-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathcodeintel-db.StatefulSet.yaml
More file actions
116 lines (116 loc) · 3.51 KB
/
codeintel-db.StatefulSet.yaml
File metadata and controls
116 lines (116 loc) · 3.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
apiVersion: apps/v1
kind: StatefulSet
metadata:
annotations:
description: Postgres database for various data.
kubectl.kubernetes.io/default-container: pgsql
labels:
app.kubernetes.io/component: codeintel-db
deploy: sourcegraph
sourcegraph-resource-requires: no-cluster-admin
name: codeintel-db
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: codeintel-db
serviceName: codeintel-db
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
deploy: sourcegraph
app: codeintel-db
group: backend
spec:
initContainers:
- name: correct-data-dir-permissions
image: index.docker.io/sourcegraph/alpine-3.14:7.0.0@sha256:ab8ff6073a0d58ad2db8f8a862162938777cc00aceae0c199c39e36cd9da1192
command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"]
volumeMounts:
- mountPath: /data
name: disk
securityContext:
allowPrivilegeEscalation: false
runAsGroup: 999
runAsUser: 999
resources:
limits:
cpu: "10m"
memory: "50Mi"
requests:
cpu: "10m"
memory: "50Mi"
containers:
- name: pgsql
image: index.docker.io/sourcegraph/postgresql-16:7.0.0@sha256:1f2f5569e2829da21b2688181e54732fe18410fb63e02f37f74013c2c06b6828
terminationMessagePolicy: FallbackToLogsOnError
readinessProbe:
exec:
command:
- /ready.sh
livenessProbe:
initialDelaySeconds: 15
exec:
command:
- /liveness.sh
startupProbe:
exec:
command:
- /liveness.sh
failureThreshold: 360
periodSeconds: 10
ports:
- containerPort: 5432
name: pgsql
resources:
limits:
cpu: "4"
memory: 4Gi
requests:
cpu: "4"
memory: 4Gi
securityContext:
# Required to prevent escalations to root.
allowPrivilegeEscalation: false
runAsUser: 999
runAsGroup: 999
volumeMounts:
- mountPath: /data
name: disk
- mountPath: /conf
name: pgsql-conf
- env:
- name: DATA_SOURCE_NAME
value: postgres://sg:@localhost:5432/?sslmode=disable
- name: PG_EXPORTER_EXTEND_QUERY_PATH
value: /config/code_intel_queries.yaml
image: index.docker.io/sourcegraph/postgres_exporter:7.0.0@sha256:f013ac51f94877ff01b8c4ebc36f26b4ea5a4dbfe8ea3ee010cf76476c82eb08
terminationMessagePolicy: FallbackToLogsOnError
name: pgsql-exporter
ports:
- name: pgsql-exporter
containerPort: 9187
resources:
limits:
cpu: 10m
memory: 50Mi
requests:
cpu: 10m
memory: 50Mi
terminationGracePeriodSeconds: 120
securityContext:
fsGroup: 999
fsGroupChangePolicy: "OnRootMismatch"
runAsUser: 999
volumes:
- name: disk
persistentVolumeClaim:
claimName: codeintel-db
- name: pgsql-conf
configMap:
# 511 in decimal = 0777 in octal
defaultMode: 511
name: codeintel-db-conf