From a5c9c733f62c97eaa66014444f8e73dcefc0909f Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Thu, 26 Sep 2024 09:50:54 +0200 Subject: [PATCH] feat(postgres): adding hydra max_conns parameter support Mandatory for large scale deployements --- .../hydra-cnpg-database/kustomization.yaml | 22 ------------------- .../patches/hydra-deployment.yaml | 14 +++++++++--- .../patches/hydra-janitor-cronjob.yaml | 14 +++++++++--- .../patches/hydra-migrate-job.yaml | 14 +++++++++--- .../resources/hydra-cnpg-cluster.yaml | 6 +---- resources/hydra/kustomization.yaml | 1 + 6 files changed, 35 insertions(+), 36 deletions(-) diff --git a/components/hydra-cnpg-database/kustomization.yaml b/components/hydra-cnpg-database/kustomization.yaml index 4ebccef..737555f 100644 --- a/components/hydra-cnpg-database/kustomization.yaml +++ b/components/hydra-cnpg-database/kustomization.yaml @@ -7,28 +7,6 @@ configurations: resources: - ./resources/hydra-cnpg-cluster.yaml -secretGenerator: -- name: hydra-postgres-admin - type: Secret - literals: - - username=postgres - - password=NotSoSecret -- name: hydra-postgres-user - type: Secret - literals: - - username=hydra - - password=NotSoSecret - - -vars: -- name: HYDRA_DATABASE_SERVICE_NAME - objref: - name: hydra-postgres - kind: Cluster - apiVersion: postgresql.cnpg.io/v1 - fieldref: - fieldpath: metadata.name - patches: - target: group: apps diff --git a/components/hydra-cnpg-database/patches/hydra-deployment.yaml b/components/hydra-cnpg-database/patches/hydra-deployment.yaml index 6185612..db7d518 100644 --- a/components/hydra-cnpg-database/patches/hydra-deployment.yaml +++ b/components/hydra-cnpg-database/patches/hydra-deployment.yaml @@ -4,7 +4,7 @@ name: HYDRA_DATABASE_USER valueFrom: secretKeyRef: - name: hydra-postgres-user + name: hydra-postgres-app key: username - op: add path: "/spec/template/spec/containers/0/env/-" @@ -12,10 +12,18 @@ name: HYDRA_DATABASE_PASSWORD valueFrom: secretKeyRef: - name: hydra-postgres-user + name: hydra-postgres-app key: password +- op: add + path: "/spec/template/spec/containers/0/env/-" + value: + name: HYDRA_DATABASE_SERVICE_NAME + valueFrom: + secretKeyRef: + name: hydra-postgres-app + key: host - op: add path: "/spec/template/spec/containers/0/env/-" value: name: DSN - value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable" \ No newline at end of file + value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME):5432/hydra?sslmode=disable&max_conns=$(HYDRA_DATABASE_MAX_CONN)" diff --git a/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml b/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml index a8f576e..467742b 100644 --- a/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml +++ b/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml @@ -4,7 +4,7 @@ name: HYDRA_DATABASE_USER valueFrom: secretKeyRef: - name: hydra-postgres-user + name: hydra-postgres-app key: username - op: add path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-" @@ -12,10 +12,18 @@ name: HYDRA_DATABASE_PASSWORD valueFrom: secretKeyRef: - name: hydra-postgres-user + name: hydra-postgres-app key: password +- op: add + path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-" + value: + name: HYDRA_DATABASE_SERVICE_NAME + valueFrom: + secretKeyRef: + name: hydra-postgres-app + key: host - op: add path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-" value: name: DSN - value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable" \ No newline at end of file + value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME):5432/hydra?sslmode=disable" diff --git a/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml b/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml index 6185612..c5e4447 100644 --- a/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml +++ b/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml @@ -4,7 +4,7 @@ name: HYDRA_DATABASE_USER valueFrom: secretKeyRef: - name: hydra-postgres-user + name: hydra-postgres-app key: username - op: add path: "/spec/template/spec/containers/0/env/-" @@ -12,10 +12,18 @@ name: HYDRA_DATABASE_PASSWORD valueFrom: secretKeyRef: - name: hydra-postgres-user + name: hydra-postgres-app key: password +- op: add + path: "/spec/template/spec/containers/0/env/-" + value: + name: HYDRA_DATABASE_SERVICE_NAME + valueFrom: + secretKeyRef: + name: hydra-postgres-app + key: host - op: add path: "/spec/template/spec/containers/0/env/-" value: name: DSN - value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable" \ No newline at end of file + value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME):5432/hydra?sslmode=disable" diff --git a/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml b/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml index 7f48955..8d910f1 100644 --- a/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml +++ b/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml @@ -5,13 +5,9 @@ metadata: spec: instances: 3 primaryUpdateStrategy: unsupervised - superuserSecret: - name: hydra-postgres-admin bootstrap: initdb: database: hydra owner: hydra - secret: - name: hydra-postgres-user storage: - size: 2Gi \ No newline at end of file + size: 2Gi diff --git a/resources/hydra/kustomization.yaml b/resources/hydra/kustomization.yaml index f99e668..c4e4615 100644 --- a/resources/hydra/kustomization.yaml +++ b/resources/hydra/kustomization.yaml @@ -30,6 +30,7 @@ configMapGenerator: - URLS_CONSENT=http://hydra-consent-app/consent - URLS_LOGOUT=http://hydra-logout-app/logout - HYDRA_SERVE_ALL_ARGS=--dev + - HYDRA_DATABASE_MAX_CONN="10" - LOG_LEVEL=info vars: