Skip to content

Instantly share code, notes, and snippets.

@dajester2013
Created October 30, 2020 14:55
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: postgres
labels:
tier: database
app: postgres
spec:
replicas: 1
updateStrategy:
type: RollingUpdate
selector:
matchLabels:
tier: database
app: postgres
template:
metadata:
labels:
tier: database
app: postgres
spec:
securityContext:
fsGroup: 101
volumes:
- name: pgconf
configMap:
name: pgconfig
- name: cert
secret:
secretName: postgres-cert
defaultMode: 0640
terminationGracePeriodSeconds: 10
containers:
- name: postgres
image: postgres:latest
imagePullPolicy: IfNotPresent
ports:
- name: postgres
containerPort: 5432
protocol: TCP
args:
- -c
- config_file=/var/lib/postgresql/postgresql.conf
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
key: pg.password
name: postgres-credentials
- name: PGDATA
value: /var/lib/study/pg/data
- name: POSTGRES_INITDB_ARGS
value: "--auth=scram-sha-256 --auth-local=scram-sha-256"
- name: POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
livenessProbe:
exec:
command: ["sh","-c","exec pg_isready --host $POD_IP"]
failureThreshold: 6
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
exec:
command: ["sh","-c","exec pg_isready --host $POD_IP"]
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
resources:
requests:
cpu: 200m
memory: 512Mi
volumeMounts:
- name: data-vol
mountPath: /var/lib/study/pg/
- name: pgconf
mountPath: /var/lib/postgresql/postgresql.conf
subPath: postgres.conf
- name: pgconf
mountPath: /var/lib/postgresql/pg_hba.conf
subPath: pg_hba.conf
- name: cert
mountPath: /var/run/secrets/pg/certs
volumeClaimTemplates:
- metadata:
name: data-vol
labels:
tier: database
app: postgres
dsm-study-id: 793faafd-0481-4752-92da-49f90da7b152
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10G
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment