sarex/iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
176445e9f9
iac/clusters/yc-infra-prod/infrastructure/patches/postgresql.yaml

147 lines
4.0 KiB
YAML
Raw Blame History

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: postgresql
namespace: postgresql
spec:
install:
disableWait: true
remediation:
retries: 0
upgrade:
disableWait: true
remediation:
retries: 0
chart:
spec:
version: "13.0.9"
values:
global:
security:
allowInsecureImages: true
image:
registry: cr.yandex/crp3ccidau046kdj8g9q
repository: contour/postgresql
tag: "13.0.9"
pullPolicy: IfNotPresent
postgresqlSharedPreloadLibraries: "timescaledb,pg_stat_statements"
shmVolume:
enabled: true
sizeLimit: 1Gi
primary:
containerSecurityContext:
readOnlyRootFilesystem: false
extendedConfiguration: |-
listen_addresses = '*'
fsync = off
full_page_writes = off
synchronous_commit = off
shared_buffers = 6GB
effective_cache_size = 18GB
work_mem = 64MB
maintenance_work_mem = 1536MB
temp_buffers = 64MB
max_connections = 60
autovacuum = off
jit = off
max_worker_processes = 32
max_parallel_workers = 4
max_parallel_maintenance_workers = 2
max_parallel_workers_per_gather = 0
max_wal_size = 16GB
checkpoint_timeout = 1h
checkpoint_completion_target = 0.9
wal_level = minimal
max_wal_senders = 0
archive_mode = off
random_page_cost = 1.1
timescaledb.max_background_workers = 16
timescaledb.telemetry_level = off
terminationGracePeriodSeconds: 3600
customStartupProbe:
exec:
command:
- /bin/sh
- -ec
- |
pid_file="${PGDATA:-/bitnami/postgresql/data}/postmaster.pid"
test -s "$pid_file" && kill -0 "$(head -n 1 "$pid_file")"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 720
customLivenessProbe:
exec:
command:
- /bin/sh
- -ec
- |
pid_file="${PGDATA:-/bitnami/postgresql/data}/postmaster.pid"
test -s "$pid_file" && kill -0 "$(head -n 1 "$pid_file")"
initialDelaySeconds: 120
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 20
customReadinessProbe:
exec:
command:
- /bin/sh
- -ec
- exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
resources:
requests:
cpu: "6"
memory: 25Gi
limits:
cpu: "6"
memory: 25Gi
nodeSelector:
dedicated: sts
tolerations:
- key: dedicated
operator: Equal
value: sts
effect: NoSchedule
persistence:
storageClass: database-storage
size: 500Gi
metrics:
containerSecurityContext:
readOnlyRootFilesystem: false
contour:
enabled: true
vault:
enabled: true
role: postgresql-contour
authPath: auth/kubernetes
secretPath: secrets/data/yc-infra-prod/infra/postgresql_contour/postgresql_contour_secret
secretKey: postgres-password
usersSecretPath: secrets/data/yc-infra-prod/infra/postgresql_contour/postgresql_users_secret
sharedPreloadLibraries: "timescaledb,pg_stat_statements"
"s3-proxy":
endpointUrl: "s3-proxy-service.postgresql.svc.cluster.local"
databases:
- name: sanitizer
user: sanitizer
passwordKey: sanitizer
extensions:
- ltree
- pg_stat_statements
- postgis
- timescaledb
- uuid-ossp
- pg_trgm
- btree_gin
- btree_gist
- hstore
- pg_partman
- vector
restoreFromDump: false
Reference in New Issue View Git Blame Copy Permalink