persistant volumes and schema bootstrapping for userdb postgres

hashbang · Nov 28, 2020 · 1cc2978 · 1cc2978
1 parent 89b1376
commit 1cc2978
Show file tree

Hide file tree

Showing 6 changed files with 86 additions and 66 deletions.
diff --git a/images/postgres/Dockerfile b/images/postgres/Dockerfile
@@ -33,6 +33,7 @@ RUN mkdir -p \
     && cp /lib/x86_64-linux-gnu/libc.so.6 ~/rootfs/lib/x86_64-linux-gnu \
     && cp /lib/x86_64-linux-gnu/libnss_files.so.2 ~/rootfs/lib/x86_64-linux-gnu \
     && cp /lib64/ld-linux-x86-64.so.2 ~/rootfs/lib64 \
+    && cp /bin/sh ~/rootfs/bin \
     && cp -a ~/out/. ~/rootfs/ \
     && chmod -R 700 ~/rootfs/data/ \
     && echo "listen_addresses='*'" > ~/rootfs/config/postgresql.conf \

diff --git a/images/stack-base/files/etc/apt/packages.list b/images/stack-base/files/etc/apt/packages.list
@@ -526,6 +526,8 @@ python2=2.7.16-1
 python2-minimal=2.7.16-1
 python2.7=2.7.16-2+deb10u1
 python2.7-minimal=2.7.16-2+deb10u1
+python3=3.7.3-1
+python3-yaml=3.13-2
 readline-common=7.0-5
 runc=1.0.0~rc6+dfsg1-3
 sed=4.7-1

diff --git a/make/stack-local.mk b/make/stack-local.mk
@@ -39,9 +39,11 @@ endif
 .PHONY: registry-push
 registry-push: registry images/stack-shell.tar images/nginx.tar images/gitea.tar
 	$(contain) bash -c " \
+		docker load -i images/stack-base.tar && docker push $(REGISTRY)/stack-base; \
 		docker load -i images/nginx.tar && docker push $(REGISTRY)/nginx; \
 		docker load -i images/gitea.tar && docker push $(REGISTRY)/gitea; \
 		docker load -i images/postgres.tar && docker push $(REGISTRY)/postgres; \
+		docker load -i images/postgrest.tar && docker push $(REGISTRY)/postgrest; \
 	"
 
 .PHONY: shell

diff --git a/pods/userdb/deployment.yaml b/pods/userdb/deployment.yaml
@@ -1,4 +1,3 @@
-
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -15,12 +14,46 @@ spec:
       labels:
         deployment: userdb-db-write
     spec:
-      volumes:
-      - name: userdb-data
-        persistentVolumeClaim:
-          claimName: userdb-data
-      securityContext:
-        fsGroup: 100
+      initContainers:
+      - name: userdb-init-schema
+        image: registry.localhost:5000/stack-base
+        volumeMounts:
+        - name: userdb-data
+          mountPath: /data
+        - name: userdb-schema
+          mountPath: /schema
+        command: ["/bin/sh", "-c"]
+        args:
+          - set -e;
+            [ -z "$(ls -A /schema)" ] || exit 0;
+            git clone https://github.com/hashbang/userdb.git;
+            cd userdb;
+            make build;
+            cat out/* > /schema/bundle.sql;
+            chown -R 100:100 /schema;
+            chown -R 100:100 /data;
+            chmod 700 /data;
+        securityContext:
+          runAsUser: 0
+          runAsGroup: 0
+      - name: userdb-init-createdb
+        image: registry.localhost:5000/postgres
+        volumeMounts:
+        - name: userdb-data
+          mountPath: /data
+        - name: userdb-schema
+          mountPath: /schema
+        command: ["/bin/sh", "-c"]
+        args:
+          - set -e;
+            [ -z "$(ls -A /data )" ] || exit 0;
+            initdb /data;
+            echo 'create database userdb;' > /tmp/createdb.sql;
+            postgres --single -Ej "postgres" < /tmp/createdb.sql;
+            postgres --single -Ej "userdb" < /schema/bundle.sql;
+        securityContext:
+          runAsUser: 100
+          runAsGroup: 100
       containers:
       - name: postgres
         image: registry.localhost:5000/postgres
@@ -30,12 +63,21 @@ spec:
         volumeMounts:
         - mountPath: /data
           name: userdb-data
+        volumeMounts:
+        - mountPath: /schema
+          name: userdb-schema
         env:
         - name: PGPASSWORD
           valueFrom:
             secretKeyRef:
               name: userdb-db-write
               key: password
+      volumes:
+      - name: userdb-schema
+        emptyDir: {}
+      - name: userdb-data
+        persistentVolumeClaim:
+          claimName: userdb-data
 
 ---
 
@@ -79,62 +121,3 @@ spec:
               key: password
         - name: PGRST_DB_URL
           value: postgresql://$(PGDATABASE)?host=$(PGHOST)&user=$(PGUSER)
-
-#---
-#
-#apiVersion: v1
-#kind: Pod
-#metadata:
-#  name: userdb-init
-#  labels:
-#    app: userdb
-#spec:
-#  volumes:
-#  - name: userdb-data
-#    persistentVolumeClaim:
-#      claimName: userdb-data
-#  containers:
-#  - name: userdb-init
-#    image: debian:buster
-#    volumeMounts:
-#    - mountPath: /data
-#      name: userdb-data
-#    command: ["/bin/sh"]
-#    args: ["-c","chown -R 100:100 /data; ls -lah /data;"]
-#  restartPolicy: Never
-
----
-
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: userdb-data
-  labels:
-    app: userdb
-spec:
-  storageClassName: ""
-  volumeName: userdb-data
-  accessModes:
-    - ReadWriteMany
-  resources:
-    requests:
-      storage: 10Gi
-
----
-
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: userdb-data
-  labels:
-    app: userdb
-spec:
-  storageClassName: ""
-  capacity:
-    storage: 10Gi
-  accessModes:
-    - ReadWriteMany
-  claimRef:
-    name: userdb-data
-  hostPath:
-    path: /volumes/userdb-data
diff --git a/pods/userdb/kustomization.yaml b/pods/userdb/kustomization.yaml
@@ -5,3 +5,4 @@ resources:
 - deployment.yaml
 - service.yaml
 - secrets.yaml
+- volumes.yaml
diff --git a/pods/userdb/volumes.yaml b/pods/userdb/volumes.yaml
@@ -0,0 +1,31 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: userdb-data
+  labels:
+    app: userdb
+spec:
+  storageClassName: ""
+  volumeName: userdb-data
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 10Gi
+
+---
+
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: userdb-data
+  labels:
+    app: userdb
+spec:
+  storageClassName: ""
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteMany
+  hostPath:
+    path: /volumes/userdb/data