-
Notifications
You must be signed in to change notification settings - Fork 27
/
deployment.yaml.j2
83 lines (83 loc) · 2.8 KB
/
deployment.yaml.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
apiVersion: apps/v1
kind: Deployment
metadata:
name: pgadmin
namespace: pgadmin
labels:
app: pgadmin
spec:
replicas: 1
selector:
matchLabels:
app: pgadmin
template:
metadata:
labels:
app: pgadmin
spec:
containers:
- name: pgadmin
image: "dpage/pgadmin4:{{ pgadmin_image_tag }}"
imagePullPolicy: IfNotPresent
env:
- name: PGADMIN_DEFAULT_EMAIL
value: "{{ lc_principal_admin_user }}@{{ lc_ldap_domain }}"
- name: PGADMIN_DEFAULT_PASSWORD
valueFrom:
secretKeyRef:
name: pgadmin
key: pgadmin-password
# When LDAP is enabled, servers are not loaded and different then .local TLD for emails is enforced
# - name: PGADMIN_CONFIG_AUTHENTICATION_SOURCES
# value: "['ldap','internal']"
# - name: PGADMIN_CONFIG_LDAP_SERVER_URI
# value: "'{{ 'ldap' if not lc_ldap_ssl_enabled else 'ldaps' }}://{{ lc_ldap_server }}:{{ lc_ldap_port }}'"
# - name: PGADMIN_CONFIG_LDAP_USERNAME_ATTRIBUTE
# value: "'{{ lc_ldap_user_display_name_attr }}'"
# - name: PGADMIN_CONFIG_LDAP_SEARCH_BASE_DN
# value: "'{{ lc_ldap_user_base_dn }}'"
# - name: PGADMIN_CONFIG_LDAP_SEARCH_FILTER
# value: "'(objectclass={{ lc_ldap_user_object_class }})'"
# - name: PGADMIN_CONFIG_LDAP_BIND_USER
# value: "'{{ lc_bind_admin_user }}'"
# - name: PGADMIN_CONFIG_LDAP_BIND_PASSWORD
# value: "'{{ lc_bind_admin_password }}'"
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
failureThreshold: 30
timeoutSeconds: 5
httpGet:
path: /
port: http
readinessProbe:
failureThreshold: 30
timeoutSeconds: 5
httpGet:
path: /
port: http
volumeMounts:
- name: pgadmin-config
mountPath: /pgadmin4/servers.json
subPath: servers.json
readOnly: true
- name: pgadmin-data
mountPath: /var/lib/pgadmin
# pg passfile not working to pre-provide password
# - name: pgpassfile
# readOnly: true
# mountPath: /pgpassfile
# subPath: pgpassfile
volumes:
- name: pgadmin-data
persistentVolumeClaim:
claimName: pgadmin-data
- name: pgadmin-config
configMap:
name: pgadmin-config
# - name: pgpassfile
# secret:
# secretName: pgpassfile
# defaultMode: 256