From 07157bd61bff026cd80d912d16c140c9168d90d3 Mon Sep 17 00:00:00 2001 From: shcherbak Date: Thu, 28 Nov 2024 17:02:42 +0200 Subject: [PATCH] feat: pgbouncer for postgresql (#1607) --- charts/sentry/templates/_helper.tpl | 73 +++++++++++++++++++ .../pgbouncer/pgbouncer-deployment.yaml | 65 +++++++++++++++++ .../templates/pgbouncer/pgbouncer-pdb.yaml | 18 +++++ .../pgbouncer/pgbouncer-service.yaml | 14 ++++ charts/sentry/values.yaml | 36 +++++++++ 5 files changed, 206 insertions(+) create mode 100644 charts/sentry/templates/pgbouncer/pgbouncer-deployment.yaml create mode 100644 charts/sentry/templates/pgbouncer/pgbouncer-pdb.yaml create mode 100644 charts/sentry/templates/pgbouncer/pgbouncer-service.yaml diff --git a/charts/sentry/templates/_helper.tpl b/charts/sentry/templates/_helper.tpl index e148a5625..36da31e02 100644 --- a/charts/sentry/templates/_helper.tpl +++ b/charts/sentry/templates/_helper.tpl @@ -703,6 +703,10 @@ Common Sentry environment variables - name: POSTGRES_NAME value: {{ include "sentry.postgresql.database" . | quote }} {{- end }} +{{- if .Values.pgbouncer.enabled }} +- name: POSTGRES_HOST + value: {{ template "sentry.fullname" . }}-pgbouncer +{{- else }} {{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.host }} - name: POSTGRES_HOST valueFrom: @@ -713,6 +717,11 @@ Common Sentry environment variables - name: POSTGRES_HOST value: {{ include "sentry.postgresql.host" . | quote }} {{- end }} +{{- end }} +{{- if .Values.pgbouncer.enabled }} +- name: POSTGRES_PORT + value: "5432" +{{- else }} {{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.port }} - name: POSTGRES_PORT valueFrom: @@ -723,6 +732,7 @@ Common Sentry environment variables - name: POSTGRES_PORT value: {{ include "sentry.postgresql.port" . | quote }} {{- end }} +{{- end }} {{- if and (eq .Values.filestore.backend "s3") .Values.filestore.s3.existingSecret }} - name: S3_ACCESS_KEY_ID valueFrom: @@ -876,3 +886,66 @@ Common Sentry environment variables {{- print "autoscaling/v1" -}} {{- end -}} {{- end -}} + + +{{/* +Pgbouncer environment variables +*/}} +{{- define "sentry.pgbouncer.env" -}} +{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.host }} +- name: POSTGRESQL_HOST + valueFrom: + secretKeyRef: + name: {{ .Values.externalPostgresql.existingSecret }} + key: {{ default .Values.externalPostgresql.existingSecretKeys.host }} +{{- else }} +- name: POSTGRESQL_HOST + value: {{ include "sentry.postgresql.host" . | quote }} +{{- end }} +{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.port }} +- name: POSTGRESQL_PORT + valueFrom: + secretKeyRef: + name: {{ .Values.externalPostgresql.existingSecret }} + key: {{ default .Values.externalPostgresql.existingSecretKeys.port }} +{{- else }} +- name: POSTGRESQL_PORT + value: {{ include "sentry.postgresql.port" . | quote }} +{{- end }} +{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.database }} +- name: PGBOUNCER_DATABASE + valueFrom: + secretKeyRef: + name: {{ .Values.externalPostgresql.existingSecret }} + key: {{ default .Values.externalPostgresql.existingSecretKeys.database }} +{{- else }} +- name: PGBOUNCER_DATABASE + value: {{ include "sentry.postgresql.database" . | quote }} +{{- end }} +{{- if .Values.postgresql.enabled }} +- name: POSTGRESQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default (include "sentry.postgresql.fullname" .) .Values.postgresql.auth.existingSecret }} + key: {{ default "postgres-password" .Values.postgresql.auth.secretKeys.adminPasswordKey }} +{{- else if .Values.externalPostgresql.password }} +- name: POSTGRESQL_PASSWORD + value: {{ .Values.externalPostgresql.password | quote }} +{{- else if .Values.externalPostgresql.existingSecret }} +- name: POSTGRESQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.externalPostgresql.existingSecret }} + key: {{ or .Values.externalPostgresql.existingSecretKeys.password .Values.externalPostgresql.existingSecretKey "postgresql-password" }} +{{- end }} +{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.username }} +- name: POSTGRESQL_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Values.externalPostgresql.existingSecret }} + key: {{ default .Values.externalPostgresql.existingSecretKeys.username }} +{{- else }} +- name: POSTGRESQL_USERNAME + value: {{ include "sentry.postgresql.username" . | quote }} +{{- end }} +{{- end -}} diff --git a/charts/sentry/templates/pgbouncer/pgbouncer-deployment.yaml b/charts/sentry/templates/pgbouncer/pgbouncer-deployment.yaml new file mode 100644 index 000000000..ed839602c --- /dev/null +++ b/charts/sentry/templates/pgbouncer/pgbouncer-deployment.yaml @@ -0,0 +1,65 @@ +{{- if .Values.pgbouncer.enabled }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "sentry.fullname" . }}-pgbouncer + labels: + app: {{ template "sentry.fullname" . }}-pgbouncer +spec: + replicas: {{ .Values.pgbouncer.replicas }} + selector: + matchLabels: + app: {{ template "sentry.fullname" . }}-pgbouncer + {{- if .Values.pgbouncer.updateStrategy }} + strategy: + {{ toYaml .Values.pgbouncer.updateStrategy | nindent 4 }} + {{- end }} + template: + metadata: + labels: + app: {{ template "sentry.fullname" . }}-pgbouncer + spec: + containers: + - name: pgbouncer + image: {{ .Values.pgbouncer.image.repository }}:{{ .Values.pgbouncer.image.tag }} + imagePullPolicy: {{ .Values.pgbouncer.image.pullPolicy }} + resources: + {{ toYaml .Values.pgbouncer.resources | nindent 10 }} + env: + {{ include "sentry.pgbouncer.env" . | nindent 10 }} + - name: PGBOUNCER_PORT + value: "5432" + - name: PGBOUNCER_AUTH_TYPE + value: {{ .Values.pgbouncer.authType | quote }} + - name: PGBOUNCER_MAX_CLIENT_CONN + value: {{ .Values.pgbouncer.maxClientConn | quote }} + - name: PGBOUNCER_DEFAULT_POOL_SIZE + value: {{ .Values.pgbouncer.poolSize | quote }} + - name: PGBOUNCER_POOL_MODE + value: {{ .Values.pgbouncer.poolMode | quote }} + ports: + - containerPort: 5432 + name: pgbouncer + protocol: TCP + {{- if .Values.pgbouncer.nodeSelector }} + nodeSelector: + {{ toYaml .Values.pgbouncer.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.pgbouncer.tolerations }} + tolerations: + {{ toYaml .Values.pgbouncer.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.pgbouncer.affinity }} + affinity: + {{ toYaml .Values.pgbouncer.affinity | nindent 8 }} + {{- end }} + {{- if .Values.pgbouncer.topologySpreadConstraints }} + topologySpreadConstraints: + {{ toYaml .Values.pgbouncer.topologySpreadConstraints | nindent 8 }} + {{- end }} + {{- if .Values.pgbouncer.priorityClassName }} + priorityClassName: "{{ .Values.pgbouncer.priorityClassName }}" + {{- end }} + terminationGracePeriodSeconds: 10 +{{- end }} diff --git a/charts/sentry/templates/pgbouncer/pgbouncer-pdb.yaml b/charts/sentry/templates/pgbouncer/pgbouncer-pdb.yaml new file mode 100644 index 000000000..338bb080e --- /dev/null +++ b/charts/sentry/templates/pgbouncer/pgbouncer-pdb.yaml @@ -0,0 +1,18 @@ +{{- if .Values.pgbouncer.enabled }} +{{- if .Values.pgbouncer.podDisruptionBudget.enabled }} +--- +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ template "sentry.fullname" . }}-pgbouncer +spec: + {{- if and .Values.pgbouncer.podDisruptionBudget.minAvailable (not (hasKey .Values.pgbouncer.podDisruptionBudget "maxUnavailable")) }} + minAvailable: {{ .Values.pgbouncer.podDisruptionBudget.minAvailable }} + {{- else if .Values.pgbouncer.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.pgbouncer.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + app: {{ template "sentry.fullname" . }}-pgbouncer +{{- end }} +{{- end }} diff --git a/charts/sentry/templates/pgbouncer/pgbouncer-service.yaml b/charts/sentry/templates/pgbouncer/pgbouncer-service.yaml new file mode 100644 index 000000000..4f7f3adcb --- /dev/null +++ b/charts/sentry/templates/pgbouncer/pgbouncer-service.yaml @@ -0,0 +1,14 @@ +{{- if .Values.pgbouncer.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "sentry.fullname" . }}-pgbouncer +spec: + selector: + app: {{ template "sentry.fullname" . }}-pgbouncer + ports: + - name: pgbouncer + port: 5432 + targetPort: 5432 +{{- end }} diff --git a/charts/sentry/values.yaml b/charts/sentry/values.yaml index 0bf753d4e..9d66a80c7 100644 --- a/charts/sentry/values.yaml +++ b/charts/sentry/values.yaml @@ -2474,3 +2474,39 @@ revisionHistoryLimit: 10 # options: [] extraManifests: [] + +pgbouncer: + enabled: false + postgres: + cp_max: 10 + cp_min: 5 + host: '' + dbname: '' + user: '' + password: '' + image: + repository: "bitnami/pgbouncer" + tag: "1.23.1-debian-12-r5" + pullPolicy: IfNotPresent + replicas: 2 + podDisruptionBudget: + enabled: true + # Define either 'minAvailable' or 'maxUnavailable', never both. + minAvailable: 1 + # -- Maximum unavailable pods set in PodDisruptionBudget. If set, 'minAvailable' is ignored. + # maxUnavailable: 1 + authType: "md5" + maxClientConn: "8192" + poolSize: "50" + poolMode: "transaction" + resources: {} + nodeSelector: {} + tolerations: [] + affinity: {} + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 25% + priorityClassName: '' + topologySpreadConstraints: []