# Source: gitea/charts/postgresql-ha/templates/postgresql/statefulset.yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: gitea-postgresql-ha-postgresql namespace: "vynil-ci" labels: app.kubernetes.io/instance: gitea app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql-ha helm.sh/chart: postgresql-ha-11.9.4 app.kubernetes.io/component: postgresql role: data spec: replicas: 3 podManagementPolicy: Parallel serviceName: gitea-postgresql-ha-postgresql-headless updateStrategy: type: RollingUpdate selector: matchLabels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgresql-ha app.kubernetes.io/component: postgresql role: data template: metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql-ha helm.sh/chart: postgresql-ha-11.9.4 app.kubernetes.io/component: postgresql role: data spec: affinity: podAffinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgresql-ha app.kubernetes.io/component: postgresql topologyKey: kubernetes.io/hostname weight: 1 nodeAffinity: securityContext: fsGroup: 1001 hostNetwork: false hostIPC: false containers: - name: postgresql image: docker.io/bitnami/postgresql-repmgr:15.4.0-debian-11-r31 imagePullPolicy: "IfNotPresent" securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: false runAsGroup: 0 runAsNonRoot: true runAsUser: 1001 seccompProfile: type: RuntimeDefault lifecycle: preStop: exec: command: - /pre-stop.sh - "25" # Auxiliary vars to populate environment variables env: - name: BITNAMI_DEBUG value: "false" # PostgreSQL configuration - name: POSTGRESQL_VOLUME_DIR value: "/bitnami/postgresql" - name: PGDATA value: "/bitnami/postgresql/data" - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: name: gitea-postgresql-ha-postgresql key: postgres-password - name: POSTGRES_USER value: "gitea" - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: gitea-postgresql-ha-postgresql key: password - name: POSTGRES_DB value: "gitea" - name: POSTGRESQL_LOG_HOSTNAME value: "true" - name: POSTGRESQL_LOG_CONNECTIONS value: "false" - name: POSTGRESQL_LOG_DISCONNECTIONS value: "false" - name: POSTGRESQL_PGAUDIT_LOG_CATALOG value: "off" - name: POSTGRESQL_CLIENT_MIN_MESSAGES value: "error" - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES value: "pgaudit, repmgr" - name: POSTGRESQL_ENABLE_TLS value: "no" - name: POSTGRESQL_PORT_NUMBER value: "5432" # Repmgr configuration - name: REPMGR_PORT_NUMBER value: "5432" - name: REPMGR_PRIMARY_PORT value: "5432" - name: MY_POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: REPMGR_UPGRADE_EXTENSION value: "no" - name: REPMGR_PGHBA_TRUST_ALL value: "no" - name: REPMGR_MOUNTED_CONF_DIR value: "/bitnami/repmgr/conf" - name: REPMGR_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: REPMGR_PARTNER_NODES value: gitea-postgresql-ha-postgresql-0.gitea-postgresql-ha-postgresql-headless.$(REPMGR_NAMESPACE).svc.cluster.local,gitea-postgresql-ha-postgresql-1.gitea-postgresql-ha-postgresql-headless.$(REPMGR_NAMESPACE).svc.cluster.local,gitea-postgresql-ha-postgresql-2.gitea-postgresql-ha-postgresql-headless.$(REPMGR_NAMESPACE).svc.cluster.local, - name: REPMGR_PRIMARY_HOST value: "gitea-postgresql-ha-postgresql-0.gitea-postgresql-ha-postgresql-headless.$(REPMGR_NAMESPACE).svc.cluster.local" - name: REPMGR_NODE_NAME value: "$(MY_POD_NAME)" - name: REPMGR_NODE_NETWORK_NAME value: "$(MY_POD_NAME).gitea-postgresql-ha-postgresql-headless.$(REPMGR_NAMESPACE).svc.cluster.local" - name: REPMGR_NODE_TYPE value: "data" - name: REPMGR_LOG_LEVEL value: "NOTICE" - name: REPMGR_CONNECT_TIMEOUT value: "5" - name: REPMGR_RECONNECT_ATTEMPTS value: "2" - name: REPMGR_RECONNECT_INTERVAL value: "3" - name: REPMGR_USERNAME value: "repmgr" - name: REPMGR_PASSWORD valueFrom: secretKeyRef: name: gitea-postgresql-ha-postgresql key: repmgr-password - name: REPMGR_DATABASE value: "repmgr" - name: REPMGR_FENCE_OLD_PRIMARY value: "no" - name: REPMGR_CHILD_NODES_CHECK_INTERVAL value: "5" - name: REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT value: "1" - name: REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT value: "30" envFrom: ports: - name: postgresql containerPort: 5432 protocol: TCP livenessProbe: failureThreshold: 6 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 exec: command: - bash - -ec - 'PGPASSWORD=$POSTGRES_PASSWORD psql -w -U "gitea" -d "gitea" -h 127.0.0.1 -p 5432 -c "SELECT 1"' readinessProbe: failureThreshold: 6 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 exec: command: - bash - -ec - 'PGPASSWORD=$POSTGRES_PASSWORD psql -w -U "gitea" -d "gitea" -h 127.0.0.1 -p 5432 -c "SELECT 1"' resources: limits: {} requests: {} volumeMounts: - name: data mountPath: /bitnami/postgresql - name: hooks-scripts mountPath: /pre-stop.sh subPath: pre-stop.sh - name: hooks-scripts mountPath: /readiness-probe.sh subPath: readiness-probe.sh volumes: - name: hooks-scripts configMap: name: gitea-postgresql-ha-postgresql-hooks-scripts defaultMode: 0755 volumeClaimTemplates: - metadata: name: data spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "8Gi"