +persistentVolume: + enabled: true + size: 400G diff --git a/addons/postgresql-cluster/15/plans/standard-50/bind.yaml b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml new file mode 100644 index 00000000..619e1429 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml @@ -0,0 +1,30 @@ +credential: +{{- if (eq .Values.service.type "LoadBalancer") }} + - name: host + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-master + jsonpath: '{.spec.clusterIPs[*]}' + - name: hostrepl + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{.spec.clusterIPs[*]}' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-name }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-password }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-user }' + - name: port + value: 5432 +{{- end }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-50/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-50/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-50/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-50/meta.yaml b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml new file mode 100644 index 00000000..9fbb08f1 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-50" +id: 0542f411-4e7b-46af-966c-c9989e54873c +description: "Mysql Cluster standard-50 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" +displayName: "standard-50" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-50/values.yaml b/addons/postgresql-cluster/15/plans/standard-50/values.yaml new file mode 100644 index 00000000..fbf8db1f --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-50/values.yaml @@ -0,0 +1,76 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-postgresql-cluster-standard-50 + +postgresql: + config: |- + # Connectivity + max_connections = 1000 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '2048 MB' + work_mem = '32 MB' + maintenance_work_mem = '320 MB' + huge_pages = off + effective_cache_size = '6 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '15 min' + checkpoint_completion_target = 0.9 + max_wal_size = '1024 MB' + min_wal_size = '512 MB' + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '3650 MB' + + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 2 + max_parallel_workers_per_gather = 1 + max_parallel_maintenance_workers = 1 + max_parallel_workers = 2 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 2000m + memory: 8Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 2000m + memory: 8Gi + +persistentVolume: + enabled: true + size: 50G diff --git a/addons/postgresql-cluster/15/plans/standard-800/bind.yaml b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml new file mode 100644 index 00000000..619e1429 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml @@ -0,0 +1,30 @@ +credential: +{{- if (eq .Values.service.type "LoadBalancer") }} + - name: host + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-master + jsonpath: '{.spec.clusterIPs[*]}' + - name: hostrepl + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{.spec.clusterIPs[*]}' + - name: database + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-name }' + - name: password + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-password }' + - name: username + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.data-user }' + - name: port + value: 5432 +{{- end }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-800/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-800/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-800/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-800/meta.yaml b/addons/postgresql-cluster/15/plans/standard-800/meta.yaml new file mode 100644 index 00000000..1748ac9e --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-800/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-800" +id: 60f37e20-e69e-4f6f-9cce-e43caec34963 +description: "Mysql Cluster standard-800 plan: Disk 800Gi ,vCPUs 32 , RAM 128G , DB MAX Connection 2000" +displayName: "standard-800" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-800/values.yaml b/addons/postgresql-cluster/15/plans/standard-800/values.yaml new file mode 100644 index 00000000..3e88193a --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-800/values.yaml @@ -0,0 +1,75 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-postgresql-cluster-standard-800 + +postgresql: + config: |- + # Connectivity + max_connections = 2000 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '32768 MB' + work_mem = '64 MB' + maintenance_work_mem = '720 MB' + huge_pages = try # NB! requires also activation of huge pages via kernel params, see here for more: https://www.postgresql.org/docs/current/static/kernel-resources.html#LINUX-HUGE-PAGES + effective_cache_size = '90 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '15 min' + checkpoint_completion_target = 0.9 + max_wal_size = '10240 MB' + min_wal_size = '5120 MB' + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '22080 MB' + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 32 + max_parallel_workers_per_gather = 16 + max_parallel_maintenance_workers = 16 + max_parallel_workers = 32 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 32000m + memory: 128Gi + # hugepages-2Mi: 4Mi + requests: + cpu: 32000m + memory: 128Gi + +persistentVolume: + enabled: true + size: 800G From 665deb48e500156f1629763fc103c7a6070a179d Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 30 Nov 2023 14:07:27 +0800 Subject: [PATCH 23/48] chore(addons): add cloudbeaver --- .../23/chart/cloudbeaver/Chart.yaml | 24 + .../23/chart/cloudbeaver/README.md | 0 .../23/chart/cloudbeaver/templates/NOTES.txt | 3 + .../chart/cloudbeaver/templates/_helpers.tpl | 28 + .../cloudbeaver/templates/deployment.yaml | 138 +++++ .../cloudbeaver/templates/extra-list.yaml | 4 + .../chart/cloudbeaver/templates/ingress.yaml | 63 +++ .../23/chart/cloudbeaver/templates/pvc.yaml | 32 ++ .../cloudbeaver/templates/serviceaccount.yaml | 21 + .../23/chart/cloudbeaver/templates/svc.yaml | 46 ++ .../cloudbeaver/templates/tls-secrets.yaml | 44 ++ .../23/chart/cloudbeaver/values.yaml | 516 ++++++++++++++++++ addons/cloudbeaver/23/meta.yaml | 20 + .../cloudbeaver/23/plans/standard-5/bind.yaml | 20 + .../standard-5/create-instance-schema.json | 12 + .../cloudbeaver/23/plans/standard-5/meta.yaml | 6 + .../23/plans/standard-5/values.yaml | 60 ++ 17 files changed, 1037 insertions(+) create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/Chart.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/README.md create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/NOTES.txt create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/_helpers.tpl create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/extra-list.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/ingress.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/serviceaccount.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/svc.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/templates/tls-secrets.yaml create mode 100644 addons/cloudbeaver/23/chart/cloudbeaver/values.yaml create mode 100644 addons/cloudbeaver/23/meta.yaml create mode 100644 addons/cloudbeaver/23/plans/standard-5/bind.yaml create mode 100644 addons/cloudbeaver/23/plans/standard-5/create-instance-schema.json create mode 100644 addons/cloudbeaver/23/plans/standard-5/meta.yaml create mode 100644 addons/cloudbeaver/23/plans/standard-5/values.yaml diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/Chart.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/Chart.yaml new file mode 100644 index 00000000..d5505574 --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/Chart.yaml @@ -0,0 +1,24 @@ +annotations: + category: Infrastructure +apiVersion: v2 +appVersion: 23.2.5 +dependencies: + - name: common + repository: oci://registry.drycc.cc/charts + tags: + - drycc-common + version: ~1.1.2 +description: Cloud Database Manager +engine: gotpl +home: https://github.com/drycc-addons/addons +icon: https://github.com/dbeaver/cloudbeaver/wiki/images/cloudbeaver-logo.png +keywords: + - cloudbeaver + - database +maintainers: + - name: drycc + url: https://github.com/drycc-addons/addons +name: cloudbeaver +sources: + - https://github.com/dbeaver/cloudbeaver +version: 23.2.5 diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/README.md b/addons/cloudbeaver/23/chart/cloudbeaver/README.md new file mode 100644 index 00000000..e69de29b diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/NOTES.txt b/addons/cloudbeaver/23/chart/cloudbeaver/templates/NOTES.txt new file mode 100644 index 00000000..3eed111b --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/NOTES.txt @@ -0,0 +1,3 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} \ No newline at end of file diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/_helpers.tpl b/addons/cloudbeaver/23/chart/cloudbeaver/templates/_helpers.tpl new file mode 100644 index 00000000..dda6955a --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/_helpers.tpl @@ -0,0 +1,28 @@ +{{/* vim: set filetype=mustache: */}} + + +{{/* +Return the proper cloudbeaver image name +*/}} +{{- define "cloudbeaver.image" -}} +{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}} +{{- end -}} + + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "cloudbeaver.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) -}} +{{- end -}} + +{{/* + Create the name of the service account to use + */}} +{{- define "cloudbeaver.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml new file mode 100644 index 00000000..c00c3656 --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml @@ -0,0 +1,138 @@ +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.updateStrategy }} + strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} + {{- end }} + selector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + {{- if .Values.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} + labels: {{- include "common.labels.standard" . | nindent 8 }} + {{- if .Values.podLabels }} + {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "cloudbeaver.serviceAccountName" . }} + {{- include "cloudbeaver.imagePullSecrets" . | nindent 6 }} + {{- if .Values.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName | quote }} + {{- end }} + {{- if .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.podSecurityContext.enabled }} + securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + containers: + - name: cloudbeaver + image: {{ include "cloudbeaver.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + workingDir: /opt/drycc/cloudbeaver/ + ports: + - name: http + containerPort: {{ .Values.containerPorts.http }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit (omit .Values.livenessProbe "enabled") "path") "context" $) | nindent 12 }} + httpGet: + path: {{ .Values.livenessProbe.path }} + port: http + {{- end }} + {{- if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit (omit .Values.readinessProbe "enabled") "path") "context" $) | nindent 12 }} + httpGet: + path: {{ .Values.readinessProbe.path }} + port: http + {{- end }} + {{- if .Values.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit (omit .Values.startupProbe "enabled") "path") "context" $) | nindent 12 }} + httpGet: + path: {{ .Values.startupProbe.path }} + port: http + {{- end }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: data + mountPath: {{ .Values.persistence.mountPath | quote }} + volumes: +{{- if not .Values.persistence.enabled }} + - name: data + emptyDir: {} +{{- end }} +{{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: data + annotations: + {{- if .Values.persistence.annotations }} +{{ toYaml .Values.persistence.annotations | indent 8 }} + {{- end }} + labels: + application: {{ template "cloudbeaver.fullname" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + spec: + accessModes: +{{ toYaml .Values.persistence.accessModes | indent 8 }} + resources: + requests: + storage: "{{ .Values.persistence.size }}" + {{- if .Values.persistence.storageClass }} + {{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" + {{- end }} + {{- end }} + {{- end }} + diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/extra-list.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/extra-list.yaml new file mode 100644 index 00000000..9ac65f9e --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/extra-list.yaml @@ -0,0 +1,4 @@ +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/ingress.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/ingress.yaml new file mode 100644 index 00000000..a857fcea --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/ingress.yaml @@ -0,0 +1,63 @@ +{{- if .Values.ingress.enabled }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.ingress.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.annotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.ingress.hostname }} + - host: {{ .Values.ingress.hostname | quote }} + http: + paths: + {{- if .Values.ingress.extraPaths }} + {{- toYaml .Values.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }} + tls: + {{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }} + - hosts: + - {{ .Values.ingress.hostname | quote }} + {{- range .Values.ingress.extraHosts }} + - {{ .name }} + {{- end }} + secretName: {{ printf "%s-tls" .Values.ingress.hostname }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml new file mode 100644 index 00000000..7a36a217 --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml @@ -0,0 +1,32 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ printf "%s-binding" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.persistence.annotations .Values.commonAnnotations .Values.persistence.resourcePolicy }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.persistence.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.persistence.annotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.persistence.resourcePolicy }} + helm.sh/resource-policy: {{ .Values.persistence.resourcePolicy | quote }} + {{- end }} + {{- end }} +spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{ include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) }} +{{- end }} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/serviceaccount.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/serviceaccount.yaml new file mode 100644 index 00000000..341c96f8 --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/serviceaccount.yaml @@ -0,0 +1,21 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ include "node.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} + {{- end }} + {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.serviceAccount.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.serviceAccount.annotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/svc.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/svc.yaml new file mode 100644 index 00000000..bb846a3a --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/svc.yaml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.service.annotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + sessionAffinity: {{ default "None" .Values.service.sessionAffinity }} + {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} + clusterIP: {{ .Values.service.clusterIP }} + {{- end }} + {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + {{- if .Values.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.service.ports.http }} + targetPort: http + {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http)) }} + nodePort: {{ .Values.service.nodePorts.http }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/tls-secrets.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/tls-secrets.yaml new file mode 100644 index 00000000..b2aafcc1 --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/tls-secrets.yaml @@ -0,0 +1,44 @@ +{{- if .Values.ingress.enabled }} +{{- if .Values.ingress.secrets }} +{{- range .Values.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ include "common.names.namespace" $ | quote }} + labels: {{- include "common.labels.standard" $ | nindent 4 }} + {{- if $.Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- end }} +{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} +{{- $ca := genCA "node-ca" 365 }} +{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-tls" .Values.ingress.hostname }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ $cert.Cert | b64enc | quote }} + tls.key: {{ $cert.Key | b64enc | quote }} + ca.crt: {{ $ca.Cert | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/values.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/values.yaml new file mode 100644 index 00000000..19515399 --- /dev/null +++ b/addons/cloudbeaver/23/chart/cloudbeaver/values.yaml @@ -0,0 +1,516 @@ +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) +## +global: + imageRegistry: "" + imagePullSecrets: [] + storageClass: "" + +## @section Common parameters + +## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) +## +kubeVersion: "" +## @param nameOverride String to partially override node.fullname template (will maintain the release name) +## +nameOverride: "" +## @param fullnameOverride String to fully override node.fullname template +## +fullnameOverride: "" +## @param namespaceOverride Override namespace for resources +## Useful when including Node as a chart dependency, so it can be released into a different namespace than the parent +## +namespaceOverride: "" +## @param commonLabels Add labels to all the deployed resources +## +commonLabels: {} +## @param commonAnnotations Add annotations to all the deployed resources +## +commonAnnotations: {} + +## @param command Override default container command (useful when using custom images) +## +command: "" +## @param args Override default container args (useful when using custom images) +## +args: [] +## @param hostAliases Deployment pod host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: [] +## @param extraEnvVars Extra environment variables to be set on Node container +## For example: +## - name: BEARER_AUTH +## value: true +## +extraEnvVars: [] +## @param extraEnvVarsCM Name of existing ConfigMap containing extra environment variables +## +extraEnvVarsCM: "" +## @param extraEnvVarsSecret Name of existing Secret containing extra environment variables +## +extraEnvVarsSecret: "" +## MongoDB® chart configuration +## ref: https://github.com/bitnami/charts/blob/master/bitnami/mongodb/values.yaml +## + +## Bitnami node image version +## ref: https://hub.docker.com/r/bitnami/node/tags/ +## @param image.registry NodeJS image registry +## @param image.repository NodeJS image repository +## @param image.tag NodeJS image tag (immutable tags are recommended) +## @param image.digest NodeJS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag +## @param image.pullPolicy NodeJS image pull policy +## @param image.pullSecrets Specify docker-registry secret names as an array +## @param image.debug Set to true if you would like to see extra information on logs +## +image: + registry: registry.drycc.cc + repository: drycc-addons/cloudbeaver + tag: 23 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Set to true if you would like to see extra information on logs + ## + debug: false +## @param replicaCount Specify the number of replicas for the application +## +replicaCount: 1 +## @param updateStrategy.type Strategy to use to replace existing pods. +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy +## Example: +## updateStrategy: +## type: RollingUpdate +## rollingUpdate: +## maxSurge: 25% +## maxUnavailable: 25% +## +updateStrategy: + type: RollingUpdate +## @param containerPorts.http Specify the port where your application will be running +## +containerPorts: + http: 8978 +## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAffinityPreset: "" +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAntiAffinityPreset: soft +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## +nodeAffinityPreset: + ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] +## @param affinity Affinity for pod assignment. Evaluated as a template. +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## +affinity: {} +## @param nodeSelector Node labels for pod assignment. Evaluated as a template. +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} +## @param tolerations Tolerations for pod assignment. Evaluated as a template. +## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] +## @param podAnnotations Additional pod annotations +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} +## @param podLabels Additional labels for Node pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} +## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template) +## +extraDeploy: [] +## Enable diagnostic mode in the deployment(s)/statefulset(s) +## +diagnosticMode: + ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) + ## + enabled: false + ## @param diagnosticMode.command Command to override all containers in the the deployment(s)/statefulset(s) + ## + command: + - sleep + ## @param diagnosticMode.args Args to override all containers in the the deployment(s)/statefulset(s) + ## + args: + - infinity +## Configure extra options for liveness probe +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes +## @param livenessProbe.enabled Enable livenessProbe +## @param livenessProbe.path Request path for livenessProbe +## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe +## @param livenessProbe.periodSeconds Period seconds for livenessProbe +## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe +## @param livenessProbe.failureThreshold Failure threshold for livenessProbe +## @param livenessProbe.successThreshold Success threshold for livenessProbe +## +livenessProbe: + enabled: true + path: '/' + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +## Configure extra options for readiness probe +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes +## @param readinessProbe.enabled Enable readinessProbe +## @param readinessProbe.path Request path for readinessProbe +## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe +## @param readinessProbe.periodSeconds Period seconds for readinessProbe +## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe +## @param readinessProbe.failureThreshold Failure threshold for readinessProbe +## @param readinessProbe.successThreshold Success threshold for readinessProbe +## +readinessProbe: + enabled: true + path: '/' + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 +## Configure extra options for startup probe +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-startup-readiness-probes/#configure-probes +## @param startupProbe.enabled Enable startupProbe +## @param startupProbe.path Request path for startupProbe +## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe +## @param startupProbe.periodSeconds Period seconds for startupProbe +## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe +## @param startupProbe.failureThreshold Failure threshold for startupProbe +## @param startupProbe.successThreshold Success threshold for startupProbe +## +startupProbe: + enabled: false + path: '/' + initialDelaySeconds: 5 + periodSeconds: 3 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 +## @param customLivenessProbe Override default liveness probe +## +customLivenessProbe: {} +## @param customReadinessProbe Override default readiness probe +## +customReadinessProbe: {} +## @param customStartupProbe Override default startup probe +## +customStartupProbe: {} +## @param topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template +## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods +## +topologySpreadConstraints: [] +## @param priorityClassName Node priorityClassName +## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: "" +## @param schedulerName Use an alternate scheduler, e.g. "stork". +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +schedulerName: "" +## @param terminationGracePeriodSeconds Seconds Airflow web pod needs to terminate gracefully +## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods +## +terminationGracePeriodSeconds: "" +## @param lifecycleHooks lifecycleHooks for the Node container to automate configuration before or after startup. +## +lifecycleHooks: {} +## @param sidecars Add sidecars to the Node pods +## Example: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +extraVolumes: [] +## @param extraVolumeMounts Extra volume mounts to add to the container +## +extraVolumeMounts: [] +## Pods Service Account +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## +serviceAccount: + ## @param serviceAccount.create Enable creation of ServiceAccount for node pod + ## + create: false + ## @param serviceAccount.name The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the `common.names.fullname` template + name: "" + ## @param serviceAccount.annotations Annotations for service account. Evaluated as a template. + ## Only used if `create` is `true`. + ## + annotations: {} + ## @param serviceAccount.automountServiceAccountToken Whether to auto mount the service account token + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server + ## + automountServiceAccountToken: false +## SecurityContext configuration +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +## @param containerSecurityContext.enabled Node Container securityContext +## @param containerSecurityContext.runAsUser User ID for the Node container +## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot +## +containerSecurityContext: + enabled: true + runAsUser: 1001 + runAsNonRoot: true +## @param podSecurityContext.enabled Enable security context for Node pods +## @param podSecurityContext.fsGroup Group ID for the volumes of the pod +## +podSecurityContext: + enabled: true + fsGroup: 1001 +## Node conatiners' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the Node container +## @param resources.requests The requested resources for the Node container +## +resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + ## @param persistence.enabled Enable persistence using PVC + ## + enabled: true + ## @param persistence.mountPath Path where the volume will be mount at. + ## + mountPath: /opt/drycc/cloudbeaver/workspace/ + ## @param persistence.subPath Subdirectory of the volume to mount + ## + subPath: "" + ## @param persistence.existingClaim Name of an existing PVC to use + ## + existingClaim: "" + ## @param persistence.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted + resourcePolicy: "" + ## @param persistence.storageClass Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param persistence.accessModes PVC Access Modes + ## + accessModes: + - ReadWriteOnce + ## @param persistence.size PVC Storage Request + ## + size: 1Gi + ## @param persistence.annotations Annotations for the PVC + ## + annotations: {} + +## @section Traffic exposure parameters + +## Service parameters +## +service: + ## @param service.type Kubernetes Service type + ## + type: LoadBalancer + ## @param service.ports.http Kubernetes Service port + ## + ports: + http: 80 + ## @param service.clusterIP Service Cluster IP + ## + clusterIP: "" + ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/user-guide/services/ + ## + sessionAffinity: 'None' + ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## @param service.nodePorts.http NodePort if Service type is `LoadBalancer` or `NodePort` + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePorts: + http: "" + ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) + ## + extraPorts: [] + ## @param service.loadBalancerIP LoadBalancer IP if Service type is `LoadBalancer` + ## Set the LoadBalancer service type to internal only. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + loadBalancerIP: "" + ## @param service.loadBalancerSourceRanges In order to limit which client IP's can access the Network Load Balancer, specify loadBalancerSourceRanges + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#aws-nlb-support + ## + loadBalancerSourceRanges: [] + ## @param service.externalTrafficPolicy Enable client source IP preservation + ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Annotations for the Service + ## This can be used to set the LoadBalancer service type to internal only. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + annotations: {} +## Configure the ingress resource that allows you to access the +## Node.js installation. Set up the URL +## ref: https://kubernetes.io/docs/user-guide/ingress/ +## +ingress: + ## @param ingress.enabled Set to true to enable ingress record generation + ## + enabled: false + + ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" + ## @param ingress.pathType Ingress path type + ## + pathType: ImplementationSpecific + ## @param ingress.apiVersion Override API Version (automatically detected if not set) + ## + apiVersion: "" + ## @param ingress.hostname When the ingress is enabled, a host pointing to this will be created + ## + hostname: cloudbeaver.local + ## @param ingress.path The Path to Node.js. You may need to set this to '/*' in order to use this with ALB ingress controllers. + ## + path: / + ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + annotations: {} + ## @param ingress.tls Enable TLS configuration for the hostname defined at ingress.hostname parameter + ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} + ## You can use the ingress.secrets parameter to create this TLS secret or rely on cert-manager to create it + ## + tls: false + ## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. + ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array + ## extraHosts: + ## - name: node.local + ## path: / + ## + extraHosts: [] + ## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host. + ## For example: The ALB ingress controller requires a special rule for handling SSL redirection. + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. + ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## extraTls: + ## - hosts: + ## - node.local + ## secretName: node.local-tls + ## + extraTls: [] + ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets + ## key and certificate should start with -----BEGIN CERTIFICATE----- or + ## -----BEGIN RSA PRIVATE KEY----- + ## + ## name should line up with a tlsSecret set further up + ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set + ## + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## - name: node.local-tls + ## key: + ## certificate: + ## + secrets: [] + ## @param ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: example.local + ## http: + ## path: / + ## backend: + ## service: + ## name: example-svc + ## port: + ## name: http + ## + extraRules: [] diff --git a/addons/cloudbeaver/23/meta.yaml b/addons/cloudbeaver/23/meta.yaml new file mode 100644 index 00000000..4d740156 --- /dev/null +++ b/addons/cloudbeaver/23/meta.yaml @@ -0,0 +1,20 @@ +name: cloudbeaver +version: 7.0 +id: b7cb26a4-b258-445c-860b-a664239a67f8 +description: "cloudbeaver" +displayName: "cloudbeaver" +metadata: + displayName: "cloudbeaver" + provider: + name: drycc + supportURL: http://cloudbeaver.io/ + documentationURL: https://github.com/drycc-addons/drycc-docker-redis +tags: cloudbeaver +bindable: true +instances_retrievable: true +bindings_retrievable: true +plan_updateable: true +allow_parameters: +- name: "networkPolicy.allowNamespaces" + description: "networkPolicy allowNamespaces config for values.yaml" +archive: false diff --git a/addons/cloudbeaver/23/plans/standard-5/bind.yaml b/addons/cloudbeaver/23/plans/standard-5/bind.yaml new file mode 100644 index 00000000..5ee51e2a --- /dev/null +++ b/addons/cloudbeaver/23/plans/standard-5/bind.yaml @@ -0,0 +1,20 @@ +credential: + {{- if (eq .Values.service.type "LoadBalancer") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: PORT + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .spec.ports[?(@.name=="http")].port }' + diff --git a/addons/cloudbeaver/23/plans/standard-5/create-instance-schema.json b/addons/cloudbeaver/23/plans/standard-5/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/cloudbeaver/23/plans/standard-5/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/cloudbeaver/23/plans/standard-5/meta.yaml b/addons/cloudbeaver/23/plans/standard-5/meta.yaml new file mode 100644 index 00000000..3c070e39 --- /dev/null +++ b/addons/cloudbeaver/23/plans/standard-5/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-5" +id: 9d92b94d-c63e-47a8-ac91-352f511ef0a9 +description: "Cloudbeaver standard-5 plan: Disk 5Gi ,vCPUs 1 , RAM 2G" +displayName: "standard-5" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/cloudbeaver/23/plans/standard-5/values.yaml b/addons/cloudbeaver/23/plans/standard-5/values.yaml new file mode 100644 index 00000000..920f16ca --- /dev/null +++ b/addons/cloudbeaver/23/plans/standard-5/values.yaml @@ -0,0 +1,60 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-cloudbeaver-standard-10 + +## MinIO® containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the MinIO® container +## @param resources.requests The requested resources for the MinIO® container +## + +resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 1000m + memory: 1024Mi + + +## @section Persistence parameters + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir + ## + enabled: true + ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MySQL primary replicas + ## NOTE: When it's set the rest of persistence parameters are ignored + ## + existingClaim: "" + ## @param primary.persistence.storageClass MySQL primary persistent volume storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param primary.persistence.annotations MySQL primary persistent volume claim annotations + ## + annotations: {} + ## @param primary.persistence.accessModes MySQL primary persistent volume access Modes + ## + accessModes: + - ReadWriteOnce + ## @param primary.persistence.size MySQL primary persistent volume size + ## + size: 5Gi + ## @param primary.persistence.selector Selector to match an existing Persistent Volume + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} From b3e6351c760972192d8518e9d712a76ed931a92d Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 30 Nov 2023 17:18:09 +0800 Subject: [PATCH 24/48] chore(addons): fix plan binds --- .../23/chart/cloudbeaver/values.yaml | 2 +- addons/cloudbeaver/23/meta.yaml | 10 +++--- addons/grafana/10/chart/grafana/values.yaml | 2 +- addons/grafana/10/meta.yaml | 20 +++++++++++ .../grafana/10/plans/standard-1-2/values.yaml | 7 ---- .../{standard-1-2 => standard-5}/bind.yaml | 29 ++++++++-------- .../{standard-1-2 => standard-5}/meta.yaml | 4 +-- .../grafana/10/plans/standard-5/values.yaml | 14 ++++++++ .../8.0/chart/mysql-cluster/values.yaml | 2 +- addons/mysql-cluster/8.0/meta.yaml | 4 ++- .../8.0/plans/standard-10/bind.yaml | 31 +++++++++-------- .../8.0/plans/standard-100/bind.yaml | 31 +++++++++-------- .../8.0/plans/standard-20/bind.yaml | 31 +++++++++-------- .../8.0/plans/standard-200/bind.yaml | 31 +++++++++-------- .../8.0/plans/standard-400/bind.yaml | 31 +++++++++-------- .../8.0/plans/standard-50/bind.yaml | 31 +++++++++-------- .../8.0/plans/standard-800/bind.yaml | 31 +++++++++-------- .../templates/svc-master.yaml | 2 +- .../templates/svc-relp.yaml | 2 +- .../postgresql-cluster/templates/svc.yaml | 2 +- .../15/chart/postgresql-cluster/values.yaml | 4 +-- addons/postgresql-cluster/15/meta.yaml | 8 ++++- .../15/plans/standard-10/bind.yaml | 31 +++++++++++------ .../15/plans/standard-100/bind.yaml | 33 ++++++++++++------- .../15/plans/standard-20/bind.yaml | 33 ++++++++++++------- .../15/plans/standard-200/bind.yaml | 33 ++++++++++++------- .../15/plans/standard-400/bind.yaml | 33 ++++++++++++------- .../15/plans/standard-50/bind.yaml | 33 ++++++++++++------- .../15/plans/standard-800/bind.yaml | 33 ++++++++++++------- 29 files changed, 353 insertions(+), 205 deletions(-) create mode 100644 addons/grafana/10/meta.yaml delete mode 100644 addons/grafana/10/plans/standard-1-2/values.yaml rename addons/grafana/10/plans/{standard-1-2 => standard-5}/bind.yaml (58%) rename addons/grafana/10/plans/{standard-1-2 => standard-5}/meta.yaml (83%) create mode 100644 addons/grafana/10/plans/standard-5/values.yaml diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/values.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/values.yaml index 19515399..149c69d3 100644 --- a/addons/cloudbeaver/23/chart/cloudbeaver/values.yaml +++ b/addons/cloudbeaver/23/chart/cloudbeaver/values.yaml @@ -358,7 +358,7 @@ persistence: - ReadWriteOnce ## @param persistence.size PVC Storage Request ## - size: 1Gi + size: 10Gi ## @param persistence.annotations Annotations for the PVC ## annotations: {} diff --git a/addons/cloudbeaver/23/meta.yaml b/addons/cloudbeaver/23/meta.yaml index 4d740156..b74fe7f5 100644 --- a/addons/cloudbeaver/23/meta.yaml +++ b/addons/cloudbeaver/23/meta.yaml @@ -1,5 +1,5 @@ name: cloudbeaver -version: 7.0 +version: 23 id: b7cb26a4-b258-445c-860b-a664239a67f8 description: "cloudbeaver" displayName: "cloudbeaver" @@ -8,13 +8,13 @@ metadata: provider: name: drycc supportURL: http://cloudbeaver.io/ - documentationURL: https://github.com/drycc-addons/drycc-docker-redis + documentationURL: https://github.com/drycc-addons/ tags: cloudbeaver bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: true +plan_updateable: false allow_parameters: -- name: "networkPolicy.allowNamespaces" - description: "networkPolicy allowNamespaces config for values.yaml" +- name: "service.type" + description: "service type config for values.yaml" archive: false diff --git a/addons/grafana/10/chart/grafana/values.yaml b/addons/grafana/10/chart/grafana/values.yaml index 9b029425..f18c0343 100644 --- a/addons/grafana/10/chart/grafana/values.yaml +++ b/addons/grafana/10/chart/grafana/values.yaml @@ -575,7 +575,7 @@ serviceAccount: service: ## @param service.type Kubernetes Service type ## - type: LoadBalancer + type: ClusterIP ## @param service.clusterIP Grafana service Cluster IP ## e.g.: ## clusterIP: None diff --git a/addons/grafana/10/meta.yaml b/addons/grafana/10/meta.yaml new file mode 100644 index 00000000..224ca287 --- /dev/null +++ b/addons/grafana/10/meta.yaml @@ -0,0 +1,20 @@ +name: Grafana +version: 7.0 +id: fff5b6c7-ed85-429b-8265-493e40cc53c7 +description: "grafana" +displayName: "grafana" +metadata: + displayName: "grafana" + provider: + name: drycc + supportURL: http://grafana.io/ + documentationURL: https://github.com/drycc-addons/ +tags: cloudbeaver +bindable: true +instances_retrievable: true +bindings_retrievable: true +plan_updateable: false +allow_parameters: +- name: "service.type" + description: "service type config for values.yaml" +archive: false diff --git a/addons/grafana/10/plans/standard-1-2/values.yaml b/addons/grafana/10/plans/standard-1-2/values.yaml deleted file mode 100644 index 840b3303..00000000 --- a/addons/grafana/10/plans/standard-1-2/values.yaml +++ /dev/null @@ -1,7 +0,0 @@ -## @param fullnameOverride String to fully override common.names.fullname template -## -fullnameOverride: hb-grafana-standard-10 - -server: - persistence: - size: 10Gi \ No newline at end of file diff --git a/addons/grafana/10/plans/standard-1-2/bind.yaml b/addons/grafana/10/plans/standard-5/bind.yaml similarity index 58% rename from addons/grafana/10/plans/standard-1-2/bind.yaml rename to addons/grafana/10/plans/standard-5/bind.yaml index 8b14d5a5..a41ae66e 100644 --- a/addons/grafana/10/plans/standard-1-2/bind.yaml +++ b/addons/grafana/10/plans/standard-5/bind.yaml @@ -1,29 +1,30 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host + - name: HOST valueFrom: serviceRef: name: {{ printf "%s-router" (include "common.names.fullname" .) }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: password + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-admin jsonpath: '{ .data.GF_SECURITY_ADMIN_PASSWORD }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-admin jsonpath: '{ .data.GF_SECURITY_ADMIN_USER }' - - name: portrw - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - - name: portro - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portro }' - {{- end }} + - name: PORT + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .spec.ports[?(@.name=="http")].port }' diff --git a/addons/grafana/10/plans/standard-1-2/meta.yaml b/addons/grafana/10/plans/standard-5/meta.yaml similarity index 83% rename from addons/grafana/10/plans/standard-1-2/meta.yaml rename to addons/grafana/10/plans/standard-5/meta.yaml index 5facd66f..ae70fd93 100644 --- a/addons/grafana/10/plans/standard-1-2/meta.yaml +++ b/addons/grafana/10/plans/standard-5/meta.yaml @@ -1,6 +1,6 @@ -name: "standard-10" +name: "standard-5" id: 2b455154-8725-482a-95b2-a193c180d9b5 -description: "grafana plan which limit 1c1g ,default persistence size 10Gi." +description: "grafana plan which limit 1c1g ,default persistence size 5Gi." displayName: "1C2G" bindable: true maximum_polling_duration: 1800 diff --git a/addons/grafana/10/plans/standard-5/values.yaml b/addons/grafana/10/plans/standard-5/values.yaml new file mode 100644 index 00000000..ce943f14 --- /dev/null +++ b/addons/grafana/10/plans/standard-5/values.yaml @@ -0,0 +1,14 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-grafana-standard-5 + +resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 1000m + memory: 1024Mi + +persistence: + size: 5Gi \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml index a33e364c..2c70143b 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml @@ -858,7 +858,7 @@ router: service: ## @param secondary.service.type MySQL secondary Kubernetes service type ## - type: LoadBalancer + type: ClusterIP ## @param secondary.service.ports.mysql MySQL secondary Kubernetes service port ## portrw: 3306 diff --git a/addons/mysql-cluster/8.0/meta.yaml b/addons/mysql-cluster/8.0/meta.yaml index 9394d02a..4d54dd35 100644 --- a/addons/mysql-cluster/8.0/meta.yaml +++ b/addons/mysql-cluster/8.0/meta.yaml @@ -13,8 +13,10 @@ tags: mysql-cluster bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: true +plan_updateable: false allow_parameters: - name: "networkPolicy.allowNamespaces" description: "networkPolicy allowNamespaces config for values.yaml" +- name: "router.service.type" + description: "service type config for values.yaml" archive: false diff --git a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml index e8b99314..3ec3ed37 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml @@ -1,34 +1,39 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' - - name: database + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.router.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.database }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: portro + - name: READONLY_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.portro }' - - name: portrw + - name: READWRITE_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml index e8b99314..3ec3ed37 100644 --- a/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml @@ -1,34 +1,39 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' - - name: database + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.router.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.database }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: portro + - name: READONLY_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.portro }' - - name: portrw + - name: READWRITE_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml index e8b99314..3ec3ed37 100644 --- a/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml @@ -1,34 +1,39 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' - - name: database + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.router.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.database }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: portro + - name: READONLY_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.portro }' - - name: portrw + - name: READWRITE_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml index e8b99314..3ec3ed37 100644 --- a/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml @@ -1,34 +1,39 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' - - name: database + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.router.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.database }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: portro + - name: READONLY_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.portro }' - - name: portrw + - name: READWRITE_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml index e8b99314..3ec3ed37 100644 --- a/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml @@ -1,34 +1,39 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' - - name: database + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.router.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.database }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: portro + - name: READONLY_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.portro }' - - name: portrw + - name: READWRITE_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml index e8b99314..3ec3ed37 100644 --- a/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml @@ -1,34 +1,39 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' - - name: database + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.router.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.database }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: portro + - name: READONLY_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.portro }' - - name: portrw + - name: READWRITE_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml index e8b99314..3ec3ed37 100644 --- a/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml @@ -1,34 +1,39 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.router.service.type "LoadBalancer") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.host }' - - name: database + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.router.service.type "ClusterIP") }} + - name: HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.database }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.username }' - - name: portro + - name: READONLY_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user jsonpath: '{ .data.portro }' - - name: portrw + - name: READWRITE_PORT valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - {{- end }} - + jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml index 48dba13d..e162dc3b 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml @@ -12,7 +12,7 @@ metadata: cluster-name: {{ template "patroni.fullname" . }} role: master spec: - type: LoadBalancer + type: {{ .Value.service.type }} selector: application: {{ template "patroni.fullname" . }} cluster-name: {{ template "patroni.fullname" . }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml index ba50b3bd..adc82d13 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml @@ -12,7 +12,7 @@ metadata: cluster-name: {{ template "patroni.fullname" . }} role: replica spec: - type: LoadBalancer + type: {{ .Value.service.type }} selector: application: {{ template "patroni.fullname" . }} cluster-name: {{ template "patroni.fullname" . }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml index 77ffd855..0922fb57 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml @@ -11,7 +11,7 @@ metadata: heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} spec: - type: LoadBalancer + type: {{ .Value.service.type }} ports: - port: 5432 targetPort: 5432 diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 451cb0ba..e3128f72 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -3,7 +3,7 @@ diagnosticMode: enable: false service: - type: LoadBalancer + type: ClusterIP image: # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2 @@ -244,7 +244,7 @@ metrics: cpu: 100m memory: 512Mi walG: - # Specifies whether Wal-E should be enabled + # Specifies whether Wal-G should be enabled enabled: true # Cron schedule for doing base backups scheduleCronJob: "*/5 * * * *" diff --git a/addons/postgresql-cluster/15/meta.yaml b/addons/postgresql-cluster/15/meta.yaml index f7e21529..8a78429d 100644 --- a/addons/postgresql-cluster/15/meta.yaml +++ b/addons/postgresql-cluster/15/meta.yaml @@ -13,8 +13,14 @@ tags: postgresql-cluster bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: true +plan_updateable: false allow_parameters: - name: "networkPolicy.allowNamespaces" description: "networkPolicy allowNamespaces config for values.yaml" +- name: "service.type" + description: "service type config for values.yaml" +- name: "metrics.enabled" + description: "metrics enable or not config for values.yaml" +- name: "walG.enabled" + description: "backup enable or not config for values.yaml" archive: false \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml index d48323b0..41676f6e 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml @@ -1,31 +1,42 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host + - name: MASTER_HOST valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }}-master - jsonpath: '{.spec.clusterIPs[*]}' - - name: hostrepl + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl - jsonpath: '{.spec.clusterIPs[*]}' - - name: database + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-name }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-password }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - - name: port + - name: PORT value: 5432 -{{- end }} diff --git a/addons/postgresql-cluster/15/plans/standard-100/bind.yaml b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml index 619e1429..5b215a03 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml @@ -1,30 +1,41 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host + - name: MASTER_HOST valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }}-master - jsonpath: '{.spec.clusterIPs[*]}' - - name: hostrepl + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl - jsonpath: '{.spec.clusterIPs[*]}' - - name: database + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-name }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-password }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - - name: port - value: 5432 -{{- end }} \ No newline at end of file + - name: PORT + value: 5432 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml index 619e1429..5b215a03 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml @@ -1,30 +1,41 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host + - name: MASTER_HOST valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }}-master - jsonpath: '{.spec.clusterIPs[*]}' - - name: hostrepl + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl - jsonpath: '{.spec.clusterIPs[*]}' - - name: database + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-name }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-password }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - - name: port - value: 5432 -{{- end }} \ No newline at end of file + - name: PORT + value: 5432 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-200/bind.yaml b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml index 619e1429..5b215a03 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml @@ -1,30 +1,41 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host + - name: MASTER_HOST valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }}-master - jsonpath: '{.spec.clusterIPs[*]}' - - name: hostrepl + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl - jsonpath: '{.spec.clusterIPs[*]}' - - name: database + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-name }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-password }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - - name: port - value: 5432 -{{- end }} \ No newline at end of file + - name: PORT + value: 5432 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-400/bind.yaml b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml index 619e1429..a95ec5b2 100644 --- a/addons/postgresql-cluster/15/plans/standard-400/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml @@ -1,30 +1,41 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host + - name: MASTER_HOST valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }}-master - jsonpath: '{.spec.clusterIPs[*]}' - - name: hostrepl + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl - jsonpath: '{.spec.clusterIPs[*]}' - - name: database + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DATABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-name }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-password }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - - name: port - value: 5432 -{{- end }} \ No newline at end of file + - name: PORT + value: 5432 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-50/bind.yaml b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml index 619e1429..5b215a03 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml @@ -1,30 +1,41 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host + - name: MASTER_HOST valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }}-master - jsonpath: '{.spec.clusterIPs[*]}' - - name: hostrepl + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl - jsonpath: '{.spec.clusterIPs[*]}' - - name: database + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-name }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-password }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - - name: port - value: 5432 -{{- end }} \ No newline at end of file + - name: PORT + value: 5432 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-800/bind.yaml b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml index 619e1429..5b215a03 100644 --- a/addons/postgresql-cluster/15/plans/standard-800/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml @@ -1,30 +1,41 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host + - name: MASTER_HOST valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }}-master - jsonpath: '{.spec.clusterIPs[*]}' - - name: hostrepl + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl - jsonpath: '{.spec.clusterIPs[*]}' - - name: database + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- else if (eq .Values.service.type "ClusterIP") }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + {{- end }} + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-name }' - - name: password + - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-password }' - - name: username + - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - - name: port - value: 5432 -{{- end }} \ No newline at end of file + - name: PORT + value: 5432 \ No newline at end of file From 657f6f459ff980432488029bca222af12f1dbc2d Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 4 Dec 2023 11:04:27 +0800 Subject: [PATCH 25/48] chore(prometheus): add auth --- addons/postgresql-cluster/15/meta.yaml | 4 +- .../2/chart/prometheus/templates/_helpers.tpl | 8 ++++ .../templates/server/configmap.yaml | 4 +- .../templates/server/deployment.yaml | 19 +++++++- .../prometheus/templates/server/sec.yaml | 14 ++++++ .../prometheus/2/chart/prometheus/values.yaml | 10 ++++- addons/prometheus/2/meta.yaml | 6 ++- .../prometheus/2/plans/standard-10/bind.yaml | 36 +++++++-------- .../2/plans/standard-10/values.yaml | 3 +- .../prometheus/2/plans/standard-50/bind.yaml | 44 +++++++------------ .../2/plans/standard-50/values.yaml | 3 +- 11 files changed, 94 insertions(+), 57 deletions(-) create mode 100644 addons/prometheus/2/chart/prometheus/templates/server/sec.yaml diff --git a/addons/postgresql-cluster/15/meta.yaml b/addons/postgresql-cluster/15/meta.yaml index 8a78429d..e870c5f5 100644 --- a/addons/postgresql-cluster/15/meta.yaml +++ b/addons/postgresql-cluster/15/meta.yaml @@ -20,7 +20,7 @@ allow_parameters: - name: "service.type" description: "service type config for values.yaml" - name: "metrics.enabled" - description: "metrics enable or not config for values.yaml" + description: "Whether to enable metrics. default true" - name: "walG.enabled" - description: "backup enable or not config for values.yaml" + description: "Whether to use S3 for backup your data. default true . ps: Make sure there is a available S3 " archive: false \ No newline at end of file diff --git a/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl b/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl index 9136398b..45a72ec7 100644 --- a/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl +++ b/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl @@ -108,6 +108,14 @@ Get the Prometheus configuration configmap key. {{- end -}} {{- end -}} +{{/* +Get the Prometheus Alertmanager configuration configmap key. +*/}} +{{- define "prometheus.serever.web.configmapKey" -}} +{{- printf "web-config.yaml" -}} +{{- end -}} + + {{/* Get the Prometheus Alertmanager configuration configmap key. */}} diff --git a/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml b/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml index 36d64f70..3c9703e8 100644 --- a/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml +++ b/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml @@ -17,7 +17,9 @@ metadata: {{- end }} data: {{ include "prometheus.server.configmapKey" . }}: - {{- include "common.tplvalues.render" (dict "value" .Values.server.configuration "context" $) | toYaml | nindent 4 }} + {{- include "common.tplvalues.render" (dict "value" .Values.server.configuration "context" $) | toYaml | nindent 4 }} + {{ include "prometheus.serever.web.configmapKey" .}}: + {{- include "common.tplvalues.render" (dict "value" .Values.server.webconfig "context" $) | toYaml | nindent 4 }} rules.yaml: {{- include "common.tplvalues.render" (dict "value" .Values.server.alertingRules "context" $) | toYaml | nindent 4 }} {{- end }} diff --git a/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml b/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml index 8429060a..026b0139 100644 --- a/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml +++ b/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml @@ -114,13 +114,13 @@ spec: args: - "--config.file=/opt/drycc/prometheus/conf/{{ include "prometheus.server.configmapKey" . }}" - "--storage.tsdb.path={{ .Values.server.persistence.mountPath }}" - - "--storage.tsdb.retention.time={{ .Values.server.retention }}" - "--storage.tsdb.retention.size={{ .Values.server.retentionSize }}" - "--log.level={{ .Values.server.logLevel }}" - "--log.format={{ .Values.server.logFormat }}" - "--web.listen-address=:{{ .Values.server.containerPorts.http }}" - "--web.console.libraries=/opt/drycc/prometheus/conf/console_libraries" - "--web.console.templates=/opt/drycc/prometheus/conf/consoles" + - "--web.config.file=/opt/drycc/prometheus/conf/web-config.yaml" {{- if .Values.server.enableAdminAPI}} - "--web.enable-admin-api" {{- end }} @@ -141,6 +141,11 @@ spec: {{- if .Values.server.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.server.extraEnvVars "context" $) | nindent 12 }} {{- end }} + - name: PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "prometheus.server.fullname" . }} + key: PASSWORD envFrom: {{- if .Values.server.extraEnvVarsCM }} - configMapRef: @@ -164,6 +169,9 @@ spec: httpGet: path: /-/healthy port: http + httpHeaders: + - name: Authorization + value: Basic {{ printf "%s:%s" .Values.server.username .Values.server.password | b64enc }} {{- end }} {{- if .Values.server.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.server.customReadinessProbe "context" $) | nindent 12 }} @@ -172,13 +180,20 @@ spec: httpGet: path: /-/ready port: http + httpHeaders: + - name: Authorization + value: Basic {{ printf "%s:%s" .Values.server.username .Values.server.password | b64enc }} {{- end }} {{- if .Values.server.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.server.customStartupProbe "context" $) | nindent 12 }} {{- else if .Values.server.startupProbe.enabled }} startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.server.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: + httpGet: + path: /-/ready port: http + httpHeaders: + - name: Authorization + value: Basic {{ printf "%s:%s" .Values.server.username .Values.server.password | b64enc }} {{- end }} {{- end }} {{- if .Values.server.lifecycleHooks }} diff --git a/addons/prometheus/2/chart/prometheus/templates/server/sec.yaml b/addons/prometheus/2/chart/prometheus/templates/server/sec.yaml new file mode 100644 index 00000000..fd0b368c --- /dev/null +++ b/addons/prometheus/2/chart/prometheus/templates/server/sec.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: + application: {{ template "prometheus.server.fullname" . }} + chart: {{ template "prometheus.server.fullname" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + cluster-name: {{ template "prometheus.server.fullname" . }} +type: Opaque +data: + PASSWORD: {{ if .Values.password | default "" | ne "" }} {{ .Values.service.password | b64enc }}{{ else }}{{ randAlphaNum 32 | b64enc }}{{ end }} diff --git a/addons/prometheus/2/chart/prometheus/values.yaml b/addons/prometheus/2/chart/prometheus/values.yaml index 21331135..f7f91f7e 100644 --- a/addons/prometheus/2/chart/prometheus/values.yaml +++ b/addons/prometheus/2/chart/prometheus/values.yaml @@ -80,7 +80,7 @@ ingress: ## @param alertmanager.image.pullSecrets Alertmanager image pull secrets ## alertmanager: - enabled: true + enabled: false image: registry: registry.drycc.cc repository: drycc-addons/alertmanager @@ -577,6 +577,8 @@ alertmanager: ## @param server.image.pullSecrets Prometheus image pull secrets ## server: + username: admin + password: admin image: registry: registry.drycc.cc repository: drycc-addons/prometheus @@ -599,6 +601,10 @@ server: ## @param server.configuration [string] Promethus configuration. This content will be stored in the the prometheus.yaml file and the content can be a template. ## ref: ## + webconfig : | + basic_auth_users: + {{ htpasswd .Values.server.username .Values.server.password | replace ":" ": "}} + configuration: | global: {{- if .Values.server.scrapeInterval }} @@ -703,7 +709,7 @@ server: ## @param server.startupProbe.successThreshold Success threshold for startupProbe ## startupProbe: - enabled: false + enabled: true initialDelaySeconds: 2 periodSeconds: 5 timeoutSeconds: 2 diff --git a/addons/prometheus/2/meta.yaml b/addons/prometheus/2/meta.yaml index ddf83945..7ac5e2af 100644 --- a/addons/prometheus/2/meta.yaml +++ b/addons/prometheus/2/meta.yaml @@ -13,8 +13,12 @@ tags: prometheus bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: true +plan_updateable: false allow_parameters: - name: "networkPolicy.allowNamespaces" description: "networkPolicy allowNamespaces config for values.yaml" +- name: "server.username" + description: "set username . default amdin" +- name: "server.username" + description: "set passsword . default amdin" archive: false diff --git a/addons/prometheus/2/plans/standard-10/bind.yaml b/addons/prometheus/2/plans/standard-10/bind.yaml index c6efaaba..e453fade 100644 --- a/addons/prometheus/2/plans/standard-10/bind.yaml +++ b/addons/prometheus/2/plans/standard-10/bind.yaml @@ -1,28 +1,24 @@ credential: - {{- if (eq .Values.server.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.server.service.type "LoadBalancer") }} + - name: HOST valueFrom: serviceRef: - name: {{ printf "%s" (include "common.names.fullname" .) }} + name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: port - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .spec.ports.port }' - {{- end }} - -alertmanager - - {{- if (eq .Values.alertmanager.service.type "LoadBalancer") }} - - name: host +{{- else if (eq .Values.service.type "ClusterIP") }} + - name: HOST valueFrom: serviceRef: - name: {{ printf "%s" (include "common.names.fullname" .) }} - jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: port + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' +{{- end }} + - name: PORT valueFrom: - secretKeyRef: + serviceRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .spec.ports.port }' - {{- end }} \ No newline at end of file + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + valule: {{ .Values.server.username }} + - name: PASSWORD + valule: {{ .Values.server.password }} + {{- end }} diff --git a/addons/prometheus/2/plans/standard-10/values.yaml b/addons/prometheus/2/plans/standard-10/values.yaml index 3470d0d5..796ae97e 100644 --- a/addons/prometheus/2/plans/standard-10/values.yaml +++ b/addons/prometheus/2/plans/standard-10/values.yaml @@ -4,4 +4,5 @@ fullnameOverride: hb-prometheus-standard-10 server: persistence: - size: 10Gi \ No newline at end of file + size: 10Gi + retentionSize: 8Gi \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-50/bind.yaml b/addons/prometheus/2/plans/standard-50/bind.yaml index 3e652f1c..e453fade 100644 --- a/addons/prometheus/2/plans/standard-50/bind.yaml +++ b/addons/prometheus/2/plans/standard-50/bind.yaml @@ -1,34 +1,24 @@ credential: - {{- if (eq .Values.service.type "LoadBalancer") }} - - name: host +{{- if (eq .Values.server.service.type "LoadBalancer") }} + - name: HOST valueFrom: serviceRef: - name: {{ printf "%s" (include "common.names.fullname" .) }} + name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: database +{{- else if (eq .Values.service.type "ClusterIP") }} + - name: HOST valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - - name: password - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: username - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' - - name: portrw - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portrw }' - - name: portro + serviceRef: + name: {{ include "common.names.fullname" . }} + jsonpath: '{ .spec.clusterIP }' +{{- end }} + - name: PORT valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.portro }' + serviceRef: + name: {{ template "common.names.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + valule: {{ .Values.server.username }} + - name: PASSWORD + valule: {{ .Values.server.password }} {{- end }} - diff --git a/addons/prometheus/2/plans/standard-50/values.yaml b/addons/prometheus/2/plans/standard-50/values.yaml index 0dc80c4f..69caeefa 100644 --- a/addons/prometheus/2/plans/standard-50/values.yaml +++ b/addons/prometheus/2/plans/standard-50/values.yaml @@ -4,4 +4,5 @@ fullnameOverride: hb-prometheus-standard-50 server: persistence: - size: 50Gi \ No newline at end of file + size: 50Gi + retentionSize: 48Gi \ No newline at end of file From 96cc9a69fcb9c5f01914aa868cc7308bbc0a700d Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 4 Dec 2023 11:21:52 +0800 Subject: [PATCH 26/48] fix(postgresql-cluster): service type nil --- .../15/chart/postgresql-cluster/templates/svc-master.yaml | 2 +- .../15/chart/postgresql-cluster/templates/svc-relp.yaml | 2 +- .../15/chart/postgresql-cluster/templates/svc.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml index e162dc3b..f3d20fd2 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-master.yaml @@ -12,7 +12,7 @@ metadata: cluster-name: {{ template "patroni.fullname" . }} role: master spec: - type: {{ .Value.service.type }} + type: {{ .Values.service.type }} selector: application: {{ template "patroni.fullname" . }} cluster-name: {{ template "patroni.fullname" . }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml index adc82d13..252882b3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc-relp.yaml @@ -12,7 +12,7 @@ metadata: cluster-name: {{ template "patroni.fullname" . }} role: replica spec: - type: {{ .Value.service.type }} + type: {{ .Values.service.type }} selector: application: {{ template "patroni.fullname" . }} cluster-name: {{ template "patroni.fullname" . }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml index 0922fb57..3644db78 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/svc.yaml @@ -11,7 +11,7 @@ metadata: heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} spec: - type: {{ .Value.service.type }} + type: {{ .Values.service.type }} ports: - port: 5432 targetPort: 5432 From 510b272277191288ac5288cd7a1e01f085fa2762 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 4 Dec 2023 11:31:45 +0800 Subject: [PATCH 27/48] fix(cloudbeaver): labels application --- .../cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml index c00c3656..2b1fe314 100644 --- a/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml @@ -118,7 +118,7 @@ spec: {{ toYaml .Values.persistence.annotations | indent 8 }} {{- end }} labels: - application: {{ template "cloudbeaver.fullname" . }} + application: {{ include "common.names.fullname" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: From 735f5376937aa661b37206593f89a4731bfecde9 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 5 Dec 2023 11:31:10 +0800 Subject: [PATCH 28/48] fix(postgresql-cluster): plans describe typo --- addons/index.yaml | 3 +++ .../15/chart/postgresql-cluster/values.yaml | 6 +++++- addons/postgresql-cluster/15/meta.yaml | 6 ++++++ addons/postgresql-cluster/15/plans/standard-100/meta.yaml | 2 +- addons/postgresql-cluster/15/plans/standard-20/meta.yaml | 2 +- addons/postgresql-cluster/15/plans/standard-200/meta.yaml | 2 +- addons/postgresql-cluster/15/plans/standard-400/meta.yaml | 2 +- addons/postgresql-cluster/15/plans/standard-50/meta.yaml | 2 +- addons/postgresql-cluster/15/plans/standard-800/meta.yaml | 2 +- 9 files changed, 20 insertions(+), 7 deletions(-) diff --git a/addons/index.yaml b/addons/index.yaml index 75ec5191..fb67bcb2 100644 --- a/addons/index.yaml +++ b/addons/index.yaml @@ -1,5 +1,8 @@ apiVersion: v1 entries: + cloudbeaver: + - version: 23 + description: "Cloud Database Manager." mysql-cluster: - version: 8.0 description: "The world's most popular open source database cluster." diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index e3128f72..960735da 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -82,7 +82,11 @@ preInitScript: | track_commit_timestamp: "off" archive_mode: "on" archive_timeout: 300s + {{- if .Values.walG.enabled }} archive_command: sh /opt/drycc/postgresql/walbackup.sh %p + {{- else }} + archive_command: /bin/true + {{- end }} # timescaledb.license: 'timescale' shared_preload_libraries: 'auto_explain,pg_stat_statements' log_destination: 'csvlog' @@ -245,7 +249,7 @@ metrics: memory: 512Mi walG: # Specifies whether Wal-G should be enabled - enabled: true + enabled: false # Cron schedule for doing base backups scheduleCronJob: "*/5 * * * *" # Amount of base backups to retain diff --git a/addons/postgresql-cluster/15/meta.yaml b/addons/postgresql-cluster/15/meta.yaml index 1b5450bc..a9bfe787 100644 --- a/addons/postgresql-cluster/15/meta.yaml +++ b/addons/postgresql-cluster/15/meta.yaml @@ -23,4 +23,10 @@ allow_parameters: description: "Whether to enable metrics. default true" - name: "walG.enabled" description: "Whether to use S3 for backup your data. default true . ps: Make sure there is a available S3 " +- name: "walG.s3.awsAccessKeyID" + description: "S3 awsAccessKeyID" +- name: "walG.s3.awsSecretAccessKey" + description: "S3 awsSecretAccessKey" +- name: "walG.s3.walGS3Prefix" + description: "S3 walGS3Prefix : etc . s3://bucket001" archive: false \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-100/meta.yaml b/addons/postgresql-cluster/15/plans/standard-100/meta.yaml index 8b3352c9..699f4aaa 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/meta.yaml @@ -1,6 +1,6 @@ name: "standard-100" id: c44160a6-5ec4-49e5-af1e-a1c1676871cf -description: "Mysql Cluster standard-100 plan: Disk 100Gi ,vCPUs 4 , RAM 16G , DB MAX Connection 2000" +description: "PostgreSQL Cluster standard-100 plan: Disk 100Gi ,vCPUs 4 , RAM 16G , DB MAX Connection 2000" displayName: "standard-100" bindable: true maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-20/meta.yaml b/addons/postgresql-cluster/15/plans/standard-20/meta.yaml index e9580d73..0f67097a 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/meta.yaml @@ -1,6 +1,6 @@ name: "standard-20" id: edf8bdfe-b1dc-4f41-b042-801153794df7 -description: "Mysql Cluster standard-20 plan: Disk 20Gi ,vCPUs 2 , RAM 4G , DB MAX Connection 1000" +description: "PostgreSQL Cluster standard-20 plan: Disk 20Gi ,vCPUs 2 , RAM 4G , DB MAX Connection 1000" displayName: "standard-20" bindable: true maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-200/meta.yaml b/addons/postgresql-cluster/15/plans/standard-200/meta.yaml index 89b4292b..cbfb48ce 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/meta.yaml @@ -1,6 +1,6 @@ name: "standard-200" id: a2160ac2-6c35-4162-b8a2-8dfb2e01816f -description: "Mysql Cluster standard-200 plan: Disk 200Gi ,vCPUs 8 , RAM 32G , DB MAX Connection 2000" +description: "PostgreSQL Cluster standard-200 plan: Disk 200Gi ,vCPUs 8 , RAM 32G , DB MAX Connection 2000" displayName: "standard-200" bindable: true maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-400/meta.yaml b/addons/postgresql-cluster/15/plans/standard-400/meta.yaml index b9472699..8ec2aacb 100644 --- a/addons/postgresql-cluster/15/plans/standard-400/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-400/meta.yaml @@ -1,6 +1,6 @@ name: "standard-400" id: 16bfd3a8-1080-4731-93d0-bd90e6ba6dad -description: "Mysql Cluster standard-400 plan: Disk 400Gi ,vCPUs 16 , RAM 64G , DB MAX Connection 2000" +description: "PostgreSQL Cluster standard-400 plan: Disk 400Gi ,vCPUs 16 , RAM 64G , DB MAX Connection 2000" displayName: "standard-400" bindable: true maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-50/meta.yaml b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml index 9fbb08f1..29e67ad5 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml @@ -1,6 +1,6 @@ name: "standard-50" id: 0542f411-4e7b-46af-966c-c9989e54873c -description: "Mysql Cluster standard-50 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" +description: "PostgreSQL standard-50 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" displayName: "standard-50" bindable: true maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-800/meta.yaml b/addons/postgresql-cluster/15/plans/standard-800/meta.yaml index 1748ac9e..72ab5126 100644 --- a/addons/postgresql-cluster/15/plans/standard-800/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-800/meta.yaml @@ -1,6 +1,6 @@ name: "standard-800" id: 60f37e20-e69e-4f6f-9cce-e43caec34963 -description: "Mysql Cluster standard-800 plan: Disk 800Gi ,vCPUs 32 , RAM 128G , DB MAX Connection 2000" +description: "PostgreSQL Cluster standard-800 plan: Disk 800Gi ,vCPUs 32 , RAM 128G , DB MAX Connection 2000" displayName: "standard-800" bindable: true maximum_polling_duration: 1800 From 4efae114771740f61ff1c84642691ac9ee563879 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 8 Dec 2023 14:02:13 +0800 Subject: [PATCH 29/48] chore(postgresql-cluster): allow dyrcc params --- .../15/chart/postgresql-cluster/README.md | 164 ++---------------- .../postgresql-cluster/templates/_helpers.tpl | 34 ++-- .../postgresql-cluster/templates/cronjob.yaml | 2 +- .../templates/networkpolicy.yaml | 2 +- .../postgresql-cluster/templates/sec.yaml | 6 +- .../templates/statefulset.yaml | 10 +- .../15/chart/postgresql-cluster/values.yaml | 20 ++- addons/postgresql-cluster/15/meta.yaml | 10 +- .../15/plans/standard-10/values.yaml | 2 +- .../15/plans/standard-100/values.yaml | 1 - .../15/plans/standard-20/values.yaml | 2 +- .../15/plans/standard-200/values.yaml | 1 - .../15/plans/standard-50/values.yaml | 1 - 13 files changed, 61 insertions(+), 194 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md index 8d44fca1..3bab0f21 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md @@ -1,151 +1,17 @@ -# ⚠️ Repo Archive Notice -As of Nov 13, 2020, charts in this repo will no longer be updated. -For more information, see the Helm Charts [Deprecation and Archive Notice](https://github.com/helm/charts#%EF%B8%8F-deprecation-and-archive-notice), and [Update](https://helm.sh/blog/charts-repo-deprecation/). - -# Patroni Helm Chart - -This directory contains a Kubernetes chart to deploy a five node [Patroni](https://github.com/zalando/patroni/) cluster using a [Spilo](https://github.com/zalando/spilo) and a StatefulSet. - - -## Prerequisites Details -* Kubernetes 1.9+ -* PV support on the underlying infrastructure - -## StatefulSet Details -* https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ - -## StatefulSet Caveats -* https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#limitations - - -## Chart Details -This chart will do the following: - -* Implement a HA scalable PostgreSQL 10 cluster using a Kubernetes StatefulSet. - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -$ helm repo add -$ helm dependency update -$ helm install --name my-release postgresql-cluster -``` - -To install the chart with randomly generated passwords: - -```console -$ helm install --name my-release postgresql-cluster \ - --set credentials.superuser="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)",credentials.admin="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)",credentials.standby="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)" -``` - -## Connecting to PostgreSQL - -Your access point is a cluster IP. In order to access it spin up another pod: - -```console -$ kubectl run -i --tty --rm psql --image=postgres --restart=Never -- bash -il -``` - -Then, from inside the pod, connect to PostgreSQL: - -```console -$ psql -U admin -h my-release-patroni.default.svc.cluster.local postgres - -postgres=> -``` - -## Configuration - -The following table lists the configurable parameters of the patroni chart and their default values. - -| Parameter | Description | Default | -|-----------------------------------|---------------------------------------------|-----------------------------------------------------| -| `nameOverride` | Override the name of the chart | `nil` | -| `fullnameOverride` | Override the fullname of the chart | `nil` | -| `replicaCount` | Amount of pods to spawn | `5` | -| `image.repository` | The image to pull | `registry.opensource.zalan.do/acid/spilo-10` | -| `image.tag` | The version of the image to pull | `1.5-p5` | -| `image.pullPolicy` | The pull policy | `IfNotPresent` | -| `credentials.superuser` | Password of the superuser | `tea` | -| `credentials.admin` | Password of the admin | `cola` | -| `credentials.standby` | Password of the replication user | `pinacolada` | -| `kubernetes.dcs.enable` | Using Kubernetes as DCS | `true` | -| `kubernetes.configmaps.enable` | Using Kubernetes configmaps instead of endpoints | `false` | -| `etcd.enable` | Using etcd as DCS | `false` | -| `etcd.deployChart` | Deploy etcd chart | `false` | -| `etcd.host` | Host name of etcd cluster | `nil` | -| `etcd.discovery` | Domain name of etcd cluster | `nil` | -| `zookeeper.enable` | Using ZooKeeper as DCS | `false` | -| `zookeeper.deployChart` | Deploy ZooKeeper chart | `false` | -| `zookeeper.hosts` | List of ZooKeeper cluster members | `host1:port1,host2:port,etc...` | -| `consul.enable` | Using Consul as DCS | `false` | -| `consul.deployChart` | Deploy Consul chart | `false` | -| `consul.host` | Host name of consul cluster | `nil` | -| `env` | Extra custom environment variables | `{}` | -| `walE.enable` | Use of Wal-E tool for base backup/restore | `false` | -| `walE.scheduleCronJob` | Schedule of Wal-E backups | `00 01 * * *` | -| `walE.retainBackups` | Number of base backups to retain | `2` | -| `walE.s3Bucket:` | Amazon S3 bucket used for wal-e backups | `nil` | -| `walE.gcsBucket` | GCS storage used for Wal-E backups | `nil` | -| `walE.kubernetesSecret` | K8s secret name for provider bucket | `nil` | -| `walE.backupThresholdMegabytes` | Maximum size of the WAL segments accumulated after the base backup to consider WAL-E restore instead of pg_basebackup | `1024` | -| `walE.backupThresholdPercentage` | Maximum ratio (in percents) of the accumulated WAL files to the base backup to consider WAL-E restore instead of pg_basebackup | `30` | -| `resources` | Any resources you wish to assign to the pod | `{}` | -| `nodeSelector` | Node label to use for scheduling | `{}` | -| `tolerations` | List of node taints to tolerate | `[]` | -| `affinityTemplate` | A template string to use to generate the affinity settings | Anti-affinity preferred on hostname | -| `affinity` | Affinity settings. Overrides `affinityTemplate` if set. | `{}` | -| `schedulerName` | Alternate scheduler name | `nil` | -| `persistentVolume.accessModes` | Persistent Volume access modes | `[ReadWriteOnce]` | -| `persistentVolume.annotations` | Annotations for Persistent Volume Claim` | `{}` | -| `persistentVolume.mountPath` | Persistent Volume mount root path | `/home/postgres/pgdata` | -| `persistentVolume.size` | Persistent Volume size | `2Gi` | -| `persistentVolume.storageClass` | Persistent Volume Storage Class | `volume.alpha.kubernetes.io/storage-class: default` | -| `persistentVolume.subPath` | Subdirectory of Persistent Volume to mount | `""` | -| `rbac.create` | Create required role and rolebindings | `true` | -| `serviceAccount.create` | If true, create a new service account | `true` | -| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | `nil` | - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```console -$ helm install --name my-release -f values.yaml incubator/patroni -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) - -## Cleanup - -To remove the spawned pods you can run a simple `helm delete `. - -Helm will however preserve created persistent volume claims, -to also remove them execute the commands below. - -```console -$ release= -$ helm delete $release -$ kubectl delete pvc -l release=$release -``` - -## Internals - -Patroni is responsible for electing a PostgreSQL master pod by leveraging the -DCS of your choice. After election it adds a `spilo-role=master` label to the -elected master and set the label to `spilo-role=replica` for all replicas. -Simultaneously it will update the `-patroni` endpoint to let the -service route traffic to the elected master. - -```console -$ kubectl get pods -l spilo-role -L spilo-role -NAME READY STATUS RESTARTS AGE SPILO-ROLE -my-release-patroni-0 1/1 Running 0 9m replica -my-release-patroni-1 1/1 Running 0 9m master -my-release-patroni-2 1/1 Running 0 8m replica -my-release-patroni-3 1/1 Running 0 8m replica -my-release-patroni-4 1/1 Running 0 8m replica ``` +dataname: + dbname: dbn + username: admin + password: R3Dv0NEmwZkhhz +networkPolicy.allowNamespaces: + - mx-test1 +service.type: ClusterIP +metrics.enabled: true +backup: + enabled: true + s3: + awsAccessKeyID: DO9l771LqiwZkhhz + awsSecretAccessKey: R3Dv0NEmJBo8JFdn1q8jz49ArWwpDjFn + walGS3Prefix: mx-test +``` \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl index 1e4e50bc..feddfa57 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl @@ -46,7 +46,7 @@ Create the name of the service account to use. Return true if a cronjob object should be created for Postgresql HA patroni ## TODO feature */}} {{- define "patroni.createCronJob" -}} -{{- if and .Values.walG.enabled }} +{{- if and .Values.backup.enabled }} {{- true -}} {{- else -}} {{- end -}} @@ -143,35 +143,35 @@ Create patroni envs. {{/* Create walg envs. */}} -{{- define "walg.envs" }} -{{- if .Values.walG.enabled }} +{{- define "backup.envs" }} +{{- if .Values.backup.enabled }} - name: USE_WALG - value: {{ .Values.walG.enabled | quote }} -{{- if .Values.walG.retainBackups }} + value: {{ .Values.backup.enabled | quote }} +{{- if .Values.backup.retainBackups }} - name: BACKUP_NUM_TO_RETAIN - value: {{ .Values.walG.retainBackups | quote}} + value: {{ .Values.backup.retainBackups | quote}} {{- end }} -{{- if .Values.walG.backupThresholdMegabytes }} +{{- if .Values.backup.backupThresholdMegabytes }} - name: WALG_BACKUP_THRESHOLD_MEGABYTES - value: {{ .Values.walG.backupThresholdMegabytes | quote }} + value: {{ .Values.backup.backupThresholdMegabytes | quote }} {{- end }} -{{- if .Values.walG.backupThresholdPercentage }} +{{- if .Values.backup.backupThresholdPercentage }} - name: WALE_BACKUP_THRESHOLD_PERCENTAGE - value: {{ .Values.walG.backupThresholdPercentage | quote }} + value: {{ .Values.backup.backupThresholdPercentage | quote }} {{- end }} -{{- if .Values.walG.s3.used }} +{{- if .Values.backup.s3.used }} - name: AWS_ACCESS_KEY_ID - value: {{ .Values.walG.s3.awsAccessKeyID | quote }} + value: {{ .Values.backup.s3.awsAccessKeyID | quote }} - name: AWS_SECRET_ACCESS_KEY - value: {{ .Values.walG.s3.awsSecretAccessKey | quote }} + value: {{ .Values.backup.s3.awsSecretAccessKey | quote }} - name: WALG_S3_PREFIX - value: {{ .Values.walG.s3.walGS3Prefix | quote }} + value: {{ .Values.backup.s3.walGS3Prefix | quote }} - name: AWS_ENDPOINT - value: {{ .Values.walG.s3.awsEndpoint | quote }} + value: {{ .Values.backup.s3.awsEndpoint | quote }} - name: AWS_S3_FORCE_PATH_STYLE - value: {{ .Values.walG.s3.awsS3ForcePathStyle | quote }} + value: {{ .Values.backup.s3.awsS3ForcePathStyle | quote }} - name: AWS_REGION - value: {{ .Values.walG.s3.awsRegion | quote }} + value: {{ .Values.backup.s3.awsRegion | quote }} {{- end }} {{- else }} - name: USE_WALG diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml index 39c08de3..41e42886 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cronjob.yaml @@ -19,7 +19,7 @@ metadata: {{- end }} spec: - schedule: "{{ .Values.walG.scheduleCronJob }}" + schedule: "{{ .Values.backup.scheduleCronJob }}" failedJobsHistoryLimit: 1 successfulJobsHistoryLimit: 1 jobTemplate: diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml index 8b429517..dfad66c3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml @@ -23,7 +23,7 @@ spec: - port: 5432 {{- if and .Values.metrics.enabled }} - port: {{ .Values.metrics.containerPort }} - {{ end }} `` + {{ end }} {{- if or .Values.networkPolicy.allowCurrentNamespace .Values.networkPolicy.allowNamespaces }} from: {{- if .Values.networkPolicy.allowCurrentNamespace }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml index 306e93e7..0a5ed63b 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml @@ -14,6 +14,6 @@ data: password-superuser: {{ .Values.credentials.superuser | b64enc }} password-rewind: {{ .Values.credentials.rewind | b64enc }} password-replication: {{ .Values.credentials.replication | b64enc }} - data-user: {{ .Values.dataname.username | b64enc }} - data-name: {{ .Values.dataname.dbname | b64enc }} - data-password: {{ .Values.dataname.password | b64enc }} + data-user: {{ .Values.database.username | b64enc }} + data-name: {{ .Values.database.dbname | b64enc }} + data-password: {{ .Values.database.password | b64enc }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 0d1ed21a..98ded996 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -56,8 +56,8 @@ spec: # fsGroup: postgres env: {{- include "patroni.envs" . | indent 8 }} - {{- if .Values.walG.enabled }} - {{- include "walg.envs" . | indent 8 }} + {{- if .Values.backup.enabled }} + {{- include "backup.envs" . | indent 8 }} {{- end }} {{- if .Values.env }} {{- range $key, $val := .Values.env }} @@ -127,7 +127,7 @@ spec: {{- end }} env: - name: DATA_SOURCE_NAME - value: {{ printf "postgresql://tea_mon:password@127.0.0.1:5432/%s?sslmode=disable" $.Values.dataname.dbname }} + value: {{ printf "postgresql://tea_mon:password@127.0.0.1:5432/%s?sslmode=disable" $.Values.database.dbname }} ports: - name: http-metrics containerPort: {{ .Values.metrics.containerPort }} @@ -161,7 +161,7 @@ spec: resources: {{- toYaml .Values.metrics.resources | nindent 12 }} {{- end }} {{- end }} - {{- if .Values.walG.enabled }} + {{- if .Values.backup.enabled }} - name: {{ .Chart.Name }}-backup image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -175,7 +175,7 @@ spec: - | python3 /opt/drycc/postgresql/pgbackup.py 0.0.0.0 9000 env: - {{- include "walg.envs" . | indent 8 }} + {{- include "backup.envs" . | indent 8 }} - name: PGHOST value: localhost - name: PGPASSWORD diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 960735da..d7b24deb 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -21,7 +21,7 @@ credentials: rewind: cola replication: reppasswd -dataname: +database: dbname: db1 username: us1 password: 111w @@ -82,7 +82,7 @@ preInitScript: | track_commit_timestamp: "off" archive_mode: "on" archive_timeout: 300s - {{- if .Values.walG.enabled }} + {{- if .Values.backup.enabled }} archive_command: sh /opt/drycc/postgresql/walbackup.sh %p {{- else }} archive_command: /bin/true @@ -243,15 +243,15 @@ metrics: limits: cpu: 100m memory: 512Mi - # hugepages-2Mi: 4Mi + hugepages-2Mi: 20Mi requests: cpu: 100m memory: 512Mi -walG: +backup: # Specifies whether Wal-G should be enabled - enabled: false + enabled: true # Cron schedule for doing base backups - scheduleCronJob: "*/5 * * * *" + scheduleCronJob: "20 0 * * 0" # Amount of base backups to retain retainBackups: 2 # Name of the secret that holds the credentials to the bucket @@ -271,8 +271,9 @@ walG: awsS3ForcePathStyle: "true" awsRegion: dx-1 + persistentVolume: - enabled: false + enabled: true size: 10G ## database data Persistent Volume Storage Class ## If defined, storageClassName: @@ -338,7 +339,7 @@ serviceAccount: networkPolicy: ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources ## - enabled: false + enabled: true ## @param networkPolicy.allowExternal The Policy model to apply. ## When set to false, only pods with the correct ## client label will have network access to the port Postgresql is listening @@ -346,4 +347,5 @@ networkPolicy: ## (with the correct destination port). ## allowCurrentNamespace: true - allowNamespaces: [] \ No newline at end of file + allowNamespaces: + - mx-test1 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/meta.yaml b/addons/postgresql-cluster/15/meta.yaml index a9bfe787..28de1baf 100644 --- a/addons/postgresql-cluster/15/meta.yaml +++ b/addons/postgresql-cluster/15/meta.yaml @@ -15,18 +15,20 @@ instances_retrievable: true bindings_retrievable: true plan_updateable: false allow_parameters: +- name: "dataname" + description: "database config for values.yaml" - name: "networkPolicy.allowNamespaces" description: "networkPolicy allowNamespaces config for values.yaml" - name: "service.type" description: "service type config for values.yaml" - name: "metrics.enabled" description: "Whether to enable metrics. default true" -- name: "walG.enabled" +- name: "backup.enabled" description: "Whether to use S3 for backup your data. default true . ps: Make sure there is a available S3 " -- name: "walG.s3.awsAccessKeyID" +- name: "backup.s3.awsAccessKeyID" description: "S3 awsAccessKeyID" -- name: "walG.s3.awsSecretAccessKey" +- name: "backup.s3.awsSecretAccessKey" description: "S3 awsSecretAccessKey" -- name: "walG.s3.walGS3Prefix" +- name: "backup.s3.walGS3Prefix" description: "S3 walGS3Prefix : etc . s3://bucket001" archive: false \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-10/values.yaml b/addons/postgresql-cluster/15/plans/standard-10/values.yaml index b6037e16..94917aff 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/values.yaml @@ -65,7 +65,7 @@ resources: limits: cpu: 1000m memory: 2Gi - # hugepages-2Mi: 4Mi + hugepages-2Mi: 4Mi requests: cpu: 1000m memory: 2Gi diff --git a/addons/postgresql-cluster/15/plans/standard-100/values.yaml b/addons/postgresql-cluster/15/plans/standard-100/values.yaml index c937e07a..2f4c4841 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/values.yaml @@ -66,7 +66,6 @@ resources: limits: cpu: 4000m memory: 16Gi - # hugepages-2Mi: 4Mi requests: cpu: 4000m memory: 16Gi diff --git a/addons/postgresql-cluster/15/plans/standard-20/values.yaml b/addons/postgresql-cluster/15/plans/standard-20/values.yaml index f460d01f..3ef08abf 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/values.yaml @@ -67,7 +67,7 @@ resources: limits: cpu: 2000m memory: 4Gi - # hugepages-2Mi: 4Mi + hugepages-2Mi: 20Mi requests: cpu: 2000m memory: 4Gi diff --git a/addons/postgresql-cluster/15/plans/standard-200/values.yaml b/addons/postgresql-cluster/15/plans/standard-200/values.yaml index 9db720e6..5e9d641b 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/values.yaml @@ -65,7 +65,6 @@ resources: limits: cpu: 8000m memory: 32Gi - # hugepages-2Mi: 4Mi requests: cpu: 8000m memory: 32Gi diff --git a/addons/postgresql-cluster/15/plans/standard-50/values.yaml b/addons/postgresql-cluster/15/plans/standard-50/values.yaml index fbf8db1f..046e87ea 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/values.yaml @@ -66,7 +66,6 @@ resources: limits: cpu: 2000m memory: 8Gi - # hugepages-2Mi: 4Mi requests: cpu: 2000m memory: 8Gi From 76fff18415ba80187b22ee13195d5b192da77765 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 11 Dec 2023 11:46:05 +0800 Subject: [PATCH 30/48] chore(postgresql-cluster): generate password random --- .../15/chart/postgresql-cluster/README.md | 83 +++++++++++++++-- .../postgresql-cluster/templates/_helpers.tpl | 88 +++++++++++++++---- .../postgresql-cluster/templates/sec.yaml | 13 ++- .../15/chart/postgresql-cluster/values.yaml | 50 +++++------ addons/postgresql-cluster/15/meta.yaml | 14 +-- 5 files changed, 184 insertions(+), 64 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md index 3bab0f21..9bc0f18b 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md @@ -1,17 +1,90 @@ +## CREATE PG INSTANCE ``` -dataname: - dbname: dbn - username: admin - password: R3Dv0NEmwZkhhz +# create or update pg instance template yaml networkPolicy.allowNamespaces: - mx-test1 service.type: ClusterIP metrics.enabled: true backup: + # whether BackUP should be enabled enabled: true + # Cron schedule for doing base backups + scheduleCronJob: "20 0 * * 0" + Amount of base backups to retain + retainBackups: 2 s3: awsAccessKeyID: DO9l771LqiwZkhhz awsSecretAccessKey: R3Dv0NEmJBo8JFdn1q8jz49ArWwpDjFn walGS3Prefix: mx-test -``` \ No newline at end of file +``` + +## Create app user and database + +- Login PG with admin user & password + +- CREATE APP USER +``` +CREATE USER `my_user` WITH CONNECTION LIMIT `conn_limit` LOGIN ENCRYPTED PASSWORD 'password'; +``` +- CREATE APP DATABASE +``` +CREATE DATABASE `my_db` OWNER `my_user`; +``` +- CREATE EXTENSIONS +``` +CREATE EXTENSION pg_buffercache; +``` + +## Network Access + +Default access allow policy: only namespace scope. + +- allow `mx-test1` namespace access +``` +networkPolicy.allowNamespaces: + - mx-test1 +``` + + - Assign external network IP address +``` + service.type: LoadBlance +``` + + ## Manger backup your data `Very important` + +`Strongly recommend enabling this feature.` +`Strongly recommend enabling this feature.` +`Strongly recommend enabling this feature.` + +PG data backup use S3 as backenp store. Choose an independent storage space `outside of the current environment` as your backup space. +``` +backup: + # whether BackUP should be enabled + enabled: true + # Cron schedule for doing base backups + scheduleCronJob: "20 0 * * 0" + Amount of base backups to retain + retainBackups: 2 + s3: + awsAccessKeyID: DO9l771LqiwZkhhz + awsSecretAccessKey: R3Dv0NEmJBo8JFdn1q8jz49ArWwpDjFn + walGS3Prefix: mx-test +``` + +You can modify multiple content at once, there is no need to modify part of it each time. + +# Plans + +| Resource Specification | Cores | MEMORY | Storage SIZE | +| :---: | :---: | :---: | :---: | +| standard-10 | 1C | 2G | 10G | +| standard-20 | 2C | 4G | 20G | +| standard-50 | 2C | 8G | 50G | +| standard-100 | 4C | 16G | 100G | +| standard-200 | 8C | 32G | 200G | +| standard-400 | 16C | 64G | 400G | +| standard-800 | 32C | 128G | 800G | + +In order to obtain a better experience, it is recommended not to exceed 80% usage of resource utilization for a long period of time. If there is a need for larger resource scale, please apply for private customization. + diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl index feddfa57..b11ff28e 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl @@ -107,6 +107,16 @@ Create patroni envs. secretKeyRef: name: {{ template "patroni.fullname" . }} key: password-rewind +- name: ADMIN_USER + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: admin-user +- name: ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "patroni.fullname" . }} + key: admin-password - name: PATRONI_SCOPE value: {{ template "patroni.fullname" . }} - name: PATRONI_NAME @@ -123,21 +133,6 @@ Create patroni envs. value: '0.0.0.0:5432' - name: PATRONI_RESTAPI_LISTEN value: '0.0.0.0:8008' -- name: DATABASE_NAME - valueFrom: - secretKeyRef: - name: {{ template "patroni.fullname" . }} - key: data-name -- name: DATABASE_USER - valueFrom: - secretKeyRef: - name: {{ template "patroni.fullname" . }} - key: data-user -- name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "patroni.fullname" . }} - key: data-password {{- end -}} {{/* @@ -178,3 +173,66 @@ Create walg envs. value: "" {{- end }} {{- end }} + +{{/* +Generate random password +*/}} + +{{/* +Get the super user password ; +*/}} +{{- define "credentials.superuserValue" }} +{{- if .Values.credentials.superuser }} + {{- .Values.credentials.superuser -}} +{{- else -}} + {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "password-superuser") -}} +{{- end -}} +{{- end }} + +{{/* +Get the rewind password ; +*/}} +{{- define "credentials.rewindValue" }} +{{- if .Values.credentials.rewind }} + {{- .Values.credentials.rewind -}} +{{- else -}} + {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "password-rewind") -}} +{{- end -}} +{{- end }} + +{{/* +Get the replication password ; +*/}} +{{- define "credentials.replicationValue" }} +{{- if .Values.credentials.replication }} + {{- .Values.credentials.replication -}} +{{- else -}} + {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "password-replication") -}} +{{- end -}} +{{- end }} + +{{/* +Get the administrator password ; +*/}} +{{- define "adminRole.passwordValue" }} +{{- if .Values.adminRole.password }} + {{- .Values.adminRole.password -}} +{{- else -}} + {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "password-replication") -}} +{{- end -}} +{{- end }} + +{{/* +Returns the available value for certain key in an existing secret (if it exists), +otherwise it generates a random value. +*/}} +{{- define "getValueFromSecret" }} +{{- $len := (default 16 .Length) | int -}} +{{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}} +{{- if $obj }} +{{- index $obj .Key | b64dec -}} +{{- else -}} +{{- randAlphaNum $len -}} +{{- end -}} +{{- end }} + diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml index 0a5ed63b..8c94ae26 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml @@ -10,10 +10,9 @@ metadata: heritage: {{ .Release.Service }} cluster-name: {{ template "patroni.fullname" . }} type: Opaque -data: - password-superuser: {{ .Values.credentials.superuser | b64enc }} - password-rewind: {{ .Values.credentials.rewind | b64enc }} - password-replication: {{ .Values.credentials.replication | b64enc }} - data-user: {{ .Values.database.username | b64enc }} - data-name: {{ .Values.database.dbname | b64enc }} - data-password: {{ .Values.database.password | b64enc }} +data: + password-superuser: {{ include "credentials.superuserValue" . | b64enc | quote }} + password-rewind: {{ include "credentials.rewindValue" . | b64enc | quote }} + password-replication: {{ include "credentials.replicationValue" . | b64enc | quote }} + admin-user: {{ .Values.adminRole.username | b64enc }} + admin-password: {{ .Values.adminRole.password | b64enc }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index d7b24deb..389451ec 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -17,14 +17,13 @@ image: # https://github.com/zalando/patroni/blob/master/docs/SETTINGS.rst#postgresql # https://github.com/zalando/spilo/blob/master/ENVIRONMENT.rst credentials: - superuser: tea - rewind: cola - replication: reppasswd + superuser: "" + rewind: "" + replication: "" -database: - dbname: db1 - username: us1 - password: 111w +adminRole: + username: administrator + password: "" # Distribution Configuration stores # Please note that only one of the following stores should be enabled. @@ -126,22 +125,21 @@ postInitScript: | #!/bin/bash set -Eeu # Create monitor user - psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor" - # Create init database & user - if [[( -n "$DATABASE_USER") && ( -n "$DATABASE_PASSWORD") && ( -n "$DATABASE_NAME")]]; then - echo "Creating user ${DATABASE_USER}" - psql -w -c "create user ${DATABASE_USER} WITH LOGIN ENCRYPTED PASSWORD '${DATABASE_PASSWORD}'" - echo "Creating database ${DATABASE_NAME} " - psql -w -c "CREATE DATABASE ${DATABASE_NAME} OWNER ${DATABASE_USER} CONNECTION LIMIT 1000" - psql -w -d ${DATABASE_NAME} -c "create extension postgis ; create extension pg_stat_statements ; create extension pg_buffercache ;" - psql -w -c "CHECKPOINT;CHECKPOINT;" + psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor;create extension pg_stat_statements;create extension pg_buffercache ;" + # Create admin user + if [[( -n "$ADMIN_USER") && ( -n "$ADMIN_PASSWORD")]]; then + echo "Creating user ${ADMIN_USER}" + # psql -w -c "CREATE USER ${ADMIN_USER} WITH NOSUPERUSER CREATEDB CREATEROLE REPLICATION CONNECTION LIMIT 10 LOGIN ENCRYPTED PASSWORD '${ADMIN_PASSWORD}'" else - echo "Skipping user creation" - echo "Skipping database creation" + echo "Skipping create admin user" fi + psql -w -c "CHECKPOINT;CHECKPOINT;" + #norm user + # + # postgresql: config: |- - log_min_duration_statement = 1008 + log_min_duration_statement = 1000 max_wal_size = 4GB min_wal_size = 4GB max_connections = 1005 @@ -249,7 +247,7 @@ metrics: memory: 512Mi backup: # Specifies whether Wal-G should be enabled - enabled: true + enabled: false # Cron schedule for doing base backups scheduleCronJob: "20 0 * * 0" # Amount of base backups to retain @@ -257,17 +255,17 @@ backup: # Name of the secret that holds the credentials to the bucket kubernetesSecret: # Maximum size of the WAL segments accumulated after the base backup to - # consider WAL-E restore instead of pg_basebackup + # consider WAL-G restore instead of pg_basebackup backupThresholdMegabytes: 1024 # Maximum ratio (in percents) of the accumulated WAL files to the base backup - # to consider WAL-E restore instead of pg_basebackup + # to consider WAL-G restore instead of pg_basebackup backupThresholdPercentage: 30 s3: used: true - awsAccessKeyID: "minioadmin" - awsSecretAccessKey: "minioadmin" - walGS3Prefix: "s3://pg1" - awsEndpoint: "http://10.10.2.11:9000" + awsAccessKeyID: "" + awsSecretAccessKey: "" + walGS3Prefix: "s3://xx" + awsEndpoint: "http://xxxx:9000" awsS3ForcePathStyle: "true" awsRegion: dx-1 diff --git a/addons/postgresql-cluster/15/meta.yaml b/addons/postgresql-cluster/15/meta.yaml index 28de1baf..5185d109 100644 --- a/addons/postgresql-cluster/15/meta.yaml +++ b/addons/postgresql-cluster/15/meta.yaml @@ -13,22 +13,14 @@ tags: postgresql-cluster bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: false +plan_updateable: true allow_parameters: -- name: "dataname" - description: "database config for values.yaml" - name: "networkPolicy.allowNamespaces" description: "networkPolicy allowNamespaces config for values.yaml" - name: "service.type" description: "service type config for values.yaml" - name: "metrics.enabled" description: "Whether to enable metrics. default true" -- name: "backup.enabled" - description: "Whether to use S3 for backup your data. default true . ps: Make sure there is a available S3 " -- name: "backup.s3.awsAccessKeyID" - description: "S3 awsAccessKeyID" -- name: "backup.s3.awsSecretAccessKey" - description: "S3 awsSecretAccessKey" -- name: "backup.s3.walGS3Prefix" - description: "S3 walGS3Prefix : etc . s3://bucket001" +- name: "backup" + description: "Whether to use S3 for backup your data. default false . ps: Make sure there is a available S3 " archive: false \ No newline at end of file From 2e6b61a3680b9454a899c15d0361f03876f4e8e2 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Mon, 11 Dec 2023 14:46:51 +0800 Subject: [PATCH 31/48] chore(postgresql-cluster): Adjust backup strategy --- .../15/chart/postgresql-cluster/README.md | 2 +- .../postgresql-cluster/templates/_helpers.tpl | 43 +++---------------- .../templates/cm-backup.yaml | 22 ++++++++++ .../templates/statefulset.yaml | 10 +++-- .../15/chart/postgresql-cluster/values.yaml | 24 +++++++---- 5 files changed, 51 insertions(+), 50 deletions(-) create mode 100644 addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md index 9bc0f18b..70d31e0c 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md @@ -74,7 +74,7 @@ backup: You can modify multiple content at once, there is no need to modify part of it each time. -# Plans +## Plans | Resource Specification | Cores | MEMORY | Storage SIZE | | :---: | :---: | :---: | :---: | diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl index b11ff28e..e3bedca5 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl @@ -136,43 +136,14 @@ Create patroni envs. {{- end -}} {{/* -Create walg envs. +Return true if a configmap object should be created for PG backup. */}} -{{- define "backup.envs" }} -{{- if .Values.backup.enabled }} -- name: USE_WALG - value: {{ .Values.backup.enabled | quote }} -{{- if .Values.backup.retainBackups }} -- name: BACKUP_NUM_TO_RETAIN - value: {{ .Values.backup.retainBackups | quote}} -{{- end }} -{{- if .Values.backup.backupThresholdMegabytes }} -- name: WALG_BACKUP_THRESHOLD_MEGABYTES - value: {{ .Values.backup.backupThresholdMegabytes | quote }} -{{- end }} -{{- if .Values.backup.backupThresholdPercentage }} -- name: WALE_BACKUP_THRESHOLD_PERCENTAGE - value: {{ .Values.backup.backupThresholdPercentage | quote }} -{{- end }} -{{- if .Values.backup.s3.used }} -- name: AWS_ACCESS_KEY_ID - value: {{ .Values.backup.s3.awsAccessKeyID | quote }} -- name: AWS_SECRET_ACCESS_KEY - value: {{ .Values.backup.s3.awsSecretAccessKey | quote }} -- name: WALG_S3_PREFIX - value: {{ .Values.backup.s3.walGS3Prefix | quote }} -- name: AWS_ENDPOINT - value: {{ .Values.backup.s3.awsEndpoint | quote }} -- name: AWS_S3_FORCE_PATH_STYLE - value: {{ .Values.backup.s3.awsS3ForcePathStyle | quote }} -- name: AWS_REGION - value: {{ .Values.backup.s3.awsRegion | quote }} -{{- end }} -{{- else }} -- name: USE_WALG - value: "" -{{- end }} -{{- end }} +{{- define "backup.createConfigmap" -}} +{{- if and .Values.backup.enabled }} + {{- true -}} +{{- else -}} +{{- end -}} +{{- end -}} {{/* Generate random password diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml new file mode 100644 index 00000000..b7eb7331 --- /dev/null +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml @@ -0,0 +1,22 @@ +{{- if (include "backup.createConfigmap" .) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "common.names.fullname" . }}-backup + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + cluster-name: {{ template "patroni.fullname" . }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + backup.env: |- + {{- include "common.tplvalues.render" ( dict "value" .Values.backupEnv "context" $ ) | nindent 4 }} + # archive_command.sh: | - + # #/bin/bash + # source backup.env + # [ $USE_WALG ] ? sh /opt/drycc/postgresql/walbackup.sh %p : /bin/true +{{- end -}} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 98ded996..036f8b80 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -56,9 +56,6 @@ spec: # fsGroup: postgres env: {{- include "patroni.envs" . | indent 8 }} - {{- if .Values.backup.enabled }} - {{- include "backup.envs" . | indent 8 }} - {{- end }} {{- if .Values.env }} {{- range $key, $val := .Values.env }} - name: {{ $key | quote | upper }} @@ -110,6 +107,9 @@ spec: - mountPath: "/opt/drycc/postgresql/config/" name: postgresql-config # readOnly: true + - mountPath: "/opt/drycc/postgresql/backup/" + name: postgresql-backup + # readOnly: true resources: {{ toYaml .Values.resources | indent 10 }} {{- if .Values.metrics.enabled }} @@ -175,7 +175,6 @@ spec: - | python3 /opt/drycc/postgresql/pgbackup.py 0.0.0.0 9000 env: - {{- include "backup.envs" . | indent 8 }} - name: PGHOST value: localhost - name: PGPASSWORD @@ -222,6 +221,9 @@ spec: - name: postgresql-config configMap: name: {{ template "common.names.fullname" . }}-postgresql + - name: archive-config + configMap: + name: {{ template "common.names.fullname" . }}-backup {{- if not .Values.persistentVolume.enabled }} - name: storage-volume emptyDir: {} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 389451ec..effc9e1d 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -81,11 +81,7 @@ preInitScript: | track_commit_timestamp: "off" archive_mode: "on" archive_timeout: 300s - {{- if .Values.backup.enabled }} - archive_command: sh /opt/drycc/postgresql/walbackup.sh %p - {{- else }} - archive_command: /bin/true - {{- end }} + archive_command: sh /opt/drycc/postgresql/walbackup.sh %p %p # timescaledb.license: 'timescale' shared_preload_libraries: 'auto_explain,pg_stat_statements' log_destination: 'csvlog' @@ -134,9 +130,20 @@ postInitScript: | echo "Skipping create admin user" fi psql -w -c "CHECKPOINT;CHECKPOINT;" - #norm user - # - # + +backupEnv: | + #!/bin/bash + export USE_WALG={{ .Values.backup.enabled | quote }} + export BACKUP_NUM_TO_RETAIN={{ .Values.backup.retainBackups | quote}} + export WALG_BACKUP_THRESHOLD_MEGABYTES={{ .Values.backup.backupThresholdMegabytes | quote }} + export WALE_BACKUP_THRESHOLD_PERCENTAGE={{ .Values.backup.backupThresholdPercentage | quote }} + export AWS_ACCESS_KEY_ID={{ .Values.backup.s3.awsAccessKeyID | quote }} + export AWS_SECRET_ACCESS_KEY={{ .Values.backup.s3.awsSecretAccessKey | quote }} + export WALG_S3_PREFIX={{ .Values.backup.s3.walGS3Prefix | quote }} + export AWS_ENDPOINT={{ .Values.backup.s3.awsEndpoint | quote }} + export AWS_S3_FORCE_PATH_STYLE={{ .Values.backup.s3.awsS3ForcePathStyle | quote }} + export AWS_REGION={{ .Values.backup.s3.awsRegion | quote }} + postgresql: config: |- log_min_duration_statement = 1000 @@ -269,7 +276,6 @@ backup: awsS3ForcePathStyle: "true" awsRegion: dx-1 - persistentVolume: enabled: true size: 10G From 9e6a085f6dd74ad080b6ba18ac62bec52793b0c6 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 12 Dec 2023 09:52:18 +0800 Subject: [PATCH 32/48] chore(postgresql-cluster): bind info --- .../15/chart/postgresql-cluster/README.md | 110 ++++++++++++++---- .../templates/statefulset.yaml | 6 +- .../15/chart/postgresql-cluster/values.yaml | 16 +-- .../15/plans/standard-10/bind.yaml | 10 +- .../15/plans/standard-100/bind.yaml | 7 +- .../15/plans/standard-20/bind.yaml | 7 +- .../15/plans/standard-200/bind.yaml | 7 +- .../15/plans/standard-400/bind.yaml | 9 +- .../15/plans/standard-50/bind.yaml | 7 +- .../15/plans/standard-800/bind.yaml | 7 +- 10 files changed, 121 insertions(+), 65 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md index 70d31e0c..0b3f8a3d 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md @@ -1,5 +1,46 @@ -## CREATE PG INSTANCE +# Postgresql cluster addons +## Plans + +View and choose the service resource specifications you need. +``` + # drycc resources:plans postgresql-cluster +``` +### Resource specification list +| Resource Specification | Cores | MEMORY | Storage SIZE | +| :---: | :---: | :---: | :---: | +| standard-10 | 1C | 2G | 10G | +| standard-20 | 2C | 4G | 20G | +| standard-50 | 2C | 8G | 50G | +| standard-100 | 4C | 16G | 100G | +| standard-200 | 8C | 32G | 200G | +| standard-400 | 16C | 64G | 400G | +| standard-800 | 32C | 128G | 800G | + +In order to obtain a better experience, it is recommended not to exceed 80% usage of resource utilization for a long period of time. If there is a need for larger resource scale, please apply for private customization. + +## Create Postgresql Cluster Service instance + +- Create Postgresql service +``` +# drycc resources:create postgresql-cluster:standard-10 `my_pg_001` +``` +- View service status +``` +# drycc resources:descript `my_pg_001` +``` +- Bind service +``` +# drycc resources:bind `my_pg_001` +``` +- View resource status +``` +# drycc resources:descript `my_pg_001` +``` + +## Create Service with parameters + +`vim value.yaml` ``` # create or update pg instance template yaml networkPolicy.allowNamespaces: @@ -14,14 +55,21 @@ backup: Amount of base backups to retain retainBackups: 2 s3: - awsAccessKeyID: DO9l771LqiwZkhhz - awsSecretAccessKey: R3Dv0NEmJBo8JFdn1q8jz49ArWwpDjFn - walGS3Prefix: mx-test + awsAccessKeyID: "" + awsSecretAccessKey: "" + walGS3Prefix: "s3://xx" + awsEndpoint: "http://xxxx:9000" + awsS3ForcePathStyle: "true" + awsRegion: dx-1 +``` +``` + drycc resources:create postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml ``` -## Create app user and database +## Update Service +### Create app user and database -- Login PG with admin user & password +- Login database web with admin user & password - CREATE APP USER ``` @@ -36,28 +84,44 @@ CREATE DATABASE `my_db` OWNER `my_user`; CREATE EXTENSION pg_buffercache; ``` -## Network Access +### Network Access Default access allow policy: only namespace scope. - allow `mx-test1` namespace access + +`vim value.yaml ` ``` networkPolicy.allowNamespaces: - mx-test1 ``` +``` +drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml +``` + + - Assign external network IP address - - Assign external network IP address +`vim value.yaml` +``` + service.type: LoadBlancer ``` - service.type: LoadBlance ``` +drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml +``` +- View resource status +``` +# drycc resources:describe `my_pg_001` +``` - ## Manger backup your data `Very important` + ### Manger backup your data `Very important` `Strongly recommend enabling this feature.` `Strongly recommend enabling this feature.` `Strongly recommend enabling this feature.` PG data backup use S3 as backenp store. Choose an independent storage space `outside of the current environment` as your backup space. + +`vim value.yaml` ``` backup: # whether BackUP should be enabled @@ -71,20 +135,20 @@ backup: awsSecretAccessKey: R3Dv0NEmJBo8JFdn1q8jz49ArWwpDjFn walGS3Prefix: mx-test ``` +``` +drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml +``` -You can modify multiple content at once, there is no need to modify part of it each time. +You can modify multiple content at once, there is no need to modify part of it each time. -## Plans -| Resource Specification | Cores | MEMORY | Storage SIZE | -| :---: | :---: | :---: | :---: | -| standard-10 | 1C | 2G | 10G | -| standard-20 | 2C | 4G | 20G | -| standard-50 | 2C | 8G | 50G | -| standard-100 | 4C | 16G | 100G | -| standard-200 | 8C | 32G | 200G | -| standard-400 | 16C | 64G | 400G | -| standard-800 | 32C | 128G | 800G | - -In order to obtain a better experience, it is recommended not to exceed 80% usage of resource utilization for a long period of time. If there is a need for larger resource scale, please apply for private customization. +## Destroy Service +- Unbind service first +``` +# drycc resources:unbind `my_pg_001` +``` +- Destroy service +``` +# drycc resources:destroy `my_pg_001` +``` \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 036f8b80..3aa16bdb 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -108,7 +108,7 @@ spec: name: postgresql-config # readOnly: true - mountPath: "/opt/drycc/postgresql/backup/" - name: postgresql-backup + name: backup-config # readOnly: true resources: {{ toYaml .Values.resources | indent 10 }} @@ -127,7 +127,7 @@ spec: {{- end }} env: - name: DATA_SOURCE_NAME - value: {{ printf "postgresql://tea_mon:password@127.0.0.1:5432/%s?sslmode=disable" $.Values.database.dbname }} + value: {{ printf "postgresql://tea_mon:password@127.0.0.1:5432/postgres?sslmode=disable" }} ports: - name: http-metrics containerPort: {{ .Values.metrics.containerPort }} @@ -221,7 +221,7 @@ spec: - name: postgresql-config configMap: name: {{ template "common.names.fullname" . }}-postgresql - - name: archive-config + - name: backup-config configMap: name: {{ template "common.names.fullname" . }}-backup {{- if not .Values.persistentVolume.enabled }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index effc9e1d..08560996 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -3,7 +3,8 @@ diagnosticMode: enable: false service: - type: ClusterIP + # ClusterIP LoadBalancer + type: LoadBalancer image: # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2 @@ -81,7 +82,7 @@ preInitScript: | track_commit_timestamp: "off" archive_mode: "on" archive_timeout: 300s - archive_command: sh /opt/drycc/postgresql/walbackup.sh %p %p + archive_command: sh /opt/drycc/postgresql/walbackup.sh %p # timescaledb.license: 'timescale' shared_preload_libraries: 'auto_explain,pg_stat_statements' log_destination: 'csvlog' @@ -201,7 +202,7 @@ patroni: ## Postgresql Prometheus exporter parameters ## metrics: - enabled: false + enabled: true image: repository: registry.drycc.cc/drycc-addons/postgres-exporter tag: "0" @@ -248,15 +249,15 @@ metrics: limits: cpu: 100m memory: 512Mi - hugepages-2Mi: 20Mi + # hugepages-2Mi: 20Mi requests: cpu: 100m memory: 512Mi backup: # Specifies whether Wal-G should be enabled - enabled: false + enabled: true # Cron schedule for doing base backups - scheduleCronJob: "20 0 * * 0" + scheduleCronJob: "22 0 * * 0" # Amount of base backups to retain retainBackups: 2 # Name of the secret that holds the credentials to the bucket @@ -351,5 +352,4 @@ networkPolicy: ## (with the correct destination port). ## allowCurrentNamespace: true - allowNamespaces: - - mx-test1 \ No newline at end of file + allowNamespaces: \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml index 41676f6e..12acc0c6 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml @@ -1,16 +1,16 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: MASTER_HOST + - name: EXTRANET_MASTER_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-master jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: REPL_HOST + - name: EXTRANET_REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: MASTER_HOST valueFrom: serviceRef: @@ -21,7 +21,6 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: DADABASE valueFrom: secretKeyRef: @@ -38,5 +37,4 @@ credential: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.data-user }' - name: PORT - value: 5432 - + value: 5432 \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-100/bind.yaml b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml index 5b215a03..12acc0c6 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml @@ -1,16 +1,16 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: MASTER_HOST + - name: EXTRANET_MASTER_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-master jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: REPL_HOST + - name: EXTRANET_REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: MASTER_HOST valueFrom: serviceRef: @@ -21,7 +21,6 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: DADABASE valueFrom: secretKeyRef: diff --git a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml index 5b215a03..12acc0c6 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml @@ -1,16 +1,16 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: MASTER_HOST + - name: EXTRANET_MASTER_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-master jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: REPL_HOST + - name: EXTRANET_REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: MASTER_HOST valueFrom: serviceRef: @@ -21,7 +21,6 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: DADABASE valueFrom: secretKeyRef: diff --git a/addons/postgresql-cluster/15/plans/standard-200/bind.yaml b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml index 5b215a03..12acc0c6 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml @@ -1,16 +1,16 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: MASTER_HOST + - name: EXTRANET_MASTER_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-master jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: REPL_HOST + - name: EXTRANET_REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: MASTER_HOST valueFrom: serviceRef: @@ -21,7 +21,6 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: DADABASE valueFrom: secretKeyRef: diff --git a/addons/postgresql-cluster/15/plans/standard-400/bind.yaml b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml index a95ec5b2..12acc0c6 100644 --- a/addons/postgresql-cluster/15/plans/standard-400/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml @@ -1,16 +1,16 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: MASTER_HOST + - name: EXTRANET_MASTER_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-master jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: REPL_HOST + - name: EXTRANET_REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: MASTER_HOST valueFrom: serviceRef: @@ -21,8 +21,7 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - {{- end }} - - name: DATABASE + - name: DADABASE valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} diff --git a/addons/postgresql-cluster/15/plans/standard-50/bind.yaml b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml index 5b215a03..12acc0c6 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml @@ -1,16 +1,16 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: MASTER_HOST + - name: EXTRANET_MASTER_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-master jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: REPL_HOST + - name: EXTRANET_REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: MASTER_HOST valueFrom: serviceRef: @@ -21,7 +21,6 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: DADABASE valueFrom: secretKeyRef: diff --git a/addons/postgresql-cluster/15/plans/standard-800/bind.yaml b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml index 5b215a03..12acc0c6 100644 --- a/addons/postgresql-cluster/15/plans/standard-800/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml @@ -1,16 +1,16 @@ credential: {{- if (eq .Values.service.type "LoadBalancer") }} - - name: MASTER_HOST + - name: EXTRANET_MASTER_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-master jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - - name: REPL_HOST + - name: EXTRANET_REPL_HOST valueFrom: serviceRef: name: {{ template "common.names.fullname" . }}-repl jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: MASTER_HOST valueFrom: serviceRef: @@ -21,7 +21,6 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: DADABASE valueFrom: secretKeyRef: From ca4ef628084a769ea9e9f8fabaf38e6244b417bd Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 12 Dec 2023 10:04:07 +0800 Subject: [PATCH 33/48] chore(postgresql-cluster): fix typo --- .../15/chart/postgresql-cluster/README.md | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md index 0b3f8a3d..5fe50e3b 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md @@ -27,7 +27,7 @@ In order to obtain a better experience, it is recommended not to exceed 80% usag ``` - View service status ``` -# drycc resources:descript `my_pg_001` +# drycc resources:describe `my_pg_001` ``` - Bind service ``` @@ -35,12 +35,12 @@ In order to obtain a better experience, it is recommended not to exceed 80% usag ``` - View resource status ``` -# drycc resources:descript `my_pg_001` +# drycc resources:describe `my_pg_001` ``` -## Create Service with parameters +## Create Service with values file -`vim value.yaml` +`vim values.yaml` ``` # create or update pg instance template yaml networkPolicy.allowNamespaces: @@ -63,7 +63,7 @@ backup: awsRegion: dx-1 ``` ``` - drycc resources:create postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml + drycc resources:create postgresql-cluster:standard-10 `my_pg_001` -f ./values.yaml ``` ## Update Service @@ -90,23 +90,23 @@ Default access allow policy: only namespace scope. - allow `mx-test1` namespace access -`vim value.yaml ` +`vim values.yaml ` ``` networkPolicy.allowNamespaces: - mx-test1 ``` ``` -drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml +drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./values.yaml ``` - Assign external network IP address -`vim value.yaml` +`vim values.yaml` ``` service.type: LoadBlancer ``` ``` -drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml +drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./values.yaml ``` - View resource status ``` @@ -121,7 +121,7 @@ drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./value.yam PG data backup use S3 as backenp store. Choose an independent storage space `outside of the current environment` as your backup space. -`vim value.yaml` +`vim values.yaml` ``` backup: # whether BackUP should be enabled @@ -136,7 +136,7 @@ backup: walGS3Prefix: mx-test ``` ``` -drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./value.yaml +drycc resources:update postgresql-cluster:standard-10 `my_pg_001` -f ./values.yaml ``` You can modify multiple content at once, there is no need to modify part of it each time. From ae73604818bab5d4afc5134222b770ad0764d5c9 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 12 Dec 2023 11:33:29 +0800 Subject: [PATCH 34/48] chore(postgresql-cluster): megre --- .../15/chart/postgresql-cluster/values.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 52157896..97d35e84 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -3,12 +3,7 @@ diagnosticMode: enable: false service: -<<<<<<< HEAD - # ClusterIP LoadBalancer - type: LoadBalancer -======= type: ClusterIP ->>>>>>> c98da89fd38c2acf5b6cc3043a3a4faa17fb9acd image: # Image was built from registry.drycc.cc/drycc-addons/patroni:3.2 From bdc049f5203e8dce49b079527e866562fb1fde02 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 12 Dec 2023 11:47:04 +0800 Subject: [PATCH 35/48] chore(postgresql-cluster): megre --- .../15/chart/postgresql-cluster/values.yaml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 97d35e84..deb83746 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -248,17 +248,13 @@ metrics: limits: cpu: 100m memory: 512Mi - # hugepages-2Mi: 20Mi + hugepages-2Mi: 20Mi requests: cpu: 100m memory: 512Mi -<<<<<<< HEAD backup: -======= -walG: ->>>>>>> c98da89fd38c2acf5b6cc3043a3a4faa17fb9acd # Specifies whether Wal-G should be enabled - enabled: true + enabled: false # Cron schedule for doing base backups scheduleCronJob: "22 0 * * 0" # Amount of base backups to retain From 78e1350f1b0ff1fa759d90351963580ead240491 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 13 Dec 2023 09:01:33 +0800 Subject: [PATCH 36/48] chore(cloudbeaver): modify storage method --- .../cloudbeaver/templates/deployment.yaml | 31 +++---------------- .../23/chart/cloudbeaver/templates/pvc.yaml | 2 +- 2 files changed, 5 insertions(+), 28 deletions(-) diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml index 2b1fe314..be9271b3 100644 --- a/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/deployment.yaml @@ -105,34 +105,11 @@ spec: - name: data mountPath: {{ .Values.persistence.mountPath | quote }} volumes: -{{- if not .Values.persistence.enabled }} - name: data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }} + {{- else }} emptyDir: {} -{{- end }} -{{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: data - annotations: - {{- if .Values.persistence.annotations }} -{{ toYaml .Values.persistence.annotations | indent 8 }} {{- end }} - labels: - application: {{ include "common.names.fullname" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - spec: - accessModes: -{{ toYaml .Values.persistence.accessModes | indent 8 }} - resources: - requests: - storage: "{{ .Values.persistence.size }}" - {{- if .Values.persistence.storageClass }} - {{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" - {{- end }} - {{- end }} - {{- end }} diff --git a/addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml b/addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml index 7a36a217..ee8ed038 100644 --- a/addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml +++ b/addons/cloudbeaver/23/chart/cloudbeaver/templates/pvc.yaml @@ -2,7 +2,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ printf "%s-binding" (include "common.names.fullname" .) }} + name: {{ include "common.names.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} From b7494c28b2a1b1f24c69aba94bf643c159c453c2 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 14 Dec 2023 16:28:08 +0800 Subject: [PATCH 37/48] chore(postgresql-cluster): adjust --- .../15/chart/postgresql-cluster/README.md | 13 +++++++++++-- .../postgresql-cluster/templates/cm-backup.yaml | 8 +------- .../15/chart/postgresql-cluster/templates/sec.yaml | 4 ++-- .../postgresql-cluster/templates/statefulset.yaml | 4 ++-- .../15/chart/postgresql-cluster/values.yaml | 4 ++-- addons/postgresql-cluster/15/meta.yaml | 4 +--- .../15/plans/standard-10/bind.yaml | 13 +++++-------- .../15/plans/standard-100/bind.yaml | 13 +++++-------- .../15/plans/standard-20/bind.yaml | 13 +++++-------- .../15/plans/standard-200/bind.yaml | 13 +++++-------- .../15/plans/standard-400/bind.yaml | 13 +++++-------- .../15/plans/standard-50/bind.yaml | 13 +++++-------- .../15/plans/standard-50/meta.yaml | 2 +- .../15/plans/standard-800/bind.yaml | 13 +++++-------- 14 files changed, 55 insertions(+), 75 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md index 5fe50e3b..22da4bd3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md @@ -71,13 +71,22 @@ backup: - Login database web with admin user & password +- Change administrator initial password +``` +ALTER USER administrator WITH ENCRYPTED PASSWORD 'newpassword'; +``` +- View total connections number in postgresql cluster; +``` +show max_connections ; +``` - CREATE APP USER ``` -CREATE USER `my_user` WITH CONNECTION LIMIT `conn_limit` LOGIN ENCRYPTED PASSWORD 'password'; +CREATE USER `myuser` WITH CONNECTION LIMIT `conn limit` LOGIN ENCRYPTED PASSWORD 'password'; +GRANT `myuser` to administrator ; ``` - CREATE APP DATABASE ``` -CREATE DATABASE `my_db` OWNER `my_user`; +CREATE DATABASE `mydb` OWNER `myuser`; ``` - CREATE EXTENSIONS ``` diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml index b7eb7331..1ebb88ab 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml @@ -1,4 +1,3 @@ -{{- if (include "backup.createConfigmap" .) }} apiVersion: v1 kind: ConfigMap metadata: @@ -14,9 +13,4 @@ metadata: {{- end }} data: backup.env: |- - {{- include "common.tplvalues.render" ( dict "value" .Values.backupEnv "context" $ ) | nindent 4 }} - # archive_command.sh: | - - # #/bin/bash - # source backup.env - # [ $USE_WALG ] ? sh /opt/drycc/postgresql/walbackup.sh %p : /bin/true -{{- end -}} \ No newline at end of file + {{- include "common.tplvalues.render" ( dict "value" .Values.backupEnv "context" $ ) | nindent 4 }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml index 8c94ae26..e01a715c 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml @@ -14,5 +14,5 @@ data: password-superuser: {{ include "credentials.superuserValue" . | b64enc | quote }} password-rewind: {{ include "credentials.rewindValue" . | b64enc | quote }} password-replication: {{ include "credentials.replicationValue" . | b64enc | quote }} - admin-user: {{ .Values.adminRole.username | b64enc }} - admin-password: {{ .Values.adminRole.password | b64enc }} + admin-user: {{ .Values.adminRole.username | b64enc | quote }} + admin-password: {{ include "adminRole.passwordValue" . | b64enc | quote }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 3aa16bdb..d56c34e3 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -161,7 +161,7 @@ spec: resources: {{- toYaml .Values.metrics.resources | nindent 12 }} {{- end }} {{- end }} - {{- if .Values.backup.enabled }} + - name: {{ .Chart.Name }}-backup image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -195,7 +195,7 @@ spec: volumeMounts: - name: storage-volume mountPath: "{{ .Values.persistentVolume.mountPath }}" - {{- end }} + {{- with .Values.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index deb83746..a648e096 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -124,8 +124,8 @@ postInitScript: | psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor;create extension pg_stat_statements;create extension pg_buffercache ;" # Create admin user if [[( -n "$ADMIN_USER") && ( -n "$ADMIN_PASSWORD")]]; then - echo "Creating user ${ADMIN_USER}" - # psql -w -c "CREATE USER ${ADMIN_USER} WITH NOSUPERUSER CREATEDB CREATEROLE REPLICATION CONNECTION LIMIT 10 LOGIN ENCRYPTED PASSWORD '${ADMIN_PASSWORD}'" + echo "Creating user ${ADMIN_USER}" + psql -w -c "CREATE USER ${ADMIN_USER} WITH SUPERUSER CREATEDB CREATEROLE CONNECTION LIMIT 10 LOGIN ENCRYPTED PASSWORD '${ADMIN_PASSWORD}'" else echo "Skipping create admin user" fi diff --git a/addons/postgresql-cluster/15/meta.yaml b/addons/postgresql-cluster/15/meta.yaml index baa53c9e..cded881f 100644 --- a/addons/postgresql-cluster/15/meta.yaml +++ b/addons/postgresql-cluster/15/meta.yaml @@ -13,14 +13,12 @@ tags: postgresql-cluster bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: false +plan_updateable: true allow_parameters: - name: "networkPolicy.allowNamespaces" description: "networkPolicy allowNamespaces config for values.yaml" - name: "service.type" description: "service type config for values.yaml" -- name: "metrics.enabled" - description: "Whether to enable metrics. default true" - name: "backup" description: "Whether to use S3 for backup your data. default false . ps: Make sure there is a available S3 " archive: false \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml index 12acc0c6..0283dff3 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml @@ -21,20 +21,17 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-name }' - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-password }' + jsonpath: '{ .data.admin-password }' - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-user }' + jsonpath: '{ .data.admin-user }' - name: PORT - value: 5432 \ No newline at end of file + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-100/bind.yaml b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml index 12acc0c6..0283dff3 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/bind.yaml @@ -21,20 +21,17 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-name }' - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-password }' + jsonpath: '{ .data.admin-password }' - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-user }' + jsonpath: '{ .data.admin-user }' - name: PORT - value: 5432 \ No newline at end of file + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml index 12acc0c6..0283dff3 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/bind.yaml @@ -21,20 +21,17 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-name }' - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-password }' + jsonpath: '{ .data.admin-password }' - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-user }' + jsonpath: '{ .data.admin-user }' - name: PORT - value: 5432 \ No newline at end of file + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-200/bind.yaml b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml index 12acc0c6..0283dff3 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/bind.yaml @@ -21,20 +21,17 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-name }' - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-password }' + jsonpath: '{ .data.admin-password }' - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-user }' + jsonpath: '{ .data.admin-user }' - name: PORT - value: 5432 \ No newline at end of file + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-400/bind.yaml b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml index 12acc0c6..0283dff3 100644 --- a/addons/postgresql-cluster/15/plans/standard-400/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-400/bind.yaml @@ -21,20 +21,17 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-name }' - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-password }' + jsonpath: '{ .data.admin-password }' - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-user }' + jsonpath: '{ .data.admin-user }' - name: PORT - value: 5432 \ No newline at end of file + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-50/bind.yaml b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml index 12acc0c6..0283dff3 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/bind.yaml @@ -21,20 +21,17 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-name }' - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-password }' + jsonpath: '{ .data.admin-password }' - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-user }' + jsonpath: '{ .data.admin-user }' - name: PORT - value: 5432 \ No newline at end of file + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-50/meta.yaml b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml index 29e67ad5..a194f7ef 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml @@ -1,6 +1,6 @@ name: "standard-50" id: 0542f411-4e7b-46af-966c-c9989e54873c -description: "PostgreSQL standard-50 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" +description: "PostgreSQL Cluster standard-50 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" displayName: "standard-50" bindable: true maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-800/bind.yaml b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml index 12acc0c6..0283dff3 100644 --- a/addons/postgresql-cluster/15/plans/standard-800/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-800/bind.yaml @@ -21,20 +21,17 @@ credential: serviceRef: name: {{ include "common.names.fullname" . }}-repl jsonpath: '{ .spec.clusterIP }' - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-name }' - name: PASSWORD valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-password }' + jsonpath: '{ .data.admin-password }' - name: USERNAME valueFrom: secretKeyRef: name: {{ template "common.names.fullname" . }} - jsonpath: '{ .data.data-user }' + jsonpath: '{ .data.admin-user }' - name: PORT - value: 5432 \ No newline at end of file + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file From 5a4f70f44c91573ea20df2e81589a6400e86d333 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 15 Dec 2023 11:33:58 +0800 Subject: [PATCH 38/48] chore(postgresql-cluster): fix password & netpolicy --- .../15/chart/postgresql-cluster/templates/_helpers.tpl | 2 +- .../15/chart/postgresql-cluster/templates/networkpolicy.yaml | 1 + .../15/chart/postgresql-cluster/templates/statefulset.yaml | 2 ++ .../postgresql-cluster/15/chart/postgresql-cluster/values.yaml | 2 +- 4 files changed, 5 insertions(+), 2 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl index e3bedca5..bb67a496 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl @@ -189,7 +189,7 @@ Get the administrator password ; {{- if .Values.adminRole.password }} {{- .Values.adminRole.password -}} {{- else -}} - {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "password-replication") -}} + {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "admin-password") -}} {{- end -}} {{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml index dfad66c3..92fdc9a7 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/networkpolicy.yaml @@ -21,6 +21,7 @@ spec: # Allow inbound connections - ports: - port: 5432 + - port: 9000 {{- if and .Values.metrics.enabled }} - port: {{ .Values.metrics.containerPort }} {{ end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index d56c34e3..790854dd 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -195,6 +195,8 @@ spec: volumeMounts: - name: storage-volume mountPath: "{{ .Values.persistentVolume.mountPath }}" + - mountPath: "/opt/drycc/postgresql/backup/" + name: backup-config {{- with .Values.nodeSelector }} nodeSelector: diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index a648e096..a0d90cb4 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -112,7 +112,7 @@ preInitScript: | password: '${PATRONI_REPLICATION_PASSWORD}' rewind: # Has no effect on postgres 10 and lower username: rewinder - password: '${PATRONI_REWIND_USERNAME}' + password: '${PATRONI_REWIND_PASSWORD}' watchdog: mode: off __EOF__ From d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd Mon Sep 17 00:00:00 2001 From: lijianguo Date: Thu, 21 Dec 2023 17:45:39 +0800 Subject: [PATCH 39/48] chore(addons): add persistentVolumeClaimRetentionPolicy --- .../templates/distributed/statefulset.yaml | 5 ++++ addons/minio/2023/chart/minio/values.yaml | 9 ++++++ .../templates/data/statefulset.yaml | 5 ++++ .../templates/master/statefulset.yaml | 5 ++++ .../chart/rabbitmq/templates/statefulset.yaml | 5 ++++ .../rabbitmq/3.12/chart/rabbitmq/values.yaml | 13 ++++++++ .../templates/redis-statefulset.yaml | 5 ++++ .../7.0/chart/redis-cluster/values.yaml | 9 ++++++ .../redis/templates/master/application.yaml | 5 ++++ .../redis/templates/replicas/statefulset.yaml | 5 ++++ .../redis/templates/sentinel/statefulset.yaml | 5 ++++ addons/redis/7.0/chart/redis/values.yaml | 30 +++++++++++++++++++ .../templates/filer/statefulset.yaml | 5 ++++ .../templates/master/statefulset.yaml | 5 ++++ .../templates/volume/statefulset.yaml | 5 ++++ .../seaweedfs/3/chart/seaweedfs/values.yaml | 27 +++++++++++++++++ addons/spark/3.4/meta.yaml | 4 +++ .../zookeeper/templates/statefulset.yaml | 5 ++++ .../zookeeper/3.9/chart/zookeeper/values.yaml | 10 ++++++- 19 files changed, 161 insertions(+), 1 deletion(-) diff --git a/addons/minio/2023/chart/minio/templates/distributed/statefulset.yaml b/addons/minio/2023/chart/minio/templates/distributed/statefulset.yaml index 467e66e2..65275fee 100644 --- a/addons/minio/2023/chart/minio/templates/distributed/statefulset.yaml +++ b/addons/minio/2023/chart/minio/templates/distributed/statefulset.yaml @@ -298,6 +298,11 @@ spec: - name: data emptyDir: {} {{- else }} + {{- if .Values.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: {{- if gt $drivesPerNode 1 }} {{- range $diskId := until $drivesPerNode }} diff --git a/addons/minio/2023/chart/minio/values.yaml b/addons/minio/2023/chart/minio/values.yaml index f5260b4e..1772a858 100644 --- a/addons/minio/2023/chart/minio/values.yaml +++ b/addons/minio/2023/chart/minio/values.yaml @@ -887,6 +887,15 @@ persistence: ## existingClaim: "" +## persistentVolumeClaimRetentionPolicy +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention +## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet +## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced +## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted +persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Deleted + whenDeleted: Deleted ## @section Volume Permissions parameters ## Init containers parameters: diff --git a/addons/opensearch/2.10/chart/opensearch/templates/data/statefulset.yaml b/addons/opensearch/2.10/chart/opensearch/templates/data/statefulset.yaml index c8c6c1c7..527bc948 100644 --- a/addons/opensearch/2.10/chart/opensearch/templates/data/statefulset.yaml +++ b/addons/opensearch/2.10/chart/opensearch/templates/data/statefulset.yaml @@ -327,6 +327,11 @@ spec: persistentVolumeClaim: claimName: {{ .Values.data.persistence.existingClaim }} {{- else }} + {{- if .Values.data.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.data.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.data.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: "data" diff --git a/addons/opensearch/2.10/chart/opensearch/templates/master/statefulset.yaml b/addons/opensearch/2.10/chart/opensearch/templates/master/statefulset.yaml index 3fb19060..e4b18de2 100644 --- a/addons/opensearch/2.10/chart/opensearch/templates/master/statefulset.yaml +++ b/addons/opensearch/2.10/chart/opensearch/templates/master/statefulset.yaml @@ -339,6 +339,11 @@ spec: persistentVolumeClaim: claimName: {{ .Values.master.persistence.existingClaim }} {{- else }} + {{- if .Values.master.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: "data" diff --git a/addons/rabbitmq/3.12/chart/rabbitmq/templates/statefulset.yaml b/addons/rabbitmq/3.12/chart/rabbitmq/templates/statefulset.yaml index c928ee6a..0f94407c 100644 --- a/addons/rabbitmq/3.12/chart/rabbitmq/templates/statefulset.yaml +++ b/addons/rabbitmq/3.12/chart/rabbitmq/templates/statefulset.yaml @@ -406,6 +406,11 @@ spec: claimName: {{ tpl . $ }} {{- end }} {{- else }} + {{- if .Values.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: data diff --git a/addons/rabbitmq/3.12/chart/rabbitmq/values.yaml b/addons/rabbitmq/3.12/chart/rabbitmq/values.yaml index 3eca3af5..966b792e 100644 --- a/addons/rabbitmq/3.12/chart/rabbitmq/values.yaml +++ b/addons/rabbitmq/3.12/chart/rabbitmq/values.yaml @@ -835,6 +835,19 @@ persistence: ## example.io/disk-volume-type: SSD ## annotations: {} +## Persistent Volume Claim Retention Policy +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention +## +persistentVolumeClaimRetentionPolicy: + ## @param persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for rabbitmq Statefulset + ## + enabled: true + ## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## + whenScaled: Delete + ## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + ## + whenDeleted: Delete ## @section Exposure parameters ## diff --git a/addons/redis-cluster/7.0/chart/redis-cluster/templates/redis-statefulset.yaml b/addons/redis-cluster/7.0/chart/redis-cluster/templates/redis-statefulset.yaml index fe2a8545..031566ce 100644 --- a/addons/redis-cluster/7.0/chart/redis-cluster/templates/redis-statefulset.yaml +++ b/addons/redis-cluster/7.0/chart/redis-cluster/templates/redis-statefulset.yaml @@ -425,6 +425,11 @@ spec: secretName: {{ include "redis-cluster.tlsSecretName" . }} defaultMode: 256 {{- end }} + {{- if .Values.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: redis-data diff --git a/addons/redis-cluster/7.0/chart/redis-cluster/values.yaml b/addons/redis-cluster/7.0/chart/redis-cluster/values.yaml index edae7c6f..ff0953d7 100644 --- a/addons/redis-cluster/7.0/chart/redis-cluster/values.yaml +++ b/addons/redis-cluster/7.0/chart/redis-cluster/values.yaml @@ -322,6 +322,15 @@ persistence: ## matchExpressions: {} +## persistentVolumeClaimRetentionPolicy +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention +## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet +## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced +## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted +persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Deleted + whenDeleted: Deleted ## Init containers parameters: ## volumePermissions: Change the owner of the persist volume mountpoint to RunAsUser:fsGroup ## diff --git a/addons/redis/7.0/chart/redis/templates/master/application.yaml b/addons/redis/7.0/chart/redis/templates/master/application.yaml index c5da3282..4d1b220b 100644 --- a/addons/redis/7.0/chart/redis/templates/master/application.yaml +++ b/addons/redis/7.0/chart/redis/templates/master/application.yaml @@ -449,6 +449,11 @@ spec: persistentVolumeClaim: claimName: {{ printf "redis-data-%s-master" (include "common.names.fullname" .) }} {{- else }} + {{- if .Values.master.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: redis-data diff --git a/addons/redis/7.0/chart/redis/templates/replicas/statefulset.yaml b/addons/redis/7.0/chart/redis/templates/replicas/statefulset.yaml index d7bf8be0..df2d130c 100644 --- a/addons/redis/7.0/chart/redis/templates/replicas/statefulset.yaml +++ b/addons/redis/7.0/chart/redis/templates/replicas/statefulset.yaml @@ -437,6 +437,11 @@ spec: emptyDir: {} {{- end }} {{- else }} + {{- if .Values.replica.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.replica.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.replica.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: redis-data diff --git a/addons/redis/7.0/chart/redis/templates/sentinel/statefulset.yaml b/addons/redis/7.0/chart/redis/templates/sentinel/statefulset.yaml index 5d54e525..fa2ab677 100644 --- a/addons/redis/7.0/chart/redis/templates/sentinel/statefulset.yaml +++ b/addons/redis/7.0/chart/redis/templates/sentinel/statefulset.yaml @@ -637,6 +637,11 @@ spec: emptyDir: {} {{- end }} {{- else }} + {{- if .Values.sentinel.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.sentinel.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: redis-data diff --git a/addons/redis/7.0/chart/redis/values.yaml b/addons/redis/7.0/chart/redis/values.yaml index c877ea98..526428d2 100644 --- a/addons/redis/7.0/chart/redis/values.yaml +++ b/addons/redis/7.0/chart/redis/values.yaml @@ -445,6 +445,16 @@ master: ## NOTE: requires master.persistence.enabled: true ## existingClaim: "" + ## persistentVolumeClaimRetentionPolicy + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention + ## @param master.persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet + ## @param master.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## @param master.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + ## + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Delete + whenDeleted: Delete ## Redis™ master service parameters ## service: @@ -805,6 +815,16 @@ replica: ## @param replica.persistence.dataSource Custom PVC data source ## dataSource: {} + ## persistentVolumeClaimRetentionPolicy + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention + ## @param replica.persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet + ## @param replica.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## @param replica.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + ## + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Delete + whenDeleted: Delete ## Redis™ replicas service parameters ## service: @@ -1053,6 +1073,16 @@ sentinel: ## @param sentinel.persistence.dataSource Custom PVC data source ## dataSource: {} + ## persistentVolumeClaimRetentionPolicy + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention + ## @param sentinel.persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet + ## @param sentinel.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## @param sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + ## + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Delete + whenDeleted: Delete ## Redis™ Sentinel resource requests and limits ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## @param sentinel.resources.limits The resources limits for the Redis™ Sentinel containers diff --git a/addons/seaweedfs/3/chart/seaweedfs/templates/filer/statefulset.yaml b/addons/seaweedfs/3/chart/seaweedfs/templates/filer/statefulset.yaml index b22cc244..a5b9640d 100644 --- a/addons/seaweedfs/3/chart/seaweedfs/templates/filer/statefulset.yaml +++ b/addons/seaweedfs/3/chart/seaweedfs/templates/filer/statefulset.yaml @@ -124,6 +124,11 @@ spec: runAsGroup: 1001 runAsUser: 1001 {{- if .Values.filer.persistence.enabled }} + {{- if .Values.filer.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.filer.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.filer.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: datadir diff --git a/addons/seaweedfs/3/chart/seaweedfs/templates/master/statefulset.yaml b/addons/seaweedfs/3/chart/seaweedfs/templates/master/statefulset.yaml index 6acdbe0f..6a7b375c 100644 --- a/addons/seaweedfs/3/chart/seaweedfs/templates/master/statefulset.yaml +++ b/addons/seaweedfs/3/chart/seaweedfs/templates/master/statefulset.yaml @@ -109,6 +109,11 @@ spec: runAsGroup: 1001 runAsUser: 1001 {{- if .Values.master.persistence.enabled }} + {{- if .Values.master.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: datadir diff --git a/addons/seaweedfs/3/chart/seaweedfs/templates/volume/statefulset.yaml b/addons/seaweedfs/3/chart/seaweedfs/templates/volume/statefulset.yaml index f1489f6a..5e52e693 100644 --- a/addons/seaweedfs/3/chart/seaweedfs/templates/volume/statefulset.yaml +++ b/addons/seaweedfs/3/chart/seaweedfs/templates/volume/statefulset.yaml @@ -134,6 +134,11 @@ spec: runAsGroup: 1001 runAsUser: 1001 {{- if or (.Values.volume.persistence.meta.enabled) (.Values.volume.persistence.data.enabled) }} + {{- if .Values.volume.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.volume.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.volume.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: {{- if .Values.volume.persistence.meta.enabled }} - metadata: diff --git a/addons/seaweedfs/3/chart/seaweedfs/values.yaml b/addons/seaweedfs/3/chart/seaweedfs/values.yaml index bd5b274b..4e32b559 100644 --- a/addons/seaweedfs/3/chart/seaweedfs/values.yaml +++ b/addons/seaweedfs/3/chart/seaweedfs/values.yaml @@ -195,6 +195,15 @@ master: storageClass: "" garbageThreshold: 0.3 defaultReplication: "001" + ## persistentVolumeClaimRetentionPolicy + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention + ## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet + ## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Deleted + whenDeleted: Deleted filer: replicas: 3 @@ -272,6 +281,15 @@ filer: enabled: false size: 5Gi storageClass: "" + ## persistentVolumeClaimRetentionPolicy + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention + ## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet + ## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Deleted + whenDeleted: Deleted volume: replicas: 4 @@ -351,6 +369,15 @@ volume: size: 5Gi storageClass: "" compactionMBps: 50 + ## persistentVolumeClaimRetentionPolicy + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention + ## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet + ## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Deleted + whenDeleted: Deleted cronjob: scripts: | diff --git a/addons/spark/3.4/meta.yaml b/addons/spark/3.4/meta.yaml index 922087c7..89ed9270 100644 --- a/addons/spark/3.4/meta.yaml +++ b/addons/spark/3.4/meta.yaml @@ -19,6 +19,10 @@ allow_parameters: description: "networkPolicy allowNamespaces config for values.yaml" - name: "service.type" description: "service type config for values.yaml" +- name: "master.configOptions" + description: "master configOptions config for values.yaml" +- name: "worker.configOptions" + description: "worker configOptions config for values.yaml" - name: "metrics.enable" description: "metrics enable or not config for values.yaml" archive: false diff --git a/addons/zookeeper/3.9/chart/zookeeper/templates/statefulset.yaml b/addons/zookeeper/3.9/chart/zookeeper/templates/statefulset.yaml index eb2680b7..fcd5ad0b 100644 --- a/addons/zookeeper/3.9/chart/zookeeper/templates/statefulset.yaml +++ b/addons/zookeeper/3.9/chart/zookeeper/templates/statefulset.yaml @@ -485,6 +485,11 @@ spec: {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} {{- end }} {{- if and .Values.persistence.enabled (not (and .Values.persistence.existingClaim .Values.persistence.dataLogDir.existingClaim) ) }} + {{- if .Values.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: {{- if not .Values.persistence.existingClaim }} - metadata: diff --git a/addons/zookeeper/3.9/chart/zookeeper/values.yaml b/addons/zookeeper/3.9/chart/zookeeper/values.yaml index 0a74af78..81e1b734 100644 --- a/addons/zookeeper/3.9/chart/zookeeper/values.yaml +++ b/addons/zookeeper/3.9/chart/zookeeper/values.yaml @@ -637,7 +637,15 @@ persistence: ## app: my-app ## selector: {} - +## persistentVolumeClaimRetentionPolicy +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention +## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet +## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced +## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted +persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Deleted + whenDeleted: Deleted ## @section Volume Permissions parameters ## From 8ecd90270e791666c47919b6d7005e81ba34b9e2 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 22 Dec 2023 13:37:27 +0800 Subject: [PATCH 40/48] chore(addons): update support --- .../10/chart/grafana/templates/_helpers.tpl | 22 +++ .../10/chart/grafana/templates/secret.yaml | 2 +- addons/grafana/10/chart/grafana/values.yaml | 2 +- addons/grafana/10/meta.yaml | 10 +- addons/grafana/10/plans/standard-5/bind.yaml | 15 +- .../15/chart/postgresql-cluster/Chart.yaml | 2 +- .../15/plans/standard-10/values.yaml | 2 +- .../15/plans/standard-100/values.yaml | 2 +- .../15/plans/standard-20/values.yaml | 2 +- .../15/plans/standard-200/values.yaml | 2 +- .../15/plans/standard-400/values.yaml | 2 +- .../15/plans/standard-800/values.yaml | 2 +- .../2/chart/prometheus/templates/_helpers.tpl | 24 ++- .../templates/server/configmap.yaml | 5 +- .../templates/server/deployment.yaml | 1 + .../prometheus/templates/server/sec.yaml | 2 +- .../prometheus/2/chart/prometheus/values.yaml | 40 +++-- addons/prometheus/2/meta.yaml | 16 +- .../prometheus/2/plans/standard-10/bind.yaml | 19 +-- .../2/plans/standard-10/values.yaml | 2 +- .../prometheus/2/plans/standard-100/bind.yaml | 23 +++ .../standard-100/create-instance-schema.json | 12 ++ .../prometheus/2/plans/standard-100/meta.yaml | 6 + .../2/plans/standard-100/values.yaml | 8 + .../prometheus/2/plans/standard-200/bind.yaml | 23 +++ .../standard-200/create-instance-schema.json | 12 ++ .../prometheus/2/plans/standard-200/meta.yaml | 6 + .../2/plans/standard-200/values.yaml | 8 + .../prometheus/2/plans/standard-50/bind.yaml | 19 +-- .../2/plans/standard-50/values.yaml | 2 +- .../prometheus/2/plans/standard-500/bind.yaml | 23 +++ .../standard-500/create-instance-schema.json | 12 ++ .../prometheus/2/plans/standard-500/meta.yaml | 6 + .../2/plans/standard-500/values.yaml | 8 + addons/prometheus/rules.yaml | 159 ++++++++++++++++++ 35 files changed, 438 insertions(+), 63 deletions(-) create mode 100644 addons/prometheus/2/plans/standard-100/bind.yaml create mode 100644 addons/prometheus/2/plans/standard-100/create-instance-schema.json create mode 100644 addons/prometheus/2/plans/standard-100/meta.yaml create mode 100644 addons/prometheus/2/plans/standard-100/values.yaml create mode 100644 addons/prometheus/2/plans/standard-200/bind.yaml create mode 100644 addons/prometheus/2/plans/standard-200/create-instance-schema.json create mode 100644 addons/prometheus/2/plans/standard-200/meta.yaml create mode 100644 addons/prometheus/2/plans/standard-200/values.yaml create mode 100644 addons/prometheus/2/plans/standard-500/bind.yaml create mode 100644 addons/prometheus/2/plans/standard-500/create-instance-schema.json create mode 100644 addons/prometheus/2/plans/standard-500/meta.yaml create mode 100644 addons/prometheus/2/plans/standard-500/values.yaml create mode 100644 addons/prometheus/rules.yaml diff --git a/addons/grafana/10/chart/grafana/templates/_helpers.tpl b/addons/grafana/10/chart/grafana/templates/_helpers.tpl index 011ba817..ba7f9a04 100644 --- a/addons/grafana/10/chart/grafana/templates/_helpers.tpl +++ b/addons/grafana/10/chart/grafana/templates/_helpers.tpl @@ -57,6 +57,14 @@ Return the Grafana admin password key {{- end -}} {{- end -}} +{{- define "admin.passwordValue" -}} +{{- if .Values.admin.password }} + {{- .Values.admin.password -}} +{{- else -}} + {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "GF_SECURITY_ADMIN_PASSWORD") -}} +{{- end -}} +{{- end }} + {{/* Return true if a secret object should be created */}} @@ -67,6 +75,20 @@ Return true if a secret object should be created {{- end -}} {{- end -}} +{{/* +Returns the available value for certain key in an existing secret (if it exists), +otherwise it generates a random value. +*/}} +{{- define "getValueFromSecret" }} +{{- $len := (default 16 .Length) | int -}} +{{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}} +{{- if $obj }} +{{- index $obj .Key | b64dec -}} +{{- else -}} +{{- randAlphaNum $len -}} +{{- end -}} +{{- end }} + {{/* Return the Grafana SMTP credentials secret */}} diff --git a/addons/grafana/10/chart/grafana/templates/secret.yaml b/addons/grafana/10/chart/grafana/templates/secret.yaml index bbe05846..645ebb05 100644 --- a/addons/grafana/10/chart/grafana/templates/secret.yaml +++ b/addons/grafana/10/chart/grafana/templates/secret.yaml @@ -11,6 +11,6 @@ metadata: app.kubernetes.io/component: grafana type: Opaque data: - GF_SECURITY_ADMIN_PASSWORD: {{ ternary (randAlphaNum 10) .Values.admin.password (empty .Values.admin.password) | b64enc | quote }} + GF_SECURITY_ADMIN_PASSWORD: {{ include "admin.passwordValue" . | b64enc | quote }} GF_SECURITY_ADMIN_USER: {{ .Values.admin.user | b64enc |quote }} {{- end }} diff --git a/addons/grafana/10/chart/grafana/values.yaml b/addons/grafana/10/chart/grafana/values.yaml index f18c0343..9b029425 100644 --- a/addons/grafana/10/chart/grafana/values.yaml +++ b/addons/grafana/10/chart/grafana/values.yaml @@ -575,7 +575,7 @@ serviceAccount: service: ## @param service.type Kubernetes Service type ## - type: ClusterIP + type: LoadBalancer ## @param service.clusterIP Grafana service Cluster IP ## e.g.: ## clusterIP: None diff --git a/addons/grafana/10/meta.yaml b/addons/grafana/10/meta.yaml index 224ca287..53031a14 100644 --- a/addons/grafana/10/meta.yaml +++ b/addons/grafana/10/meta.yaml @@ -1,5 +1,5 @@ -name: Grafana -version: 7.0 +name: grafana +version: "10" id: fff5b6c7-ed85-429b-8265-493e40cc53c7 description: "grafana" displayName: "grafana" @@ -9,12 +9,14 @@ metadata: name: drycc supportURL: http://grafana.io/ documentationURL: https://github.com/drycc-addons/ -tags: cloudbeaver +tags: grafana bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: false +plan_updateable: true allow_parameters: +- name: "networkPolicy.allowNamespaces" + description: "networkPolicy allowNamespaces config for values.yaml" - name: "service.type" description: "service type config for values.yaml" archive: false diff --git a/addons/grafana/10/plans/standard-5/bind.yaml b/addons/grafana/10/plans/standard-5/bind.yaml index a41ae66e..ba4641b9 100644 --- a/addons/grafana/10/plans/standard-5/bind.yaml +++ b/addons/grafana/10/plans/standard-5/bind.yaml @@ -1,30 +1,29 @@ credential: - {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + {{- if (eq .Values.service.type "LoadBalancer") }} + - name: EXTRANET_HOST valueFrom: serviceRef: - name: {{ printf "%s-router" (include "common.names.fullname" .) }} + name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.service.type "ClusterIP") }} + {{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-admin + name: {{ include "common.names.fullname" . }}-admin jsonpath: '{ .data.GF_SECURITY_ADMIN_PASSWORD }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-admin + name: {{ include "common.names.fullname" . }}-admin jsonpath: '{ .data.GF_SECURITY_ADMIN_USER }' - name: PORT valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }} jsonpath: '{ .spec.ports[?(@.name=="http")].port }' diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/Chart.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/Chart.yaml index 375ae4fe..da518fb1 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/Chart.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/Chart.yaml @@ -25,4 +25,4 @@ name: postgresql sources: - https://github.com/drycc-addons/ - https://www.postgresql.org/ -version: 15.3.1 +version: 15.4.1 diff --git a/addons/postgresql-cluster/15/plans/standard-10/values.yaml b/addons/postgresql-cluster/15/plans/standard-10/values.yaml index 94917aff..fd8fd98f 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/values.yaml @@ -72,5 +72,5 @@ resources: persistentVolume: enabled: true - size: 10G + size: 10Gi diff --git a/addons/postgresql-cluster/15/plans/standard-100/values.yaml b/addons/postgresql-cluster/15/plans/standard-100/values.yaml index 2f4c4841..90625a5d 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/values.yaml @@ -72,4 +72,4 @@ resources: persistentVolume: enabled: true - size: 100G + size: 100Gi diff --git a/addons/postgresql-cluster/15/plans/standard-20/values.yaml b/addons/postgresql-cluster/15/plans/standard-20/values.yaml index 3ef08abf..fed1e2da 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/values.yaml @@ -74,4 +74,4 @@ resources: persistentVolume: enabled: true - size: 20G + size: 20Gi diff --git a/addons/postgresql-cluster/15/plans/standard-200/values.yaml b/addons/postgresql-cluster/15/plans/standard-200/values.yaml index 5e9d641b..a0427d92 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/values.yaml @@ -71,4 +71,4 @@ resources: persistentVolume: enabled: true - size: 200G + size: 200Gi diff --git a/addons/postgresql-cluster/15/plans/standard-400/values.yaml b/addons/postgresql-cluster/15/plans/standard-400/values.yaml index b1afad1d..062ee7cb 100644 --- a/addons/postgresql-cluster/15/plans/standard-400/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-400/values.yaml @@ -72,4 +72,4 @@ resources: persistentVolume: enabled: true - size: 400G + size: 400Gi diff --git a/addons/postgresql-cluster/15/plans/standard-800/values.yaml b/addons/postgresql-cluster/15/plans/standard-800/values.yaml index 3e88193a..c6efbfa0 100644 --- a/addons/postgresql-cluster/15/plans/standard-800/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-800/values.yaml @@ -72,4 +72,4 @@ resources: persistentVolume: enabled: true - size: 800G + size: 800Gi diff --git a/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl b/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl index 45a72ec7..9027a2ff 100644 --- a/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl +++ b/addons/prometheus/2/chart/prometheus/templates/_helpers.tpl @@ -161,4 +161,26 @@ Get the Alertmanager configuration configmap. {{- else }} {{- include "prometheus.alertmanager.fullname" . -}} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} + +{{- define "server.passwordValue" -}} +{{- if .Values.server.password }} + {{- .Values.server.password -}} +{{- else -}} + {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "PASSWORD") -}} +{{- end -}} +{{- end }} + +{{/* +Returns the available value for certain key in an existing secret (if it exists), +otherwise it generates a random value. +*/}} +{{- define "getValueFromSecret" }} +{{- $len := (default 16 .Length) | int -}} +{{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}} +{{- if $obj }} +{{- index $obj .Key | b64dec -}} +{{- else -}} +{{- randAlphaNum $len -}} +{{- end -}} +{{- end }} \ No newline at end of file diff --git a/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml b/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml index 3c9703e8..cbd54657 100644 --- a/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml +++ b/addons/prometheus/2/chart/prometheus/templates/server/configmap.yaml @@ -20,6 +20,7 @@ data: {{- include "common.tplvalues.render" (dict "value" .Values.server.configuration "context" $) | toYaml | nindent 4 }} {{ include "prometheus.serever.web.configmapKey" .}}: {{- include "common.tplvalues.render" (dict "value" .Values.server.webconfig "context" $) | toYaml | nindent 4 }} - rules.yaml: - {{- include "common.tplvalues.render" (dict "value" .Values.server.alertingRules "context" $) | toYaml | nindent 4 }} + rules.yaml: + {{- include "common.tplvalues.render" (dict "value" .Values.server.rules "context" $) | toYaml | nindent 4 }} + {{- end }} diff --git a/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml b/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml index 026b0139..1d5bd7a2 100644 --- a/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml +++ b/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml @@ -114,6 +114,7 @@ spec: args: - "--config.file=/opt/drycc/prometheus/conf/{{ include "prometheus.server.configmapKey" . }}" - "--storage.tsdb.path={{ .Values.server.persistence.mountPath }}" + - "--storage.tsdb.retention.time={{ .Values.server.retentionDays }}" - "--storage.tsdb.retention.size={{ .Values.server.retentionSize }}" - "--log.level={{ .Values.server.logLevel }}" - "--log.format={{ .Values.server.logFormat }}" diff --git a/addons/prometheus/2/chart/prometheus/templates/server/sec.yaml b/addons/prometheus/2/chart/prometheus/templates/server/sec.yaml index fd0b368c..c538a98a 100644 --- a/addons/prometheus/2/chart/prometheus/templates/server/sec.yaml +++ b/addons/prometheus/2/chart/prometheus/templates/server/sec.yaml @@ -11,4 +11,4 @@ metadata: cluster-name: {{ template "prometheus.server.fullname" . }} type: Opaque data: - PASSWORD: {{ if .Values.password | default "" | ne "" }} {{ .Values.service.password | b64enc }}{{ else }}{{ randAlphaNum 32 | b64enc }}{{ end }} + PASSWORD: {{ include "server.passwordValue" . | b64enc | quote }} diff --git a/addons/prometheus/2/chart/prometheus/values.yaml b/addons/prometheus/2/chart/prometheus/values.yaml index f7f91f7e..a148e230 100644 --- a/addons/prometheus/2/chart/prometheus/values.yaml +++ b/addons/prometheus/2/chart/prometheus/values.yaml @@ -360,7 +360,7 @@ alertmanager: ingress: ## @param alertmanager.ingress.enabled Enable ingress record generation for Alertmanager ## - enabled: true + enabled: false ## @param alertmanager.ingress.pathType Ingress path type ## pathType: ImplementationSpecific @@ -479,7 +479,7 @@ alertmanager: service: ## @param alertmanager.service.type Alertmanager service type ## - type: LoadBalancer + type: ClusterIP ## @param alertmanager.service.ports.http Alertmanager service HTTP port ## @param alertmanager.service.ports.cluster Alertmanager cluster HA port ## @@ -578,7 +578,7 @@ alertmanager: ## server: username: admin - password: admin + password: To6EJBHPUo image: registry: registry.drycc.cc repository: drycc-addons/prometheus @@ -626,6 +626,9 @@ server: {{- end }} scrape_configs: - job_name: prometheus + basic_auth: + username: {{ .Values.server.username }} + password: {{ .Values.server.password }} {{- include "prometheus.scrape_config" (dict "component" "server" "context" $) | nindent 4 }} {{- if .Values.alertmanager.enabled }} - job_name: alertmanager @@ -650,15 +653,29 @@ server: - scheme: HTTP static_configs: - targets: [ "{{ printf "%s.%s.svc.%s:%d" (include "prometheus.alertmanager.fullname" .) (include "common.names.namespace" .) .Values.clusterDomain (int .Values.alertmanager.service.ports.http) }}" ] + {{- end }} rule_files: - rules.yaml - {{- end }} - - + ## @param server.alertingRules Prometheus alerting rules. This content will be stored in the the rules.yaml file and the content can be a template. ## ref: - ## - alertingRules: {} + ## + rules: | + {{` + groups: + - name: PG数据库-监控告警 + rules: + - alert: PostgresqlDown + expr: pg_up == 0 + for: 0m + labels: + severity: critical + annotations: + summary: Postgresql down (instance {{ $labels.instance }}) + description: "Postgresql instance is down\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + `}} + ## @param server.extraScrapeConfigs Promethus configuration, useful to declare new scrape_configs. This content will be merged with the 'server.configuration' value and stored in the the prometheus.yaml file. ## ref: ## @@ -932,7 +949,7 @@ server: logFormat: logfmt ## @param server.retention Metrics retention days ## - retention: 10d + retentionDays: 15d ## @param server.retentionSize Maximum size of metrics ## retentionSize: "0" @@ -1239,7 +1256,7 @@ server: ingress: ## @param server.ingress.enabled Enable ingress record generation for Prometheus ## - enabled: true + enabled: false ## @param server.ingress.pathType Ingress path type ## pathType: ImplementationSpecific @@ -1357,7 +1374,7 @@ server: service: ## @param server.service.type Prometheus service type ## - type: LoadBalancer + type: ClusterIP ## @param server.service.ports.http Prometheus service HTTP port ## ports: @@ -1412,6 +1429,7 @@ server: ## Enable persistence using Persistent Volume Claims ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ ## + persistence: ## @param server.persistence.enabled Enable persistence using Persistent Volume Claims. If you have multiple instances (server.repicacount > 1), please considere using an external storage service like Thanos or Grafana Mimir ## diff --git a/addons/prometheus/2/meta.yaml b/addons/prometheus/2/meta.yaml index 7ac5e2af..4f7d7ef2 100644 --- a/addons/prometheus/2/meta.yaml +++ b/addons/prometheus/2/meta.yaml @@ -13,12 +13,18 @@ tags: prometheus bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: false +plan_updateable: true allow_parameters: - name: "networkPolicy.allowNamespaces" description: "networkPolicy allowNamespaces config for values.yaml" -- name: "server.username" - description: "set username . default amdin" -- name: "server.username" - description: "set passsword . default amdin" +- name: "server.service.type" + description: "service type config for values.yaml" +- name: "alertmanager.enabled" + description: "alertmanager config for values.yaml" +- name: "server.retentionDays" + description: "retentionDays config for values.yaml default 15d" +- name: "server.retentionSize" + description: "retentionSize config for values.yaml default 0, unit MB, GB, TB" +- name: "server.rules" + description: "rules config for values.yaml" archive: false diff --git a/addons/prometheus/2/plans/standard-10/bind.yaml b/addons/prometheus/2/plans/standard-10/bind.yaml index e453fade..dd543b83 100644 --- a/addons/prometheus/2/plans/standard-10/bind.yaml +++ b/addons/prometheus/2/plans/standard-10/bind.yaml @@ -1,24 +1,23 @@ credential: {{- if (eq .Values.server.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: - serviceRef: - name: {{ include "common.names.fullname" . }} + serviceRef: + name: {{ template "prometheus.server.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' -{{- else if (eq .Values.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ template "prometheus.server.fullname" . }} jsonpath: '{ .spec.clusterIP }' -{{- end }} - name: PORT valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }} + name: {{ template "prometheus.server.fullname" . }} jsonpath: ' { .spec.ports[?(@.name=="http")].port }' - name: USER - valule: {{ .Values.server.username }} + value: {{ .Values.server.username }} - name: PASSWORD - valule: {{ .Values.server.password }} - {{- end }} + value: {{ .Values.server.password }} + diff --git a/addons/prometheus/2/plans/standard-10/values.yaml b/addons/prometheus/2/plans/standard-10/values.yaml index 796ae97e..06e89f6a 100644 --- a/addons/prometheus/2/plans/standard-10/values.yaml +++ b/addons/prometheus/2/plans/standard-10/values.yaml @@ -5,4 +5,4 @@ fullnameOverride: hb-prometheus-standard-10 server: persistence: size: 10Gi - retentionSize: 8Gi \ No newline at end of file + # retentionSize: 8GBi \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-100/bind.yaml b/addons/prometheus/2/plans/standard-100/bind.yaml new file mode 100644 index 00000000..668c5cdf --- /dev/null +++ b/addons/prometheus/2/plans/standard-100/bind.yaml @@ -0,0 +1,23 @@ +credential: +{{- if (eq .Values.server.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.server.username }} + - name: PASSWORD + value: {{ .Values.server.password }} + diff --git a/addons/prometheus/2/plans/standard-100/create-instance-schema.json b/addons/prometheus/2/plans/standard-100/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/prometheus/2/plans/standard-100/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-100/meta.yaml b/addons/prometheus/2/plans/standard-100/meta.yaml new file mode 100644 index 00000000..fdc3185e --- /dev/null +++ b/addons/prometheus/2/plans/standard-100/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-100" +id: 118aada0-4826-4dba-83d8-989fbf47c55a +description: "Prometheus Cluster standard-100 plan persistence size 100Gi." +displayName: "100Gi" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/prometheus/2/plans/standard-100/values.yaml b/addons/prometheus/2/plans/standard-100/values.yaml new file mode 100644 index 00000000..7e8b3d46 --- /dev/null +++ b/addons/prometheus/2/plans/standard-100/values.yaml @@ -0,0 +1,8 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-prometheus-standard-100 + +server: + persistence: + size: 100Gi + # retentionSize: 48GBi \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-200/bind.yaml b/addons/prometheus/2/plans/standard-200/bind.yaml new file mode 100644 index 00000000..668c5cdf --- /dev/null +++ b/addons/prometheus/2/plans/standard-200/bind.yaml @@ -0,0 +1,23 @@ +credential: +{{- if (eq .Values.server.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.server.username }} + - name: PASSWORD + value: {{ .Values.server.password }} + diff --git a/addons/prometheus/2/plans/standard-200/create-instance-schema.json b/addons/prometheus/2/plans/standard-200/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/prometheus/2/plans/standard-200/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-200/meta.yaml b/addons/prometheus/2/plans/standard-200/meta.yaml new file mode 100644 index 00000000..ddc6523c --- /dev/null +++ b/addons/prometheus/2/plans/standard-200/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-200" +id: be99a35d-dbb4-4e17-8b27-1f00c5bca057 +description: "Prometheus Cluster standard-200 plan persistence size 200Gi." +displayName: "200Gi" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/prometheus/2/plans/standard-200/values.yaml b/addons/prometheus/2/plans/standard-200/values.yaml new file mode 100644 index 00000000..c5f2a7e5 --- /dev/null +++ b/addons/prometheus/2/plans/standard-200/values.yaml @@ -0,0 +1,8 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-prometheus-standard-200 + +server: + persistence: + size: 200Gi + # retentionSize: 48GBi \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-50/bind.yaml b/addons/prometheus/2/plans/standard-50/bind.yaml index e453fade..668c5cdf 100644 --- a/addons/prometheus/2/plans/standard-50/bind.yaml +++ b/addons/prometheus/2/plans/standard-50/bind.yaml @@ -1,24 +1,23 @@ credential: {{- if (eq .Values.server.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: - serviceRef: - name: {{ include "common.names.fullname" . }} + serviceRef: + name: {{ template "prometheus.server.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' -{{- else if (eq .Values.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ template "prometheus.server.fullname" . }} jsonpath: '{ .spec.clusterIP }' -{{- end }} - name: PORT valueFrom: serviceRef: - name: {{ template "common.names.fullname" . }} + name: {{ template "prometheus.server.fullname" . }} jsonpath: ' { .spec.ports[?(@.name=="http")].port }' - name: USER - valule: {{ .Values.server.username }} + value: {{ .Values.server.username }} - name: PASSWORD - valule: {{ .Values.server.password }} - {{- end }} + value: {{ .Values.server.password }} + diff --git a/addons/prometheus/2/plans/standard-50/values.yaml b/addons/prometheus/2/plans/standard-50/values.yaml index 69caeefa..b59af0aa 100644 --- a/addons/prometheus/2/plans/standard-50/values.yaml +++ b/addons/prometheus/2/plans/standard-50/values.yaml @@ -5,4 +5,4 @@ fullnameOverride: hb-prometheus-standard-50 server: persistence: size: 50Gi - retentionSize: 48Gi \ No newline at end of file + # retentionSize: 48GBi \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-500/bind.yaml b/addons/prometheus/2/plans/standard-500/bind.yaml new file mode 100644 index 00000000..668c5cdf --- /dev/null +++ b/addons/prometheus/2/plans/standard-500/bind.yaml @@ -0,0 +1,23 @@ +credential: +{{- if (eq .Values.server.service.type "LoadBalancer") }} + - name: EXTRANET_HOST + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' +{{- end }} + - name: HOST + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: '{ .spec.clusterIP }' + - name: PORT + valueFrom: + serviceRef: + name: {{ template "prometheus.server.fullname" . }} + jsonpath: ' { .spec.ports[?(@.name=="http")].port }' + - name: USER + value: {{ .Values.server.username }} + - name: PASSWORD + value: {{ .Values.server.password }} + diff --git a/addons/prometheus/2/plans/standard-500/create-instance-schema.json b/addons/prometheus/2/plans/standard-500/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/prometheus/2/plans/standard-500/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/prometheus/2/plans/standard-500/meta.yaml b/addons/prometheus/2/plans/standard-500/meta.yaml new file mode 100644 index 00000000..d58ee8e0 --- /dev/null +++ b/addons/prometheus/2/plans/standard-500/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-500" +id: c28dc645-f17d-4304-a3f9-5dcaabad2a49 +description: "Prometheus Cluster standard-500 plan persistence size 500Gi." +displayName: "500Gi" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/prometheus/2/plans/standard-500/values.yaml b/addons/prometheus/2/plans/standard-500/values.yaml new file mode 100644 index 00000000..2b8e6318 --- /dev/null +++ b/addons/prometheus/2/plans/standard-500/values.yaml @@ -0,0 +1,8 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-prometheus-standard-500 + +server: + persistence: + size: 500Gi + # retentionSize: 48GBi \ No newline at end of file diff --git a/addons/prometheus/rules.yaml b/addons/prometheus/rules.yaml new file mode 100644 index 00000000..fe3d5a18 --- /dev/null +++ b/addons/prometheus/rules.yaml @@ -0,0 +1,159 @@ +server: + rules: |- + {{` + groups: + - name: PG数据库-监控告警 + rules: + - alert: PostgresqlDown + expr: pg_up == 0 + for: 0m + labels: + severity: critical + annotations: + summary: Postgresql down (instance {{ $labels.instance }}) + description: "Postgresql instance is down\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlRestarted + expr: time() - pg_postmaster_start_time_seconds < 60 + for: 0m + labels: + severity: critical + annotations: + summary: Postgresql restarted (instance {{ $labels.instance }}) + description: "Postgresql restarted\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlExporterError + expr: pg_exporter_last_scrape_error > 0 + for: 0m + labels: + severity: critical + annotations: + summary: Postgresql exporter error (instance {{ $labels.instance }}) + description: "Postgresql exporter is showing errors. A query may be buggy in query.yaml\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlTableNotAutoVacuumed + expr: (pg_stat_user_tables_last_autovacuum > 0) and (time() - pg_stat_user_tables_last_autovacuum) > 60 * 60 * 24 * 10 + for: 0m + labels: + severity: warning + annotations: + summary: Postgresql table not auto vacuumed (instance {{ $labels.instance }}) + description: "Table {{ $labels.relname }} has not been auto vacuumed for 10 days\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlTableNotAutoAnalyzed + expr: (pg_stat_user_tables_last_autoanalyze > 0) and (time() - pg_stat_user_tables_last_autoanalyze) > 24 * 60 * 60 * 10 + for: 0m + labels: + severity: warning + annotations: + summary: Postgresql table not auto analyzed (instance {{ $labels.instance }}) + description: "Table {{ $labels.relname }} has not been auto analyzed for 10 days\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlTooManyConnections + expr: sum by (datname) (pg_stat_activity_count{datname!~"template.*|postgres"}) > pg_settings_max_connections * 0.8 + for: 2m + labels: + severity: warning + annotations: + summary: Postgresql too many connections (instance {{ $labels.instance }}) + description: "PostgreSQL instance has too many connections (> 80%).\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlNotEnoughConnections + expr: sum by (datname) (pg_stat_activity_count{datname!~"template.*|postgres"}) < 5 + for: 2m + labels: + severity: warning + annotations: + summary: Postgresql not enough connections (instance {{ $labels.instance }}) + description: "PostgreSQL instance should have more connections (> 5)\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlDeadLocks + expr: increase(pg_stat_database_deadlocks{datname!~"template.*|postgres"}[1m]) > 5 + for: 0m + labels: + severity: warning + annotations: + summary: Postgresql dead locks (instance {{ $labels.instance }}) + description: "PostgreSQL has dead-locks\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlHighRollbackRate + expr: sum by (namespace,datname) ((rate(pg_stat_database_xact_rollback{datname!~"template.*|postgres",datid!="0"}[3m])) / ((rate(pg_stat_database_xact_rollback{datname!~"template.*|postgres",datid!="0"}[3m])) + (rate(pg_stat_database_xact_commit{datname!~"template.*|postgres",datid!="0"}[3m])))) > 0.02 + for: 0m + labels: + severity: warning + annotations: + summary: Postgresql high rollback rate (instance {{ $labels.instance }}) + description: "Ratio of transactions being aborted compared to committed is > 2 %\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlCommitRateLow + expr: rate(pg_stat_database_xact_commit[1m]) < 10 + for: 2m + labels: + severity: critical + annotations: + summary: Postgresql commit rate low (instance {{ $labels.instance }}) + description: "Postgresql seems to be processing very few transactions\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlLowXidConsumption + expr: rate(pg_txid_current[1m]) < 5 + for: 2m + labels: + severity: warning + annotations: + summary: Postgresql low XID consumption (instance {{ $labels.instance }}) + description: "Postgresql seems to be consuming transaction IDs very slowly\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlHighRateStatementTimeout + expr: rate(postgresql_errors_total{type="statement_timeout"}[1m]) > 3 + for: 0m + labels: + severity: critical + annotations: + summary: Postgresql high rate statement timeout (instance {{ $labels.instance }}) + description: "Postgres transactions showing high rate of statement timeouts\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlHighRateDeadlock + expr: increase(postgresql_errors_total{type="deadlock_detected"}[1m]) > 1 + for: 0m + labels: + severity: critical + annotations: + summary: Postgresql high rate deadlock (instance {{ $labels.instance }}) + description: "Postgres detected deadlocks\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlUnusedReplicationSlot + expr: pg_replication_slots_active == 0 + for: 1m + labels: + severity: warning + annotations: + summary: Postgresql unused replication slot (instance {{ $labels.instance }}) + description: "Unused Replication Slots\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlTooManyDeadTuples + expr: ((pg_stat_user_tables_n_dead_tup > 10000) / (pg_stat_user_tables_n_live_tup + pg_stat_user_tables_n_dead_tup)) >= 0.1 + for: 2m + labels: + severity: warning + annotations: + summary: Postgresql too many dead tuples (instance {{ $labels.instance }}) + description: "PostgreSQL dead tuples is too large\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlConfigurationChanged + expr: '{__name__=~"pg_settings_.*"} != ON(__name__) {__name__=~"pg_settings_([^t]|t[^r]|tr[^a]|tra[^n]|tran[^s]|trans[^a]|transa[^c]|transac[^t]|transact[^i]|transacti[^o]|transactio[^n]|transaction[^_]|transaction_[^r]|transaction_r[^e]|transaction_re[^a]|transaction_rea[^d]|transaction_read[^_]|transaction_read_[^o]|transaction_read_o[^n]|transaction_read_on[^l]|transaction_read_onl[^y]).* "} OFFSET 5m' + for: 0m + labels: + severity: info + annotations: + summary: Postgresql configuration changed (instance {{ $labels.instance }}) + description: "Postgres Database configuration change has occurred\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + + - alert: PostgresqlSslCompressionActive + expr: sum(pg_stat_ssl_compression) > 0 + for: 0m + labels: + severity: critical + annotations: + summary: Postgresql SSL compression active (instance {{ $labels.instance }}) + description: "Database connections with SSL compression enabled. This may add significant jitter in replication delay. in recovery.conf.\n VALUE = {{ $value }}\n LABELS = {{ $labels }}" + `}} \ No newline at end of file From 55d5e3307aafca4d86b0813310ab43973252bbc8 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Fri, 22 Dec 2023 14:00:13 +0800 Subject: [PATCH 41/48] megre(addons): megre from upstream --- .../15/chart/postgresql-cluster/README.md | 11 +---------- .../postgresql-cluster/templates/_helpers.tpl | 4 ---- .../postgresql-cluster/templates/cm-backup.yaml | 14 +------------- .../15/chart/postgresql-cluster/templates/sec.yaml | 7 +------ .../postgresql-cluster/templates/statefulset.yaml | 5 ----- .../15/chart/postgresql-cluster/values.yaml | 7 ++----- .../15/plans/standard-10/bind.yaml | 5 +---- .../15/plans/standard-50/meta.yaml | 4 ---- 8 files changed, 6 insertions(+), 51 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md index 59cf8250..4dd6522d 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/README.md @@ -71,7 +71,6 @@ backup: - Login database web with admin user & password -<<<<<<< HEAD - Change administrator initial password ``` ALTER USER administrator WITH ENCRYPTED PASSWORD 'newpassword'; @@ -88,15 +87,7 @@ GRANT `myuser` to administrator ; - CREATE APP DATABASE ``` CREATE DATABASE `mydb` OWNER `myuser`; -======= -- CREATE APP USER -``` -CREATE USER `my_user` WITH CONNECTION LIMIT `conn_limit` LOGIN ENCRYPTED PASSWORD 'password'; -``` -- CREATE APP DATABASE -``` -CREATE DATABASE `my_db` OWNER `my_user`; ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd + ``` - CREATE EXTENSIONS ``` diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl index ad84a3b0..bb67a496 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/_helpers.tpl @@ -189,11 +189,7 @@ Get the administrator password ; {{- if .Values.adminRole.password }} {{- .Values.adminRole.password -}} {{- else -}} -<<<<<<< HEAD {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "admin-password") -}} -======= - {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "password-replication") -}} ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd {{- end -}} {{- end }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml index 601a4f03..62cb7596 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/cm-backup.yaml @@ -1,7 +1,3 @@ -<<<<<<< HEAD -======= -{{- if (include "backup.createConfigmap" .) }} ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd apiVersion: v1 kind: ConfigMap metadata: @@ -17,13 +13,5 @@ metadata: {{- end }} data: backup.env: |- -<<<<<<< HEAD {{- include "common.tplvalues.render" ( dict "value" .Values.backupEnv "context" $ ) | nindent 4 }} -======= - {{- include "common.tplvalues.render" ( dict "value" .Values.backupEnv "context" $ ) | nindent 4 }} - # archive_command.sh: | - - # #/bin/bash - # source backup.env - # [ $USE_WALG ] ? sh /opt/drycc/postgresql/walbackup.sh %p : /bin/true -{{- end -}} ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd + diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml index 9bd002e3..c2e13055 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/sec.yaml @@ -14,10 +14,5 @@ data: password-superuser: {{ include "credentials.superuserValue" . | b64enc | quote }} password-rewind: {{ include "credentials.rewindValue" . | b64enc | quote }} password-replication: {{ include "credentials.replicationValue" . | b64enc | quote }} -<<<<<<< HEAD admin-user: {{ .Values.adminRole.username | b64enc | quote }} - admin-password: {{ include "adminRole.passwordValue" . | b64enc | quote }} -======= - admin-user: {{ .Values.adminRole.username | b64enc }} - admin-password: {{ .Values.adminRole.password | b64enc }} ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd + admin-password: {{ include "adminRole.passwordValue" . | b64enc | quote }} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 66c979cd..0dad1437 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -161,11 +161,6 @@ spec: resources: {{- toYaml .Values.metrics.resources | nindent 12 }} {{- end }} {{- end }} -<<<<<<< HEAD - -======= - {{- if .Values.backup.enabled }} ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd - name: {{ .Chart.Name }}-backup image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index cd40d29a..d15aa52a 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -124,13 +124,10 @@ postInitScript: | psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor;create extension pg_stat_statements;create extension pg_buffercache ;" # Create admin user if [[( -n "$ADMIN_USER") && ( -n "$ADMIN_PASSWORD")]]; then -<<<<<<< HEAD + echo "Creating user ${ADMIN_USER}" psql -w -c "CREATE USER ${ADMIN_USER} WITH SUPERUSER CREATEDB CREATEROLE CONNECTION LIMIT 10 LOGIN ENCRYPTED PASSWORD '${ADMIN_PASSWORD}'" -======= - echo "Creating user ${ADMIN_USER}" - # psql -w -c "CREATE USER ${ADMIN_USER} WITH NOSUPERUSER CREATEDB CREATEROLE REPLICATION CONNECTION LIMIT 10 LOGIN ENCRYPTED PASSWORD '${ADMIN_PASSWORD}'" ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd + else echo "Skipping create admin user" fi diff --git a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml index 11bbb4e1..e41b7b31 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/bind.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/bind.yaml @@ -32,10 +32,7 @@ credential: name: {{ template "common.names.fullname" . }} jsonpath: '{ .data.admin-user }' - name: PORT -<<<<<<< HEAD value: 5432 - name: DADABASE value: postgres -======= - value: 5432 ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd + diff --git a/addons/postgresql-cluster/15/plans/standard-50/meta.yaml b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml index 7586884a..a194f7ef 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/meta.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/meta.yaml @@ -1,10 +1,6 @@ name: "standard-50" id: 0542f411-4e7b-46af-966c-c9989e54873c -<<<<<<< HEAD description: "PostgreSQL Cluster standard-50 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" -======= -description: "PostgreSQL standard-50 plan: Disk 50Gi ,vCPUs 2 , RAM 8G , DB MAX Connection 2000" ->>>>>>> d9ed1063e1d4d34d5a535bf86bacd2c9d2a31dfd displayName: "standard-50" bindable: true maximum_polling_duration: 1800 From 1965e9b4f4a5d27ea539445d1e17d3b1cb0464d2 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 2 Jan 2024 14:33:56 +0800 Subject: [PATCH 42/48] chore(postgresql-cluster): reset wal retain size --- .../15/chart/postgresql-cluster/values.yaml | 1 - .../postgresql-cluster/15/plans/standard-10/values.yaml | 4 ++-- .../postgresql-cluster/15/plans/standard-100/values.yaml | 8 ++++---- .../postgresql-cluster/15/plans/standard-20/values.yaml | 4 ++-- .../postgresql-cluster/15/plans/standard-200/values.yaml | 8 ++++---- .../postgresql-cluster/15/plans/standard-400/values.yaml | 8 ++++---- .../postgresql-cluster/15/plans/standard-50/values.yaml | 4 ++-- .../postgresql-cluster/15/plans/standard-800/values.yaml | 8 ++++---- 8 files changed, 22 insertions(+), 23 deletions(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index d15aa52a..b32ab391 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -72,7 +72,6 @@ preInitScript: | hot_standby: "on" max_connections: 1005 max_worker_processes: 8 - wal_keep_segments: 1024 max_wal_senders: 10 max_replication_slots: 10 max_prepared_transactions: 0 diff --git a/addons/postgresql-cluster/15/plans/standard-10/values.yaml b/addons/postgresql-cluster/15/plans/standard-10/values.yaml index fd8fd98f..adf735cd 100644 --- a/addons/postgresql-cluster/15/plans/standard-10/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-10/values.yaml @@ -28,7 +28,7 @@ postgresql: # Checkpointing: checkpoint_timeout = '15 min' checkpoint_completion_target = 0.9 - max_wal_size = '1024 MB' + max_wal_size = '1 GB' min_wal_size = '512 MB' # WAL writing @@ -36,7 +36,7 @@ postgresql: wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) wal_writer_delay = 200ms wal_writer_flush_after = 1MB - wal_keep_size = '3650 MB' + wal_keep_size = '1 GB' # Background writer bgwriter_delay = 200ms diff --git a/addons/postgresql-cluster/15/plans/standard-100/values.yaml b/addons/postgresql-cluster/15/plans/standard-100/values.yaml index 90625a5d..97b6efe0 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/values.yaml @@ -26,17 +26,17 @@ postgresql: synchronous_commit = on # Checkpointing: - checkpoint_timeout = '15 min' + checkpoint_timeout = '25 min' checkpoint_completion_target = 0.9 - max_wal_size = '1024 MB' - min_wal_size = '512 MB' + max_wal_size = '4 GB' + min_wal_size = '2 GB' # WAL writing wal_compression = on wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) wal_writer_delay = 200ms wal_writer_flush_after = 1MB - wal_keep_size = '3650 MB' + wal_keep_size = '4 GB' # Background writer diff --git a/addons/postgresql-cluster/15/plans/standard-20/values.yaml b/addons/postgresql-cluster/15/plans/standard-20/values.yaml index fed1e2da..b0f465d2 100644 --- a/addons/postgresql-cluster/15/plans/standard-20/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-20/values.yaml @@ -28,7 +28,7 @@ postgresql: # Checkpointing: checkpoint_timeout = '15 min' checkpoint_completion_target = 0.9 - max_wal_size = '1024 MB' + max_wal_size = '2 GB' min_wal_size = '512 MB' @@ -37,7 +37,7 @@ postgresql: wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) wal_writer_delay = 200ms wal_writer_flush_after = 1MB - wal_keep_size = '3650 MB' + wal_keep_size = '1 GB' # Background writer diff --git a/addons/postgresql-cluster/15/plans/standard-200/values.yaml b/addons/postgresql-cluster/15/plans/standard-200/values.yaml index a0427d92..24ca6659 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/values.yaml @@ -26,17 +26,17 @@ postgresql: synchronous_commit = on # Checkpointing: - checkpoint_timeout = '15 min' + checkpoint_timeout = '25 min' checkpoint_completion_target = 0.9 - max_wal_size = '1024 MB' - min_wal_size = '512 MB' + max_wal_size = '5 GB' + min_wal_size = '3 GB' # WAL writing wal_compression = on wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) wal_writer_delay = 200ms wal_writer_flush_after = 1MB - wal_keep_size = '3650 MB' + wal_keep_size = '5 GB' # Background writer bgwriter_delay = 200ms diff --git a/addons/postgresql-cluster/15/plans/standard-400/values.yaml b/addons/postgresql-cluster/15/plans/standard-400/values.yaml index 062ee7cb..44d572d8 100644 --- a/addons/postgresql-cluster/15/plans/standard-400/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-400/values.yaml @@ -26,17 +26,17 @@ postgresql: synchronous_commit = on # Checkpointing: - checkpoint_timeout = '15 min' + checkpoint_timeout = '30 min' checkpoint_completion_target = 0.9 - max_wal_size = '1024 MB' - min_wal_size = '512 MB' + max_wal_size = '6 GB' + min_wal_size = '2 GB' # WAL writing wal_compression = on wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) wal_writer_delay = 200ms wal_writer_flush_after = 1MB - wal_keep_size = '3650 MB' + wal_keep_size = '10 GB' # Background writer bgwriter_delay = 200ms diff --git a/addons/postgresql-cluster/15/plans/standard-50/values.yaml b/addons/postgresql-cluster/15/plans/standard-50/values.yaml index 046e87ea..c911400d 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/values.yaml @@ -28,7 +28,7 @@ postgresql: # Checkpointing: checkpoint_timeout = '15 min' checkpoint_completion_target = 0.9 - max_wal_size = '1024 MB' + max_wal_size = '2 GB' min_wal_size = '512 MB' # WAL writing @@ -36,7 +36,7 @@ postgresql: wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) wal_writer_delay = 200ms wal_writer_flush_after = 1MB - wal_keep_size = '3650 MB' + wal_keep_size = '3 GB' # Background writer diff --git a/addons/postgresql-cluster/15/plans/standard-800/values.yaml b/addons/postgresql-cluster/15/plans/standard-800/values.yaml index c6efbfa0..4c62936e 100644 --- a/addons/postgresql-cluster/15/plans/standard-800/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-800/values.yaml @@ -26,17 +26,17 @@ postgresql: synchronous_commit = on # Checkpointing: - checkpoint_timeout = '15 min' + checkpoint_timeout = '30 min' checkpoint_completion_target = 0.9 - max_wal_size = '10240 MB' - min_wal_size = '5120 MB' + max_wal_size = '8 GB' + min_wal_size = '4 GB' # WAL writing wal_compression = on wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) wal_writer_delay = 200ms wal_writer_flush_after = 1MB - wal_keep_size = '22080 MB' + wal_keep_size = '10 GB' # Background writer bgwriter_delay = 200ms From a3e38686bd3a356614065b1484e11c5dae06d064 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 11 Jan 2024 09:35:37 +0800 Subject: [PATCH 43/48] chore(postgresql-cluster):add hugepages-2Mi limit in plans --- addons/postgresql-cluster/15/plans/standard-100/values.yaml | 1 + addons/postgresql-cluster/15/plans/standard-200/values.yaml | 1 + addons/postgresql-cluster/15/plans/standard-400/values.yaml | 2 +- addons/postgresql-cluster/15/plans/standard-50/values.yaml | 3 ++- addons/postgresql-cluster/15/plans/standard-800/values.yaml | 2 +- 5 files changed, 6 insertions(+), 3 deletions(-) diff --git a/addons/postgresql-cluster/15/plans/standard-100/values.yaml b/addons/postgresql-cluster/15/plans/standard-100/values.yaml index 97b6efe0..fff5cf6a 100644 --- a/addons/postgresql-cluster/15/plans/standard-100/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-100/values.yaml @@ -66,6 +66,7 @@ resources: limits: cpu: 4000m memory: 16Gi + hugepages-2Mi: 50Mi requests: cpu: 4000m memory: 16Gi diff --git a/addons/postgresql-cluster/15/plans/standard-200/values.yaml b/addons/postgresql-cluster/15/plans/standard-200/values.yaml index 24ca6659..097a65b6 100644 --- a/addons/postgresql-cluster/15/plans/standard-200/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-200/values.yaml @@ -65,6 +65,7 @@ resources: limits: cpu: 8000m memory: 32Gi + hugepages-2Mi: 60Mi requests: cpu: 8000m memory: 32Gi diff --git a/addons/postgresql-cluster/15/plans/standard-400/values.yaml b/addons/postgresql-cluster/15/plans/standard-400/values.yaml index 44d572d8..3dd25a18 100644 --- a/addons/postgresql-cluster/15/plans/standard-400/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-400/values.yaml @@ -65,7 +65,7 @@ resources: limits: cpu: 16000m memory: 64Gi - # hugepages-2Mi: 4Mi + hugepages-2Mi: 40Mi requests: cpu: 16000m memory: 64Gi diff --git a/addons/postgresql-cluster/15/plans/standard-50/values.yaml b/addons/postgresql-cluster/15/plans/standard-50/values.yaml index c911400d..4712cacb 100644 --- a/addons/postgresql-cluster/15/plans/standard-50/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-50/values.yaml @@ -66,10 +66,11 @@ resources: limits: cpu: 2000m memory: 8Gi + hugepages-2Mi: 20Mi requests: cpu: 2000m memory: 8Gi persistentVolume: enabled: true - size: 50G + size: 50Gi diff --git a/addons/postgresql-cluster/15/plans/standard-800/values.yaml b/addons/postgresql-cluster/15/plans/standard-800/values.yaml index 4c62936e..a91fe646 100644 --- a/addons/postgresql-cluster/15/plans/standard-800/values.yaml +++ b/addons/postgresql-cluster/15/plans/standard-800/values.yaml @@ -65,7 +65,7 @@ resources: limits: cpu: 32000m memory: 128Gi - # hugepages-2Mi: 4Mi + hugepages-2Mi: 80Mi requests: cpu: 32000m memory: 128Gi From 6e6c35485120be392059b32f127dae01e7dc6313 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Thu, 18 Jan 2024 09:56:36 +0800 Subject: [PATCH 44/48] chore(addons): alter cloudbeaver plan to 10, prometheus add hotupdate param --- .../23/plans/{standard-5 => standard-10}/bind.yaml | 0 .../create-instance-schema.json | 0 .../23/plans/{standard-5 => standard-10}/meta.yaml | 0 .../23/plans/{standard-5 => standard-10}/values.yaml | 2 +- .../chart/postgresql-cluster/templates/statefulset.yaml | 5 +++++ .../15/chart/postgresql-cluster/values.yaml | 9 +++++++++ .../2/chart/prometheus/templates/server/deployment.yaml | 1 + 7 files changed, 16 insertions(+), 1 deletion(-) rename addons/cloudbeaver/23/plans/{standard-5 => standard-10}/bind.yaml (100%) rename addons/cloudbeaver/23/plans/{standard-5 => standard-10}/create-instance-schema.json (100%) rename addons/cloudbeaver/23/plans/{standard-5 => standard-10}/meta.yaml (100%) rename addons/cloudbeaver/23/plans/{standard-5 => standard-10}/values.yaml (99%) diff --git a/addons/cloudbeaver/23/plans/standard-5/bind.yaml b/addons/cloudbeaver/23/plans/standard-10/bind.yaml similarity index 100% rename from addons/cloudbeaver/23/plans/standard-5/bind.yaml rename to addons/cloudbeaver/23/plans/standard-10/bind.yaml diff --git a/addons/cloudbeaver/23/plans/standard-5/create-instance-schema.json b/addons/cloudbeaver/23/plans/standard-10/create-instance-schema.json similarity index 100% rename from addons/cloudbeaver/23/plans/standard-5/create-instance-schema.json rename to addons/cloudbeaver/23/plans/standard-10/create-instance-schema.json diff --git a/addons/cloudbeaver/23/plans/standard-5/meta.yaml b/addons/cloudbeaver/23/plans/standard-10/meta.yaml similarity index 100% rename from addons/cloudbeaver/23/plans/standard-5/meta.yaml rename to addons/cloudbeaver/23/plans/standard-10/meta.yaml diff --git a/addons/cloudbeaver/23/plans/standard-5/values.yaml b/addons/cloudbeaver/23/plans/standard-10/values.yaml similarity index 99% rename from addons/cloudbeaver/23/plans/standard-5/values.yaml rename to addons/cloudbeaver/23/plans/standard-10/values.yaml index 920f16ca..dee9c848 100644 --- a/addons/cloudbeaver/23/plans/standard-5/values.yaml +++ b/addons/cloudbeaver/23/plans/standard-10/values.yaml @@ -51,7 +51,7 @@ persistence: - ReadWriteOnce ## @param primary.persistence.size MySQL primary persistent volume size ## - size: 5Gi + size: 10Gi ## @param primary.persistence.selector Selector to match an existing Persistent Volume ## selector: ## matchLabels: diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml index 0dad1437..61881313 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/templates/statefulset.yaml @@ -229,6 +229,11 @@ spec: - name: storage-volume emptyDir: {} {{- end }} + {{- if .Values.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} {{- if .Values.persistentVolume.enabled }} volumeClaimTemplates: - metadata: diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index b32ab391..857ee44d 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -277,6 +277,15 @@ backup: awsS3ForcePathStyle: "true" awsRegion: dx-1 +## persistentVolumeClaimRetentionPolicy +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention +## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet +## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced +## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted +persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Delete + whenDeleted: Delete persistentVolume: enabled: true size: 10G diff --git a/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml b/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml index 12480ad1..d8ecaa9f 100644 --- a/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml +++ b/addons/prometheus/2/chart/prometheus/templates/server/deployment.yaml @@ -122,6 +122,7 @@ spec: - "--web.console.libraries=/opt/drycc/prometheus/conf/console_libraries" - "--web.console.templates=/opt/drycc/prometheus/conf/consoles" - "--web.config.file=/opt/drycc/prometheus/conf/web-config.yaml" + - "--web.enable-lifecycle" {{- if .Values.server.enableAdminAPI}} - "--web.enable-admin-api" {{- end }} From 739675b98b85952772d460b43b790b6841200319 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 23 Jan 2024 10:28:41 +0800 Subject: [PATCH 45/48] chore(mysql-cluster): adjust bind params --- .../8.0/chart/mysql-cluster/Chart.yaml | 4 +- .../templates/cluster/deployments.yaml | 41 +++++++++++++++++++ .../mysql-cluster/templates/cluster/job.yaml | 3 +- .../mysql-cluster/templates/secrets.yaml | 4 +- .../8.0/chart/mysql-cluster/values.yaml | 8 ++-- addons/mysql-cluster/8.0/meta.yaml | 4 +- .../8.0/plans/standard-10/bind.yaml | 17 +++----- .../8.0/plans/standard-10/values.yaml | 4 +- .../8.0/plans/standard-100/bind.yaml | 19 ++++----- .../8.0/plans/standard-20/bind.yaml | 17 +++----- .../8.0/plans/standard-200/bind.yaml | 17 +++----- .../8.0/plans/standard-400/bind.yaml | 17 +++----- .../8.0/plans/standard-50/bind.yaml | 17 +++----- .../8.0/plans/standard-800/bind.yaml | 17 +++----- 14 files changed, 99 insertions(+), 90 deletions(-) create mode 100644 addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/deployments.yaml diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/Chart.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/Chart.yaml index 634f9453..8b3d99c5 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/Chart.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/Chart.yaml @@ -1,7 +1,7 @@ annotations: category: Database apiVersion: v2 -appVersion: 8.0.30 +appVersion: 8.0.35 dependencies: - name: common repository: oci://registry.drycc.cc/charts @@ -25,4 +25,4 @@ name: mysql sources: - https://github.com/drycc/containers/tree/main/drycc/mysql - https://mysql.com -version: 9.3.5 +version: 8.0.35 diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/deployments.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/deployments.yaml new file mode 100644 index 00000000..ef626420 --- /dev/null +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/deployments.yaml @@ -0,0 +1,41 @@ +{{- /* +Copyright Drycc Community. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mysql.cluster.fullname" . }}-tools + namespace: {{ include "common.names.namespace" . | quote }} +spec: + replicas: 1 + selector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: mysql-cluster-tools + + template: + metadata: + labels: {{- include "common.labels.standard" . | nindent 8 }} + app.kubernetes.io/component: mysql-cluster-tools + + spec: + containers: + - name: cluster-tools + image: {{ include "cluster.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + command: + - /bin/bash + - -ec + - | + sleep infinity + env: + - name: MYSQL_MASTER_PORT_NUMBER + value: {{ .Values.primary.service.ports.mysql | quote }} + - name: MYSQL_MASTER_ROOT_USER + value: "root" + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "mysql.secretName" . }} + key: mysql-root-password diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/job.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/job.yaml index a922a4c4..88365d71 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/job.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/cluster/job.yaml @@ -67,7 +67,8 @@ spec: " > /tmp/slave.sql mysql -h${HOST_1} -P${MYSQL_MASTER_PORT_NUMBER} -uroot -p${MYSQL_ROOT_PASSWORD} < /tmp/slave.sql mysql -h${HOST_2} -P${MYSQL_MASTER_PORT_NUMBER} -uroot -p${MYSQL_ROOT_PASSWORD} < /tmp/slave.sql - + mysql -h${HOST_0} -P${MYSQL_MASTER_PORT_NUMBER} -uroot -p${MYSQL_ROOT_PASSWORD} -e "GRANT ALL PRIVILEGES ON *.* TO administrator@'%' WITH GRANT OPTION;flush privileges;" + env: - name: DRYCC_DEBUG value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/secrets.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/secrets.yaml index c51cfb39..75c6bf5e 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/secrets.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/secrets.yaml @@ -46,7 +46,7 @@ metadata: {{- end }} type: servicebinding.io/mysql data: - provider: {{ print "bitnami" | b64enc | quote }} + provider: {{ print "drycc" | b64enc | quote }} type: {{ print "mysql" | b64enc | quote }} host: {{ print $host | b64enc | quote }} port: {{ print $port | b64enc | quote }} @@ -60,7 +60,7 @@ data: apiVersion: v1 kind: Secret metadata: - name: {{ include "common.names.fullname" . }}-svcbind-custom-user + name: {{ include "common.names.fullname" . }}-svcbind-administrator-user namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml index 2c70143b..031cbe43 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml @@ -113,11 +113,11 @@ auth: ## @param auth.database Name for a custom database to create ## ref: https://github.com/drycc/containers/tree/main/drycc/mysql#creating-a-database-on-first-run ## - database: "mx_database" + database: "mondb" ## @param auth.username Name for a custom user to create ## ref: https://github.com/drycc/containers/tree/main/drycc/mysql#creating-a-database-user-on-first-run ## - username: "mx111" + username: "administrator" ## @param auth.password Password for the new user. Ignored if existing secret is provided ## password: "" @@ -127,7 +127,7 @@ auth: replicationUser: replicator ## @param auth.replicationPassword MySQL replication user password. Ignored if existing secret is provided ## - replicationPassword: "user4_repUU" + replicationPassword: "" ## @param auth.existingSecret Use existing secret for password details. The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password` ## NOTE: When it's set the auth.rootPassword, auth.password, auth.replicationPassword are ignored. ## @@ -244,6 +244,7 @@ primary: disabled_storage_engines="MyISAM,BLACKHOLE,FEDERATED,ARCHIVE,MEMORY" sql_require_primary_key=ON log_error_suppression_list='MY-013360' + binlog_transaction_dependency_tracking=WRITESET # Replication log_bin=mysql-bin @@ -603,6 +604,7 @@ cluster: digest: "" pullPolicy: IfNotPresent + router: ## @param router.name Name of the router ## diff --git a/addons/mysql-cluster/8.0/meta.yaml b/addons/mysql-cluster/8.0/meta.yaml index 5af39a4c..273e3a55 100644 --- a/addons/mysql-cluster/8.0/meta.yaml +++ b/addons/mysql-cluster/8.0/meta.yaml @@ -13,7 +13,7 @@ tags: mysql-cluster bindable: true instances_retrievable: true bindings_retrievable: true -plan_updateable: false +plan_updateable: true allow_parameters: - name: "networkPolicy.allowNamespaces" required: false @@ -21,4 +21,4 @@ allow_parameters: - name: "router.service.type" required: false description: "service type config for values.yaml" -archive: false +archive: false \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml index 3ec3ed37..4dffea55 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml @@ -9,31 +9,26 @@ credential: - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' {{- end }} - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user + jsonpath: '{ .data.password }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.username }' - name: READONLY_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portro }' - name: READWRITE_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml index f90075a8..5e2e6f5d 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml @@ -16,10 +16,10 @@ primary: resources: limits: cpu: 1000m - memory: 1024Mi + memory: 2048Mi requests: cpu: 1000m - memory: 1024Mi + memory: 2048Mi ## @section Persistence parameters diff --git a/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml index 3ec3ed37..1bb7d8b5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml @@ -9,31 +9,26 @@ credential: - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' + {{- end }} - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user + jsonpath: '{ .data.password }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.username }' - name: READONLY_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portro }' - name: READWRITE_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml index 3ec3ed37..4dffea55 100644 --- a/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml @@ -9,31 +9,26 @@ credential: - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' {{- end }} - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user + jsonpath: '{ .data.password }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.username }' - name: READONLY_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portro }' - name: READWRITE_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml index 3ec3ed37..4dffea55 100644 --- a/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml @@ -9,31 +9,26 @@ credential: - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' {{- end }} - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user + jsonpath: '{ .data.password }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.username }' - name: READONLY_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portro }' - name: READWRITE_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml index 3ec3ed37..4dffea55 100644 --- a/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml @@ -9,31 +9,26 @@ credential: - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' {{- end }} - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user + jsonpath: '{ .data.password }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.username }' - name: READONLY_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portro }' - name: READWRITE_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml index 3ec3ed37..4dffea55 100644 --- a/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml @@ -9,31 +9,26 @@ credential: - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' {{- end }} - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user + jsonpath: '{ .data.password }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.username }' - name: READONLY_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portro }' - name: READWRITE_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portrw }' \ No newline at end of file diff --git a/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml index 3ec3ed37..4dffea55 100644 --- a/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml @@ -9,31 +9,26 @@ credential: - name: HOST valueFrom: serviceRef: - name: {{ include "common.names.fullname" . }} + name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' {{- end }} - - name: DADABASE - valueFrom: - secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.database }' - name: PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user - jsonpath: '{ .data.username }' + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user + jsonpath: '{ .data.password }' - name: USERNAME valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.username }' - name: READONLY_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portro }' - name: READWRITE_PORT valueFrom: secretKeyRef: - name: {{ template "common.names.fullname" . }}-svcbind-custom-user + name: {{ template "common.names.fullname" . }}-svcbind-administrator-user jsonpath: '{ .data.portrw }' \ No newline at end of file From d120aa803377aeaa74a296d0e66009c69306bb1b Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Tue, 23 Jan 2024 15:45:30 +0800 Subject: [PATCH 46/48] chore(postgresql-cluster): add plan 4t --- .../15/plans/standard-4t/bind.yaml | 37 +++++++++ .../standard-4t/create-instance-schema.json | 12 +++ .../15/plans/standard-4t/meta.yaml | 6 ++ .../15/plans/standard-4t/values.yaml | 75 +++++++++++++++++++ 4 files changed, 130 insertions(+) create mode 100644 addons/postgresql-cluster/15/plans/standard-4t/bind.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-4t/create-instance-schema.json create mode 100644 addons/postgresql-cluster/15/plans/standard-4t/meta.yaml create mode 100644 addons/postgresql-cluster/15/plans/standard-4t/values.yaml diff --git a/addons/postgresql-cluster/15/plans/standard-4t/bind.yaml b/addons/postgresql-cluster/15/plans/standard-4t/bind.yaml new file mode 100644 index 00000000..0283dff3 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-4t/bind.yaml @@ -0,0 +1,37 @@ +credential: +{{- if (eq .Values.service.type "LoadBalancer") }} + - name: EXTRANET_MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + - name: EXTRANET_REPL_HOST + valueFrom: + serviceRef: + name: {{ template "common.names.fullname" . }}-repl + jsonpath: '{ .status.loadBalancer.ingress[*].ip }' + {{- end }} + - name: MASTER_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-master + jsonpath: '{ .spec.clusterIP }' + - name: REPL_HOST + valueFrom: + serviceRef: + name: {{ include "common.names.fullname" . }}-repl + jsonpath: '{ .spec.clusterIP }' + - name: PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.admin-password }' + - name: USERNAME + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + jsonpath: '{ .data.admin-user }' + - name: PORT + value: 5432 + - name: DADABASE + value: postgres \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-4t/create-instance-schema.json b/addons/postgresql-cluster/15/plans/standard-4t/create-instance-schema.json new file mode 100644 index 00000000..66ebbaa0 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-4t/create-instance-schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"], + "default": "IfNotPresent", + "title": "Image pull policy" + } + } +} \ No newline at end of file diff --git a/addons/postgresql-cluster/15/plans/standard-4t/meta.yaml b/addons/postgresql-cluster/15/plans/standard-4t/meta.yaml new file mode 100644 index 00000000..208f253c --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-4t/meta.yaml @@ -0,0 +1,6 @@ +name: "standard-4t" +id: 138f8059-a3f6-4efe-a210-09d9ff00f9a9 +description: "PostgreSQL Cluster standard-4t plan: Disk 4Ti ,vCPUs 32 , RAM 64G , DB MAX Connection 2000" +displayName: "standard-4t" +bindable: true +maximum_polling_duration: 1800 diff --git a/addons/postgresql-cluster/15/plans/standard-4t/values.yaml b/addons/postgresql-cluster/15/plans/standard-4t/values.yaml new file mode 100644 index 00000000..d4046150 --- /dev/null +++ b/addons/postgresql-cluster/15/plans/standard-4t/values.yaml @@ -0,0 +1,75 @@ +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: hb-postgresql-cluster-standard-800 + +postgresql: + config: |- + # Connectivity + max_connections = 2000 + superuser_reserved_connections = 3 + + # Memory Settings + shared_buffers = '16384 MB' + work_mem = '256 MB' + maintenance_work_mem = '2048 MB' + huge_pages = try # NB! requires also activation of huge pages via kernel params, see here for more: https://www.postgresql.org/docs/current/static/kernel-resources.html#LINUX-HUGE-PAGES + effective_cache_size = '45 GB' + effective_io_concurrency = 100 # concurrent IO only really activated if OS supports posix_fadvise function + random_page_cost = 1.25 # speed of random disk access relative to sequential access (1.0) + + # Monitoring + track_io_timing=on # measure exact block IO times + track_functions=pl # track execution times of pl-language procedures if any + + # Replication + max_wal_senders = 10 + synchronous_commit = on + + # Checkpointing: + checkpoint_timeout = '30 min' + checkpoint_completion_target = 0.9 + max_wal_size = '32 GB' + min_wal_size = '16 GB' + + # WAL writing + wal_compression = on + wal_buffers = -1 # auto-tuned by Postgres till maximum of segment size (16MB by default) + wal_writer_delay = 200ms + wal_writer_flush_after = 1MB + wal_keep_size = '60 GB' + + # Background writer + bgwriter_delay = 200ms + bgwriter_lru_maxpages = 100 + bgwriter_lru_multiplier = 2.0 + bgwriter_flush_after = 0 + + # Parallel queries: + max_worker_processes = 32 + max_parallel_workers_per_gather = 16 + max_parallel_maintenance_workers = 16 + max_parallel_workers = 32 + parallel_leader_participation = on + + # Advanced features + enable_partitionwise_join = on + enable_partitionwise_aggregate = on + jit = on + max_slot_wal_keep_size = '1000 MB' + track_wal_io_timing = on + maintenance_io_concurrency = 100 + +resources: + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 32000m + memory: 64Gi + hugepages-2Mi: 80Mi + requests: + cpu: 32000m + memory: 64Gi + +persistentVolume: + enabled: true + size: 4Ti From b573f917c03baf7e1b56d398f4b3270e8235d06c Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 21 Feb 2024 11:56:51 +0800 Subject: [PATCH 47/48] chore(postgresql-cluster): adjust pg params & monitor user privilege --- .../15/chart/postgresql-cluster/values.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml index 857ee44d..02f9bdfa 100644 --- a/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml +++ b/addons/postgresql-cluster/15/chart/postgresql-cluster/values.yaml @@ -57,6 +57,7 @@ preInitScript: | loop_wait: 10 retry_timeout: 10 maximum_lag_on_failover: 1048576 + failsafe_mode: true postgresql: use_pg_rewind: true use_slots: true @@ -74,6 +75,7 @@ preInitScript: | max_worker_processes: 8 max_wal_senders: 10 max_replication_slots: 10 + hot_standby_feedback: on max_prepared_transactions: 0 max_locks_per_transaction: 64 wal_log_hints: "on" @@ -120,7 +122,7 @@ postInitScript: | #!/bin/bash set -Eeu # Create monitor user - psql -w -c "CREATE USER tea_mon WITH ROLE pg_monitor;create extension pg_stat_statements;create extension pg_buffercache ;" + psql -w -c "CREATE USER tea_mon ;GRANT pg_monitor TO tea_mon ;create extension pg_stat_statements;create extension pg_buffercache ;" # Create admin user if [[( -n "$ADMIN_USER") && ( -n "$ADMIN_PASSWORD")]]; then From d00010ff498085e5df4a5d5cd657b9f097423546 Mon Sep 17 00:00:00 2001 From: EamonZhang Date: Wed, 21 Feb 2024 14:44:26 +0800 Subject: [PATCH 48/48] chore(mysql-cluster): set persistentVolumeClaimRetentionPolicy deleted --- .../chart/mysql-cluster/templates/primary/statefulset.yaml | 5 +++++ addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml | 4 ++++ addons/mysql-cluster/8.0/plans/standard-10/bind.yaml | 5 ++--- addons/mysql-cluster/8.0/plans/standard-10/values.yaml | 6 +++--- addons/mysql-cluster/8.0/plans/standard-100/bind.yaml | 5 ++--- addons/mysql-cluster/8.0/plans/standard-20/bind.yaml | 5 ++--- addons/mysql-cluster/8.0/plans/standard-200/bind.yaml | 5 ++--- addons/mysql-cluster/8.0/plans/standard-400/bind.yaml | 5 ++--- addons/mysql-cluster/8.0/plans/standard-50/bind.yaml | 5 ++--- addons/mysql-cluster/8.0/plans/standard-800/bind.yaml | 5 ++--- 10 files changed, 26 insertions(+), 24 deletions(-) diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml index 24302e10..a5ffa045 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/templates/primary/statefulset.yaml @@ -369,6 +369,11 @@ spec: - name: data emptyDir: {} {{- else if and .Values.primary.persistence.enabled (not .Values.primary.persistence.existingClaim) }} + {{- if .Values.primary.persistentVolumeClaimRetentionPolicy.enabled }} + persistentVolumeClaimRetentionPolicy: + whenDeleted: {{ .Values.primary.persistentVolumeClaimRetentionPolicy.whenDeleted }} + whenScaled: {{ .Values.primary.persistentVolumeClaimRetentionPolicy.whenScaled }} + {{- end }} volumeClaimTemplates: - metadata: name: data diff --git a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml index 031cbe43..1f460ecf 100644 --- a/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml +++ b/addons/mysql-cluster/8.0/chart/mysql-cluster/values.yaml @@ -474,6 +474,10 @@ primary: ## Enable persistence using Persistent Volume Claims ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ ## + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Delete + whenDeleted: Delete persistence: ## @param primary.persistence.enabled Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir ## diff --git a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml index 4dffea55..9b49f3f5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/bind.yaml @@ -1,17 +1,16 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.router.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: diff --git a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml index 5e2e6f5d..198b5253 100644 --- a/addons/mysql-cluster/8.0/plans/standard-10/values.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-10/values.yaml @@ -16,11 +16,11 @@ primary: resources: limits: cpu: 1000m - memory: 2048Mi + memory: 4Gi requests: cpu: 1000m - memory: 2048Mi - + memory: 4Gi + ## @section Persistence parameters diff --git a/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml index 1bb7d8b5..9b49f3f5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-100/bind.yaml @@ -1,17 +1,16 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.router.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: diff --git a/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml index 4dffea55..9b49f3f5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-20/bind.yaml @@ -1,17 +1,16 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.router.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: diff --git a/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml index 4dffea55..9b49f3f5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-200/bind.yaml @@ -1,17 +1,16 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.router.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: diff --git a/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml index 4dffea55..9b49f3f5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-400/bind.yaml @@ -1,17 +1,16 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.router.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: diff --git a/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml index 4dffea55..9b49f3f5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-50/bind.yaml @@ -1,17 +1,16 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.router.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: diff --git a/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml index 4dffea55..9b49f3f5 100644 --- a/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml +++ b/addons/mysql-cluster/8.0/plans/standard-800/bind.yaml @@ -1,17 +1,16 @@ credential: {{- if (eq .Values.router.service.type "LoadBalancer") }} - - name: HOST + - name: EXTRANET_HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }} jsonpath: '{ .status.loadBalancer.ingress[*].ip }' - {{- else if (eq .Values.router.service.type "ClusterIP") }} +{{- end }} - name: HOST valueFrom: serviceRef: name: {{ include "common.names.fullname" . }}-router jsonpath: '{ .spec.clusterIP }' - {{- end }} - name: PASSWORD valueFrom: secretKeyRef: