Mercurial > code > home > repos > pomerium

diff config/06-postgres.yaml @ 24:b53ab97e8979

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
reorganize, and add two retry loops to try to get everything to startup in one 'inv run'
author drewp@bigasterisk.com
date Thu, 08 Jun 2023 10:50:01 -0700
parents 20-kube/06-postgres.yaml@76e097b3e248
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/config/06-postgres.yaml	Thu Jun 08 10:50:01 2023 -0700
@@ -0,0 +1,96 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pomerium-db-data
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  hostPath:
+    path: "/opt/pomerium-db"
+  capacity:
+    storage: 50Gi
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  claimRef:
+    namespace: pomerium
+    name: pomerium-db-data
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  namespace: pomerium
+  name: pomerium-db-data
+spec:
+  storageClassName: ""
+  volumeName: "pomerium-db-data"
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 50Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: pomerium
+  name: pomerium-db
+spec:
+  replicas: 1
+  strategy: { type: Recreate }
+  selector:
+    matchLabels:
+      app: pomerium-db
+  template:
+    metadata:
+      labels:
+        app: pomerium-db
+      annotations:
+        prometheus.io/scrape: "false"
+    spec:
+      volumes:
+        - name: pomerium-db-data
+          persistentVolumeClaim:
+            claimName: pomerium-db-data
+      containers:
+        # see /my/serv/photoprism/deploy.yaml for exporter example (for mariadb)
+        - name: pomerium-db
+          image: postgres:14.2-alpine3.15
+          env:
+            - { name: POSTGRES_PASSWORD, value: admin }
+            - { name: POSTGRES_DB, value: pomerium }
+          ports:
+            - containerPort: 5432
+          volumeMounts:
+            - name: pomerium-db-data
+              mountPath: /var/lib/postgresql/data
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: "kubernetes.io/hostname"
+                    operator: In
+                    values: ["ditto"]
+---
+apiVersion: v1
+kind: Service
+metadata:
+  namespace: pomerium
+  name: pomerium-db
+spec:
+  ports:
+    - port: 5432
+      targetPort: 5432
+  selector:
+    app: pomerium-db
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  namespace: pomerium
+  name: postgres-connection-key
+type: Opaque
+stringData:
+  connection: postgresql://pom:pom@pomerium-db/pomerium