apiVersion: apps/v1 kind: Deployment metadata: name: guildhall-postgres namespace: guildhall labels: app.kubernetes.io/name: guildhall-postgres app.kubernetes.io/part-of: guildhouse app.kubernetes.io/component: database app.kubernetes.io/managed-by: manual spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: guildhall-postgres template: metadata: labels: app: guildhall-postgres app.kubernetes.io/name: guildhall-postgres app.kubernetes.io/part-of: guildhouse app.kubernetes.io/component: database spec: containers: - name: postgres image: postgres:16 imagePullPolicy: IfNotPresent ports: - containerPort: 5432 name: postgres env: - name: POSTGRES_DB valueFrom: secretKeyRef: name: guildhall-db-credentials key: POSTGRES_DB - name: POSTGRES_USER valueFrom: secretKeyRef: name: guildhall-db-credentials key: POSTGRES_USER - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: guildhall-db-credentials key: POSTGRES_PASSWORD # PGDATA subdir under the mount is the standard fix for the # lost+found that some filesystems create at the mount root, # which postgres otherwise refuses to initialise into. - name: PGDATA value: /var/lib/postgresql/data/pgdata volumeMounts: - name: data mountPath: /var/lib/postgresql/data # Matches the Keycloak-postgres resource shape from the # cluster: memory request 256Mi / limit 512Mi, CPU request # 100m, no CPU limit. Guildhall's initial DB load is light # so this is over-provisioned for v0.1; can be trimmed later. resources: requests: cpu: 100m memory: 256Mi limits: memory: 512Mi readinessProbe: exec: command: - pg_isready - -U - guildhall initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 1 failureThreshold: 3 livenessProbe: exec: command: - pg_isready - -U - guildhall initialDelaySeconds: 15 periodSeconds: 20 timeoutSeconds: 1 failureThreshold: 3 volumes: - name: data persistentVolumeClaim: claimName: guildhall-db