diff --git a/charts/postgres-operator/templates/configmap.yaml b/charts/postgres-operator/templates/configmap.yaml index 84206435f..962df45ef 100644 --- a/charts/postgres-operator/templates/configmap.yaml +++ b/charts/postgres-operator/templates/configmap.yaml @@ -9,13 +9,18 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} data: pod_service_account_name: {{ template "postgres-operator.fullname" . }} -{{ toYaml .Values.config | indent 2 }} + docker_image: {{ toYaml .Values.docker_image }} + debug_logging: "{{ toYaml .Values.configDebug.debug_logging }}" + enable_database_access: "{{ toYaml .Values.configDebug.enable_database_access }}" + repair_period: {{ toYaml .Values.repair_period }} + resync_period: {{ toYaml .Values.resync_period }} + spilo_privileged: "{{ toYaml .Values.spilo_privileged }}" +{{ toYaml .Values.configMap | indent 2 }} {{ toYaml .Values.configUsers | indent 2 }} {{ toYaml .Values.configKubernetes | indent 2 }} {{ toYaml .Values.configNamespace | indent 2 }} {{ toYaml .Values.configTimeouts | indent 2 }} {{ toYaml .Values.configLoadBalancer | indent 2 }} {{ toYaml .Values.configAwsOrGcp | indent 2 }} -{{ toYaml .Values.configDebug | indent 2 }} {{ toYaml .Values.configTeamsApi | indent 2 }} {{ toYaml .Values.configLoggingRestApi | indent 2 }} diff --git a/charts/postgres-operator/templates/deployment.yaml b/charts/postgres-operator/templates/deployment.yaml index a0de5cf21..5ccc1ce37 100644 --- a/charts/postgres-operator/templates/deployment.yaml +++ b/charts/postgres-operator/templates/deployment.yaml @@ -18,7 +18,7 @@ spec: annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} # In order to use the checksum of CRD OperatorConfiguration instead, use the following line instead - # checksum/config: {{ include (print $.Template.BasePath "/operatorconfiguration.yaml") . | sha256sum }} + # {{ include (print $.Template.BasePath "/operatorconfiguration.yaml") . | sha256sum }} {{- if .Values.podAnnotations }} {{ toYaml .Values.podAnnotations | indent 8 }} {{- end }} diff --git a/charts/postgres-operator/templates/operatorconfiguration.yaml b/charts/postgres-operator/templates/operatorconfiguration.yaml index adc6a9674..84e62d0fb 100644 --- a/charts/postgres-operator/templates/operatorconfiguration.yaml +++ b/charts/postgres-operator/templates/operatorconfiguration.yaml @@ -9,18 +9,22 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} configuration: pod_service_account_name: operator -{{ toYaml .Values.config | indent 2 }} + docker_image: {{ toYaml .Values.docker_image }} + repair_period: {{ toYaml .Values.repair_period }} + resync_period: {{ toYaml .Values.resync_period }} {{ toYaml .Values.configCRD | indent 2 }} users: {{ toYaml .Values.configUsers | indent 4 }} kubernetes: + spilo_privileged: {{ toYaml .Values.spilo_privileged }} {{ toYaml .Values.configKubernetes | indent 4 }} +{{ toYaml .Values.configKubernetesCRD | indent 4 }} postgres_pod_resources: {{ toYaml .Values.configPostgresPodResources | indent 4 }} timeouts: {{ toYaml .Values.configTimeouts | indent 4 }} load_balancer: -{{ toYaml .Values.configLoadBalancer | indent 4 }} +{{ toYaml .Values.configLoadBalancerCRD | indent 4 }} aws_or_gcp: {{ toYaml .Values.configAwsOrGcp | indent 4 }} debug: @@ -28,6 +32,6 @@ configuration: teams_api: {{ toYaml .Values.configTeamsApiCRD | indent 4 }} logging_rest_api: -{{ toYaml .Values.configLoggingRestApi | indent 4 }} +{{ toYaml .Values.configLoggingRestApiCRD | indent 4 }} scalyr: {{ toYaml .Values.configScalyr | indent 4 }} diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index 3cad3567a..b6f93a8cd 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -10,40 +10,52 @@ image: # imagePullSecrets: # - name: myRegistryKeySecretName +docker_image: registry.opensource.zalan.do/acid/spilo-cdp-11:1.5-p70 podAnnotations: {} podLabels: {} +repair_period: 5m +resync_period: 5m +spilo_privileged: false -config: +configMap: cluster_labels: application:spilo cluster_name_label: version - docker_image: registry.opensource.zalan.do/acid/spilo-cdp-11:1.5-p70 workers: "4" configCRD: etcd_host: "" min_instances: -1 max_instances: -1 - #sidecar_docker_images - # example: "exampleimage:exampletag" + workers: 4 + # sidecar_docker_images + # example: "exampleimage:exampletag" configUsers: replication_username: standby super_username: postgres configKubernetes: - cluster_labels: application:spilo - enable_pod_antiaffinity: "false" # inherited_labels: "" # infrastructure_roles_secret_name: postgresql-infrastructure-roles # node_readiness_label: "" # oauth_token_secret_name: postgresql-operator # pod_environment_configmap: "" - pod_antiaffinity_topology_key: "kubernetes.io/hostname" pod_management_policy: "ordered_ready" pdb_name_format: "postgres-{cluster}-pdb" pod_role_label: spilo-role + pod_terminate_grace_period: 5m secret_name_template: '{username}.{cluster}.credentials' - spilo_privileged: "false" + +configKubernetesCRD: + cluster_labels: + application: spilo + cluster_name_label: cluster-name + enable_pod_antiaffinity: false + pod_antiaffinity_topology_key: "kubernetes.io/hostname" + secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}" + # inherited_labels: + # - application + # - app configNamespace: watched_namespace: "*" # listen to all namespaces @@ -53,28 +65,38 @@ configPostgresPodResources: default_memory_request: 100Mi default_cpu_limit: "3" default_memory_limit: 1Gi - # set_memory_request_to_limit: "true" + # set_memory_request_to_limit: true configTimeouts: # master_pod_move_timeout: 10m pod_deletion_wait_timeout: 10m pod_label_wait_timeout: 10m - pod_terminate_grace_period: 5m ready_wait_interval: 3s ready_wait_timeout: 30s - resync_period: 5m - repair_period: 5m resource_check_interval: 3s resource_check_timeout: 10m configLoadBalancer: # custom_service_annotations: - # "keyx:valuez,keya:valuea" - enable_master_load_balancer: "false" + # "keyx:valuez,keya:valuea" + enable_master_load_balancer: "true" enable_replica_load_balancer: "false" master_dns_name_format: '{cluster}.{team}.staging.{hostedzone}' replica_dns_name_format: '{cluster}-repl.{team}.staging.{hostedzone}' +configLoadBalancerCRD: + # custom_service_annotations: + # keyx: valuez + # keya: valuea + enable_master_load_balancer: false + enable_replica_load_balancer: false + master_dns_name_format: "{cluster}.{team}.{hostedzone}" + replica_dns_name_format: "{cluster}-repl.{team}.{hostedzone}" + +configDebug: + debug_logging: true + enable_database_access: true + configAwsOrGcp: aws_region: eu-central-1 db_hosted_zone: db.example.com @@ -82,13 +104,9 @@ configAwsOrGcp: # log_s3_bucket: "" # wal_s3_bucket: "" -configDebug: - debug_logging: "true" - enable_database_access: "true" - configTeamsApi: - # enable_admin_role_for_users: "true" enable_teams_api: "false" + # enable_admin_role_for_users: "true" # enable_team_superuser: "false" # pam_configuration: https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees # pam_role_name: zalandos @@ -98,20 +116,28 @@ configTeamsApi: # teams_api_url: http://fake-teams-api.default.svc.cluster.local configTeamsApiCRD: - enable_team_superuser: "false" + enable_teams_api: false + enable_team_superuser: false # pam_configuration: "" - pam_role_name: "zalandos" - #postgres_superuser_teams: "postgres_superusers" - protected_role_names: "admin" - team_admin_role: "admin" - # team_api_role_configuration: "log_statement:all" - # teams_api_url: http://fake-teams-api.default.svc.cluster.local + pam_role_name: zalandos + # postgres_superuser_teams: "postgres_superusers" + protected_role_names: + - admin + team_admin_role: admin + team_api_role_configuration: + log_statement: all + # teams_api_url: "" configLoggingRestApi: api_port: "8080" cluster_history_entries: "1000" ring_log_lines: "100" +configLoggingRestApiCRD: + api_port: 8080 + cluster_history_entries: 1000 + ring_log_lines: 100 + scalyr: scalyr_cpu_request: 100m scalyr_memory_request: 50Mi