ohaiwalt · ohaiwalt · Aug 25, 2017
diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl
@@ -38,3 +38,11 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- define "nginx.fullname" -}}
 {{- printf "%s-%s" .Release.Name "nginx" | trunc 63 -}}
 {{- end -}}
+
+{{/*
+Create a full qualified Postgres name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "postgresql.fullname" -}}
+{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 -}}
+{{- end -}}
diff --git a/templates/postgres-deployment.yaml b/templates/postgres-deployment.yaml
@@ -0,0 +1,73 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ template "postgresql.fullname" . }}
+  labels:
+    app: {{ template "postgresql.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+spec:
+  template:
+    metadata:
+      labels:
+        app: {{ template "postgresql.fullname" . }}
+    spec:
+      containers:
+      - name: postgres
+        image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
+        imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }}
+        env:
+        - name: POSTGRES_USER
+          value: {{ default "postgres" .Values.postgres.config.POSTGRES_USER | quote }}
+          # Required for pg_isready in the health probes.
+        - name: PGUSER
+          value: {{ default "postgres" .Values.postgres.config.PGUSER | quote }}
+        - name: POSTGRES_DB
+          value: {{ default "" .Values.postgres.config.POSTGRES_DB | quote }}
+        - name: POSTGRES_INITDB_ARGS
+          value: {{ default "" .Values.postgres.config.POSTGRES_INITDB_ARGS | quote }}
+        - name: PGDATA
+          value: /var/lib/postgresql/data/pgdata
+        - name: POSTGRES_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "postgresql.fullname" . }}
+              key: POSTGRES_PASSWORD
+        - name: POD_IP
+          valueFrom: { fieldRef: { fieldPath: status.podIP } }
+        ports:
+        - name: postgresql
+          containerPort: 5432
+        livenessProbe:
+          exec:
+            command:
+            - sh
+            - -c
+            - exec pg_isready --host $POD_IP
+          initialDelaySeconds: 60
+          timeoutSeconds: 5
+          failureThreshold: 6
+        readinessProbe:
+          exec:
+            command:
+            - sh
+            - -c
+            - exec pg_isready --host $POD_IP
+          initialDelaySeconds: 5
+          timeoutSeconds: 3
+          periodSeconds: 5
+        resources:
+{{ toYaml .Values.resources | indent 10 }}
+        volumeMounts:
+        - name: data
+          mountPath: /var/lib/postgresql/data/pgdata
+          subPath: {{ .Values.persistence.subPath }}
+      volumes:
+      - name: data
+      {{- if .Values.persistence.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ .Values.persistence.existingClaim | default (include "postgresql.fullname" .) }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
diff --git a/templates/postgres-persistentvolumeclaim.yaml b/templates/postgres-persistentvolumeclaim.yaml
@@ -0,0 +1,23 @@
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "postgresql.fullname" . }}
+  labels:
+    app: {{ template "postgresql.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+  annotations:
+  {{- if .Values.persistence.storageClass }}
+    volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }}
+  {{- else }}
+    volume.alpha.kubernetes.io/storage-class: default
+  {{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+{{- end -}}
diff --git a/templates/postgres-secrets.yaml b/templates/postgres-secrets.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "postgresql.fullname" . }}
+  labels:
+    app: {{ template "postgresql.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+  {{ if .Values.postgres.secrets.POSTGRES_PASSWORD }}
+  POSTGRES_PASSWORD:  {{ .Values.postgres.secrets.POSTGRES_PASSWORD | b64enc | quote }}
+  {{ else }}
+  POSTGRES_PASSWORD: {{ randAlphaNum 10 | b64enc | quote }}
+  {{ end }}
diff --git a/templates/postgres-service.yaml b/templates/postgres-service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "postgresql.fullname" . }}
+  labels:
+    app: {{ template "postgresql.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+spec:
+  type: {{ .Values.serviceType }}
+  ports:
+  - name: postgresql
+    port: 5432
+    targetPort: postgresql
+  selector:
+    app: {{ template "postgresql.fullname" . }}
diff --git a/values.yaml b/values.yaml
@@ -46,7 +46,7 @@ cog:
     ## Chat provider toggle
     ## Only one can be 'true' at a time
     COG_SLACK_ENABLED: true
-    COG_HIPCHAT_ENABLED: false
+    # COG_HIPCHAT_ENABLED:
 
     ## Hipchat specific configuration
     # COG_HIPCHAT_API_TOKEN:
@@ -132,3 +132,47 @@ nginx:
       cpu: 100m
       memory: 128Mi
   serviceType: LoadBalancer
+
+##
+## POSTGRES
+##
+
+postgres:
+  name: postgres
+  replicaCount: 1
+  image:
+    repository: postgres
+    tag: 9.6.2
+  resources:
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    requests:
+      cpu: 100m
+      memory: 128Mi  
+  serviceType: ClusterIP
+
+  config:
+    PGUSER: cog
+    POSTGRES_USER: cog
+    POSTGRES_DB: cog
+    POSTGRES_INITDB_ARGS:
+
+  secrets:
+    POSTGRES_PASSWORD: cog
+
+persistence:
+  enabled: true
+
+  ## A manually managed Persistent Volume and Claim
+  ## Requires persistence.enabled: true
+  ## If defined, PVC must be created manually before volume will be bound
+  existingClaim:
+
+  ## If defined, volume.beta.kubernetes.io/storage-class: <storageClass>
+  ## Default: volume.alpha.kubernetes.io/storage-class: default
+  ##
+  # storageClass:
+  accessMode: ReadWriteOnce
+  size: 8Gi
+  subPath: "postgresql-db"