From db9512c7ad48289431d159cbfe1bb1af8459c50c Mon Sep 17 00:00:00 2001 From: richard Date: Mon, 2 Jan 2023 16:16:29 -0500 Subject: [PATCH] create postgresql deployment --- .idea/dataSources.xml | 8 +++ ansible-5/roles/prod.k3s/defaults/main.yml | 10 +++ .../roles/prod.k3s/files/postgres/values.yaml | 11 ++++ .../tasks/deployments/postgresql.yaml | 65 +++++++++++++++++++ ansible-5/roles/prod.k3s/tasks/main.yml | 4 ++ .../prod.k3s/templates/postgres/pv-claim.yaml | 13 ++++ .../roles/prod.k3s/templates/postgres/pv.yaml | 17 +++++ 7 files changed, 128 insertions(+) create mode 100644 ansible-5/roles/prod.k3s/files/postgres/values.yaml create mode 100644 ansible-5/roles/prod.k3s/tasks/deployments/postgresql.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/postgres/pv-claim.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/postgres/pv.yaml diff --git a/.idea/dataSources.xml b/.idea/dataSources.xml index a7d2382..b925a85 100644 --- a/.idea/dataSources.xml +++ b/.idea/dataSources.xml @@ -65,5 +65,13 @@ + + postgresql + true + forwarded connection to postgres + org.postgresql.Driver + jdbc:postgresql://localhost:5432/postgres + $ProjectFileDir$ + \ No newline at end of file diff --git a/ansible-5/roles/prod.k3s/defaults/main.yml b/ansible-5/roles/prod.k3s/defaults/main.yml index 961c06b..e4aa05f 100644 --- a/ansible-5/roles/prod.k3s/defaults/main.yml +++ b/ansible-5/roles/prod.k3s/defaults/main.yml @@ -59,6 +59,16 @@ apps: root_password: q4890qhhfgq9pfg3q4uyg33 replication_password: 4q389hq7gf8qo47gq8374g + postgres: + enabled: true + namespace: postgres + pvc: data-postgres-0 + state: present + secrets: + password: faj48290q2u58vy8qphqtqj + postgres_password: q4890qhhfgq9pfg3q4uyg33 + replication_password: 4q389hq7gf8qo47gq8374g + gitea: enabled: false namespace: gitea diff --git a/ansible-5/roles/prod.k3s/files/postgres/values.yaml b/ansible-5/roles/prod.k3s/files/postgres/values.yaml new file mode 100644 index 0000000..15a3060 --- /dev/null +++ b/ansible-5/roles/prod.k3s/files/postgres/values.yaml @@ -0,0 +1,11 @@ +--- +# values for PostgreSQL + +image: + repository: bitnami/postgresql + tag: 15.1.0-debian-11-r12 + +auth: + database: test + username: "test" + existingSecret: postgres-secrets diff --git a/ansible-5/roles/prod.k3s/tasks/deployments/postgresql.yaml b/ansible-5/roles/prod.k3s/tasks/deployments/postgresql.yaml new file mode 100644 index 0000000..136c693 --- /dev/null +++ b/ansible-5/roles/prod.k3s/tasks/deployments/postgresql.yaml @@ -0,0 +1,65 @@ +--- +#https://github.com/bitnami/charts/tree/main/bitnami/postgresql + + + +- name: Create a namespace for postgres + k8s: + kubeconfig: "/etc/rancher/k3s/k3s.yaml" + name: "{{apps.postgres.namespace}}" + api_version: v1 + kind: Namespace + state: "{{apps.postgres.state}}" + become: true + +- name: create persistent volume resources + kubernetes.core.k8s: + kubeconfig: "/etc/rancher/k3s/k3s.yaml" + state: "{{apps.postgres.state}}" + definition: "{{ lookup('template', item) | from_yaml }}" + loop: + - postgres/pv.yaml + - postgres/pv-claim.yaml + become: true + +- name: create secret for postgres + kubernetes.core.k8s: + kubeconfig: "/etc/rancher/k3s/k3s.yaml" + state: "{{apps.postgres.state}}" + definition: + apiVersion: v1 + kind: Secret + type: Opaque + metadata: + name: postgres-secrets + namespace: "{{apps.postgres.namespace}}" + stringData: + password: "{{apps.postgres.secrets.password}}" + postgres-password: "{{apps.postgres.secrets.postgres_password}}" + replication-password: "{{apps.postgres.secrets.replication_password}}" + become: true + +- name: Install postgres globally available + block: + - name: Add postgres chart helm repo + local_action: + module: kubernetes.core.helm_repository + name: bitnami + repo_url: https://charts.bitnami.com/bitnami + + - name: load variables files/postgres/values.yaml + ansible.builtin.include_vars: + file: files/postgres/values.yaml + name: stash_values + + - name: Install postgres Release + local_action: + module: kubernetes.core.helm + release_state: "{{apps.postgres.state}}" + name: postgresql + namespace: "{{apps.postgres.namespace}}" + create_namespace: yes + update_repo_cache: True + chart_ref: bitnami/postgresql + values: "{{stash_values}}" + wait: true diff --git a/ansible-5/roles/prod.k3s/tasks/main.yml b/ansible-5/roles/prod.k3s/tasks/main.yml index b8da6fb..eb63c9e 100644 --- a/ansible-5/roles/prod.k3s/tasks/main.yml +++ b/ansible-5/roles/prod.k3s/tasks/main.yml @@ -22,6 +22,10 @@ include_tasks: deployments/mariadb.yaml when: apps.mariadb.enabled +- name: deploy postgresql + include_tasks: deployments/postgresql.yaml + when: apps.postgres.enabled + - name: deploy gitea include_tasks: deployments/gitea.yaml when: apps.gitea.enabled diff --git a/ansible-5/roles/prod.k3s/templates/postgres/pv-claim.yaml b/ansible-5/roles/prod.k3s/templates/postgres/pv-claim.yaml new file mode 100644 index 0000000..0c9e610 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/postgres/pv-claim.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: "{{apps.postgres.pvc}}" + namespace: "{{apps.postgres.namespace}}" +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi diff --git a/ansible-5/roles/prod.k3s/templates/postgres/pv.yaml b/ansible-5/roles/prod.k3s/templates/postgres/pv.yaml new file mode 100644 index 0000000..23cf24f --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/postgres/pv.yaml @@ -0,0 +1,17 @@ +--- +# persistent volume +apiVersion: v1 +kind: PersistentVolume +metadata: + name: postgres-pv-local + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: 100Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/opt/data/db/postgres-15.1" +