chore: added helm chart for postgres read replicas

k8s/postgres-replica/Chart.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+name: primary-replica
+description: Deploy a basic postgres primary and replica cluster
+version: 5.2.1
+appVersion: 5.2.1

k8s/postgres-replica/templates/NOTES.txt

@@ -0,0 +1,8 @@
+Thank you for installing {{ .Chart.Name }} chart.
+
+Your release is named {{ .Release.Name }}.
+
+To learn more about the release, try:
+
+  $ helm status {{ .Release.Name }}
+  $ helm get {{ .Release.Name }}

k8s/postgres-replica/templates/pgprimary-secret.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: pgprimary-secret
+data:
+  username: bWFzdGVy
+  password: cGFzc3dvcmQ=

k8s/postgres-replica/templates/pgroot-secret.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: pgroot-secret
+data:
+  username: cGd1c2VyMQ==
+  password: cGFzc3dvcmQ=

k8s/postgres-replica/templates/pguser-secret.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: pguser-secret
+data:
+  username: cGd1c2VyMQ==
+  password: cGFzc3dvcmQ=

k8s/postgres-replica/templates/primary-pod.yaml

@@ -0,0 +1,77 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{.Values.container.name.primary}}"
+  labels:
+    name: "{{.Values.container.name.primary}}"
+    # The "heritage" label is used to track which tool deployed a given chart.
+    # It is useful for admins who want to see what releases a particular tool
+    # is responsible for.
+    heritage: {{.Release.Service | quote }}
+    # The "release" convention makes it easy to tie a release to all of the
+    # Kubernetes resources that were created as part of that release.
+    release: {{.Release.Name | quote }}
+    # This makes it easy to audit chart usage.
+    chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+  annotations:
+    "helm.sh/created": {{.Release.Time.Seconds | quote }}
+spec:
+  # This shows how to use a simple value. This will look for a passed-in value
+  # called restartPolicy. If it is not found, it will use the default value.
+  # {{default "Never" .restartPolicy}} is a slightly optimized version of the
+  # more conventional syntax: {{.restartPolicy | default "Never"}}
+  restartPolicy: {{default "Never" .Values.restartPolicy}}
+  containers:
+  - name: {{.Values.container.name.primary}}
+    image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}"
+    ports:
+    - containerPort: {{.Values.container.port}}
+    env:
+    - name: PGHOST
+      value: /tmp
+    - name: PG_PRIMARY_USER
+      value: primaryuser
+    - name: PG_MODE
+      value: primary
+    - name: PG_PRIMARY_PORT
+      value: "{{.Values.container.port}}"
+    - name: PG_PRIMARY_PASSWORD
+      value: "{{.Values.credentials.primary}}"
+    - name: PG_USER
+      value: testuser
+    - name: PG_PASSWORD
+      value: "{{.Values.credentials.user}}"
+    - name: PG_DATABASE
+      value: userdb
+    - name: PG_ROOT_PASSWORD
+      value: "{{.Values.credentials.root}}"
+    resources:
+      requests:
+        cpu: {{ .Values.resources.cpu }}
+        memory: {{ .Values.resources.memory }}
+    volumeMounts:
+    - mountPath: /pgdata
+      name: pgdata
+    - mountPath: /backup
+      name: backup
+      readOnly: true
+    - mountPath: /pguser
+      name: pguser-volume
+    - mountPath: /pgprimary
+      name: pgprimary-volume
+    - mountPath: /pgroot
+      name: pgroot-volume
+  volumes:
+  - emptyDir: {}
+    name: pgdata
+  - emptyDir: {}
+    name: backup
+  - name: pguser-volume
+    secret:
+     secretName: pguser-secret
+  - name: pgprimary-volume
+    secret:
+     secretName: pgprimary-secret
+  - name: pgroot-volume
+    secret:
+     secretName: pgroot-secret

k8s/postgres-replica/templates/primary-pv.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: {{.Values.pv.name}}
+spec:
+  capacity:
+    storage: {{.Values.pv.storage}}
+  accessModes:
+  - {{.Values.pv.mode}}
+  hostPath:
+    path: "{{.Values.pv.path}}"
+  persistentVolumeReclaimPolicy: Retain

k8s/postgres-replica/templates/primary-pvc.yaml

@@ -0,0 +1,10 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{.Values.pvc.name}}
+spec:
+  accessModes:
+  - ReadWriteMany
+  resources:
+    requests:
+      storage: {{.Values.pv.storage}}

k8s/postgres-replica/templates/primary-service.yaml

@@ -0,0 +1,20 @@
+# This is a service gateway to the replica set created by the deployment.
+# Take a look at the deployment.yaml for general notes about this chart.
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{.Values.container.name.primary}}"
+  labels:
+    name: "{{.Values.container.name.primary}}"
+    heritage: {{ .Release.Service | quote }}
+    release: {{ .Release.Name | quote }}
+    chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+spec:
+  type: "{{.Values.serviceType}}"
+  ports:
+  - port: {{.Values.container.port}}
+    targetPort: {{.Values.container.port}}
+    protocol: TCP
+    name: postgres
+  selector:
+    name: "{{.Values.container.name.primary}}"

k8s/postgres-replica/templates/replica-deployment.yaml

@@ -0,0 +1,81 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: "{{.Values.container.name.replica}}"
+  labels:
+    name: "{{.Values.container.name.replica}}"
+    heritage: {{.Release.Service | quote }}
+    release: {{.Release.Name | quote }}
+    chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+  annotations:
+    "helm.sh/created": {{.Release.Time.Seconds | quote }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: "{{.Values.container.name.replica}}"
+  template:
+    metadata:
+      labels:
+        name: "{{.Values.container.name.replica}}"
+      name: "{{.Values.container.name.replica}}"
+    spec:
+      containers:
+      - env:
+        - name: PGHOST
+          value: /tmp
+        - name: PG_PRIMARY_HOST
+          value: "{{.Values.container.name.primary}}"
+        - name: PG_PRIMARY_USER
+          value: primaryuser
+        - name: PG_MODE
+          value: replica
+        - name: PG_PRIMARY_PORT
+          value: "{{.Values.container.port}}"
+        - name: PG_PRIMARY_PASSWORD
+          value: "{{.Values.credentials.primary}}"
+        - name: PG_USER
+          value: testuser
+        - name: PG_PASSWORD
+          value: "{{.Values.credentials.user}}"
+        - name: PG_DATABASE
+          value: userdb
+        - name: PG_ROOT_PASSWORD
+          value: "{{.Values.credentials.root}}"
+        image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}"
+        imagePullPolicy: IfNotPresent
+        name: "{{.Values.container.name.replica}}"
+        ports:
+        - containerPort: {{.Values.container.port}}
+          protocol: TCP
+        terminationMessagePath: /dev/termination-log
+        volumeMounts:
+        - mountPath: /pgdata
+          name: pgdata
+        - mountPath: /backup
+          name: backup
+          readOnly: true
+        - mountPath: /pguser
+          name: pguser-volume
+        - mountPath: /pgprimary
+          name: pgprimary-volume
+        - mountPath: /pgroot
+          name: pgroot-volume
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - emptyDir: {}
+        name: pgdata
+      - emptyDir: {}
+        name: backup
+      - name: pguser-volume
+        secret:
+         secretName: pguser-secret
+      - name: pgprimary-volume
+        secret:
+         secretName: pgprimary-secret
+      - name: pgroot-volume
+        secret:
+         secretName: pgroot-secret

k8s/postgres-replica/templates/replica-service.yaml

@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{.Values.container.name.replica}}"
+  labels:
+    name: "{{.Values.container.name.replica}}"
+    heritage: {{ .Release.Service | quote }}
+    release: {{ .Release.Name | quote }}
+    chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+spec:
+  type: "{{.Values.serviceType}}"
+  ports:
+  - port: {{.Values.container.port}}
+    targetPort: {{.Values.container.port}}
+    protocol: TCP
+    name: postgres
+  selector:
+    name: "{{.Values.container.name.replica}}"

k8s/postgres-replica/values.yaml

@@ -0,0 +1,32 @@
+name: primary-replica
+
+container:
+  port: 5432
+  name:
+    primary: primary
+    replica: replica
+
+credentials:
+  primary: password
+  root: password
+  user: password
+
+serviceType: ClusterIP
+
+image:
+  repository: crunchydata
+  container: crunchy-postgres
+  tag: ubi8-14.6-0
+
+pv:
+  storage: 400M
+  name: primary-pv
+  mode: ReadWriteMany
+  path: /data
+
+pvc:
+  name: primary-pvc
+
+resources:
+  cpu: 200m
+  memory: 512Mi