From 73f51f40945b4920dc2979eebb1aef332c0d439a Mon Sep 17 00:00:00 2001 From: Peter Kurfer Date: Tue, 2 Jul 2024 22:04:09 +0200 Subject: [PATCH] feat(cnpg): new cluster --- cnpg/.gitattributes | 1 + cnpg/config/{values.yaml => values.cnpg.yaml} | 2 + cnpg/config/values.ext-pgo.yaml | 3 ++ cnpg/kustomization.yaml | 15 +++++- cnpg/resources/cluster.yaml | 48 ++++++++++++++++++ cnpg/resources/secrets/cnpg-backup-creds.yaml | Bin 0 -> 543 bytes cnpg/resources/secrets/ext-pgo-admin.yaml | 8 +++ cnpg/resources/secrets/ext-pgo-creds.yaml | Bin 0 -> 593 bytes 8 files changed, 75 insertions(+), 2 deletions(-) create mode 100644 cnpg/.gitattributes rename cnpg/config/{values.yaml => values.cnpg.yaml} (86%) create mode 100644 cnpg/config/values.ext-pgo.yaml create mode 100644 cnpg/resources/cluster.yaml create mode 100644 cnpg/resources/secrets/cnpg-backup-creds.yaml create mode 100644 cnpg/resources/secrets/ext-pgo-admin.yaml create mode 100644 cnpg/resources/secrets/ext-pgo-creds.yaml diff --git a/cnpg/.gitattributes b/cnpg/.gitattributes new file mode 100644 index 0000000..f93d84a --- /dev/null +++ b/cnpg/.gitattributes @@ -0,0 +1 @@ +**/secrets/*.y*ml filter=age diff=age merge=age -text diff --git a/cnpg/config/values.yaml b/cnpg/config/values.cnpg.yaml similarity index 86% rename from cnpg/config/values.yaml rename to cnpg/config/values.cnpg.yaml index 1e6d62a..0768b2a 100644 --- a/cnpg/config/values.yaml +++ b/cnpg/config/values.cnpg.yaml @@ -1,3 +1,5 @@ +replicaCount: 2 + monitoring: podMonitorEnabled: true grafanaDashboard: diff --git a/cnpg/config/values.ext-pgo.yaml b/cnpg/config/values.ext-pgo.yaml new file mode 100644 index 0000000..9384887 --- /dev/null +++ b/cnpg/config/values.ext-pgo.yaml @@ -0,0 +1,3 @@ +replicaCount: 2 + +existingSecret: ext-postgres-operator diff --git a/cnpg/kustomization.yaml b/cnpg/kustomization.yaml index acafb54..bc15f24 100644 --- a/cnpg/kustomization.yaml +++ b/cnpg/kustomization.yaml @@ -1,12 +1,23 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: postgres-system +resources: + - resources/secrets/ext-pgo-creds.yaml + - resources/secrets/ext-pgo-admin.yaml + - resources/secrets/cnpg-backup-creds.yaml + - resources/cluster.yaml helmCharts: - releaseName: cnpg name: cloudnative-pg repo: https://cloudnative-pg.github.io/charts version: 0.21.5 - valuesFile: config/values.yaml + valuesFile: config/values.cnpg.yaml namespace: postgres-system + + - releaseName: ext-pgo + name: ext-postgres-operator + repo: https://movetokube.github.io/postgres-operator/ + version: 1.2.6 + valuesFile: config/values.ext-pgo.yaml + namespace: postgres diff --git a/cnpg/resources/cluster.yaml b/cnpg/resources/cluster.yaml new file mode 100644 index 0000000..504bd74 --- /dev/null +++ b/cnpg/resources/cluster.yaml @@ -0,0 +1,48 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: app-cluster + namespace: postgres +spec: + instances: 2 + + managed: + roles: + - name: ext_pgo_admin + ensure: present + superuser: true + createrole: true + createdb: true + + storage: + size: 10Gi + storageClass: hcloud-volumes + + backup: + barmanObjectStore: + destinationPath: cnpg + s3Credentials: + accessKeyId: + name: cnpg-backup-creds + key: ACCESS_KEY_ID + secretAccessKey: + name: cnpg-backup-creds + key: ACCESS_SECRET_KEY + retentionPolicy: "30d" + + resources: + requests: + cpu: 100m + memory: 400Mi + limits: + cpu: 500m + memory: 800Mi + + affinity: + enablePodAntiAffinity: true + topologyKey: kubernetes.io/hostname + podAntiAffinityType: preferred + + enablePDB: true + monitoring: + enablePodMonitor: true diff --git a/cnpg/resources/secrets/cnpg-backup-creds.yaml b/cnpg/resources/secrets/cnpg-backup-creds.yaml new file mode 100644 index 0000000000000000000000000000000000000000..4c34f2835484315399eda65737b2acb205ac38ce GIT binary patch literal 543 zcmV+)0^t2&XJsvAZewzJaCB*JZZ2&sJ|I{!H8n9gAX7qeV^mmXLu^M^Ycx_+YHT@W zX=Q6TWldyaVNyh5Hc4k;Sz2#OZ&E{R3PvgmO;lrOM>tGO zY+_GVVJl5WPfv0~YA-KQ3N0-yAVPL?L^)zifjft2am`sCNyxFcbekRe&!v{MenMO8^F)XH0fe59bb?4@lG h>hQ|68tm}JyR&j4ysj&#ZA=Ok>Aw$yRVkR)3}yI<<$?eJ literal 0 HcmV?d00001 diff --git a/cnpg/resources/secrets/ext-pgo-admin.yaml b/cnpg/resources/secrets/ext-pgo-admin.yaml new file mode 100644 index 0000000..d9c310b --- /dev/null +++ b/cnpg/resources/secrets/ext-pgo-admin.yaml @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> X25519 SQkKLcgCsGBZ6FM800HldDftkLV/u53xliCGnGU6Gz0 +TvQkvxIdoIydgUshJXYai2pJjo/GsEklyGfba/zj31Y +-> X25519 V60zpoLahYcT/dGVnixvv471qCE8xAOP+LoAdq04ryM +q7iTcIfP6xgpJaQZJuW0kpY9dEwbwsleyyorsFK4atA +--- W40yHxyT9ZMPvnQ0WYg7K1sG0qd4loHmyW6HYZL5zBM +#W5+D`HUdNSƐf.vC]u"gfp:ϬNBv O%3cQ9m (EK 4gܞo&vztPވ2  >&Z{'Qj:܈ "Ck)V1V] +'sw~oEFhS 7}'&[lUM=w \ No newline at end of file diff --git a/cnpg/resources/secrets/ext-pgo-creds.yaml b/cnpg/resources/secrets/ext-pgo-creds.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5fd515365df619c05357a0b7b3433e7c79df2945 GIT binary patch literal 593 zcmV-X0L($ zMr3F>WG_cAV^U9KPjqxkba`<>W^Q#*LQ+~mXHg1rF-~`Oa5F_Oa9S%*Xi;%hRzX*7 zOk!krb$MemMJqLPZZ~>sD_Al!N;nEFJ|I{!H8n9gAVy4Qa7IHfHdb$FZCGPtGEQn^ zXiR!qYD6+tM07EFG;2q0STaH}YBYF73TRhrdR1w5H)d&BH+4ioMmRW5Q&~esNlHw2 zG;UT|Z9+3lH7_uAQ&(t73N0-yAXacWQA%$^MpbrNS!QoJab!_#ZE@P+?(sNkLR=3S`ePeU&`O2!AUwOe<2Xo!`08ADD}qBTlBu(ZV?y#XiG*6Q^4^ zpu7vplLpg404_gXuX!^(&Ib)1D?A5NR#3>^gs3iUc8y|q|D4uGH@ht{VTF&5kAV4W z+~u;nY|v>BnnIVOLLgjIp|7%CJ<4Z-d3_;gl#gf(o3aaBD{jRFdMC=%4E{R3pN92Mz{tznujd;MC*=sdYxGKH@@Ad` f;kO}ZBu-G3x?KJkLIc3R^3Hy2ZyRD(6dWob1FP@6 literal 0 HcmV?d00001