-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deploy postgres db using kubernetes secret for configuration. #84
Conversation
Attached issue: https://pulp.plan.io/issues/8289 |
database_connection: | ||
username: pulp | ||
password: pulp | ||
admin_password: pulp |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sweet!
postgres_configuration_secret: | ||
description: Secret where the database configuration can be found |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍🏽
roles/postgres/defaults/main.yml
Outdated
deployment_type: pulp | ||
|
||
#postgres_image: postgres:12 | ||
postgres_image: docker.io/centos/postgresql-96-centos7:9.6 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
postgres 9.6 uses md5
, we are upgrading it to 10 on pulp_installer so we can use scram-sha-256
.
Could you please make postgres 10 the default?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe so
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mikedep333 can you confirm?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've made this postgres:12
to align with awx-operator
I also set vars to use scram-sha-256:
postgres_initdb_args: '--auth-host=scram-sha-256'
postgres_host_auth_method: 'scram-sha-256'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it just about having the ability to use scram-sha-256 (so I shouldn't set it) or should this be the default?
I can expose the option via the CRD as necessary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was thinking about the ability, but I like it as default
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I agree with us setting it as the default.
53f7cf7
to
9f68963
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
I'm approving but I think @mikedep333 needs to review it
- ReadWriteMany | ||
- ReadWriteOnce |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I actually prefer your indentation style, but the default yamllint rules (spaces, indent-sequences) are for the the 2 spaces in the beginning. So that is what we have been using.
# password: pulp | ||
# Password for db admin user 'postgres'. | ||
# admin_password: | ||
# PostrgreSQL container settings |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo
roles/postgres/defaults/main.yml
Outdated
deployment_type: pulp | ||
|
||
#postgres_image: postgres:12 | ||
postgres_image: docker.io/centos/postgresql-96-centos7:9.6 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I agree with us setting it as the default.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
My 2 comments are trivial, I am not requiring you to fix a typo and an indent to merge.
* Update CRD to consume a secret for the db configuration * Update playbook for default settings configuration * Update postgres role to check for secret or create one based on the CR * Postgres will be deployed specific to CR * Pulp deployments updated to reference the db secret as a volume mount closes #8289 https://pulp.plan.io/issues/8289
9f68963
to
5e4982f
Compare
closes #8289
https://pulp.plan.io/issues/8289