kubernetes-yaml/examples/postgres/postgres-16-single.yaml

212 lines
5.2 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
# 创建 Namespace
apiVersion: v1
kind: Namespace
metadata:
name: hty1024-db
---
# 创建 StorageClass
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: storage-local-postgres
labels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: storageClass
provisioner: kubernetes.io/no-provisioner
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
---
# 创建 PersistentVolume
apiVersion: v1
kind: PersistentVolume
metadata:
name: hty1024-db-postgres-pv
labels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: persistentVolume
spec:
capacity:
storage: 20Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: storage-local-postgres
local:
path: /app/postgres/data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: node.k8s.hty1024.com/type
operator: In
values:
- app
---
# 创建 PersistentVolumeClaim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: hty1024-db-postgres-pvc
namespace: hty1024-db
labels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: persistentVolumeClaim
spec:
resources:
requests:
storage: 20Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
storageClassName: storage-local-postgres
---
# 创建 Secret自定义 PostgreSQL 用户密码)
apiVersion: v1
kind: Secret
metadata:
name: hty1024-db-postgres-secret
namespace: hty1024-db
labels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: secret
type: Opaque
stringData:
postgres.key: |
123456
immutable: true
---
# 创建 Service
apiVersion: v1
kind: Service
metadata:
name: hty1024-db-postgres-service
namespace: hty1024-db
labels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: service
spec:
type: ClusterIP
ports:
- port: 5432
targetPort: 5432
selector:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: pod
---
# 创建 StatefulSet
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: hty1024-db-postgres-statefulset
namespace: hty1024-db
labels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: statefulSet
spec:
replicas: 1
minReadySeconds: 30
selector:
matchLabels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: pod
template:
metadata:
labels:
app.k8s.hty1024.com/env: prod
app.k8s.hty1024.com/type: db
app.k8s.hty1024.com/name: postgres
app.k8s.hty1024.com/version: 16.4-alpine3.20
app.k8s.hty1024.com/resources: pod
spec:
terminationGracePeriodSeconds: 60
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- name: hty1024-db-postgres-data
persistentVolumeClaim:
claimName: hty1024-db-postgres-pvc
- name: hty1024-db-postgres-pwd
secret:
secretName: hty1024-db-postgres-secret
containers:
- name: postgres
image: postgres:16.4-alpine3.20
ports:
- name: tcp
containerPort: 5432
volumeMounts:
- name: localtime
mountPath: /etc/localtime
readOnly: true
- name: hty1024-db-postgres-data
mountPath: /var/lib/postgres
- name: hty1024-db-postgres-pwd
mountPath: /tmp/secret-volume
readOnly: true
env:
- name: POSTGRES_PASSWORD_FILE
value: "/tmp/secret-volume/postgres.key"
livenessProbe:
tcpSocket:
port: 5432
initialDelaySeconds: 300
periodSeconds: 10
timeoutSeconds: 30
failureThreshold: 3
successThreshold: 3
readinessProbe:
tcpSocket:
port: 5432
initialDelaySeconds: 10
periodSeconds: 5
successThreshold: 3
startupProbe:
tcpSocket:
port: 5432
initialDelaySeconds: 10
periodSeconds: 5
successThreshold: 3
nodeSelector:
node.k8s.hty1024.com/type: app