haproxy

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-01-28 18:18:41 +00:00 · 2024-02-06 09:57:14 +01:00
parent 67b1e56916
commit c48de3082e
8 changed files with 32 additions and 51 deletions
--- a/packages/apps/mysql/values.yaml
+++ b/packages/apps/mysql/values.yaml
@@ -21,3 +21,10 @@ databases:

 backup:
  enabled: false
+  s3Region: us-east-1
+  s3Bucket: s3.example.org/postgres-backups
+  schedule: "0 2 * * *"
+  cleanupStrategy: "--keep-last=3 --keep-daily=3 --keep-within-weekly=1m"
+  s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
+  s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog
+  resticPassword: ChaXoveekoh6eigh4siesheeda2quai0
--- a/packages/apps/postgres/templates/db.yaml
+++ b/packages/apps/postgres/templates/db.yaml
@@ -5,6 +5,7 @@ metadata:
  name: {{ .Release.Name }}
 spec:
  instances: 2
+  enableSuperuserAccess: true

  postgresql:
    parameters:
@@ -14,5 +15,4 @@ spec:
    enablePodMonitor: true

  storage:
-    storageClass: {{ required ".storage.size is required" .Values.storage.storageClass }}
-    size: {{ required ".storage.size is required" .Values.storage.size }}
+    size: {{ required ".Values.size is required" .Values.size }}
--- a/packages/apps/postgres/templates/external-svc.yaml
+++ b/packages/apps/postgres/templates/external-svc.yaml
@@ -1,29 +1,7 @@
+{{- if .Values.external }}
 apiVersion: v1
 kind: Service
 metadata:
-  annotations:
-      metallb.universe.tf/address-pool: {{ .Values.secondaryService.ipPool }}
-      metallb.universe.tf/ip-allocated-from-pool: {{ .Values.secondaryService.ipPool }}
-      metallb.universe.tf/loadBalancerIPs: {{ .Values.secondaryService.ipAddress }}
-  name: {{ .Release.Name }}-external-read
-spec:
-  type: LoadBalancer
-  externalTrafficPolicy: Local
-  allocateLoadBalancerNodePorts: false
-  ports:
-  - name: postgres
-    port: 5432
-  selector:
-    cnpg.io/cluster: {{ .Release.Name }}
-    role: replica
---
-apiVersion: v1
-kind: Service
-metadata:
-  annotations:
-      metallb.universe.tf/address-pool: {{ .Values.primaryService.ipPool }}
-      metallb.universe.tf/ip-allocated-from-pool: {{ .Values.primaryService.ipPool }}
-      metallb.universe.tf/loadBalancerIPs: {{ .Values.primaryService.ipAddress }}
  name: {{ .Release.Name }}-external-write
 spec:
  type: LoadBalancer
@@ -35,4 +13,4 @@ spec:
  selector:
    cnpg.io/cluster: {{ .Release.Name }}
    role: primary
-    
+{{- end }}
--- a/packages/apps/postgres/values.yaml
+++ b/packages/apps/postgres/values.yaml
@@ -1,14 +1,5 @@
-storage:
-  storageClass: linstor-lvm
-  size: 10Gi
-
-primaryService:
-  ipPool: private-ips
-  ipAddress: 10.100.255.10
-
-secondaryService:
-  ipPool: private-ips
-  ipAddress: 10.100.255.11
+external: false
+size: 10Gi

 users:
  user1:
@@ -36,3 +27,13 @@ databases:
      - airflow
    extensions:
    - hstore
+
+backup:
+  enabled: false
+  s3Region: us-east-1
+  s3Bucket: s3.example.org/postgres-backups
+  schedule: "0 2 * * *"
+  cleanupStrategy: "--keep-last=3 --keep-daily=3 --keep-within-weekly=1m"
+  s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
+  s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog
+  resticPassword: ChaXoveekoh6eigh4siesheeda2quai0
--- a/packages/apps/redis/templates/service.yaml
+++ b/packages/apps/redis/templates/service.yaml
@@ -8,7 +8,11 @@ metadata:
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
+  {{- if .Values.external }}
  type: LoadBalancer
+  externalTrafficPolicy: Local
+  allocateLoadBalancerNodePorts: false
+  {{- end }}
  selector:
    app.kubernetes.io/component: redis
    app.kubernetes.io/name: {{ .Release.Name }}
--- a/packages/apps/tcp-balancer/templates/deployment.yaml
+++ b/packages/apps/tcp-balancer/templates/deployment.yaml
@@ -7,14 +7,7 @@ metadata:
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
-  # TODO
-  # There is an issue with 'externalTraficPolicy: Local' and VMs accessing externalIP services from
-  # internal network, trafic is not routed due to fact their hipervisor have no local workload running
-  # Current workaround that all the nodes of parnet cluster must have at least one replica per node
-  # which are running the virtual machnes of child cluster.
-  # Consider moving to KubeVirt so all local VMs will get local identities, so internalTrafficPolicy will
-  # considered for them instead of externalTraficPolicy
-  replicas: 3
+  replicas: 2
  selector:
    matchLabels:
      app: {{ .Release.Name }}-haproxy
--- a/packages/apps/tcp-balancer/templates/service.yaml
+++ b/packages/apps/tcp-balancer/templates/service.yaml
@@ -6,14 +6,12 @@ metadata:
  labels:
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
-  {{- with .Values.loadBalancerIP }}
-  annotations:
-    metallb.universe.tf/loadBalancerIPs: {{ . }}
-  {{- end }}
 spec:
+  {{- if .Values.external }}
  type: LoadBalancer
  externalTrafficPolicy: Local
  allocateLoadBalancerNodePorts: false
+  {{- end }}
  selector:
    app: {{ .Release.Name }}-haproxy
  ports:
--- a/packages/apps/tcp-balancer/values.yaml
+++ b/packages/apps/tcp-balancer/values.yaml
@@ -1,5 +1,4 @@
-loadBalancerIP: 173.0.146.95
-whitelistHTTP: false
+external: false
 httpAndHttps:
  mode: tcp
  targetPorts:
@@ -13,6 +12,7 @@ httpAndHttps:
   - 10.100.3.3
   - 10.100.3.13

+whitelistHTTP: false
 whitelist:
 - "1.2.3.4"
 - "10.100.0.0/16"