-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalues.yaml
170 lines (156 loc) · 5.73 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
# A map of annotations to apply to all Pods
podAnnotations: {}
# The secret holding the password of `postgres` user (the administrator)
postgresPassword:
secretName:
generatePassword: false
# The secret holding the password of the replication-charged user (named as `replicator`)
replicationPassword:
secretName:
generatePassword: false
# The secret holding the password of a monitoring-charged user (named as `monitor`, member of `pg_monitor` group)
monitorPassword:
secretName:
generatePassword: false
# The secret holding the password of `pgpool` user (the administrator) for PgPool
pgpoolAdminPassword:
secretName:
generatePassword: false
# The secret holding a list of items of user credentials (used by PgPool to authenticate clients).
# Each item is named with the username and contains the password.
userPasswords:
secretName:
# The secret holding the TLS key/certificate for PostgreSQL/PgPool servers
tls:
secretName:
# if not empty, request the TLS certificate from the given issuer (on pre-{install,upgrade} phase)
issuerName:
# the kind of certificate issuer: ClusterIssuer, Issuer (meaningful only if issuer is given)
issuerKind: Issuer
certificate:
# number of days to make a TLS certificate valid for (meaningful only if issuer is given)
numDays: 730
# Affinity for all servers (unless a more specific affinity is defined)
affinity: ~
postgres:
image: 'postgres:15.2-alpine'
#image: 'postgis/postgis:15-3.3-alpine'
podAnnotations: {}
# The name of the headless service governing the network id of stateful sets
serviceName:
securityContext:
# The id of the user/group running postgres
# (it depends on the image used, e.g. is different in alpine/ubuntu variants)
uid: 70
gid: 70
pv:
dataDir:
size: 256Mi
# define the storage class for data directories
# note: the corresponding PVC will require ReadWriteOnce access mode for the PV
storageClassName: local-1
# should we define a selector on the PVC?
# if not, binding only works by specifying a claimRef on the PV (or will dynamic provisioning)
useSelector: true
extraMatchLabels:
{}
# subPath on the data volume to be mounted as a data directory
subPath:
archiveDir:
size: 256Mi
# define the storage class for archive directory
# note: the corresponding PVC will require ReadWriteMany access mode for the PV
storageClassName: nfs-1
useSelector: true
extraMatchLabels:
{}
# (max_connections) https://www.postgresql.org/docs/10/runtime-config-connection.html#RUNTIME-CONFIG-CONNECTION-SETTINGS
maxNumConnections: 135
# (shared_buffers) https://www.postgresql.org/docs/10/runtime-config-resource.html
sharedBuffersSize: '128MB'
# (work_mem) https://www.postgresql.org/docs/10/runtime-config-resource.html
workMemory: '6MB'
# Add extra configuration files (under /etc/postgresql/conf.d) from a configMap
#configurationFrom:
#configMapKeyRef:
# name: postgres-1-config-extra
# key: ['shared-preload-libraries.conf']
# Limit resources for each server (master or standby)
resources:
limits:
cpu: 2.0
memory: 1024Mi
requests:
cpu: 1.0
memory: 256Mi
readinessProbe:
periodSeconds: 20
initialDelaySeconds: 3
# The number (>= 0) of standby servers to start
replicas: 2
# The number of synchronous standbys (<= .replicas). If zero, all standbys will be asynchronous.
# see also: https://www.postgresql.org/docs/10/runtime-config-replication.html#GUC-SYNCHRONOUS-STANDBY-NAMES
replicasToSync: 0
master:
affinity:
standby:
affinity:
prepareData: true
pgpool:
enabled: true
image: 'ghcr.io/opertusmundi/pgpool:4-alpine'
imagePullPolicy: IfNotPresent
imagePullSecrets:
[]
podAnnotations: {}
securityContext:
# The id of the user/group running pgpool (user "postgres")
uid: 70
gid: 70
serviceName: ~
# numProcs is the number of children processes to spawn (see num_init_children of PgPool configuration)
# see https://www.pgpool.net/docs/latest/en/html/runtime-config-connection.html#GUC-NUM-INIT-CHILDREN
# NOTE: numProcs is also the maximum number of concurrent client connections! (as each connecting client is assigned
# to a single (available) child process)
numProcs: 32
# poolSize is the size of per-child connection pool (see max_pool of PgPool configuration)
# see https://www.pgpool.net/mediawiki/index.php/Relationship_between_max_pool,_num_init_children,_and_max_connections
# NOTE: poolSize * numProcs <= maxNumConnections - (numOfReservedConnections = 4)
poolSize: 4
#childLifeTime: '5min'
#clientIdleLimit: '0'
# How should PgPool load-balance readonly queries?
# * (null): Do not load balance (use only master)
# * all: Load balance to all members of the cluster (some queries may return inconsistent results
# due to replication lag)
# * sync: Load balance to master and synchronous standbys (this is only meaningful for synchronous replication,
# i.e. when postgres.replicasToSync > 0)
loadBalance: 'all'
# Limit resources
resources:
limits:
cpu: 1.0
memory: 128Mi
requests:
cpu: 0.5
memory: 128Mi
readinessProbe:
enabled: true
periodSeconds: 30
initialDelaySeconds: 3
# the number (>= 0) of PgPool servers to start
replicas: 1
# should we allow non-SSL clients?
allowNonSSL: false
psql:
enabled: true