feat: pgbouncer for postgresql (#1607)

shcherbak · web-flow · commit 07157bd61bff · 2024-11-28T16:02:42.000+01:00
diff --git a/charts/sentry/templates/_helper.tpl b/charts/sentry/templates/_helper.tpl
@@ -703,6 +703,10 @@ Common Sentry environment variables
 - name: POSTGRES_NAME
   value: {{ include "sentry.postgresql.database" . | quote }}
 {{- end }}
+{{- if .Values.pgbouncer.enabled }}
+- name: POSTGRES_HOST
+  value: {{ template "sentry.fullname" . }}-pgbouncer
+{{- else }}
 {{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.host }}
 - name: POSTGRES_HOST
   valueFrom:
@@ -713,6 +717,11 @@ Common Sentry environment variables
 - name: POSTGRES_HOST
   value: {{ include "sentry.postgresql.host" . | quote }}
 {{- end }}
+{{- end }}
+{{- if .Values.pgbouncer.enabled }}
+- name: POSTGRES_PORT
+  value: "5432"
+{{- else }}
 {{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.port }}
 - name: POSTGRES_PORT
   valueFrom:
@@ -723,6 +732,7 @@ Common Sentry environment variables
 - name: POSTGRES_PORT
   value: {{ include "sentry.postgresql.port" . | quote }}
 {{- end }}
+{{- end }}
 {{- if and (eq .Values.filestore.backend "s3") .Values.filestore.s3.existingSecret }}
 - name: S3_ACCESS_KEY_ID
   valueFrom:
@@ -876,3 +886,66 @@ Common Sentry environment variables
 {{- print "autoscaling/v1" -}}
 {{- end -}}
 {{- end -}}
+
+
+{{/*
+Pgbouncer environment variables
+*/}}
+{{- define "sentry.pgbouncer.env" -}}
+{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.host }}
+- name: POSTGRESQL_HOST
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.externalPostgresql.existingSecret }}
+      key: {{ default .Values.externalPostgresql.existingSecretKeys.host }}
+{{- else }}
+- name: POSTGRESQL_HOST
+  value: {{ include "sentry.postgresql.host" . | quote }}
+{{- end }}
+{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.port }}
+- name: POSTGRESQL_PORT
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.externalPostgresql.existingSecret }}
+      key: {{ default .Values.externalPostgresql.existingSecretKeys.port }}
+{{- else }}
+- name: POSTGRESQL_PORT
+  value: {{ include "sentry.postgresql.port" . | quote }}
+{{- end }}
+{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.database }}
+- name: PGBOUNCER_DATABASE
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.externalPostgresql.existingSecret }}
+      key: {{ default .Values.externalPostgresql.existingSecretKeys.database }}
+{{- else }}
+- name: PGBOUNCER_DATABASE
+  value: {{ include "sentry.postgresql.database" . | quote }}
+{{- end }}
+{{- if .Values.postgresql.enabled }}
+- name: POSTGRESQL_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ default (include "sentry.postgresql.fullname" .) .Values.postgresql.auth.existingSecret }}
+      key: {{ default "postgres-password" .Values.postgresql.auth.secretKeys.adminPasswordKey }}
+{{- else if .Values.externalPostgresql.password }}
+- name: POSTGRESQL_PASSWORD
+  value: {{ .Values.externalPostgresql.password | quote }}
+{{- else if .Values.externalPostgresql.existingSecret }}
+- name: POSTGRESQL_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.externalPostgresql.existingSecret }}
+      key: {{ or .Values.externalPostgresql.existingSecretKeys.password .Values.externalPostgresql.existingSecretKey "postgresql-password" }}
+{{- end }}
+{{- if and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretKeys.username }}
+- name: POSTGRESQL_USERNAME
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.externalPostgresql.existingSecret }}
+      key: {{ default .Values.externalPostgresql.existingSecretKeys.username }}
+{{- else }}
+- name: POSTGRESQL_USERNAME
+  value: {{ include "sentry.postgresql.username" . | quote }}
+{{- end }}
+{{- end -}}
diff --git a/charts/sentry/templates/pgbouncer/pgbouncer-deployment.yaml b/charts/sentry/templates/pgbouncer/pgbouncer-deployment.yaml
@@ -0,0 +1,65 @@
+{{- if .Values.pgbouncer.enabled }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "sentry.fullname" . }}-pgbouncer
+  labels:
+    app: {{ template "sentry.fullname" . }}-pgbouncer
+spec:
+  replicas: {{ .Values.pgbouncer.replicas }}
+  selector:
+    matchLabels:
+      app: {{ template "sentry.fullname" . }}-pgbouncer
+  {{- if .Values.pgbouncer.updateStrategy }}
+  strategy:
+    {{ toYaml .Values.pgbouncer.updateStrategy | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "sentry.fullname" . }}-pgbouncer
+    spec:
+      containers:
+      - name: pgbouncer
+        image: {{ .Values.pgbouncer.image.repository }}:{{ .Values.pgbouncer.image.tag }}
+        imagePullPolicy: {{ .Values.pgbouncer.image.pullPolicy }}
+        resources:
+          {{ toYaml .Values.pgbouncer.resources | nindent 10 }}
+        env:
+          {{ include "sentry.pgbouncer.env" . | nindent 10 }}
+          - name: PGBOUNCER_PORT
+            value: "5432"
+          - name: PGBOUNCER_AUTH_TYPE
+            value: {{ .Values.pgbouncer.authType | quote }}
+          - name: PGBOUNCER_MAX_CLIENT_CONN
+            value: {{ .Values.pgbouncer.maxClientConn | quote }}
+          - name: PGBOUNCER_DEFAULT_POOL_SIZE
+            value: {{ .Values.pgbouncer.poolSize | quote }}
+          - name: PGBOUNCER_POOL_MODE
+            value: {{ .Values.pgbouncer.poolMode | quote }}
+        ports:
+          - containerPort: 5432
+            name: pgbouncer
+            protocol: TCP
+      {{- if .Values.pgbouncer.nodeSelector }}
+      nodeSelector:
+        {{ toYaml .Values.pgbouncer.nodeSelector | nindent 8 }}
+      {{- end }}
+      {{- if .Values.pgbouncer.tolerations }}
+      tolerations:
+        {{ toYaml .Values.pgbouncer.tolerations | nindent 8 }}
+      {{- end }}
+      {{- if .Values.pgbouncer.affinity }}
+      affinity:
+        {{ toYaml .Values.pgbouncer.affinity | nindent 8 }}
+      {{- end }}
+      {{- if .Values.pgbouncer.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{ toYaml .Values.pgbouncer.topologySpreadConstraints | nindent 8 }}
+      {{- end }}
+      {{- if .Values.pgbouncer.priorityClassName }}
+      priorityClassName: "{{ .Values.pgbouncer.priorityClassName }}"
+      {{- end }}
+      terminationGracePeriodSeconds: 10
+{{- end }}
diff --git a/charts/sentry/templates/pgbouncer/pgbouncer-pdb.yaml b/charts/sentry/templates/pgbouncer/pgbouncer-pdb.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.pgbouncer.enabled }}
+{{- if .Values.pgbouncer.podDisruptionBudget.enabled }}
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "sentry.fullname" . }}-pgbouncer
+spec:
+  {{- if and .Values.pgbouncer.podDisruptionBudget.minAvailable (not (hasKey .Values.pgbouncer.podDisruptionBudget "maxUnavailable")) }}
+  minAvailable: {{ .Values.pgbouncer.podDisruptionBudget.minAvailable }}
+  {{- else if .Values.pgbouncer.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.pgbouncer.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+      app: {{ template "sentry.fullname" . }}-pgbouncer
+{{- end }}
+{{- end }}
diff --git a/charts/sentry/templates/pgbouncer/pgbouncer-service.yaml b/charts/sentry/templates/pgbouncer/pgbouncer-service.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.pgbouncer.enabled }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "sentry.fullname" . }}-pgbouncer
+spec:
+  selector:
+    app: {{ template "sentry.fullname" . }}-pgbouncer
+  ports:
+  - name: pgbouncer
+    port: 5432
+    targetPort: 5432
+{{- end }}
diff --git a/charts/sentry/values.yaml b/charts/sentry/values.yaml
@@ -2474,3 +2474,39 @@ revisionHistoryLimit: 10
 #   options: []
 
 extraManifests: []
+
+pgbouncer:
+  enabled: false
+  postgres:
+    cp_max: 10
+    cp_min: 5
+    host: ''
+    dbname: ''
+    user: ''
+    password: ''
+  image:
+    repository: "bitnami/pgbouncer"
+    tag: "1.23.1-debian-12-r5"
+    pullPolicy: IfNotPresent
+  replicas: 2
+  podDisruptionBudget:
+    enabled: true
+    # Define either 'minAvailable' or 'maxUnavailable', never both.
+    minAvailable: 1
+    # -- Maximum unavailable pods set in PodDisruptionBudget. If set, 'minAvailable' is ignored.
+    # maxUnavailable: 1
+  authType: "md5"
+  maxClientConn: "8192"
+  poolSize: "50"
+  poolMode: "transaction"
+  resources: {}
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 1
+      maxSurge: 25%
+  priorityClassName: ''
+  topologySpreadConstraints: []
