-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathpgsql.StatefulSet.yaml
More file actions
123 lines (123 loc) · 3.78 KB
/
pgsql.StatefulSet.yaml
File metadata and controls
123 lines (123 loc) · 3.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
apiVersion: apps/v1
kind: StatefulSet
metadata:
annotations:
description: Postgres database for various data.
kubectl.kubernetes.io/default-container: pgsql
labels:
deploy: sourcegraph
sourcegraph-resource-requires: no-cluster-admin
app.kubernetes.io/component: pgsql
name: pgsql
spec:
serviceName: pgsql
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: pgsql
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
deploy: sourcegraph
app: pgsql
group: backend
spec:
initContainers:
- name: correct-data-dir-permissions
image: us-docker.pkg.dev/sourcegraph-images/internal/alpine-3.14:6.12.1792@sha256:6d9bb96ae01388856bb810a8afb6266939b74d6358574cc42d17b11efc3155ec
command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"]
volumeMounts:
- mountPath: /data
name: disk
securityContext:
# Required to prevent escalations to root.
allowPrivilegeEscalation: false
runAsUser: 999
runAsGroup: 999
resources:
limits:
cpu: "10m"
memory: "50Mi"
requests:
cpu: "10m"
memory: "50Mi"
containers:
- name: pgsql
image: us-docker.pkg.dev/sourcegraph-images/internal/postgresql-16:6.12.1792@sha256:75dee972fca098d4632e966b47178d287aa2f96e750fe22edfb8d3e6c61f3d95
terminationMessagePolicy: FallbackToLogsOnError
readinessProbe:
exec:
command:
- /ready.sh
livenessProbe:
initialDelaySeconds: 15
exec:
command:
- /liveness.sh
startupProbe:
exec:
command:
- /liveness.sh
failureThreshold: 360
periodSeconds: 10
ports:
- name: pgsql
containerPort: 5432
resources:
limits:
cpu: "4"
memory: 4Gi
requests:
cpu: "4"
memory: 4Gi
securityContext:
# Required to prevent escalations to root.
allowPrivilegeEscalation: false
runAsUser: 999
runAsGroup: 999
volumeMounts:
- mountPath: /data
name: disk
- mountPath: /conf
name: pgsql-conf
- mountPath: /dev/shm
name: dshm
- env:
- name: DATA_SOURCE_NAME
value: postgres://sg:@localhost:5432/?sslmode=disable
- name: PG_EXPORTER_EXTEND_QUERY_PATH
value: /config/queries.yaml
image: us-docker.pkg.dev/sourcegraph-images/internal/postgres_exporter:6.12.1792@sha256:4f0d5eff153eecac88367789055aa1e2fabac29cc8a929f91fc2460f4d5fa1a9
terminationMessagePolicy: FallbackToLogsOnError
name: pgsql-exporter
ports:
- name: pgsql-exporter
containerPort: 9187
resources:
limits:
cpu: 10m
memory: 50Mi
requests:
cpu: 10m
memory: 50Mi
terminationGracePeriodSeconds: 120
securityContext:
runAsUser: 999
fsGroup: 999
fsGroupChangePolicy: OnRootMismatch
volumes:
- name: disk
persistentVolumeClaim:
claimName: pgsql
- name: pgsql-conf
configMap:
# 511 in decimal = 0777 in octal
defaultMode: 511
name: pgsql-conf
- name: dshm # Allocate shared memory to match the shared_buffers value
emptyDir:
medium: Memory
sizeLimit: 1G