# Postgres StatefulSet. --- apiVersion: apps/v1 kind: StatefulSet metadata: name: '{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}' namespace: '{{ ansible_operator_meta.namespace }}' labels: {{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=4) | trim }} app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}' app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' app.kubernetes.io/component: database spec: selector: matchLabels: app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}' app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' serviceName: '{{ ansible_operator_meta.name }}' replicas: 1 updateStrategy: type: RollingUpdate template: metadata: labels: {{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=8) | trim }} app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}' app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' annotations: {% if postgres_extra_settings | length > 0 %} checksum-postgres_extra_settings: "{{ lookup('template', 'configmaps/postgres_extra_settings.yaml.j2') | sha1 }}" {% endif %} checksum-secret-postgres_configuration_secret: "{{ lookup('ansible.builtin.vars', 'pg_config', default='')["resources"][0]["data"] | default('') | sha1 }}" {% if postgres_annotations %} {{ postgres_annotations | indent(width=8) }} {% endif %} spec: {% if image_pull_secret is defined %} imagePullSecrets: - name: {{ image_pull_secret }} {% elif image_pull_secrets | length > 0 %} imagePullSecrets: {% for secret in image_pull_secrets %} - name: {{ secret }} {% endfor %} {% endif %} {% if postgres_priority_class is defined %} priorityClassName: '{{ postgres_priority_class }}' {% endif %} {% if postgres_data_volume_init and not is_openshift %} initContainers: - name: init image: '{{ _postgres_image }}' imagePullPolicy: '{{ image_pull_policy }}' securityContext: runAsUser: 0 command: - /bin/sh - -c - | {{ postgres_init_container_commands | indent(width=14) }} resources: {{ postgres_init_container_resource_requirements | default(postgres_resource_requirements) }} volumeMounts: - name: postgres-{{ supported_pg_version }} mountPath: '{{ _postgres_data_path | dirname }}' subPath: '{{ _postgres_data_path | dirname | basename }}' {% if postgres_extra_volume_mounts %} {{ postgres_extra_volume_mounts | indent(width=12, first=True) }} {% endif %} {% endif %} containers: - image: '{{ _postgres_image }}' imagePullPolicy: '{{ image_pull_policy }}' name: postgres {% if postgres_security_context_settings|length %} securityContext: {{ postgres_security_context_settings | to_nice_yaml | indent(12) }} {% endif %} {% if postgres_extra_args %} command: ["run-postgresql"] args: {{ postgres_extra_args }} {% endif %} env: # For postgres_image based on rhel8/postgresql-{{ supported_pg_version }} - name: POSTGRESQL_DATABASE valueFrom: secretKeyRef: name: '{{ __postgres_configuration_secret }}' key: database - name: POSTGRESQL_USER valueFrom: secretKeyRef: name: '{{ __postgres_configuration_secret }}' key: username - name: POSTGRESQL_PASSWORD valueFrom: secretKeyRef: name: '{{ __postgres_configuration_secret }}' key: password # For postgres_image based on postgres - name: POSTGRES_DB valueFrom: secretKeyRef: name: '{{ __postgres_configuration_secret }}' key: database - name: POSTGRES_USER valueFrom: secretKeyRef: name: '{{ __postgres_configuration_secret }}' key: username - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: '{{ __postgres_configuration_secret }}' key: password - name: PGDATA value: '{{ _postgres_data_path }}' - name: POSTGRES_INITDB_ARGS value: '{{ postgres_initdb_args }}' - name: POSTGRES_HOST_AUTH_METHOD value: '{{ postgres_host_auth_method }}' {% if 'resources' in old_pg_config and old_pg_config['resources'] and 'password' in old_pg_config['resources'][0]['data'] %} - name: PGPASSWORD_OLD valueFrom: secretKeyRef: name: '{{ old_pg_config['resources'][0]['metadata']['name'] }}' key: password {% endif %} ports: - containerPort: {{ awx_postgres_port | default('5432')}} name: postgres-{{ supported_pg_version }} volumeMounts: - name: postgres-{{ supported_pg_version }} mountPath: '{{ _postgres_data_path | dirname }}' subPath: '{{ _postgres_data_path | dirname | basename }}' {% if postgres_extra_settings | length > 0 %} - name: pg-overrides mountPath: /opt/app-root/src/postgresql-cfg readOnly: true {% endif %} {% if postgres_extra_volume_mounts %} {{ postgres_extra_volume_mounts | indent(width=12, first=True) }} {% endif %} resources: {{ postgres_resource_requirements }} {% if postgres_selector %} nodeSelector: {{ postgres_selector | indent(width=8) }} {% endif %} {% if postgres_tolerations %} tolerations: {{ postgres_tolerations | indent(width=8) }} {% endif %} {% if (postgres_extra_volumes | length + postgres_extra_settings | length) > 0 %} volumes: {% if postgres_extra_volumes %} {{ postgres_extra_volumes | indent(width=8, first=False) }} {% endif %} {% if postgres_extra_settings | length > 0 %} - name: pg-overrides configMap: name: '{{ ansible_operator_meta.name }}-postgres-extra-settings' items: - key: 99-overrides.conf path: 99-overrides.conf {% endif %} {% endif %} volumeClaimTemplates: - metadata: name: postgres-{{ supported_pg_version }} spec: accessModes: - ReadWriteOnce {% if postgres_storage_class is defined %} storageClassName: '{{ postgres_storage_class }}' {% endif %} resources: {% if postgres_storage_requirements.limits.storage | default("", true) %} limits: storage: {{ postgres_storage_requirements.limits.storage }} {% endif %} {% if postgres_storage_requirements.requests.storage | default("", true) %} requests: storage: {{ postgres_storage_requirements.requests.storage }} {% endif %} # Postgres Service. --- apiVersion: v1 kind: Service metadata: name: '{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}' namespace: '{{ ansible_operator_meta.namespace }}' labels: {{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=4) | trim }} app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}' app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' app.kubernetes.io/component: database spec: ports: - port: 5432 clusterIP: None selector: app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}' app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'