Skip to content

Commit

Permalink
Chart: PgBouncer service enhancements (#19749)
Browse files Browse the repository at this point in the history 
* Added support for extraVolumes and extraVolumeMounts
* Added separate sslmode for metrics exporter
* Fixed condition for pgbouncer volume mounts
  • Loading branch information
@pgvishnuram
pgvishnuram authored Dec 13, 2021
1 parent bb0dde1 commit 8ac1b41
Show file tree
Hide file tree
Showing 5 changed files with 69 additions and 3 deletions.
8 changes: 8 additions & 0 deletions chart/templates/pgbouncer/pgbouncer-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,9 @@ spec:
subPath: server.key
mountPath: /etc/pgbouncer/server.key
readOnly: true
{{- end }}
{{- if .Values.pgbouncer.extraVolumeMounts }}
{{ toYaml .Values.pgbouncer.extraVolumeMounts | indent 12 }}
{{- end }}
lifecycle:
preStop:
Expand Down Expand Up @@ -158,7 +161,12 @@ spec:
- name: pgbouncer-config
secret:
secretName: {{ template "pgbouncer_config_secret" . }}
{{- if or .Values.pgbouncer.ssl.ca .Values.pgbouncer.ssl.cert .Values.pgbouncer.ssl.key }}
- name: pgbouncer-certificates
secret:
secretName: {{ template "pgbouncer_certificates_secret" . }}
{{- end }}
{{- if .Values.pgbouncer.extraVolumes }}
{{ toYaml .Values.pgbouncer.extraVolumes | indent 8 }}
{{- end }}
{{- end }}
2 changes: 1 addition & 1 deletion chart/templates/secrets/pgbouncer-stats-secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,5 +34,5 @@ metadata:
{{- end }}
type: Opaque
data:
connection: {{ urlJoin (dict "scheme" "postgresql" "userinfo" (printf "%s:%s" (.Values.data.metadataConnection.user | urlquery) (.Values.data.metadataConnection.pass | urlquery) ) "host" (printf "127.0.0.1:%s" (.Values.ports.pgbouncer | toString)) "path" "/pgbouncer" "query" "sslmode=disable") | b64enc | quote }}
connection: {{ urlJoin (dict "scheme" "postgresql" "userinfo" (printf "%s:%s" (.Values.data.metadataConnection.user | urlquery) (.Values.data.metadataConnection.pass | urlquery) ) "host" (printf "127.0.0.1:%s" (.Values.ports.pgbouncer | toString)) "path" "/pgbouncer" "query" (printf "sslmode=%s" (.Values.pgbouncer.metricsExporterSidecar.sslmode | toString ))) | b64enc | quote }}
{{- end }}
30 changes: 28 additions & 2 deletions chart/tests/test_pgbouncer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -266,6 +266,32 @@ def test_command_and_args_overrides_are_templated(self):
assert ["RELEASE-NAME"] == jmespath.search("spec.template.spec.containers[0].command", docs[0])
assert ["Helm"] == jmespath.search("spec.template.spec.containers[0].args", docs[0])

def test_should_add_extra_volume_and_extra_volume_mount(self):
docs = render_chart(
values={
"pgbouncer": {
"enabled": True,
"extraVolumes": [
{
"name": "pgbouncer-client-certificates",
"secret": {"secretName": "pgbouncer-client-tls-certificate"},
}
],
"extraVolumeMounts": [
{"name": "pgbouncer-client-certificates", "mountPath": "/etc/pgbouncer/certs"}
],
},
},
show_only=["templates/pgbouncer/pgbouncer-deployment.yaml"],
)

assert "pgbouncer-client-certificates" in jmespath.search(
"spec.template.spec.volumes[*].name", docs[0]
)
assert "pgbouncer-client-certificates" in jmespath.search(
"spec.template.spec.containers[0].volumeMounts[*].name", docs[0]
)


class PgbouncerConfigTest(unittest.TestCase):
def test_config_not_created_by_default(self):
Expand Down Expand Up @@ -427,7 +453,7 @@ def test_default_exporter_secret(self):
def test_exporter_secret_with_overrides(self):
connection = self._get_connection(
{
"pgbouncer": {"enabled": True},
"pgbouncer": {"enabled": True, "metricsExporterSidecar": {"sslmode": "require"}},
"data": {
"metadataConnection": {
"user": "username@123123",
Expand All @@ -442,5 +468,5 @@ def test_exporter_secret_with_overrides(self):
)
assert (
"postgresql://username%40123123:password%40%21%40%23$%5E&%2A%28%29@127.0.0.1:1111"
"/pgbouncer?sslmode=disable" == connection
"/pgbouncer?sslmode=require" == connection
)
27 changes: 27 additions & 0 deletions chart/values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3004,6 +3004,22 @@
],
"default": null
},
"extraVolumes": {
"description": "Mount additional volumes into PgBouncer.",
"type": "array",
"default": [],
"items": {
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.22.0-standalone-strict/volume-v1.json"
}
},
"extraVolumeMounts": {
"description": "Mount additional volumes into PgBouncer.",
"type": "array",
"default": [],
"items": {
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.22.0-standalone-strict/volumemount-v1.json"
}
},
"serviceAccount": {
"description": "Create ServiceAccount.",
"type": "object",
Expand Down Expand Up @@ -3082,6 +3098,17 @@
}
],
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.22.0-standalone-strict/resourcerequirements-v1.json"
},
"sslmode": {
"description": "SSL mode for ``metricsExporterSidecar``",
"type": "string",
"enum": [
"disable",
"require",
"verify-ca",
"verify-full"
],
"default": "disable"
}
}
}
Expand Down
5 changes: 5 additions & 0 deletions chart/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1088,6 +1088,10 @@ pgbouncer:
# Add extra general PgBouncer ini configuration: https://www.pgbouncer.org/config.html
extraIni: ~

# Mount additional volumes into pgbouncer.
extraVolumes: []
extraVolumeMounts: []

# Select certain nodes for PgBouncer pods.
nodeSelector: {}
affinity: {}
Expand All @@ -1103,6 +1107,7 @@ pgbouncer:
# requests:
# cpu: 100m
# memory: 128Mi
sslmode: "disable"

# Configuration for the redis provisioned by the chart
redis:
Expand Down

0 comments on commit 8ac1b41

Please sign in to comment.