112 lines
3.6 KiB
YAML
112 lines
3.6 KiB
YAML
# ─────────────────────────────────────────────────────────────────────────────
|
||
# PersistentVolumeClaim – provisioning DYNAMIQUE via Azure Disk (managed-csi)
|
||
# Le PV est créé automatiquement par AKS, pas besoin de le déclarer.
|
||
# (L'ancienne version utilisait hostPath + storageClassName: manual,
|
||
# ce qui ne fonctionne pas sur AKS car le chemin /home/cytech n'existe pas
|
||
# sur les nœuds Azure.)
|
||
# ─────────────────────────────────────────────────────────────────────────────
|
||
apiVersion: v1
|
||
kind: PersistentVolumeClaim
|
||
metadata:
|
||
name: vigimeteo-db-pvc
|
||
namespace: vigimeteo
|
||
labels:
|
||
app: vigimeteo-db
|
||
spec:
|
||
accessModes:
|
||
- ReadWriteOnce
|
||
storageClassName: managed-csi # StorageClass native AKS → Azure Disk
|
||
resources:
|
||
requests:
|
||
storage: 1Gi
|
||
|
||
---
|
||
|
||
# StatefulSet – single PostgreSQL replica
|
||
|
||
apiVersion: apps/v1
|
||
kind: StatefulSet
|
||
metadata:
|
||
name: vigimeteo-db
|
||
namespace: vigimeteo
|
||
labels:
|
||
app: vigimeteo-db
|
||
spec:
|
||
serviceName: vigimeteo-db
|
||
replicas: 1
|
||
selector:
|
||
matchLabels:
|
||
app: vigimeteo-db
|
||
template:
|
||
metadata:
|
||
labels:
|
||
app: vigimeteo-db
|
||
spec:
|
||
# Azure Disk est monté en root par défaut.
|
||
# fsGroup: 999 = GID du user postgres dans l'image postgres:17-alpine.
|
||
# Kubernetes va chowner récursivement le volume sur ce GID avant de
|
||
# démarrer le conteneur, ce qui permet à postgres de créer le sous-dossier pgdata.
|
||
securityContext:
|
||
fsGroup: 999
|
||
containers:
|
||
- name: postgres
|
||
image: postgres:17-alpine
|
||
ports:
|
||
- containerPort: 5432
|
||
name: postgres
|
||
env:
|
||
- name: POSTGRES_USER
|
||
value: "postgres"
|
||
- name: POSTGRES_PASSWORD
|
||
value: "admin"
|
||
- name: POSTGRES_DB
|
||
value: "postgres"
|
||
# CORRECTION : Azure Disk (ext4) crée un dossier lost+found à la racine.
|
||
# PostgreSQL refuse d'initialiser un dossier non-vide (initdb error).
|
||
# subPath force l'écriture dans un sous-dossier 'pgdata' qui, lui, est vide.
|
||
- name: PGDATA
|
||
value: /var/lib/postgresql/data/pgdata
|
||
volumeMounts:
|
||
- name: vigimeteo-db-storage
|
||
mountPath: /var/lib/postgresql/data
|
||
# Pas de subPath : avec fsGroup le volume est accessible
|
||
- name: vigimeteo-db-init
|
||
mountPath: /docker-entrypoint-initdb.d
|
||
readinessProbe:
|
||
exec:
|
||
command: ["pg_isready", "-U", "postgres"]
|
||
initialDelaySeconds: 10
|
||
periodSeconds: 5
|
||
livenessProbe:
|
||
exec:
|
||
command: ["pg_isready", "-U", "postgres"]
|
||
initialDelaySeconds: 30
|
||
periodSeconds: 10
|
||
volumes:
|
||
- name: vigimeteo-db-storage
|
||
persistentVolumeClaim:
|
||
claimName: vigimeteo-db-pvc
|
||
- name: vigimeteo-db-init
|
||
configMap:
|
||
name: vigimeteo-db-init
|
||
|
||
---
|
||
|
||
# Headless Service – required by the StatefulSet
|
||
|
||
apiVersion: v1
|
||
kind: Service
|
||
metadata:
|
||
name: vigimeteo-db
|
||
namespace: vigimeteo
|
||
labels:
|
||
app: vigimeteo-db
|
||
spec:
|
||
clusterIP: None # headless – stable DNS name for StatefulSet pods
|
||
selector:
|
||
app: vigimeteo-db
|
||
ports:
|
||
- name: postgres
|
||
port: 5432
|
||
targetPort: 5432
|