diff --git a/docs/infrastructure-postgresql.md b/docs/infrastructure-postgresql.md index 389f95aa..f59955ee 100644 --- a/docs/infrastructure-postgresql.md +++ b/docs/infrastructure-postgresql.md @@ -1,46 +1,70 @@ # Deploy PostgreSQL -## Create Secrets -!!! info +PostgreSQL is used by [Gnocchi](https://github.com/gnocchixyz/gnocchi) +to index the data collected and sent by +[Ceilometer](https://opendev.org/openstack/ceilometer). - This step is not needed if you ran the create-secrets.sh script located in /opt/genestack/bin +## Install the Postgres Operator + +We are using the [Zalando postgres-operator](https://github. +com/zalando/postgres-operator/) which offers easy to run and +highly-available PostgreSQL clusters on Kubernetes. + +_The following command to install the operator must be run twice, at least for +now, due to a race condition with the way kubectl handles the CRD +installation._ ``` shell -kubectl --namespace openstack create secret generic postgresql-identity-admin \ - --type Opaque \ - --from-literal=password="$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-32};echo;)" -kubectl --namespace openstack create secret generic postgresql-db-admin \ - --type Opaque \ - --from-literal=password="$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-32};echo;)" -kubectl --namespace openstack create secret generic postgresql-db-exporter \ - --type Opaque \ - --from-literal=password="$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-32};echo;)" -kubectl --namespace openstack create secret generic postgresql-db-audit \ - --type Opaque \ - --from-literal=password="$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-32};echo;)" +kubectl kustomize --enable-helm /opt/genestack/base-kustomize/postgres-operator | kubectl apply -f - +sleep 10 +kubectl kustomize --enable-helm /opt/genestack/base-kustomize/postgres-operator | kubectl apply -f - ``` -## Run the package deployment +## Create the PostgreSQL Cluster -!!! tip +=== "With kubectl _(Recommended)_" - Consider the PVC size you will need for the environment you're deploying in. Make adjustments as needed near `storage.[pvc|archive_pvc].size` and `volume.backup.size` to your helm overrides. + !!! info "Customize as needed" -``` shell -cd /opt/genestack/submodules/openstack-helm-infra -helm upgrade --install postgresql ./postgresql \ - --namespace=openstack \ - --wait \ - --timeout 10m \ - -f /opt/genestack/base-helm-configs/postgresql/postgresql-helm-overrides.yaml \ - --set endpoints.identity.auth.admin.password="$(kubectl --namespace openstack get secret keystone-admin -o jsonpath='{.data.password}' | base64 -d)" \ - --set endpoints.identity.auth.postgresql.password="$(kubectl --namespace openstack get secret postgresql-identity-admin -o jsonpath='{.data.password}' | base64 -d)" \ - --set endpoints.postgresql.auth.admin.password="$(kubectl --namespace openstack get secret postgresql-db-admin -o jsonpath='{.data.password}' | base64 -d)" \ - --set endpoints.postgresql.auth.exporter.password="$(kubectl --namespace openstack get secret postgresql-db-exporter -o jsonpath='{.data.password}' | base64 -d)" \ - --set endpoints.postgresql.auth.audit.password="$(kubectl --namespace openstack get secret postgresql-db-audit -o jsonpath='{.data.password}' | base64 -d)" -``` + Be sure to modify the cluster parameters to suit your needs. The below + values should work fine for a small lab or staging envionrment, however + more disk space and other changes may be required in production. + + ```shell + kubectl apply -f - <