# PostgreSQL on Kubernetes. local kube = import "kube.libsonnet"; { local postgres = self, local cfg = postgres.cfg, cfg:: { namespace: error "namespace must be set", appName: error "app name must be set", storageClassName: "waw-hdd-redundant-1", prefix: "", # if set, should be 'foo-' image: "postgres:10.4", database: error "database must be set", username: error "username must be set", # not literal, instead ref for env (like { secretKeyRef: ... }) password: error "password must be set", }, makeName(suffix):: cfg.prefix + suffix, metadata:: { namespace: cfg.namespace, labels: { "app.kubernetes.io/name": cfg.appName, "app.kubernetes.io/managed-by": "kubecfg", "app.kubernetes.io/component": "postgres", }, }, volumeClaim: kube.PersistentVolumeClaim(postgres.makeName("postgres")) { metadata+: postgres.metadata, spec+: { storageClassName: cfg.storageClassName, accessModes: [ "ReadWriteOnce" ], resources: { requests: { storage: "30Gi", }, }, }, }, deployment: kube.Deployment(postgres.makeName("postgres")) { metadata+: postgres.metadata, spec+: { replicas: 1, template+: { spec+: { volumes_: { data: kube.PersistentVolumeClaimVolume(postgres.volumeClaim), }, containers_: { postgres: kube.Container(postgres.makeName("postgres")) { image: cfg.image, ports_: { client: { containerPort: 5432 }, }, env_: { POSTGRES_DB: cfg.database, POSTGRES_USER: cfg.username, POSTGRES_PASSWORD: cfg.password, PGDATA: "/var/lib/postgresql/data/pgdata", }, volumeMounts_: { data: { mountPath: "/var/lib/postgresql/data" }, }, }, }, }, }, }, }, svc: kube.Service(postgres.makeName("postgres")) { metadata+: postgres.metadata, target_pod:: postgres.deployment.spec.template, spec+: { ports: [ { name: "client", port: 5432, targetPort: 5432, protocol: "TCP" }, ], type: "ClusterIP", }, }, }