internet/awx-operator
3
0
Fork 0
mirror of https://github.com/ansible/awx-operator.git synced 2026-03-26 21:33:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a5211fe511788931343fe3b34a02802ae62c9676
awx-operator/roles/installer/templates/statefulsets/postgres.yaml.j2
Christian Adams a5211fe511 Add postgres init container to resolve permissions for some k3s deployments (#1805) 
Add postgres init container if
postgres_data_volume_init is true

This is aimed to solve the issue where users may
need to chmod or chown the postgres
data volume for user 26, which is the user
that is running postgres in the sclorg image.

For example, one can now set the follow on the AWX spec:
spec:
  postgres_init_container_commands: |
    chown 26:0 /var/lib/pgsql/data
    chmod 700 /var/lib/pgsql/data

Deprecate postgres_init_container_resource_requirements param in favor
of postgres_resource_requirements param.

Signed-off-by: Seth Foster <fosterbseth@gmail.com>
Co-authored-by: craph <14820052+craph@users.noreply.github.com>
Co-authored-by: kurokobo <kuro664@gmail.com>
Co-authored-by: Christian M. Adams <chadams@redhat.com>
2024-04-03 13:19:57 -04:00

198 lines
7.8 KiB
Django/Jinja
Raw Blame History

# Postgres StatefulSet.
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: '{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
{{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=4) | trim }}
app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
app.kubernetes.io/component: database
spec:
selector:
matchLabels:
app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
serviceName: '{{ ansible_operator_meta.name }}'
replicas: 1
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
{{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=8) | trim }}
app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
spec:
{% if image_pull_secret is defined %}
imagePullSecrets:
- name: {{ image_pull_secret }}
{% elif image_pull_secrets | length > 0 %}
imagePullSecrets:
{% for secret in image_pull_secrets %}
- name: {{ secret }}
{% endfor %}
{% endif %}
{% if postgres_priority_class is defined %}
priorityClassName: '{{ postgres_priority_class }}'
{% endif %}
{% if postgres_data_volume_init and not is_openshift %}
initContainers:
- name: init
image: '{{ _postgres_image }}'
imagePullPolicy: '{{ image_pull_policy }}'
securityContext:
runAsUser: 0
command:
- /bin/sh
- -c
- |
{{ postgres_init_container_commands | indent(width=14) }}
resources: {{ postgres_init_container_resource_requirements | default(postgres_resource_requirements) }}
volumeMounts:
- name: postgres-{{ supported_pg_version }}
mountPath: '{{ _postgres_data_path | dirname }}'
subPath: '{{ _postgres_data_path | dirname | basename }}'
{% if postgres_extra_volume_mounts %}
{{ postgres_extra_volume_mounts | indent(width=12, first=True) }}
{% endif %}
{% endif %}
containers:
- image: '{{ _postgres_image }}'
imagePullPolicy: '{{ image_pull_policy }}'
name: postgres
{% if postgres_security_context_settings|length %}
securityContext:
{{ postgres_security_context_settings | to_nice_yaml | indent(12) }}
{% endif %}
{% if postgres_extra_args %}
command: ["run-postgresql"]
args: {{ postgres_extra_args }}
{% endif %}
env:
# For postgres_image based on rhel8/postgresql-{{ supported_pg_version }}
- name: POSTGRESQL_DATABASE
valueFrom:
secretKeyRef:
name: '{{ __postgres_configuration_secret }}'
key: database
- name: POSTGRESQL_USER
valueFrom:
secretKeyRef:
name: '{{ __postgres_configuration_secret }}'
key: username
- name: POSTGRESQL_PASSWORD
valueFrom:
secretKeyRef:
name: '{{ __postgres_configuration_secret }}'
key: password
# For postgres_image based on postgres
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: '{{ __postgres_configuration_secret }}'
key: database
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: '{{ __postgres_configuration_secret }}'
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: '{{ __postgres_configuration_secret }}'
key: password
- name: PGDATA
value: '{{ _postgres_data_path }}'
- name: POSTGRES_INITDB_ARGS
value: '{{ postgres_initdb_args }}'
- name: POSTGRES_HOST_AUTH_METHOD
value: '{{ postgres_host_auth_method }}'
{% if 'resources' in old_pg_config and old_pg_config['resources'] and 'password' in old_pg_config['resources'][0]['data'] %}
- name: PGPASSWORD_OLD
valueFrom:
secretKeyRef:
name: '{{ old_pg_config['resources'][0]['metadata']['name'] }}'
key: password
{% endif %}
ports:
- containerPort: {{ awx_postgres_port | default('5432')}}
name: postgres-{{ supported_pg_version }}
volumeMounts:
- name: postgres-{{ supported_pg_version }}
mountPath: '{{ _postgres_data_path | dirname }}'
subPath: '{{ _postgres_data_path | dirname | basename }}'
{% if postgres_extra_volume_mounts %}
{{ postgres_extra_volume_mounts | indent(width=12, first=True) }}
{% endif %}
resources: {{ postgres_resource_requirements }}
{% if postgres_selector %}
nodeSelector:
{{ postgres_selector | indent(width=8) }}
{% endif %}
{% if postgres_tolerations %}
tolerations:
{{ postgres_tolerations | indent(width=8) }}
{% endif %}
{% if postgres_extra_volumes %}
volumes:
{{ postgres_extra_volumes | indent(width=8, first=False) }}
{% endif %}
volumeClaimTemplates:
- metadata:
name: postgres-{{ supported_pg_version }}
spec:
accessModes:
- ReadWriteOnce
{% if postgres_storage_class is defined %}
storageClassName: '{{ postgres_storage_class }}'
{% endif %}
resources:
{% if postgres_storage_requirements.limits.storage | default("", true) %}
limits:
storage: {{ postgres_storage_requirements.limits.storage }}
{% endif %}
{% if postgres_storage_requirements.requests.storage | default("", true) %}
requests:
storage: {{ postgres_storage_requirements.requests.storage }}
{% endif %}
# Postgres Service.
---
apiVersion: v1
kind: Service
metadata:
name: '{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
{{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=4) | trim }}
app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
app.kubernetes.io/component: database
spec:
ports:
- port: 5432
clusterIP: None
selector:
app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
Reference in New Issue View Git Blame Copy Permalink