Add explicit admin user to Patroni
In this PS we explicitly define the admin user rather than letting patroni use the default username and password. Change-Id: I9885314902c3a60e709f96e2850a719ff9586b3d
This commit is contained in:
parent
5e5d873911
commit
cf7b8dbb3d
@ -328,9 +328,9 @@ spec:
|
|||||||
value: $(PATRONI_KUBERNETES_POD_IP):{{ tuple "postgresql" "internal" "postgresql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
value: $(PATRONI_KUBERNETES_POD_IP):{{ tuple "postgresql" "internal" "postgresql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
- name: PATRONI_POSTGRESQL_LISTEN
|
- name: PATRONI_POSTGRESQL_LISTEN
|
||||||
value: 0.0.0.0:{{ tuple "postgresql" "internal" "postgresql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
value: 0.0.0.0:{{ tuple "postgresql" "internal" "postgresql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
- name: PATRONI_admin_PASSWORD
|
- name: PATRONI_{{ .Values.endpoints.postgresql.auth.admin.username }}_PASSWORD
|
||||||
value: $(PATRONI_SUPERUSER_PASSWORD)
|
value: $(PATRONI_SUPERUSER_PASSWORD)
|
||||||
- name: PATRONI_admin_OPTIONS
|
- name: PATRONI_{{ .Values.endpoints.postgresql.auth.admin.username }}_OPTIONS
|
||||||
value: 'createrole,createdb'
|
value: 'createrole,createdb'
|
||||||
- name: PGSSLROOTCERT
|
- name: PGSSLROOTCERT
|
||||||
value: {{ .Values.secrets.pki.client_cert_path }}/ca.crt
|
value: {{ .Values.secrets.pki.client_cert_path }}/ca.crt
|
||||||
|
@ -237,6 +237,12 @@ conf:
|
|||||||
- name: {{ tuple "postgresql" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
- name: {{ tuple "postgresql" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
port: {{ tuple "postgresql" "internal" "postgresql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
port: {{ tuple "postgresql" "internal" "postgresql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
bootstrap:
|
bootstrap:
|
||||||
|
users:
|
||||||
|
{{ .Values.endpoints.postgresql.auth.admin.username }}:
|
||||||
|
password: {{ .Values.endpoints.postgresql.auth.admin.password }}
|
||||||
|
options:
|
||||||
|
- createrole
|
||||||
|
- createdb
|
||||||
dcs:
|
dcs:
|
||||||
ttl: 30
|
ttl: 30
|
||||||
loop_wait: 10
|
loop_wait: 10
|
||||||
@ -294,6 +300,10 @@ conf:
|
|||||||
Patroni moves this directory to a backup under the parent directory
|
Patroni moves this directory to a backup under the parent directory
|
||||||
(/var/lib/postgresql) under certain failure recovery scenarios, so
|
(/var/lib/postgresql) under certain failure recovery scenarios, so
|
||||||
/var/lib/postgres itself must be exposed to the pod as a pvc mount.*/}}
|
/var/lib/postgres itself must be exposed to the pod as a pvc mount.*/}}
|
||||||
|
authentication:
|
||||||
|
superuser:
|
||||||
|
username: {{ .Values.endpoints.postgresql.auth.admin.username }}
|
||||||
|
password: {{ .Values.endpoints.postgresql.auth.admin.password }}
|
||||||
data_dir: '{{ .Values.storage.mount.path }}/pgdata'
|
data_dir: '{{ .Values.storage.mount.path }}/pgdata'
|
||||||
pgpass: '{{ .Values.storage.mount.path }}/pgpass'
|
pgpass: '{{ .Values.storage.mount.path }}/pgpass'
|
||||||
callbacks:
|
callbacks:
|
||||||
|
Loading…
Reference in New Issue
Block a user