Compare commits
29 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 alexlebens
|
7b9419140b | ||
|
alexlebens
|
61467d4638 | ||
|
alexlebens
|
c6a6668e5e | ||
|
alexlebens
|
8d095b58f9 | ||
 renovate-bot
|
f5d11d2420 | ||
|
renovate-bot
|
0aa464d28a
|
||
|
alexlebens
|
79c8d11829 | ||
|
renovate-bot
|
feb39465e0
|
||
|
renovate-bot
|
d4689e985c | ||
|
renovate-bot
|
76e0dcf8e4
|
||
|
renovate-bot
|
2a63573d24 | ||
|
renovate-bot
|
92cb9cdc4f
|
||
|
alexlebens
|
ed43f11723 | ||
|
alexlebens
|
75649b575e | ||
|
alexlebens
|
2574808017 | ||
|
alexlebens
|
b86adc263c | ||
|
alexlebens
|
0c3cd87d11 | ||
|
alexlebens
|
5be7f9fb44 | ||
|
renovate-bot
|
db9509ca97
|
||
|
alexlebens
|
972bf33a3d | ||
|
alexlebens
|
34b8a20da2 | ||
|
renovate-bot
|
8d0eff7517 | ||
|
renovate-bot
|
f83d0b3013
|
||
|
alexlebens
|
72ed6b7550 | ||
|
alexlebens
|
f6dc893866 | ||
|
alexlebens
|
ec50f602b0 | ||
|
alexlebens
|
46507aad6c | ||
|
alexlebens
|
e8ab4c0132 | ||
|
alexlebens
|
b19e962009 |
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 5.0.0
|
||||
digest: sha256:153788a98eab8a2e83bd456e1f6f3d53d1a3363bfe5bca07bd232d948e01a6b2
|
||||
generated: "2026-05-07T20:55:55.373128-05:00"
|
||||
version: 5.0.1
|
||||
digest: sha256:754f21ee6fca6dc4a85e91384ff0b919b715234d764ef344bd3bbe93414275d3
|
||||
generated: "2026-05-17T20:56:16.253838-05:00"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: cloudflared
|
||||
version: 3.1.0
|
||||
version: 3.3.1
|
||||
description: Cloudflared Tunnel
|
||||
keywords:
|
||||
- cloudflare
|
||||
@@ -14,7 +14,7 @@ maintainers:
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 5.0.0
|
||||
version: 5.0.1
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/cloudflare.png
|
||||
# renovate: datasource=docker depName=cloudflare/cloudflared
|
||||
appVersion: 2026.3.0
|
||||
appVersion: 2026.5.0
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# cloudflared
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Cloudflared Tunnel
|
||||
|
||||
@@ -20,13 +20,13 @@ Cloudflared Tunnel
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 5.0.0 |
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 5.0.1 |
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2026.3.0@sha256:6b599ca3e974349ead3286d178da61d291961182ec3fe9c505e1dd02c8ac31b0"}` | Default image |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2026.5.0@sha256:59bab8d3aceec09bf6bdb07d6beca0225ca5cd7ab79436a87ea97978fe1dc4f9"}` | Default image |
|
||||
| metrics | object | `{"enabled":true}` | Metrics |
|
||||
| name | string | `""` | Name override of release |
|
||||
| protocol | string | `"auto"` | Protocol - Available values are auto, http2, and quic. |
|
||||
|
||||
@@ -4,14 +4,14 @@
|
||||
global:
|
||||
nameOverride: {{ include "cloudflared.name" . }}
|
||||
fullNameOverride: {{ include "cloudflared.name" . }}
|
||||
createDefaultServiceAccount: false
|
||||
createDefaultServiceAccount: true
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
serviceAccount:
|
||||
name: {{ include "cloudflared.name" . }}
|
||||
identifier: {{ .Release.Name }}
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
@@ -24,7 +24,8 @@ controllers:
|
||||
- {{ .Values.protocol }}
|
||||
- --no-autoupdate
|
||||
{{- if .Values.metrics.enabled }}
|
||||
- --metrics 0.0.0.0:20241
|
||||
- --metrics
|
||||
- 0.0.0.0:20241
|
||||
{{- end }}
|
||||
- run
|
||||
- --token
|
||||
@@ -39,10 +40,6 @@ controllers:
|
||||
{{- with .Values.resources }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{ end }}
|
||||
serviceAccount:
|
||||
main:
|
||||
enabled: true
|
||||
forceRename: {{ include "cloudflared.name" . }}
|
||||
{{- if .Values.metrics.enabled }}
|
||||
service:
|
||||
main:
|
||||
@@ -56,7 +53,7 @@ serviceMonitor:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "cloudflared.name" . }}
|
||||
app.kubernetes.io/instance: {{ include "cloudflared.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Namespace }}
|
||||
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
|
||||
endpoints:
|
||||
- port: metrics
|
||||
|
||||
@@ -33,7 +33,7 @@ secret:
|
||||
# -- Default image
|
||||
image:
|
||||
repository: cloudflare/cloudflared
|
||||
tag: 2026.3.0@sha256:6b599ca3e974349ead3286d178da61d291961182ec3fe9c505e1dd02c8ac31b0
|
||||
tag: 2026.5.0@sha256:59bab8d3aceec09bf6bdb07d6beca0225ca5cd7ab79436a87ea97978fe1dc4f9
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Default resources
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 5.0.0
|
||||
digest: sha256:153788a98eab8a2e83bd456e1f6f3d53d1a3363bfe5bca07bd232d948e01a6b2
|
||||
generated: "2026-05-07T20:58:40.139936-05:00"
|
||||
version: 5.0.1
|
||||
digest: sha256:754f21ee6fca6dc4a85e91384ff0b919b715234d764ef344bd3bbe93414275d3
|
||||
generated: "2026-05-17T20:56:28.479119-05:00"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: generic-device-plugin
|
||||
version: 0.21.1
|
||||
version: 0.21.6
|
||||
description: Generic Device Plugin
|
||||
keywords:
|
||||
- generic-device-plugin
|
||||
@@ -14,5 +14,5 @@ maintainers:
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 5.0.0
|
||||
version: 5.0.1
|
||||
appVersion: 0.21.1
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# generic-device-plugin
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Generic Device Plugin
|
||||
|
||||
@@ -19,7 +19,7 @@ Generic Device Plugin
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 5.0.0 |
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 5.0.1 |
|
||||
|
||||
## Values
|
||||
|
||||
@@ -28,7 +28,7 @@ Generic Device Plugin
|
||||
| config | object | `{"data":"devices:\n - name: serial\n groups:\n - paths:\n - path: /dev/ttyUSB*\n - paths:\n - path: /dev/ttyACM*\n - paths:\n - path: /dev/tty.usb*\n - paths:\n - path: /dev/cu.*\n - paths:\n - path: /dev/cuaU*\n - paths:\n - path: /dev/rfcomm*\n - name: video\n groups:\n - paths:\n - path: /dev/video0\n - name: fuse\n groups:\n - count: 10\n paths:\n - path: /dev/fuse\n - name: audio\n groups:\n - count: 10\n paths:\n - path: /dev/snd\n - name: capture\n groups:\n - paths:\n - path: /dev/snd/controlC0\n - path: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC1\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC1D0c\n mountPath: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC2\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC2D0c\n mountPath: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC3\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC3D0c\n mountPath: /dev/snd/pcmC0D0c\n","enabled":true}` | Config map |
|
||||
| config.data | string | See [values.yaml](./values.yaml) | generic-device-plugin config file [[ref]](https://github.com/squat/generic-device-plugin#usage) |
|
||||
| deviceDomain | string | `"devic.es"` | Domain used by devices for identifcation |
|
||||
| image | object | `{"pullPolicy":"Always","repository":"ghcr.io/squat/generic-device-plugin","tag":"latest@sha256:2e0c0b78043d5f0885b99c9ac3c1506844c9645081740d2394ce6e23b168bfe8"}` | Default image |
|
||||
| image | object | `{"pullPolicy":"Always","repository":"ghcr.io/squat/generic-device-plugin","tag":"latest@sha256:dc192e164c69b03f156765793a1be62ca437709ae477b27ca7d8f3dcf5021576"}` | Default image |
|
||||
| name | string | `"generic-device-plugin"` | Name override of release |
|
||||
| resources | object | `{"requests":{"cpu":"50m","memory":"10Mi"}}` | Default resources |
|
||||
| service | object | `{"listenPort":8080}` | Service port |
|
||||
|
||||
@@ -4,7 +4,7 @@ name: generic-device-plugin
|
||||
# -- Default image
|
||||
image:
|
||||
repository: ghcr.io/squat/generic-device-plugin
|
||||
tag: latest@sha256:2e0c0b78043d5f0885b99c9ac3c1506844c9645081740d2394ce6e23b168bfe8
|
||||
tag: latest@sha256:dc192e164c69b03f156765793a1be62ca437709ae477b27ca7d8f3dcf5021576
|
||||
pullPolicy: Always
|
||||
|
||||
# -- Domain used by devices for identifcation
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: postgres-cluster
|
||||
version: 7.12.1
|
||||
version: 7.13.1
|
||||
description: Cloudnative-pg Cluster
|
||||
keywords:
|
||||
- database
|
||||
@@ -12,4 +12,4 @@ maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
|
||||
# renovate: datasource=github-releases depName=cloudnative-pg/cloudnative-pg
|
||||
appVersion: v1.29.0
|
||||
appVersion: v1.29.1
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# postgres-cluster
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Cloudnative-pg Cluster
|
||||
|
||||
@@ -24,7 +24,7 @@ Cloudnative-pg Cluster
|
||||
| backup.method | string | `"objectStore"` | Method to create backups, options currently are only objectStore |
|
||||
| backup.objectStore | string | `nil` | Options for object store backups |
|
||||
| backup.scheduledBackups | list | `[]` | List of scheduled backups |
|
||||
| cluster | object | `{"additionalLabels":{},"affinity":{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"},"annotations":{},"certificates":{},"enablePDB":true,"enableSuperuserAccess":false,"image":{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"18.3-standard-trixie"},"imagePullPolicy":"IfNotPresent","imagePullSecrets":[],"initdb":{"database":"app","owner":"app"},"instances":3,"logLevel":"info","monitoring":{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":true,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":true,"excludeRules":["CNPGClusterLastFailedArchiveTimeWarning"]}},"postgresGID":-1,"postgresUID":-1,"postgresql":{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}},"primaryUpdateMethod":"switchover","primaryUpdateStrategy":"unsupervised","priorityClassName":"","resources":{"limits":{"hugepages-2Mi":"256Mi"},"requests":{"cpu":"20m","memory":"80Mi"}},"roles":[],"serviceAccountTemplate":{},"services":{},"storage":{"size":"10Gi","storageClass":"local-path"},"superuserSecret":"","walStorage":{"enabled":true,"size":"2Gi","storageClass":"local-path"}}` | Cluster settings |
|
||||
| cluster | object | `{"additionalLabels":{},"affinity":{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"},"annotations":{},"certificates":{},"enablePDB":true,"enableSuperuserAccess":false,"image":{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"18.3-standard-trixie"},"imagePullPolicy":"IfNotPresent","imagePullSecrets":[],"initdb":{"database":"app","owner":"app"},"instances":3,"logLevel":"info","monitoring":{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":true,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":true,"excludeRules":["CNPGClusterLastFailedArchiveTimeWarning"]}},"postgresGID":-1,"postgresUID":-1,"postgresql":{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"512MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}},"primaryUpdateMethod":"switchover","primaryUpdateStrategy":"unsupervised","priorityClassName":"","resources":{"limits":{"hugepages-2Mi":"256Mi"},"requests":{"cpu":"20m","memory":"80Mi"}},"roles":[],"serviceAccountTemplate":{},"services":{},"storage":{"size":"10Gi","storageClass":"local-path"},"superuserSecret":"","walStorage":{"enabled":true,"size":"2Gi","storageClass":"local-path"}}` | Cluster settings |
|
||||
| cluster.affinity | object | `{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"}` | Affinity/Anti-affinity rules for Pods. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-AffinityConfiguration |
|
||||
| cluster.certificates | object | `{}` | The configuration for the CA and related certificates. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration |
|
||||
| cluster.enablePDB | bool | `true` | Allow to disable PDB, mainly useful for upgrade of single-instance clusters or development purposes See: https://cloudnative-pg.io/documentation/current/kubernetes_upgrade/#pod-disruption-budgets |
|
||||
@@ -42,12 +42,13 @@ Cloudnative-pg Cluster
|
||||
| cluster.monitoring.podMonitor.enabled | bool | `true` | Whether to enable the PodMonitor |
|
||||
| cluster.monitoring.podMonitor.metricRelabelings | list | `[]` | The list of metric relabelings for the PodMonitor. Applied to samples before ingestion. |
|
||||
| cluster.monitoring.podMonitor.relabelings | list | `[]` | The list of relabelings for the PodMonitor. Applied to samples before scraping. |
|
||||
| cluster.monitoring.prometheusRule | object | `{"enabled":true,"excludeRules":["CNPGClusterLastFailedArchiveTimeWarning"]}` | Prometheus rule |
|
||||
| cluster.monitoring.prometheusRule.enabled | bool | `true` | Whether to enable the PrometheusRule automated alerts |
|
||||
| cluster.monitoring.prometheusRule.excludeRules | list | `["CNPGClusterLastFailedArchiveTimeWarning"]` | Exclude specified rules |
|
||||
| cluster.postgresUID | int | `-1` | The UID and GID of the postgres user inside the image, defaults to 26 |
|
||||
| cluster.postgresql | object | `{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}}` | Parameters to be set for the database itself See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration |
|
||||
| cluster.postgresql | object | `{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"512MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}}` | Parameters to be set for the database itself See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration |
|
||||
| cluster.postgresql.ldap | object | `{}` | PostgreSQL LDAP configuration (see https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration) |
|
||||
| cluster.postgresql.parameters | object | `{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"}` | PostgreSQL configuration options (postgresql.conf) |
|
||||
| cluster.postgresql.parameters | object | `{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"512MB"}` | PostgreSQL configuration options (postgresql.conf) |
|
||||
| cluster.postgresql.pg_hba | list | `[]` | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) |
|
||||
| cluster.postgresql.pg_ident | list | `[]` | PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file) |
|
||||
| cluster.postgresql.shared_preload_libraries | list | `[]` | Lists of shared preload libraries to add to the default ones |
|
||||
|
||||
@@ -0,0 +1,346 @@
|
||||
---
|
||||
# Source: postgres-cluster/templates/cluster.yaml
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Cluster
|
||||
metadata:
|
||||
name: release-name-postgresql-18-cluster
|
||||
namespace: gitea
|
||||
labels:
|
||||
app.kubernetes.io/name: release-name-postgresql-18-cluster
|
||||
helm.sh/chart: postgres-cluster-7.13.1
|
||||
app.kubernetes.io/instance: release-name
|
||||
app.kubernetes.io/part-of: release-name
|
||||
app.kubernetes.io/version: "7.13.1"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
spec:
|
||||
instances: 3
|
||||
imageName: "ghcr.io/cloudnative-pg/postgresql:18.3-standard-trixie"
|
||||
imagePullPolicy: IfNotPresent
|
||||
postgresUID: 26
|
||||
postgresGID: 26
|
||||
storage:
|
||||
size: 10Gi
|
||||
storageClass: local-path
|
||||
walStorage:
|
||||
size: 2Gi
|
||||
storageClass: local-path
|
||||
resources:
|
||||
limits:
|
||||
hugepages-2Mi: 256Mi
|
||||
requests:
|
||||
cpu: 20m
|
||||
memory: 80Mi
|
||||
affinity:
|
||||
enablePodAntiAffinity: true
|
||||
topologyKey: kubernetes.io/hostname
|
||||
primaryUpdateMethod: switchover
|
||||
primaryUpdateStrategy: unsupervised
|
||||
logLevel: info
|
||||
enableSuperuserAccess: false
|
||||
enablePDB: true
|
||||
postgresql:
|
||||
parameters:
|
||||
hot_standby_feedback: "on"
|
||||
max_slot_wal_keep_size: 2000MB
|
||||
shared_buffers: 128MB
|
||||
monitoring:
|
||||
enablePodMonitor: false
|
||||
disableDefaultQueries: false
|
||||
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
---
|
||||
# Source: postgres-cluster/templates/pod-monitor.yaml
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PodMonitor
|
||||
metadata:
|
||||
name: release-name-postgresql-18
|
||||
namespace: gitea
|
||||
labels:
|
||||
app.kubernetes.io/name: release-name-postgresql-18
|
||||
helm.sh/chart: postgres-cluster-7.13.1
|
||||
app.kubernetes.io/instance: release-name
|
||||
app.kubernetes.io/part-of: release-name
|
||||
app.kubernetes.io/version: "7.13.1"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
cnpg.io/cluster: release-name-postgresql-18
|
||||
cnpg.io/podRole: instance
|
||||
podMetricsEndpoints:
|
||||
- port: metrics
|
||||
---
|
||||
# Source: postgres-cluster/templates/prometheus-rule.yaml
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
name: release-name-postgresql-18-alert-rules
|
||||
namespace: gitea
|
||||
labels:
|
||||
app.kubernetes.io/name: release-name-postgresql-18-alert-rules
|
||||
helm.sh/chart: postgres-cluster-7.13.1
|
||||
app.kubernetes.io/instance: release-name
|
||||
app.kubernetes.io/part-of: release-name
|
||||
app.kubernetes.io/version: "7.13.1"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
spec:
|
||||
groups:
|
||||
- name: cloudnative-pg/release-name-postgresql-18
|
||||
rules:
|
||||
- alert: CNPGClusterBackendsWaitingWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster a backend is waiting for longer than 5 minutes.
|
||||
description: |-
|
||||
Pod {{ $labels.pod }}
|
||||
has been waiting for longer than 5 minutes
|
||||
expr: |
|
||||
cnpg_backends_waiting_total{namespace="gitea"} > 300
|
||||
for: 1m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterDatabaseDeadlockConflictsWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster has over 10 deadlock conflicts.
|
||||
description: |-
|
||||
There are over 10 deadlock conflicts in
|
||||
{{ $labels.pod }}
|
||||
expr: |
|
||||
cnpg_pg_stat_database_deadlocks{namespace="gitea"} > 10
|
||||
for: 1m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterHACritical
|
||||
annotations:
|
||||
summary: CNPG Cluster has no standby replicas!
|
||||
description: |-
|
||||
CloudNativePG Cluster "{{`{{`}} $labels.job {{`}}`}}" has no ready standby replicas. Your cluster at a severe
|
||||
risk of data loss and downtime if the primary instance fails.
|
||||
|
||||
The primary instance is still online and able to serve queries, although connections to the `-ro` endpoint
|
||||
will fail. The `-r` endpoint os operating at reduced capacity and all traffic is being served by the main.
|
||||
|
||||
This can happen during a normal fail-over or automated minor version upgrades in a cluster with 2 or less
|
||||
instances. The replaced instance may need some time to catch-up with the cluster primary instance.
|
||||
|
||||
This alarm will be always trigger if your cluster is configured to run with only 1 instance. In this
|
||||
case you may want to silence it.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHACritical.md
|
||||
expr: |
|
||||
max by (job) (cnpg_pg_replication_streaming_replicas{namespace="gitea"} - cnpg_pg_replication_is_wal_receiver_up{namespace="gitea"}) < 1
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterHAWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster less than 2 standby replicas.
|
||||
description: |-
|
||||
CloudNativePG Cluster "{{`{{`}} $labels.job {{`}}`}}" has only {{`{{`}} $value {{`}}`}} standby replicas, putting
|
||||
your cluster at risk if another instance fails. The cluster is still able to operate normally, although
|
||||
the `-ro` and `-r` endpoints operate at reduced capacity.
|
||||
|
||||
This can happen during a normal fail-over or automated minor version upgrades. The replaced instance may
|
||||
need some time to catch-up with the cluster primary instance.
|
||||
|
||||
This alarm will be constantly triggered if your cluster is configured to run with less than 3 instances.
|
||||
In this case you may want to silence it.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHAWarning.md
|
||||
expr: |
|
||||
max by (job) (cnpg_pg_replication_streaming_replicas{namespace="gitea"} - cnpg_pg_replication_is_wal_receiver_up{namespace="gitea"}) < 2
|
||||
for: 5m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterHighConnectionsCritical
|
||||
annotations:
|
||||
summary: CNPG Instance maximum number of connections critical!
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of
|
||||
the maximum number of connections.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighConnectionsCritical.md
|
||||
expr: |
|
||||
sum by (pod) (cnpg_backends_total{namespace="gitea", pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="gitea", pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 95
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterHighConnectionsWarning
|
||||
annotations:
|
||||
summary: CNPG Instance is approaching the maximum number of connections.
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of
|
||||
the maximum number of connections.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighConnectionsWarning.md
|
||||
expr: |
|
||||
sum by (pod) (cnpg_backends_total{namespace="gitea", pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="gitea", pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 80
|
||||
for: 5m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterHighReplicationLag
|
||||
annotations:
|
||||
summary: CNPG Cluster high replication lag
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" is experiencing a high replication lag of
|
||||
{{`{{`}} $value {{`}}`}}ms.
|
||||
|
||||
High replication lag indicates network issues, busy instances, slow queries or suboptimal configuration.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighReplicationLag.md
|
||||
expr: |
|
||||
max(cnpg_pg_replication_lag{namespace="gitea",pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}) * 1000 > 1000
|
||||
for: 5m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterInstancesOnSameNode
|
||||
annotations:
|
||||
summary: CNPG Cluster instances are located on the same node.
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" has {{`{{`}} $value {{`}}`}}
|
||||
instances on the same node {{`{{`}} $labels.node {{`}}`}}.
|
||||
|
||||
A failure or scheduled downtime of a single node will lead to a potential service disruption and/or data loss.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterInstancesOnSameNode.md
|
||||
expr: |
|
||||
count by (node) (kube_pod_info{namespace="gitea", pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}) > 1
|
||||
for: 5m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterLongRunningTransactionWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster query is taking longer than 5 minutes.
|
||||
description: |-
|
||||
CloudNativePG Cluster Pod {{ $labels.pod }}
|
||||
is taking more than 5 minutes (300 seconds) for a query.
|
||||
expr: |-
|
||||
cnpg_backends_max_tx_duration_seconds{namespace="gitea"} > 300
|
||||
for: 1m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterLowDiskSpaceCritical
|
||||
annotations:
|
||||
summary: CNPG Instance is running out of disk space!
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" is running extremely low on disk space. Check attached PVCs!
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterLowDiskSpaceCritical.md
|
||||
expr: |
|
||||
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.9 OR
|
||||
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.9 OR
|
||||
max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
|
||||
/
|
||||
sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
|
||||
*
|
||||
on(namespace, persistentvolumeclaim) group_left(volume)
|
||||
kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}
|
||||
) > 0.9
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterLowDiskSpaceWarning
|
||||
annotations:
|
||||
summary: CNPG Instance is running out of disk space.
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" is running low on disk space. Check attached PVCs.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterLowDiskSpaceWarning.md
|
||||
expr: |
|
||||
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.7 OR
|
||||
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.7 OR
|
||||
max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
|
||||
/
|
||||
sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="gitea", persistentvolumeclaim=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
|
||||
*
|
||||
on(namespace, persistentvolumeclaim) group_left(volume)
|
||||
kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}
|
||||
) > 0.7
|
||||
for: 5m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterOffline
|
||||
annotations:
|
||||
summary: CNPG Cluster has no running instances!
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" has no ready instances.
|
||||
|
||||
Having an offline cluster means your applications will not be able to access the database, leading to
|
||||
potential service disruption and/or data loss.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterOffline.md
|
||||
expr: |
|
||||
(count(cnpg_collector_up{namespace="gitea",pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"}) OR on() vector(0)) == 0
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterPGDatabaseXidAgeWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster has a number of transactions from the frozen XID to the current one.
|
||||
description: |-
|
||||
Over 300,000,000 transactions from frozen xid
|
||||
on pod {{ $labels.pod }}
|
||||
expr: |
|
||||
cnpg_pg_database_xid_age{namespace="gitea"} > 300000000
|
||||
for: 1m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterPGReplicationWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster standby is lagging behind the primary.
|
||||
description: |-
|
||||
Standby is lagging behind by over 300 seconds (5 minutes)
|
||||
expr: |
|
||||
cnpg_pg_replication_lag{namespace="gitea"} > 300
|
||||
for: 1m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterReplicaFailingReplicationWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster has a replica is failing to replicate.
|
||||
description: |-
|
||||
Replica {{ $labels.pod }}
|
||||
is failing to replicate
|
||||
expr: |
|
||||
cnpg_pg_replication_in_recovery{namespace="gitea"} > cnpg_pg_replication_is_wal_receiver_up{namespace="gitea"}
|
||||
for: 1m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
- alert: CNPGClusterZoneSpreadWarning
|
||||
annotations:
|
||||
summary: CNPG Cluster instances in the same zone.
|
||||
description: |-
|
||||
CloudNativePG Cluster "gitea/release-name-postgresql-18-cluster" has instances in the same availability zone.
|
||||
|
||||
A disaster in one availability zone will lead to a potential service disruption and/or data loss.
|
||||
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterZoneSpreadWarning.md
|
||||
expr: |
|
||||
3 > count(count by (label_topology_kubernetes_io_zone) (kube_pod_info{namespace="gitea", pod=~"release-name-postgresql-18-cluster-([1-9][0-9]*)$"} * on(node,instance) group_left(label_topology_kubernetes_io_zone) kube_node_labels)) < 3
|
||||
for: 5m
|
||||
labels:
|
||||
severity: warning
|
||||
namespace: gitea
|
||||
cnpg_cluster: release-name-postgresql-18-cluster
|
||||
@@ -1,12 +1,11 @@
|
||||
{{- define "cluster.bootstrap" -}}
|
||||
|
||||
{{- define "cluster.bootstrap" }}
|
||||
{{- if eq .Values.mode "standalone" }}
|
||||
bootstrap:
|
||||
initdb:
|
||||
{{- with .Values.cluster.initdb }}
|
||||
{{- with (omit . "postInitApplicationSQL" "owner" "import") }}
|
||||
{{- . | toYaml | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with (omit . "postInitApplicationSQL" "owner" "import") }}
|
||||
{{- . | toYaml | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.cluster.initdb.owner }}
|
||||
owner: {{ tpl .Values.cluster.initdb.owner . }}
|
||||
@@ -14,20 +13,18 @@ bootstrap:
|
||||
{{- if (.Values.cluster.initdb.postInitApplicationSQL) }}
|
||||
postInitApplicationSQL:
|
||||
{{- with .Values.cluster.initdb }}
|
||||
{{- range .postInitApplicationSQL }}
|
||||
{{- printf "- %s" . | nindent 6 }}
|
||||
{{- end -}}
|
||||
{{- range .postInitApplicationSQL }}
|
||||
{{- printf "- %s" . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- else if eq .Values.mode "recovery" -}}
|
||||
{{- else if eq .Values.mode "recovery" }}
|
||||
bootstrap:
|
||||
|
||||
{{- if eq .Values.recovery.method "import" }}
|
||||
initdb:
|
||||
{{- with .Values.cluster.initdb }}
|
||||
{{- with (omit . "owner" "import" "postInitApplicationSQL") }}
|
||||
{{- . | toYaml | nindent 4 }}
|
||||
{{- . | toYaml | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.cluster.initdb.owner }}
|
||||
@@ -66,7 +63,6 @@ bootstrap:
|
||||
pgRestoreExtraOptions:
|
||||
{{- . | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
|
||||
{{- else if eq .Values.recovery.method "backup" }}
|
||||
recovery:
|
||||
{{- with .Values.recovery.backup.pitrTarget.time }}
|
||||
@@ -81,7 +77,6 @@ bootstrap:
|
||||
{{- end }}
|
||||
backup:
|
||||
name: {{ .Values.recovery.backup.backupName }}
|
||||
|
||||
{{- else if eq .Values.recovery.method "objectStore" }}
|
||||
recovery:
|
||||
{{- with .Values.recovery.objectStore.pitrTarget.time }}
|
||||
@@ -95,13 +90,10 @@ bootstrap:
|
||||
owner: {{ . }}
|
||||
{{- end }}
|
||||
source: {{ include "cluster.recoveryServerName" . }}
|
||||
|
||||
{{- else }}
|
||||
{{- else }}
|
||||
{{ fail "Invalid recovery mode!" }}
|
||||
{{- end }}
|
||||
|
||||
{{- else }}
|
||||
{{- else }}
|
||||
{{ fail "Invalid cluster mode!" }}
|
||||
{{- end }}
|
||||
|
||||
{{- end }}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{{- define "cluster.externalClusters" -}}
|
||||
{{- define "cluster.externalClusters" }}
|
||||
{{- if eq .Values.mode "standalone" }}
|
||||
{{- else if eq .Values.mode "recovery" }}
|
||||
externalClusters:
|
||||
@@ -18,4 +18,4 @@ externalClusters:
|
||||
{{- else }}
|
||||
{{ fail "Invalid cluster mode!" }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -30,4 +30,4 @@
|
||||
name: {{ $config.sslRootCertSecret.name }}
|
||||
key: {{ $config.sslRootCertSecret.key }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
@@ -35,7 +35,7 @@ spec:
|
||||
{{- with .Values.cluster.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
{{- with .Values.cluster.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
@@ -43,7 +43,6 @@ spec:
|
||||
{{- if .Values.cluster.priorityClassName }}
|
||||
priorityClassName: {{ .Values.cluster.priorityClassName }}
|
||||
{{- end }}
|
||||
|
||||
primaryUpdateMethod: {{ .Values.cluster.primaryUpdateMethod }}
|
||||
primaryUpdateStrategy: {{ .Values.cluster.primaryUpdateStrategy }}
|
||||
logLevel: {{ .Values.cluster.logLevel }}
|
||||
@@ -57,7 +56,6 @@ spec:
|
||||
name: {{ . }}
|
||||
{{ end }}
|
||||
enablePDB: {{ .Values.cluster.enablePDB }}
|
||||
|
||||
postgresql:
|
||||
{{- if .Values.cluster.postgresql.shared_preload_libraries }}
|
||||
shared_preload_libraries:
|
||||
@@ -85,7 +83,6 @@ spec:
|
||||
parameters:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
|
||||
{{- if not (and (empty .Values.cluster.roles) (empty .Values.cluster.services)) }}
|
||||
managed:
|
||||
{{- with .Values.cluster.services }}
|
||||
@@ -97,14 +94,12 @@ spec:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
{{- with .Values.cluster.serviceAccountTemplate }}
|
||||
serviceAccountTemplate:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
|
||||
monitoring:
|
||||
enablePodMonitor: {{ and .Values.cluster.monitoring.enabled .Values.cluster.monitoring.podMonitor.enabled }}
|
||||
enablePodMonitor: false
|
||||
disableDefaultQueries: {{ .Values.cluster.monitoring.disableDefaultQueries }}
|
||||
{{- if not (empty .Values.cluster.monitoring.customQueries) }}
|
||||
customQueriesConfigMap:
|
||||
@@ -127,9 +122,9 @@ spec:
|
||||
{{- with .Values.cluster.monitoring.podMonitor.metricRelabelings }}
|
||||
podMonitorMetricRelabelings:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
{{- end }}
|
||||
{{- if not (empty .Values.backup.objectStore) -}}
|
||||
plugins:
|
||||
{{- range $objectStore := .Values.backup.objectStore }}
|
||||
- name: barman-cloud.cloudnative-pg.io
|
||||
@@ -146,7 +141,7 @@ spec:
|
||||
{{- else }}
|
||||
serverName: "{{ include "cluster.name" $ }}-backup-{{ $objectStore.index }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{ include "cluster.bootstrap" . | nindent 2 }}
|
||||
{{ include "cluster.externalClusters" . | nindent 2 }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- include "cluster.bootstrap" . | nindent 2 -}}
|
||||
{{- include "cluster.externalClusters" . | nindent 2 -}}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{{ if and (eq .Values.backup.method "objectStore") (.Values.backup.externalSecret.enabled) }}
|
||||
{{ $context := . -}}
|
||||
{{ range .Values.backup.objectStore -}}
|
||||
{{- if and (eq .Values.backup.method "objectStore") (.Values.backup.externalSecret.enabled) }}
|
||||
{{- $context := . }}
|
||||
{{- range .Values.backup.objectStore }}
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
@@ -30,8 +30,8 @@ spec:
|
||||
remoteRef:
|
||||
key: {{ .externalSecretCredentialPath| required "External Secret Credential local path is required" }}
|
||||
property: ACCESS_SECRET_KEY
|
||||
{{ end -}}
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- if and (eq .Values.recovery.method "objectStore") (.Values.recovery.objectStore.externalSecret.enabled) }}
|
||||
---
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{{ if (eq .Values.backup.method "objectStore") }}
|
||||
{{ $context := . -}}
|
||||
{{ range .Values.backup.objectStore -}}
|
||||
{{- if (eq .Values.backup.method "objectStore") }}
|
||||
{{- $context := . }}
|
||||
{{- range .Values.backup.objectStore }}
|
||||
---
|
||||
apiVersion: barmancloud.cnpg.io/v1
|
||||
kind: ObjectStore
|
||||
@@ -57,10 +57,9 @@ spec:
|
||||
region:
|
||||
name: {{ include "cluster.backupSecretName" (dict "instance" . "global" $context) }}
|
||||
key: ACCESS_REGION
|
||||
{{ end -}}
|
||||
{{ end }}
|
||||
|
||||
{{ if eq .Values.recovery.method "objectStore" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.recovery.method "objectStore" }}
|
||||
---
|
||||
apiVersion: barmancloud.cnpg.io/v1
|
||||
kind: ObjectStore
|
||||
@@ -104,4 +103,4 @@ spec:
|
||||
region:
|
||||
name: {{ include "cluster.recoverySecretName" . }}
|
||||
key: ACCESS_REGION
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -0,0 +1,18 @@
|
||||
{{- if and .Values.cluster.monitoring.enabled .Values.cluster.monitoring.podMonitor.enabled }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PodMonitor
|
||||
metadata:
|
||||
name: {{ include "cluster.name" $ }}
|
||||
namespace: {{ include "cluster.namespace" $ }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "cluster.name" $ }}
|
||||
{{- include "cluster.labels" $ | nindent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
cnpg.io/cluster: {{ include "cluster.name" $ }}
|
||||
cnpg.io/podRole: instance
|
||||
podMetricsEndpoints:
|
||||
- port: metrics
|
||||
{{- end }}
|
||||
@@ -47,6 +47,6 @@ spec:
|
||||
{{- end }}
|
||||
{{- with .template }}
|
||||
template:
|
||||
{{- . | toYaml | nindent 4 }}
|
||||
{{ . | toYaml | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{- if and .Values.cluster.monitoring.enabled .Values.cluster.monitoring.prometheusRule.enabled -}}
|
||||
{{- if and .Values.cluster.monitoring.enabled .Values.cluster.monitoring.prometheusRule.enabled }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
@@ -25,4 +26,4 @@ spec:
|
||||
- {{ $tpl }}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{{ $context := . -}}
|
||||
{{ range .Values.backup.scheduledBackups -}}
|
||||
{{- $context := . }}
|
||||
{{- range .Values.backup.scheduledBackups }}
|
||||
---
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: ScheduledBackup
|
||||
@@ -21,4 +21,4 @@ spec:
|
||||
name: {{ .plugin | default "barman-cloud.cloudnative-pg.io" }}
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" $context }}-backup-{{ .backupName }}"
|
||||
{{ end -}}
|
||||
{{- end }}
|
||||
|
||||
@@ -127,6 +127,7 @@ cluster:
|
||||
# Applied to samples before ingestion.
|
||||
metricRelabelings: []
|
||||
|
||||
# -- Prometheus rule
|
||||
prometheusRule:
|
||||
|
||||
# -- Whether to enable the PrometheusRule automated alerts
|
||||
@@ -164,7 +165,7 @@ cluster:
|
||||
|
||||
# -- PostgreSQL configuration options (postgresql.conf)
|
||||
parameters:
|
||||
shared_buffers: 128MB
|
||||
shared_buffers: 512MB
|
||||
max_slot_wal_keep_size: 2000MB
|
||||
hot_standby_feedback: "on"
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 5.0.0
|
||||
digest: sha256:153788a98eab8a2e83bd456e1f6f3d53d1a3363bfe5bca07bd232d948e01a6b2
|
||||
generated: "2026-05-07T20:56:33.260732-05:00"
|
||||
version: 5.0.1
|
||||
digest: sha256:754f21ee6fca6dc4a85e91384ff0b919b715234d764ef344bd3bbe93414275d3
|
||||
generated: "2026-05-17T20:56:33.77714-05:00"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: rclone-bucket
|
||||
version: 0.8.1
|
||||
version: 0.11.4
|
||||
description: Rclone CronJob to replicate buckets
|
||||
keywords:
|
||||
- rclone-bucket
|
||||
@@ -14,7 +14,7 @@ maintainers:
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 5.0.0
|
||||
version: 5.0.1
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/rclone.png
|
||||
# renovate: datasource=github-releases depName=rclone/rclone
|
||||
appVersion: v1.74.0
|
||||
appVersion: v1.74.1
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# rclone-bucket
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Rclone CronJob to replicate buckets
|
||||
|
||||
@@ -19,7 +19,7 @@ Rclone CronJob to replicate buckets
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 5.0.0 |
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 5.0.1 |
|
||||
|
||||
## Values
|
||||
|
||||
@@ -27,8 +27,10 @@ Rclone CronJob to replicate buckets
|
||||
|-----|------|---------|-------------|
|
||||
| additionalLabels | object | `{}` | Add additional labels |
|
||||
| cronJob | object | `{"backoffLimit":3,"parallelism":1,"schedule":"0 0 * * *","suspend":false,"timeZone":"America/Chicago"}` | CronJob configuration |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"rclone/rclone","tag":"1.74.0@sha256:d2e0e88359d0b2e67cfcd2c43d5405185eb8adfc207079df27c42da82c5207bc"}` | Default image |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"rclone/rclone","tag":"1.74.1@sha256:eb8788b795f0009324e9572b0e2acb9b56885327c2746b07d67a9d3b893a6602"}` | Default image |
|
||||
| metrics | object | `{"enabled":true}` | Metrics |
|
||||
| nameOverride | string | `""` | Default pattern follows <pvcTarget>-backup |
|
||||
| prometheusRule | object | `{"enabled":true}` | Prometheus Rule |
|
||||
| prune | object | `{"ageToPrune":"90d","enabled":false,"exclude":"","include":""}` | Enable prune job |
|
||||
| rclone | object | `{"destination":{"bucketName":"bucket","forcePathStyle":true,"providerType":"Other"},"providerType":"Other","source":{"bucketName":"bucket","forcePathStyle":true,"providerType":"Other"}}` | rclone configuration |
|
||||
| rclone.destination | object | `{"bucketName":"bucket","forcePathStyle":true,"providerType":"Other"}` | Destination configuration |
|
||||
|
||||
@@ -62,16 +62,16 @@ DEST_ENDPOINT
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "secretRclone.chart" -}}
|
||||
{{- define "rclone.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "secretRclone.labels" -}}
|
||||
helm.sh/chart: {{ include "secretRclone.chart" $ }}
|
||||
{{ include "secretRclone.selectorLabels" $ }}
|
||||
{{- define "rclone.labels" -}}
|
||||
helm.sh/chart: {{ include "rclone.chart" $ }}
|
||||
{{ include "rclone.selectorLabels" $ }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.Version | quote }}
|
||||
{{- end }}
|
||||
@@ -84,7 +84,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "secretRclone.selectorLabels" -}}
|
||||
{{- define "rclone.selectorLabels" -}}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
global:
|
||||
nameOverride: {{ include "rclone.name" . }}
|
||||
fullNameOverride: {{ include "rclone.name" . }}
|
||||
createDefaultServiceAccount: true
|
||||
controllers:
|
||||
main:
|
||||
type: cronjob
|
||||
@@ -11,6 +12,8 @@ controllers:
|
||||
cronjob:
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{ end }}
|
||||
serviceAccount:
|
||||
identifier: {{ .Release.Name }}
|
||||
containers:
|
||||
sync:
|
||||
image:
|
||||
@@ -34,6 +37,12 @@ controllers:
|
||||
- --exclude
|
||||
- {{ .Values.prune.exclude | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.metrics.enabled }}
|
||||
- --rc
|
||||
- --rc-addr=0.0.0.0:5572
|
||||
- --rc-enable-metrics
|
||||
- --rc-no-auth
|
||||
{{- end }}
|
||||
- --verbose
|
||||
env:
|
||||
- name: RCLONE_S3_PROVIDER
|
||||
@@ -106,6 +115,12 @@ controllers:
|
||||
- --min-age
|
||||
- {{ .Values.prune.ageToPrune | quote }}
|
||||
- --verbose
|
||||
{{- if .Values.metrics.enabled }}
|
||||
- --rc
|
||||
- --rc-addr=0.0.0.0:5573
|
||||
- --rc-enable-metrics
|
||||
- --rc-no-auth
|
||||
{{- end }}
|
||||
env:
|
||||
- name: RCLONE_CONFIG_DEST_TYPE
|
||||
value: s3
|
||||
@@ -136,6 +151,34 @@ controllers:
|
||||
- name: RCLONE_CONFIG_DEST_FORCE_PATH_STYLE
|
||||
value: {{ .Values.rclone.destination.forcePathStyle | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.metrics.enabled }}
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
rc-sync:
|
||||
port: 5572
|
||||
targetPort: 5572
|
||||
rc-prune:
|
||||
port: 5573
|
||||
targetPort: 5573
|
||||
serviceMonitor:
|
||||
main:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "rclone.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Namespace }}
|
||||
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
|
||||
endpoints:
|
||||
- port: rc-sync
|
||||
interval: 10s
|
||||
scrapeTimeout: 5s
|
||||
path: /metrics
|
||||
- port: rc-prune
|
||||
interval: 10s
|
||||
scrapeTimeout: 5s
|
||||
path: /metrics
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- $_ := mergeOverwrite .Values (include "rclone.hardcodedValues" . | fromYaml) -}}
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@ metadata:
|
||||
name: {{ include "rclone.sourceSecretName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "secretRclone.labels" . | nindent 4 }}
|
||||
{{- include "rclone.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/name: {{ include "rclone.sourceSecretName" . }}
|
||||
{{- with .Values.additionalLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
@@ -40,7 +40,7 @@ metadata:
|
||||
name: {{ include "rclone.destinationSecretName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "secretRclone.labels" . | nindent 4 }}
|
||||
{{- include "rclone.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/name: {{ include "rclone.destinationSecretName" . }}
|
||||
{{- with .Values.additionalLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
|
||||
@@ -0,0 +1,32 @@
|
||||
{{- if .Values.prometheusRule.enabled }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
name: {{ include "rclone.name" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "rclone.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/name: {{ include "rclone.name" . }}
|
||||
{{- with .Values.additionalLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
groups:
|
||||
- name: rclone.alerts
|
||||
rules:
|
||||
- alert: RclonePodFailed
|
||||
expr: |
|
||||
(kube_pod_container_status_last_terminated_exitcode > 0)
|
||||
* on(pod, namespace) group_left(owner_name)
|
||||
kube_pod_owner{owner_kind="Job", owner_name=~"rclone-.*"}
|
||||
for: 1m
|
||||
labels:
|
||||
severity: critical
|
||||
annotations:
|
||||
summary: "Rclone Pod failed in {{ `{{ $labels.namespace }}` }}"
|
||||
description: |
|
||||
A pod for the Rclone sync of s3 bucket '{{ .Values.rclone.source.bucketName }}' failed with exit code {{ `{{ $value }}` }}.
|
||||
Job: {{ `{{ $labels.owner_name }}` }}
|
||||
Namespace: {{ `{{ $labels.namespace }}` }}
|
||||
{{- end }}
|
||||
@@ -7,7 +7,7 @@ additionalLabels: {}
|
||||
# -- Default image
|
||||
image:
|
||||
repository: rclone/rclone
|
||||
tag: 1.74.0@sha256:d2e0e88359d0b2e67cfcd2c43d5405185eb8adfc207079df27c42da82c5207bc
|
||||
tag: 1.74.1@sha256:eb8788b795f0009324e9572b0e2acb9b56885327c2746b07d67a9d3b893a6602
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- CronJob configuration
|
||||
@@ -82,3 +82,11 @@ secret:
|
||||
|
||||
existingSecretDestination:
|
||||
name: rclone-destination-secret
|
||||
|
||||
# -- Metrics
|
||||
metrics:
|
||||
enabled: true
|
||||
|
||||
# -- Prometheus Rule
|
||||
prometheusRule:
|
||||
enabled: true
|
||||
|
||||
Reference in New Issue
Block a user