2904628bef
Bugs corrigidos: - aula-15: tracing.js fallback OTel endpoint usava service name errado (otel-collector vs otel-collector-opentelemetry-collector) - aula-11/13: manifests k8s com gitea.kube.quest hardcoded → placeholder Arquivos legado removidos (9): - aula-10: gitlab-values.yaml, gitlab-registry-storage-secret.yaml, object-storage-secret.yaml, registry-storage-secret.yaml - aula-11: gitlab-runner-values.yaml, node-bugado/.gitlab-ci.yml - aula-13: 3x .gitlab-ci.yml (substituídos por .gitea/workflows/ci.yml) CLAUDE.md: comandos rápidos agora incluem aula-14 e aula-15
113 lines
3.1 KiB
YAML
113 lines
3.1 KiB
YAML
# =============================================================================
|
|
# Deployment - PostgreSQL (Container Factory)
|
|
# =============================================================================
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: postgresql
|
|
labels:
|
|
app: postgresql
|
|
app.kubernetes.io/name: postgresql
|
|
app.kubernetes.io/component: database
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate # PostgreSQL não suporta rolling update
|
|
selector:
|
|
matchLabels:
|
|
app: postgresql
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: postgresql
|
|
spec:
|
|
terminationGracePeriodSeconds: 30
|
|
imagePullSecrets:
|
|
- name: gitea-registry
|
|
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 70 # postgres user no Alpine
|
|
fsGroup: 70
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
|
|
containers:
|
|
- name: postgresql
|
|
# Imagem da Container Factory (eStargz)
|
|
# Substitua GITEA_HOST pelo hostname do seu Gitea (ex: gitea.kube.quest)
|
|
image: GITEA_HOST_PLACEHOLDER/factory/postgresql:17
|
|
imagePullPolicy: IfNotPresent
|
|
|
|
ports:
|
|
- containerPort: 5432
|
|
name: postgresql
|
|
protocol: TCP
|
|
|
|
env:
|
|
- name: POSTGRES_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: postgresql-secret
|
|
key: username
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: postgresql-secret
|
|
key: password
|
|
- name: POSTGRES_DB
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: postgresql-config
|
|
key: database
|
|
- name: PGDATA
|
|
value: /var/lib/postgresql/data/pgdata
|
|
|
|
resources:
|
|
requests:
|
|
memory: "512Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1Gi"
|
|
cpu: "500m"
|
|
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /var/lib/postgresql/data
|
|
|
|
# Liveness: reinicia se PostgreSQL travar
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- pg_isready -U $POSTGRES_USER -d $POSTGRES_DB
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
|
|
# Readiness: remove do service se não estiver pronto
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- pg_isready -U $POSTGRES_USER -d $POSTGRES_DB
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|
|
timeoutSeconds: 3
|
|
failureThreshold: 3
|
|
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: postgresql-data
|