k8s部署pgsql集群

一、前言

        本教程是使用zalando/postgres-operator部署的pgsql集群，部署的pgsql集群有两个svc，分别用于只读从节点的svc和读写主节点的svc

二、部署pgsql集群

提前在github上下载部署pgsql-operator部署需要的文件

参考:

下载以下五个yaml文件

下载完成后编辑以下文件内容

vi configmap.yamldocker_image: xxx.xxx.com/base_image/spilo:3.0    #变更为自身的镜像地址

vi minimal-postgres-manifest.yaml apiVersion: "acid.zalan.do/v1"
kind: postgresql
metadata:name: acid-minimal-cluster
spec:teamId: "acid"volume:size: 30GistorageClass: pgsql-pv    #配置挂载的pv storageClassnumberOfInstances: 3users:zalando:  # database owner- superuser- createdbfoo_user: []  # role for application foodatabases:foo: zalando  # dbname: ownerpreparedDatabases:bar: {}postgresql:version: "14"      #指定pgsql版本

 vi postgres-operator.yaml apiVersion: apps/v1
kind: Deployment
metadata:name: postgres-operatorlabels:application: postgres-operator
spec:replicas: 1strategy:type: "Recreate"selector:matchLabels:name: postgres-operatortemplate:metadata:labels:name: postgres-operatorspec:serviceAccountName: postgres-operatorcontainers:- name: postgres-operatorimage: xxx.xxx.com/base_image/postgres-operator:v1.10.1  #配置为本地镜像地址imagePullPolicy: IfNotPresentresources:requests:cpu: 100mmemory: 250Milimits:cpu: 500mmemory: 500MisecurityContext:runAsUser: 1000runAsNonRoot: truereadOnlyRootFilesystem: trueallowPrivilegeEscalation: falseenv:# provided additional ENV vars can overwrite individual config map entries- name: CONFIG_MAP_NAMEvalue: "postgres-operator"# In order to use the CRD OperatorConfiguration instead, uncomment these lines and comment out the two lines above# - name: POSTGRES_OPERATOR_CONFIGURATION_OBJECT#  value: postgresql-operator-default-configuration# Define an ID to isolate controllers from each other# - name: CONTROLLER_ID#   value: "second-operator"imagePullSecrets:- name: pgsql-secret       #配置拉取本地镜像的secreet

配置本地镜像secret

kubectl create secret docker-registry pgsql-secret --docker-server='https://xxx.xxx.com' --docker-username=xxx --docker-password=xxxx

配置pv存储

vi pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:name: pgsql-0
spec:storageClassName: pgsql-pv    #定义了存储类型capacity:storage: 30GiaccessModes:- ReadWriteOncepersistentVolumeReclaimPolicy: Retainnfs:path: /share/k8s/test-pgsql/pgsql0server: 10.1.60.6
---
apiVersion: v1
kind: PersistentVolume
metadata:name: pgsql-1
spec:storageClassName: pgsql-pv    #定义了存储类型capacity:storage: 30GiaccessModes:- ReadWriteOncepersistentVolumeReclaimPolicy: Retainnfs:path: /share/k8s/test-pgsql/pgsql1server: 10.1.60.6
---
apiVersion: v1
kind: PersistentVolume
metadata:name: pgsql-2
spec:storageClassName: pgsql-pv    #定义了存储类型capacity:storage: 30GiaccessModes:- ReadWriteOncepersistentVolumeReclaimPolicy: Retainnfs:path: /share/k8s/test-pgsql/pgsql2server: 10.1.60.6

启动pgsql-operator服务

kubectl apply -f api-service.yaml  
kubectl apply -f configmap.yaml 
kubectl apply -f operator-service-account-rbac.yaml  
kubectl apply -f postgres-operator.yaml

因为operator的原因需要配置一个默认的secret

kubectl edit serviceaccount defaultapiVersion: v1
imagePullSecrets:       #新增
- name: pgsql-secret   #新增
kind: ServiceAccount
metadata:creationTimestamp: "2024-01-25T01:01:12Z"name: defaultnamespace: defaultresourceVersion: "75328624"selfLink: /api/v1/namespaces/default/serviceaccounts/defaultuid: 1b6408a8-80d6-40b5-8020-3d52eff75ec0
secrets:
- name: default-token-zl4vw

部署pgsql集群

kubectl apply -f pv.yaml
kubectl apply -f minimal-postgres-manifest.yaml

至此部署完成

获取pgsql集群的初始密码(用户名为:pgsql)

kubectl get secret postgres.acid-minimal-cluster.credentials.postgresql.acid.zalan.do -o 'jsonpath={.data.password}' | base64 -d

注意：该pgsql初始密码不能变更，因为是保存在了secret中的，可以创建其他用户并设置密码使用

若是需要删除则执行以下命令

kubectl delete postgresql acid-minimal-cluster

更多部署方式参考：https://github.com/zalando/postgres-operator/blob/master/docs/quickstart.md

configmap配置项参数参考：https://github.com/zalando/postgres-operator/blob/master/docs/reference/operator_parameters.md