diff --git a/README.md b/README.md index 08fdbc3..548a42d 100644 --- a/README.md +++ b/README.md @@ -12,10 +12,12 @@ Navigate to ```bash # first time set the secrets flag -helm install postgres ./postgres --set secrets=true +helm install postgres ./postgres --set secret=true # To redeploy or upgrade helm upgrade postgres ./postgres + +# After uninstall secrets and pvc are not removed, reinstall without the --set secrets=true to use the old secret ``` ### Get Password @@ -31,7 +33,7 @@ echo $(kubectl get secret postgres --output=jsonpath='{.data.POSTGRES_PASSWORD}' ```bash prefix= # first time set the secrets flag -helm template pgadmin ./pgadmin --set host=$prefix"pgadmin.apps.aws.e1.nwie.net" --set secrets=true | kubectl apply -f - +helm template pgadmin ./pgadmin --set host=$prefix"pgadmin.apps.aws.e1.nwie.net" --set secret=true | kubectl apply -f - # To redeploy or upgrade helm template pgadmin ./pgadmin --set host=$prefix"pgadmin.apps.aws.e1.nwie.net" | kubectl apply -f - diff --git a/pgadmin/templates/deploy.yaml b/pgadmin/templates/deploy.yaml index 72018c4..17653dc 100644 --- a/pgadmin/templates/deploy.yaml +++ b/pgadmin/templates/deploy.yaml @@ -25,7 +25,7 @@ spec: cpu: "1" requests: memory: "1Mi" - cpu: "1m" + cpu: "100m" volumeMounts: - name: data mountPath: /var/lib/pgadmin diff --git a/pgadmin/templates/ingress.yaml b/pgadmin/templates/ingress.yaml index 301fdb2..faa29e6 100644 --- a/pgadmin/templates/ingress.yaml +++ b/pgadmin/templates/ingress.yaml @@ -1,17 +1,39 @@ -apiVersion: extensions/v1beta1 -kind: Ingress +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute metadata: - name: {{ .Release.Name }} + name: {{ .Release.Name }}-internal-tls annotations: - kubernetes.io/ingress.class: default + kubernetes.io/ingress.class: traefik-internal spec: + entryPoints: + - websecure tls: - - hosts: - - {{ required "A valid .Values.host entry required!" .Values.host }} - rules: - - host: {{ required "A valid .Values.host entry required!" .Values.host }} - http: - paths: - - backend: - serviceName: {{ .Release.Name }} - servicePort: 80 \ No newline at end of file + certResolver: myresolver + domains: + - main: "*.ducoterra.net" + routes: + - match: Host(`{{ .Release.Name }}.ducoterra.net`) + kind: Rule + services: + - name: {{ .Release.Name }} + port: 80 + +--- + +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: {{ .Release.Name }}-internal-web + annotations: + kubernetes.io/ingress.class: traefik-internal +spec: + entryPoints: + - web + routes: + - match: Host(`{{ .Release.Name }}.ducoterra.net`) + kind: Rule + services: + - name: {{ .Release.Name }} + port: 80 + middlewares: + - name: httpsredirect \ No newline at end of file diff --git a/pgadmin/templates/pvc.yaml b/pgadmin/templates/pvc.yaml index 0e28270..2686e4d 100644 --- a/pgadmin/templates/pvc.yaml +++ b/pgadmin/templates/pvc.yaml @@ -1,11 +1,15 @@ +{{ if .Release.IsInstall }} apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ .Release.Name }} + annotations: + "helm.sh/resource-policy": keep spec: - storageClassName: efs-gp + storageClassName: nfs-encrypted accessModes: - ReadWriteMany resources: requests: - storage: 64Gi \ No newline at end of file + storage: 8Gi +{{ end }} \ No newline at end of file diff --git a/pgadmin/templates/secret.yaml b/pgadmin/templates/secret.yaml index 0a06b92..9a28d6a 100644 --- a/pgadmin/templates/secret.yaml +++ b/pgadmin/templates/secret.yaml @@ -1,8 +1,10 @@ -{{ if .Values.secrets }} +{{ if and .Values.secret .Release.IsInstall }} apiVersion: v1 kind: Secret metadata: - name: pgadmin + name: {{ .Release.Name }} + annotations: + "helm.sh/resource-policy": keep type: generic data: PGADMIN_DEFAULT_EMAIL: {{ "postgres" | b64enc | quote }} diff --git a/postgres/templates/deploy.yaml b/postgres/templates/deploy.yaml index 793c145..e05ebab 100644 --- a/postgres/templates/deploy.yaml +++ b/postgres/templates/deploy.yaml @@ -25,7 +25,7 @@ spec: cpu: "4" requests: memory: "1Mi" - cpu: "1m" + cpu: "100m" volumeMounts: - name: data mountPath: /var/lib/postgresql/data diff --git a/postgres/templates/pvc.yaml b/postgres/templates/pvc.yaml index 0e28270..1b9a85b 100644 --- a/postgres/templates/pvc.yaml +++ b/postgres/templates/pvc.yaml @@ -1,11 +1,15 @@ +{{ if .Release.IsInstall }} apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ .Release.Name }} + annotations: + "helm.sh/resource-policy": keep spec: - storageClassName: efs-gp + storageClassName: nfs-encrypted accessModes: - ReadWriteMany resources: requests: - storage: 64Gi \ No newline at end of file + storage: 64Gi +{{ end }} \ No newline at end of file diff --git a/postgres/templates/secret.yaml b/postgres/templates/secret.yaml index 2491b3f..7a59137 100644 --- a/postgres/templates/secret.yaml +++ b/postgres/templates/secret.yaml @@ -1,8 +1,10 @@ -{{ if .Values.secrets }} +{{ if and .Values.secret .Release.IsInstall }} apiVersion: v1 kind: Secret metadata: - name: postgres + name: {{ .Release.Name }} + annotations: + "helm.sh/resource-policy": keep type: generic data: POSTGRES_USER: {{ "postgres" | b64enc | quote }} diff --git a/postgres/values.yaml b/postgres/values.yaml index 930862a..48b2f30 100644 --- a/postgres/values.yaml +++ b/postgres/values.yaml @@ -1,2 +1,2 @@ image: postgres -tag: 12.3-alpine +tag: latest