diff --git a/config/crd/bases/awx.ansible.com_awxs.yaml b/config/crd/bases/awx.ansible.com_awxs.yaml index e8c850e2..5137f5fa 100644 --- a/config/crd/bases/awx.ansible.com_awxs.yaml +++ b/config/crd/bases/awx.ansible.com_awxs.yaml @@ -1460,7 +1460,7 @@ spec: type: object type: object postgres_init_container_resource_requirements: - description: Resource requirements for the postgres init container + description: (Deprecated, use postgres_resource_requirements parameter) Resource requirements for the postgres init container properties: requests: properties: @@ -1811,6 +1811,12 @@ spec: type: array items: type: string + postgres_data_volume_init: + description: Sets permissions on the /var/lib/pgdata/data for postgres container using an init container (not Openshift) + type: boolean + postgres_init_container_commands: + description: Customize the postgres init container commands (Non Openshift) + type: string postgres_extra_volumes: description: Specify extra volumes to add to the application pod type: string diff --git a/config/manifests/bases/awx-operator.clusterserviceversion.yaml b/config/manifests/bases/awx-operator.clusterserviceversion.yaml index 127aac71..679585ca 100644 --- a/config/manifests/bases/awx-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/awx-operator.clusterserviceversion.yaml @@ -456,12 +456,21 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - description: The PostgreSQL init container is not used when an external DB - is configured + - description: Sets permissions on the /var/lib/pgsql/data for postgres container using an init container (not Openshift) + displayName: PostgreSQL initialize data volume + path: postgres_data_volume_init + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Customize the postgres init container commands (Non Openshift) + displayName: PostgreSQL Init Container Commands + path: postgres_init_container_commands + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: (Deprecated, use postgres_resource_requirements parameter instead) displayName: PostgreSQL Init Container Resource Requirements path: postgres_init_container_resource_requirements x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - displayName: Redis Container Resource Requirements path: redis_resource_requirements diff --git a/config/samples/awx_v1beta1_awx_resource_limits.yaml b/config/samples/awx_v1beta1_awx_resource_limits.yaml index 45681d56..1a69baf7 100644 --- a/config/samples/awx_v1beta1_awx_resource_limits.yaml +++ b/config/samples/awx_v1beta1_awx_resource_limits.yaml @@ -46,10 +46,3 @@ spec: limits: cpu: 1000m memory: 2Gi - postgres_init_container_resource_requirements: - requests: - cpu: 10m - memory: 64Mi - limits: - cpu: 1000m - memory: 2Gi diff --git a/docs/user-guide/advanced-configuration/containers-resource-requirements.md b/docs/user-guide/advanced-configuration/containers-resource-requirements.md index 23cf702f..a014c3bf 100644 --- a/docs/user-guide/advanced-configuration/containers-resource-requirements.md +++ b/docs/user-guide/advanced-configuration/containers-resource-requirements.md @@ -22,16 +22,15 @@ spec: The resource requirements for both, the task and the web containers are configurable - both the lower end (requests) and the upper end (limits). -| Name | Description | Default | -| -------------------------- | ------------------------------------------------ | ------------------------------------ | -| web_resource_requirements | Web container resource requirements | requests: {cpu: 100m, memory: 128Mi} | -| task_resource_requirements | Task container resource requirements | requests: {cpu: 100m, memory: 128Mi} | -| ee_resource_requirements | EE control plane container resource requirements | requests: {cpu: 50m, memory: 64Mi} | -| redis_resource_requirements | Redis container resource requirements | requests: {cpu: 100m, memory: 128Mi} | -| postgres_resource_requirements | Postgres container resource requirements | requests: {cpu: 10m, memory: 64Mi} | -| rsyslog_resource_requirements | Rsyslog container resource requirements | requests: {cpu: 100m, memory: 128Mi} | -| init_container_resource_requirements | Init Container resource requirements | requests: {cpu: 100m, memory: 128Mi} | -| postgres_init_container_resource_requirements | Postgres Init Container resource requirements | requests: {cpu: 10m, memory: 64Mi} | +| Name | Description | Default | +| ------------------------------------ | ------------------------------------------------------------ | ------------------------------------ | +| web_resource_requirements | Web container resource requirements | requests: {cpu: 100m, memory: 128Mi} | +| task_resource_requirements | Task container resource requirements | requests: {cpu: 100m, memory: 128Mi} | +| ee_resource_requirements | EE control plane container resource requirements | requests: {cpu: 50m, memory: 64Mi} | +| redis_resource_requirements | Redis container resource requirements | requests: {cpu: 100m, memory: 128Mi} | +| postgres_resource_requirements | Postgres container (and initContainer) resource requirements | requests: {cpu: 10m, memory: 64Mi} | +| rsyslog_resource_requirements | Rsyslog container resource requirements | requests: {cpu: 100m, memory: 128Mi} | +| init_container_resource_requirements | Init Container resource requirements | requests: {cpu: 100m, memory: 128Mi} | Example of customization could be: @@ -85,13 +84,6 @@ spec: limits: cpu: 1000m memory: 2Gi - postgres_init_container_resource_requirements: - requests: - cpu: 10m - memory: 64Mi - limits: - cpu: 1000m - memory: 2Gi ``` diff --git a/docs/user-guide/database-configuration.md b/docs/user-guide/database-configuration.md index 8fcc9fa5..2f1bcffe 100644 --- a/docs/user-guide/database-configuration.md +++ b/docs/user-guide/database-configuration.md @@ -56,15 +56,14 @@ If you don't have access to an external PostgreSQL service, the AWX operator can The following variables are customizable for the managed PostgreSQL service -| Name | Description | Default | -| --------------------------------------------- | --------------------------------------------- | --------------------------------------- | -| postgres_image | Path of the image to pull | quay.io/sclorg/postgresql-15-c9s | -| postgres_image_version | Image version to pull | latest | -| postgres_init_container_resource_requirements | Database init container resource requirements | requests: {cpu: 10m, memory: 64Mi} | -| postgres_resource_requirements | PostgreSQL container resource requirements | requests: {cpu: 10m, memory: 64Mi} | -| postgres_storage_requirements | PostgreSQL container storage requirements | requests: {storage: 8Gi} | -| postgres_storage_class | PostgreSQL PV storage class | Empty string | -| postgres_priority_class | Priority class used for PostgreSQL pod | Empty string | +| Name | Description | Default | +| --------------------------------------------- | --------------------------------------------------------------- | --------------------------------------- | +| postgres_image | Path of the image to pull | quay.io/sclorg/postgresql-15-c9s | +| postgres_image_version | Image version to pull | latest | +| postgres_resource_requirements | PostgreSQL container (and initContainer) resource requirements | requests: {cpu: 10m, memory: 64Mi} | +| postgres_storage_requirements | PostgreSQL container storage requirements | requests: {storage: 8Gi} | +| postgres_storage_class | PostgreSQL PV storage class | Empty string | +| postgres_priority_class | Priority class used for PostgreSQL pod | Empty string | Example of customization could be: @@ -99,3 +98,22 @@ We recommend you use the default image sclorg image. If you are coming from a de You can no longer configure a custom `postgres_data_path` because it is hardcoded in the quay.io/sclorg/postgresql-15-c9s image. If you override the postgres image to use a custom postgres image like postgres:15 for example, the default data directory path may be different. These images cannot be used interchangeably. + +#### Initialize Postgres data volume + +When using a hostPath backed PVC and some other storage classes like longhorn storagfe, the postgres data directory needs to be accessible by the user in the postgres pod (UID 26). + +To initialize this directory with the correct permissions, configure the following setting, which will use an init container to set the permissions in the postgres volume. + +```yaml +spec: + postgres_data_volume_init: true +``` + +Should you need to modify the init container commands, there is an example below. + +```yaml +postgres_init_container_commands: | + chown 26:0 /var/lib/pgsql/data + chmod 700 /var/lib/pgsql/data +``` diff --git a/molecule/default/templates/awx_cr_molecule.yml.j2 b/molecule/default/templates/awx_cr_molecule.yml.j2 index 13f0b768..f581ecbe 100644 --- a/molecule/default/templates/awx_cr_molecule.yml.j2 +++ b/molecule/default/templates/awx_cr_molecule.yml.j2 @@ -32,11 +32,10 @@ spec: memory: 16M no_log: false postgres_resource_requirements: {} - postgres_init_container_resource_requirements: {} redis_resource_requirements: {} additional_labels: - my/team - my/service {% if additional_fields is defined %} {{ additional_fields | to_nice_yaml | indent(2) }} -{% endif %} \ No newline at end of file +{% endif %} diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml index 582f095e..ed162060 100644 --- a/roles/installer/defaults/main.yml +++ b/roles/installer/defaults/main.yml @@ -395,10 +395,7 @@ postgres_resource_requirements: requests: cpu: 10m memory: 64Mi -postgres_init_container_resource_requirements: - requests: - cpu: 10m - memory: 64Mi + # Assign a preexisting priority class to the postgres pod postgres_priority_class: '' @@ -412,6 +409,11 @@ projects_existing_claim: '' # Define postgres configuration arguments to use postgres_extra_args: '' +postgres_data_volume_init: false +postgres_init_container_commands: | + chown 26:0 /var/lib/pgsql/data + chmod 700 /var/lib/pgsql/data + # Configure postgres connection keepalive postgres_keepalives: true postgres_keepalives_idle: 5 diff --git a/roles/installer/templates/statefulsets/postgres.yaml.j2 b/roles/installer/templates/statefulsets/postgres.yaml.j2 index 08c02312..15ce45f7 100644 --- a/roles/installer/templates/statefulsets/postgres.yaml.j2 +++ b/roles/installer/templates/statefulsets/postgres.yaml.j2 @@ -46,6 +46,27 @@ spec: {% endif %} {% if postgres_priority_class is defined %} priorityClassName: '{{ postgres_priority_class }}' +{% endif %} +{% if postgres_data_volume_init and not is_openshift %} + initContainers: + - name: init + image: '{{ _postgres_image }}' + imagePullPolicy: '{{ image_pull_policy }}' + securityContext: + runAsUser: 0 + command: + - /bin/sh + - -c + - | + {{ postgres_init_container_commands | indent(width=14) }} + resources: {{ postgres_init_container_resource_requirements | default(postgres_resource_requirements) }} + volumeMounts: + - name: postgres-{{ supported_pg_version }} + mountPath: '{{ _postgres_data_path | dirname }}' + subPath: '{{ _postgres_data_path | dirname | basename }}' +{% if postgres_extra_volume_mounts %} + {{ postgres_extra_volume_mounts | indent(width=12, first=True) }} +{% endif %} {% endif %} containers: - image: '{{ _postgres_image }}' @@ -113,7 +134,7 @@ spec: - name: postgres-{{ supported_pg_version }} mountPath: '{{ _postgres_data_path | dirname }}' subPath: '{{ _postgres_data_path | dirname | basename }}' -{% if postgres_extra_volume_mounts -%} +{% if postgres_extra_volume_mounts %} {{ postgres_extra_volume_mounts | indent(width=12, first=True) }} {% endif %} resources: {{ postgres_resource_requirements }}