Cleanup and replace supercronic with minit
This commit is contained in:
parent
5124031188
commit
a1987e1910
|
@ -12,12 +12,10 @@ RUN set -eux &&\
|
|||
chown root:root ldap2pg &&\
|
||||
chmod 755 ldap2pg
|
||||
|
||||
FROM danielberteaud/alpine:24.1-5
|
||||
FROM danielberteaud/alpine:24.1-7
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ENV LANG=fr_FR.utf8 \
|
||||
TZ=Europe/Paris \
|
||||
PGHOST=localhost \
|
||||
ENV PGHOST=localhost \
|
||||
PGPORT=5432 \
|
||||
PGUSER=postgres \
|
||||
LDAP2PG_MODE=dry \
|
||||
|
@ -26,7 +24,7 @@ ENV LANG=fr_FR.utf8 \
|
|||
COPY --from=ldap2pg /tmp/ldap2pg /usr/local/bin/ldap2pg
|
||||
RUN set -eux &&\
|
||||
apk --no-cache upgrade &&\
|
||||
apk --no-cache add postgresql15-client ca-certificates supercronic
|
||||
apk --no-cache add postgresql16-client ca-certificates
|
||||
COPY root/ /
|
||||
|
||||
CMD ["run.sh"]
|
||||
|
|
|
@ -14,7 +14,10 @@ if [ -e "${LDAP2PG_CONFIG}" ]; then
|
|||
# Run cron if needed
|
||||
if [ -n "${LDAP2PG_CRON}" ]; then
|
||||
echo "Running ldap2pg as a cron job (${LDAP2PG_CRON})"
|
||||
echo "${LDAP2PG_CRON} ldap2pg --real --config ${LDAP2PG_CONFIG}" > /dev/shm/cron
|
||||
supercronic /dev/shm/cron
|
||||
export MINIT_MAIN="ldap2pg --real --config ${LDAP2PG_CONFIG}"
|
||||
export MINIT_MAIN_NAME=ldap2pg
|
||||
export MINIT_MAIN_KIND=cron
|
||||
export MINIT_MAIN_CRON="${LDAP2PG_CRON}"
|
||||
minit
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/postgres:15.24.1-2
|
||||
FROM danielberteaud/postgres:15.24.1-3
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ARG PATRONI_VERSION=3.2.2
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/alpine:24.1-5
|
||||
FROM danielberteaud/alpine:24.1-7
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ARG PG_FROM= \
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/alma:9.24.1-3
|
||||
FROM danielberteaud/alma:9.24.1-5
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ENV PG_BASE_DATA=/data/db/
|
||||
|
|
|
@ -74,17 +74,19 @@ job "postgres-manage" {
|
|||
driver = "docker"
|
||||
|
||||
config {
|
||||
image = "danielberteaud/ldap2pg:6.0-8"
|
||||
image = "danielberteaud/ldap2pg:6.0-9"
|
||||
readonly_rootfs = true
|
||||
pids_limit = 20
|
||||
}
|
||||
|
||||
|
||||
vault {
|
||||
policies = ["postgres"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
||||
|
||||
env {
|
||||
LDAP2PG_CONFIG = "/secrets/ldap2pg.yml"
|
||||
LDAP2PG_MODE = "dry"
|
||||
|
|
|
@ -124,7 +124,7 @@ job "postgres" {
|
|||
kill_timeout = "10m"
|
||||
|
||||
config {
|
||||
image = "danielberteaud/patroni:15.24.1-1"
|
||||
image = "danielberteaud/patroni:15.24.1-2"
|
||||
# Set shm_size to half of the total size
|
||||
shm_size = 536870912
|
||||
volumes = ["local/mkdir-socket.sh:/entrypoint.d/70-mkdir-socket.sh"]
|
||||
|
|
|
@ -15,9 +15,7 @@ RUN set -eux &&\
|
|||
FROM [[ .docker.repo ]][[ .docker.base_images.alpine.image ]]
|
||||
MAINTAINER [[ .docker.maintainer ]]
|
||||
|
||||
ENV LANG=[[ .locale.lang ]] \
|
||||
TZ=[[ .locale.tz ]] \
|
||||
PGHOST=localhost \
|
||||
ENV PGHOST=localhost \
|
||||
PGPORT=5432 \
|
||||
PGUSER=postgres \
|
||||
LDAP2PG_MODE=dry \
|
||||
|
@ -26,7 +24,7 @@ ENV LANG=[[ .locale.lang ]] \
|
|||
COPY --from=ldap2pg /tmp/ldap2pg /usr/local/bin/ldap2pg
|
||||
RUN set -eux &&\
|
||||
apk --no-cache upgrade &&\
|
||||
apk --no-cache add postgresql15-client ca-certificates supercronic
|
||||
apk --no-cache add postgresql16-client ca-certificates
|
||||
COPY root/ /
|
||||
|
||||
CMD ["run.sh"]
|
||||
|
|
|
@ -14,7 +14,10 @@ if [ -e "${LDAP2PG_CONFIG}" ]; then
|
|||
# Run cron if needed
|
||||
if [ -n "${LDAP2PG_CRON}" ]; then
|
||||
echo "Running ldap2pg as a cron job (${LDAP2PG_CRON})"
|
||||
echo "${LDAP2PG_CRON} ldap2pg --real --config ${LDAP2PG_CONFIG}" > /dev/shm/cron
|
||||
supercronic /dev/shm/cron
|
||||
export MINIT_MAIN="ldap2pg --real --config ${LDAP2PG_CONFIG}"
|
||||
export MINIT_MAIN_NAME=ldap2pg
|
||||
export MINIT_MAIN_KIND=cron
|
||||
export MINIT_MAIN_CRON="${LDAP2PG_CRON}"
|
||||
minit
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
[[ $c := merge .pg.manage . -]]
|
||||
job "[[ .instance ]]-manage" {
|
||||
|
||||
job "[[ .instance ]]-manage[[ $c.consul.suffix ]]" {
|
||||
[[- $c := merge .pg.manage .pg . ]]
|
||||
|
||||
[[- if and (has $c "cron") (ne $c.cron "") ]]
|
||||
type = "service"
|
||||
|
@ -32,19 +32,15 @@ job "[[ .instance ]]-manage[[ $c.consul.suffix ]]" {
|
|||
[[ template "common/task.wait_for" $c ]]
|
||||
|
||||
task "postgres-manage" {
|
||||
driver = [[ $c.nomad.driver | toJSON ]]
|
||||
driver = "[[ $c.nomad.driver ]]"
|
||||
|
||||
config {
|
||||
image = [[ $c.image | toJSON ]]
|
||||
image = "[[ $c.image ]]"
|
||||
readonly_rootfs = true
|
||||
pids_limit = 20
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["[[ .instance ]][[ $c.consul.suffix ]]"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
[[ template "common/vault.policies" $c ]]
|
||||
|
||||
env {
|
||||
[[- range $idx, $db := $c.databases ]]
|
||||
|
@ -101,7 +97,7 @@ _EOF
|
|||
perms = 0400
|
||||
}
|
||||
|
||||
[[ template "common/resources" $c.resources ]]
|
||||
[[ template "common/resources" $c ]]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -280,8 +280,7 @@ _EOT
|
|||
|
||||
config {
|
||||
image = "[[ $c.image ]]"
|
||||
command = "supercronic"
|
||||
args = ["/secrets/backup.cron"]
|
||||
command = "minit"
|
||||
readonly_rootfs = true
|
||||
pids_limit = 100
|
||||
}
|
||||
|
@ -293,16 +292,17 @@ _EOT
|
|||
|
||||
env {
|
||||
# Use the socket from the shared dir
|
||||
PGHOST = "/alloc/data/postgres"
|
||||
PGHOST = "/alloc/data/postgres"
|
||||
MINIT_UNIT_DIR = "/local/minit.d"
|
||||
}
|
||||
|
||||
[[- template "common/file_env" $c ]]
|
||||
|
||||
template {
|
||||
data =<<_EOT
|
||||
[[ template "postgres/backup.cron.tpl" . ]]
|
||||
[[ template "postgres/backup.minit.yml.tpl" . ]]
|
||||
_EOT
|
||||
destination = "secrets/backup.cron"
|
||||
destination = "local/minit.d/backup.yml"
|
||||
}
|
||||
|
||||
template {
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
[[- if ne .pg.backup.pgbackrest.cron.full "" ]]
|
||||
[[ .pg.backup.pgbackrest.cron.full ]] run-if-master.sh pgbackrest backup --delta --type=full
|
||||
[[- end ]]
|
||||
[[- if ne .pg.backup.pgbackrest.cron.incr "" ]]
|
||||
[[ .pg.backup.pgbackrest.cron.incr ]] run-if-master.sh pgbackrest backup --delta --type=incr
|
||||
[[- end ]]
|
||||
[[- if ne .pg.backup.pgbackrest.cron.diff "" ]]
|
||||
[[ .pg.backup.pgbackrest.cron.diff ]] run-if-master.sh pgbackrest backup --delta --type=diff
|
||||
[[- end ]]
|
||||
[[- if ne .pg.backup.dumps.cron "" ]]
|
||||
[[ .pg.backup.dumps.cron ]] run-if-master.sh /local/dump.sh
|
||||
[[- end ]]
|
|
@ -0,0 +1,32 @@
|
|||
[[- if ne .pg.backup.pgbackrest.cron.full "" ]]
|
||||
---
|
||||
kind: cron
|
||||
name: pgbackrest-full
|
||||
command: ["run-if-master.sh", "pgbackrest", "backup", "--delta", "--type=full"]
|
||||
cron: '[[ .pg.backup.pgbackrest.cron.full ]]'
|
||||
[[- end ]]
|
||||
|
||||
[[- if ne .pg.backup.pgbackrest.cron.incr "" ]]
|
||||
|
||||
---
|
||||
kind: cron
|
||||
name: pgbackrest-incr
|
||||
command: ["run-if-master.sh", "pgbackrest", "backup", "--delta", "--type=incr"]
|
||||
cron: '[[ .pg.backup.pgbackrest.cron.incr ]]'
|
||||
[[- end ]]
|
||||
|
||||
[[- if ne .pg.backup.pgbackrest.cron.diff "" ]]
|
||||
---
|
||||
kind: cron
|
||||
name: pgbackrest-diff
|
||||
command: ["run-if-master.sh", "pgbackrest", "backup", "--delta", "--type=diff"]
|
||||
cron: '[[ .pg.backup.pgbackrest.cron.diff ]]'
|
||||
[[- end ]]
|
||||
|
||||
[[- if ne .pg.backup.dumps.cron "" ]]
|
||||
---
|
||||
kind: cron
|
||||
name: dump
|
||||
command: ["run-if-master.sh", "/local/dump.sh"]
|
||||
cron: '[[ .pg.backup.dumps.cron ]]'
|
||||
[[- end ]]
|
|
@ -12,10 +12,14 @@ pg:
|
|||
ou: Postgres
|
||||
issuer: '[[ .vault.prefix ]]pki/root'
|
||||
|
||||
# List of vault policies to attach to the task
|
||||
policies:
|
||||
- '[[ .instance ]][[ .consul.suffix ]]'
|
||||
|
||||
# Postgres server settings
|
||||
server:
|
||||
# The image to use
|
||||
image: '[[ .docker.repo ]]patroni:15.24.1-1'
|
||||
image: '[[ .docker.repo ]]patroni:15.24.1-2'
|
||||
|
||||
# Number of postgres instance. Patroni will handle leader election and replication
|
||||
count: 1
|
||||
|
@ -38,11 +42,6 @@ pg:
|
|||
env:
|
||||
PGBACKREST_STANZA: '[[ .instance ]]'
|
||||
|
||||
vault:
|
||||
# List of vault policies to attach to the task
|
||||
policies:
|
||||
- '[[ .instance ]][[ .consul.suffix ]]'
|
||||
|
||||
# Set higher priority for the postgres job
|
||||
nomad:
|
||||
priority: 100
|
||||
|
@ -183,7 +182,7 @@ pg:
|
|||
# manage can create database, users and sync permissions from LDAP (using ldap2pg)
|
||||
manage:
|
||||
# Image to use
|
||||
image: '[[ .docker.repo ]]ldap2pg:6.0-8'
|
||||
image: '[[ .docker.repo ]]ldap2pg:6.0-9'
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
|
|
Loading…
Reference in New Issue