Skip to content

Commit

Permalink
[stable/stolon] external secret, auto cluster spec update, pdb (helm#…
Browse files Browse the repository at this point in the history 
…9739)

* add support for external stolon secret

Signed-off-by: Taehyun Kim <[email protected]>

* fix version

Signed-off-by: Taehyun Kim <[email protected]>

* fix rbac

Signed-off-by: Taehyun Kim <[email protected]>

* fix Chart.yaml

Signed-off-by: Taehyun Kim <[email protected]>

* add pdb

Signed-off-by: Taehyun Kim <[email protected]>

* update README.md

Signed-off-by: Taehyun Kim <[email protected]>

* auto update cluster spec

Signed-off-by: Taehyun Kim <[email protected]>

* disable pdb by default

Signed-off-by: Taehyun Kim <[email protected]>

* add failKeeper hook

Signed-off-by: Taehyun Kim <[email protected]>

* add sentinel pod checksum annotation

Signed-off-by: Taehyun Kim <[email protected]>

* remove podDisruptionBudget.enabled

Signed-off-by: Taehyun Kim <[email protected]>
  • Loading branch information
@kimxogus @k8s-ci-robot
kimxogus authored and k8s-ci-robot committed Jan 22, 2019
1 parent 13341ab commit e26b7ee
Show file tree
Hide file tree
Showing 14 changed files with 266 additions and 21 deletions.
4 changes: 2 additions & 2 deletions stable/stolon/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: stolon
version: 1.0.0
appVersion: 0.12.0
version: 1.1.0
appVersion: 0.13.0
description: Stolon - PostgreSQL cloud native High Availability.
home: https://github.com/sorintlab/stolon
icon: https://i.imgur.com/tIW8sAW.png
Expand Down
26 changes: 22 additions & 4 deletions stable/stolon/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,29 +26,37 @@ Kubernetes is the default store backend. `consul`, `etcdv2` or `etcdv3` can also
| Parameter | Description | Default |
| --------------------------------------- | ---------------------------------------------- | ------------------------------------------------------------ |
| `image.repository` | `stolon` image repository | `sorintlab/stolon` |
| `image.tag` | `stolon` image tag | `v0.12.0-pg10` |
| `image.tag` | `stolon` image tag | `v0.13.0-pg10` |
| `image.pullPolicy` | `stolon` image pull policy | `IfNotPresent` |
| `etcdImage.repository` | `etcd` image repository | `k8s.gcr.io/etcd-amd64` |
| `etcdImage.tag` | `etcd` image tag | `2.3.7` |
| `etcdImage.pullPolicy` | `etcd` image pull policy | `IfNotPresent` |
| `debug` | Debug mode | `false` |
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `persistence.storageClassName` | Storage class name of backing PVC | `""` |
| `persistence.accessModes` | Persistent volumes access modes | `["ReadWriteOnce"]` |
| `persistence.accessModes` | Persistent volumes access modes | `["ReadWriteOnce"]` |
| `persistence.size` | Size of data volume | `10Gi` |
| `rbac.create` | Specifies if RBAC resources should be created | `true` |
| `serviceAccount.create` | Specifies if ServiceAccount should be created | `true` |
| `serviceAccount.name` | Name of the generated ServiceAccount | Defaults to fullname template |
| `superuserSecret.name` | Postgres superuser credential secret name | `""` |
| `superuserSecret.usernameKey` | Username key of Postgres superuser in secret | `pg_su_username` |
| `superuserSecret.passwordKey` | Password key of Postgres superuser in secret | `pg_su_password` |
| `superuserUsername` | Postgres superuser username | `stolon` |
| `superuserPassword` | Postgres superuser password | (Required) |
| `superuserPassword` | Postgres superuser password | (Required if `superuserSecret.name` is not set) |
| `replicationSecret.name` | Postgres replication credential secret name | `""` |
| `replicationSecret.usernameKey` | Username key of Postgres replication in secret | `pg_repl_username` |
| `replicationSecret.passwordKey` | Password key of Postgres replication in secret | `pg_repl_password` |
| `replicationUsername` | Replication username | `repluser` |
| `replicationPassword` | Replication password | (Required) |
| `replicationPassword` | Replication password | (Required if `replicationSecret.name` is not set) |
| `store.backend` | Store backend (kubernetes/consul/etcd) | `kubernetes` |
| `store.endpoints` | Store backend endpoints | `nil` |
| `store.kubeResourceKind` | Kubernetes resource kind (only for kubernetes) | `configmap` |
| `pgParameters` | [`postgresql.conf`][pgconf] options used during cluster creation | `{}` |
| `ports` | Ports to expose on pods | `{"stolon":{"containerPort": 5432},"metrics":{"containerPort": 8080}}`|
| `job.autoCreateCluster` | Set to `false` to force-disable auto-cluster-creation which may clear pre-existing postgres db data | `true` |
| `job.autoUpdateClusterSpec` | Set to `false` to force-disable auto-cluster-spec-update | `true` |
| `clusterSpec` | Stolon cluster spec [reference](https://github.com/sorintlab/stolon/blob/master/doc/cluster_spec.md) | `{}` |
| `keeper.replicaCount` | Number of keeper nodes | `2` |
| `keeper.resources` | Keeper resource requests/limit | `{}` |
| `keeper.priorityClassName` | Keeper priorityClassName | `nil` |
Expand All @@ -57,18 +65,28 @@ Kubernetes is the default store backend. `consul`, `etcdv2` or `etcdv3` can also
| `keeper.tolerations` | Toleration labels for keeper pod assignment | `[]` |
| `keeper.volumes` | Additional volumes | `[]` |
| `keeper.volumeMounts` | Mount paths for `keeper.volumes` | `[]` |
| `keeper.hooks.failKeeper.enabled` | Enable failkeeper pre-stop hook | `false` |
| `keeper.podDisruptionBudget.enabled` | If true, create a pod disruption budget for keeper pods. | `false` |
| `keeper.podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `""` |
| `keeper.podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` |
| `proxy.replicaCount` | Number of proxy nodes | `2` |
| `proxy.resources` | Proxy resource requests/limit | `{}` |
| `proxy.priorityClassName` | Proxy priorityClassName | `nil` |
| `proxy.nodeSelector` | Node labels for proxy pod assignment | `{}` |
| `proxy.affinity` | Affinity settings for proxy pod assignment | `{}` |
| `proxy.tolerations` | Toleration labels for proxy pod assignment | `[]` |
| `proxy.podDisruptionBudget.enabled` | If true, create a pod disruption budget for proxy pods. | `false` |
| `proxy.podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `""` |
| `proxy.podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` |
| `sentinel.replicaCount` | Number of sentinel nodes | `2` |
| `sentinel.resources` | Sentinel resource requests/limit | `{}` |
| `sentinel.priorityClassName` | Sentinel priorityClassName | `nil` |
| `sentinel.nodeSelector` | Node labels for sentinel pod assignment | `{}` |
| `sentinel.affinity` | Affinity settings for sentinel pod assignment | `{}` |
| `sentinel.tolerations` | Toleration labels for sentinel pod assignment | `[]` |
| `sentinel.podDisruptionBudget.enabled` | If true, create a pod disruption budget for sentinel pods. | `false` |
| `sentinel.podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `""` |
| `sentinel.podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` |


[pgconf]: https://github.com/postgres/postgres/blob/master/src/backend/utils/misc/postgresql.conf.sample
4 changes: 4 additions & 0 deletions stable/stolon/templates/NOTES.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,8 @@
Stolon cluster installed and initialized.

To get superuser password run
{{ if not (empty .Values.superuserSecret.name) }}
PGPASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ .Values.superuserSecret.name }} -o jsonpath="{.data.{{.Values.superuserSecret.passwordKey}}}" | base64 --decode; echo)
{{ else }}
PGPASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "stolon.fullname" . }} -o jsonpath="{.data.pg_su_password}" | base64 --decode; echo)
{{ end }}
32 changes: 32 additions & 0 deletions stable/stolon/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "stolon.fullname" . }}
labels:
app: {{ template "stolon.name" . }}
chart: {{ template "stolon.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
{{- if .Values.keeper.hooks.failKeeper.enabled }}
pre-stop-hook.sh: |-
#!/bin/bash
exec &> >(tee -a "/var/log/stolon-hooks.log")
NODE_NAME=${HOSTNAME}
IFS='-' read -ra ADDR <<< "$(hostname)"
STKEEPER_UID="keeper${ADDR[-1]}"
echo "keeper [${STKEEPER_UID}] is failing"
stolonctl \
--cluster-name={{ template "stolon.fullname" . }} \
--store-backend={{ .Values.store.backend }} \
{{- if eq .Values.store.backend "kubernetes" }}
--kube-resource-kind={{ .Values.store.kubeResourceKind }} \
{{- else }}
--store-endpoints={{ .Values.store.endpoints }} \
{{- end }}
failkeeper ${STKEEPER_UID} || true
echo "Node ${NODE_NAME} is ready to shutdown"
{{- end }}
8 changes: 4 additions & 4 deletions .../stolon/templates/create-cluster-job.yaml → ...n/templates/hooks/create-cluster-job.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,8 @@ metadata:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook-delete-policy": hook-succeeded
"helm.sh/hook": post-install
"helm.sh/hook-delete-policy": before-hook-creation
spec:
template:
metadata:
Expand All @@ -27,7 +28,7 @@ spec:
command: ["sh", "-c", "while ! etcdctl --endpoints {{ .Values.store.endpoints }} cluster-health; do sleep 1 && echo -n .; done"]
{{- end }}
containers:
- name: {{ template "stolon.fullname" . }}
- name: {{ template "stolon.fullname" . }}-create-cluster
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["/usr/local/bin/stolonctl"]
Expand All @@ -41,6 +42,5 @@ spec:
- --store-endpoints={{ .Values.store.endpoints }}
{{- end }}
- --yes
- '{"initMode":"new"{{- if .Values.pgParameters }},"pgParameters":{{ with .Values.pgParameters }}{{ toJson . }}{{- end }}{{- end }}}'
- '{ "initMode": "new", {{- range $key, $value := .Values.clusterSpec }} {{ $key | quote }}: {{ if typeIs "string" $value }} {{ $value | quote }} {{ else }} {{ $value }} {{ end }}, {{- end }} "pgParameters": {{ toJson .Values.pgParameters }} }'
{{ end }}

47 changes: 47 additions & 0 deletions stable/stolon/templates/hooks/update-cluster-spec-job.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
{{ if .Values.job.autoUpdateClusterSpec }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "stolon.fullname" . }}-update-cluster-spec
labels:
app: {{ template "stolon.name" . }}
chart: {{ template "stolon.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-delete-policy": before-hook-creation
spec:
template:
metadata:
labels:
app: {{ template "stolon.fullname" . }}
release: {{ .Release.Name }}
spec:
restartPolicy: OnFailure
serviceAccountName: {{ template "stolon.serviceAccountName" . }}
{{- if eq .Values.store.backend "etcdv2" "etcdv3" }}
initContainers:
- name: {{ .Chart.Name }}-etcd-wait
image: "{{ .Values.etcdImage.repository }}:{{ .Values.etcdImage.tag }}"
imagePullPolicy: {{ .Values.etcdImage.pullPolicy }}
command: ["sh", "-c", "while ! etcdctl --endpoints {{ .Values.store.endpoints }} cluster-health; do sleep 1 && echo -n .; done"]
{{- end }}
containers:
- name: {{ template "stolon.fullname" . }}-update-cluster-spec
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["/usr/local/bin/stolonctl"]
args:
- update
- --cluster-name={{ template "stolon.fullname" . }}
- --store-backend={{ .Values.store.backend }}
{{- if eq .Values.store.backend "kubernetes" }}
- --kube-resource-kind={{ .Values.store.kubeResourceKind }}
{{- else }}
- --store-endpoints={{ .Values.store.endpoints }}
{{- end }}
- -p
- '{ {{- range $key, $value := .Values.clusterSpec }} {{ $key | quote }}: {{ if typeIs "string" $value }} {{ $value | quote }} {{ else }} {{ $value }} {{ end }}, {{- end }} "pgParameters": {{ toJson .Values.pgParameters }} }'
{{ end }}

18 changes: 18 additions & 0 deletions stable/stolon/templates/keeper-pdb.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{{- if .Values.keeper.podDisruptionBudget }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ template "stolon.fullname" . }}-keeper
labels:
app: {{ template "stolon.name" . }}
chart: {{ template "stolon.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
selector:
matchLabels:
app: {{ template "stolon.name" . }}
release: {{ .Release.Name }}
component: stolon-keeper
{{ toYaml .Values.keeper.podDisruptionBudget | indent 2 }}
{{- end }}
Loading

0 comments on commit e26b7ee

Please sign in to comment.