secret correction
This commit is contained in:
ducoterra
@@ -12,10 +12,12 @@ Navigate to <http://pgadmin.local>
|
|||||||
|
|
||||||
```bash
|
```bash
|
||||||
# first time set the secrets flag
|
# first time set the secrets flag
|
||||||
helm install postgres ./postgres --set secrets=true
|
helm install postgres ./postgres --set secret=true
|
||||||
|
|
||||||
# To redeploy or upgrade
|
# To redeploy or upgrade
|
||||||
helm upgrade postgres ./postgres
|
helm upgrade postgres ./postgres
|
||||||
|
|
||||||
|
# After uninstall secrets and pvc are not removed, reinstall without the --set secrets=true to use the old secret
|
||||||
```
|
```
|
||||||
|
|
||||||
### Get Password
|
### Get Password
|
||||||
@@ -31,7 +33,7 @@ echo $(kubectl get secret postgres --output=jsonpath='{.data.POSTGRES_PASSWORD}'
|
|||||||
```bash
|
```bash
|
||||||
prefix=<custom prefix>
|
prefix=<custom prefix>
|
||||||
# first time set the secrets flag
|
# first time set the secrets flag
|
||||||
helm template pgadmin ./pgadmin --set host=$prefix"pgadmin.apps.aws.e1.nwie.net" --set secrets=true | kubectl apply -f -
|
helm template pgadmin ./pgadmin --set host=$prefix"pgadmin.apps.aws.e1.nwie.net" --set secret=true | kubectl apply -f -
|
||||||
|
|
||||||
# To redeploy or upgrade
|
# To redeploy or upgrade
|
||||||
helm template pgadmin ./pgadmin --set host=$prefix"pgadmin.apps.aws.e1.nwie.net" | kubectl apply -f -
|
helm template pgadmin ./pgadmin --set host=$prefix"pgadmin.apps.aws.e1.nwie.net" | kubectl apply -f -
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ spec:
|
|||||||
cpu: "1"
|
cpu: "1"
|
||||||
requests:
|
requests:
|
||||||
memory: "1Mi"
|
memory: "1Mi"
|
||||||
cpu: "1m"
|
cpu: "100m"
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: data
|
- name: data
|
||||||
mountPath: /var/lib/pgadmin
|
mountPath: /var/lib/pgadmin
|
||||||
|
|||||||
@@ -1,17 +1,39 @@
|
|||||||
apiVersion: extensions/v1beta1
|
apiVersion: traefik.containo.us/v1alpha1
|
||||||
kind: Ingress
|
kind: IngressRoute
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Name }}
|
name: {{ .Release.Name }}-internal-tls
|
||||||
annotations:
|
annotations:
|
||||||
kubernetes.io/ingress.class: default
|
kubernetes.io/ingress.class: traefik-internal
|
||||||
spec:
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
certResolver: myresolver
|
||||||
- {{ required "A valid .Values.host entry required!" .Values.host }}
|
domains:
|
||||||
rules:
|
- main: "*.ducoterra.net"
|
||||||
- host: {{ required "A valid .Values.host entry required!" .Values.host }}
|
routes:
|
||||||
http:
|
- match: Host(`{{ .Release.Name }}.ducoterra.net`)
|
||||||
paths:
|
kind: Rule
|
||||||
- backend:
|
services:
|
||||||
serviceName: {{ .Release.Name }}
|
- name: {{ .Release.Name }}
|
||||||
servicePort: 80
|
port: 80
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
apiVersion: traefik.containo.us/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: {{ .Release.Name }}-internal-web
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: traefik-internal
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- web
|
||||||
|
routes:
|
||||||
|
- match: Host(`{{ .Release.Name }}.ducoterra.net`)
|
||||||
|
kind: Rule
|
||||||
|
services:
|
||||||
|
- name: {{ .Release.Name }}
|
||||||
|
port: 80
|
||||||
|
middlewares:
|
||||||
|
- name: httpsredirect
|
||||||
@@ -1,11 +1,15 @@
|
|||||||
|
{{ if .Release.IsInstall }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Name }}
|
name: {{ .Release.Name }}
|
||||||
|
annotations:
|
||||||
|
"helm.sh/resource-policy": keep
|
||||||
spec:
|
spec:
|
||||||
storageClassName: efs-gp
|
storageClassName: nfs-encrypted
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 64Gi
|
storage: 8Gi
|
||||||
|
{{ end }}
|
||||||
@@ -1,8 +1,10 @@
|
|||||||
{{ if .Values.secrets }}
|
{{ if and .Values.secret .Release.IsInstall }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: pgadmin
|
name: {{ .Release.Name }}
|
||||||
|
annotations:
|
||||||
|
"helm.sh/resource-policy": keep
|
||||||
type: generic
|
type: generic
|
||||||
data:
|
data:
|
||||||
PGADMIN_DEFAULT_EMAIL: {{ "postgres" | b64enc | quote }}
|
PGADMIN_DEFAULT_EMAIL: {{ "postgres" | b64enc | quote }}
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ spec:
|
|||||||
cpu: "4"
|
cpu: "4"
|
||||||
requests:
|
requests:
|
||||||
memory: "1Mi"
|
memory: "1Mi"
|
||||||
cpu: "1m"
|
cpu: "100m"
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: data
|
- name: data
|
||||||
mountPath: /var/lib/postgresql/data
|
mountPath: /var/lib/postgresql/data
|
||||||
|
|||||||
@@ -1,11 +1,15 @@
|
|||||||
|
{{ if .Release.IsInstall }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Release.Name }}
|
name: {{ .Release.Name }}
|
||||||
|
annotations:
|
||||||
|
"helm.sh/resource-policy": keep
|
||||||
spec:
|
spec:
|
||||||
storageClassName: efs-gp
|
storageClassName: nfs-encrypted
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 64Gi
|
storage: 64Gi
|
||||||
|
{{ end }}
|
||||||
@@ -1,8 +1,10 @@
|
|||||||
{{ if .Values.secrets }}
|
{{ if and .Values.secret .Release.IsInstall }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: postgres
|
name: {{ .Release.Name }}
|
||||||
|
annotations:
|
||||||
|
"helm.sh/resource-policy": keep
|
||||||
type: generic
|
type: generic
|
||||||
data:
|
data:
|
||||||
POSTGRES_USER: {{ "postgres" | b64enc | quote }}
|
POSTGRES_USER: {{ "postgres" | b64enc | quote }}
|
||||||
|
|||||||
@@ -1,2 +1,2 @@
|
|||||||
image: postgres
|
image: postgres
|
||||||
tag: 12.3-alpine
|
tag: latest
|
||||||
|
|||||||
Reference in New Issue
Block a user