From 17cc8f7b9b3f3bb855f8a08e5e809f5fa814a0f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20de=20Saint=20Martin?= Date: Wed, 20 Nov 2019 13:40:05 +0100 Subject: [PATCH 1/2] [stable/postgresql] Add dedicated tmpsfs for /dev/shm. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Start a database pod without limitations on shm memory. By default docker limit to (see e.g. the [docker issue](https://github.com/docker-library/postgres/issues/416), which could be not enough if PostgreSQL uses parallel workers heavily. If this option is present and value is , to the target database pod will be mounted a new tmpfs volume to remove this limitation. Signed-off-by: Cédric de Saint Martin --- stable/postgresql/Chart.yaml | 2 +- stable/postgresql/README.md | 1 + .../templates/statefulset-slaves.yaml | 17 +++++++++++++++++ stable/postgresql/templates/statefulset.yaml | 17 +++++++++++++++++ stable/postgresql/values-production.yaml | 9 +++++++++ stable/postgresql/values.yaml | 9 +++++++++ 6 files changed, 54 insertions(+), 1 deletion(-) diff --git a/stable/postgresql/Chart.yaml b/stable/postgresql/Chart.yaml index 891988405f80..7839ebaaf5bf 100644 --- a/stable/postgresql/Chart.yaml +++ b/stable/postgresql/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: postgresql -version: 7.4.0 +version: 7.5.0 appVersion: 11.6.0 description: Chart for PostgreSQL, an object-relational database management system (ORDBMS) with an emphasis on extensibility and on standards-compliance. keywords: diff --git a/stable/postgresql/README.md b/stable/postgresql/README.md index 31e992b91aaf..12fe201989b7 100644 --- a/stable/postgresql/README.md +++ b/stable/postgresql/README.md @@ -116,6 +116,7 @@ The following tables lists the configurable parameters of the PostgreSQL chart a | `service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `nil` | | `service.loadBalancerSourceRanges` | Address that are allowed when svc is LoadBalancer | [] | | `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | +| `enableShmVolume` | Enable emptyDir volume for /dev/shm | `true` | | `persistence.enabled` | Enable persistence using PVC | `true` | | `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim`, the value is evaluated as a template. | `nil` | | `persistence.mountPath` | Path to mount the volume at | `/bitnami/postgresql` | diff --git a/stable/postgresql/templates/statefulset-slaves.yaml b/stable/postgresql/templates/statefulset-slaves.yaml index 95458358cf6d..97cfd25ec65e 100644 --- a/stable/postgresql/templates/statefulset-slaves.yaml +++ b/stable/postgresql/templates/statefulset-slaves.yaml @@ -83,12 +83,19 @@ spec: chmod 700 {{ .Values.persistence.mountPath }}/data find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \ xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} +{{- if .Values.shmVolume.enable }} + chmod -R 777 /dev/shm +{{- end }} securityContext: runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} volumeMounts: - name: data mountPath: {{ .Values.persistence.mountPath }} subPath: {{ .Values.persistence.subPath }} +{{- if .Values.shmVolume.enable }} + - name: dshm + mountPath: /dev/shm +{{- end }} {{- end }} {{- if .Values.slave.extraInitContainers }} {{ tpl .Values.slave.extraInitContainers . | indent 8 }} @@ -197,6 +204,10 @@ spec: - name: postgresql-password mountPath: /opt/bitnami/postgresql/secrets/ {{- end }} + {{- if .Values.shmVolume.enable }} + - name: dshm + mountPath: /dev/shm + {{- end }} {{- if .Values.persistence.enabled }} - name: data mountPath: {{ .Values.persistence.mountPath }} @@ -229,6 +240,12 @@ spec: configMap: name: {{ template "postgresql.extendedConfigurationCM" . }} {{- end }} +{{- if .Values.shmVolume.enable }} + - name: dshm + emptyDir: + medium: Memory + sizeLimit: 1Gi +{{- end }} {{- if not .Values.persistence.enabled }} - name: data emptyDir: {} diff --git a/stable/postgresql/templates/statefulset.yaml b/stable/postgresql/templates/statefulset.yaml index 559d507ecf4d..3a3df09a3685 100644 --- a/stable/postgresql/templates/statefulset.yaml +++ b/stable/postgresql/templates/statefulset.yaml @@ -87,12 +87,19 @@ spec: chmod 700 {{ .Values.persistence.mountPath }}/data find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \ xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} +{{- if .Values.shmVolume.enable }} + chmod -R 777 /dev/shm +{{- end }} securityContext: runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} volumeMounts: - name: data mountPath: {{ .Values.persistence.mountPath }} subPath: {{ .Values.persistence.subPath }} +{{- if .Values.shmVolume.enable }} + - name: dshm + mountPath: /dev/shm +{{- end }} {{- end }} {{- if .Values.master.extraInitContainers }} {{ tpl .Values.master.extraInitContainers . | indent 8 }} @@ -277,6 +284,10 @@ spec: - name: postgresql-password mountPath: /opt/bitnami/postgresql/secrets/ {{- end }} + {{- if .Values.shmVolume.enable }} + - name: dshm + mountPath: /dev/shm + {{- end }} {{- if .Values.persistence.enabled }} - name: data mountPath: {{ .Values.persistence.mountPath }} @@ -387,6 +398,12 @@ spec: configMap: name: {{ template "postgresql.metricsCM" . }} {{- end }} +{{- if .Values.shmVolume.enable }} + - name: dshm + emptyDir: + medium: Memory + sizeLimit: 1Gi +{{- end }} {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} - name: data persistentVolumeClaim: diff --git a/stable/postgresql/values-production.yaml b/stable/postgresql/values-production.yaml index 0d92a7c356f7..4e1471f53566 100644 --- a/stable/postgresql/values-production.yaml +++ b/stable/postgresql/values-production.yaml @@ -239,6 +239,15 @@ service: # loadBalancerSourceRanges: # - 10.10.10.0/24 +## Start a database pod without limitations on shm memory. By default docker +## limit `/dev/shm` to `64M` (see e.g. the [docker +## issue](https://github.com/docker-library/postgres/issues/416), which could be +## not enough if PostgreSQL uses parallel workers heavily. If this option is +## present and value is `true`, to the target database pod will be mounted a new +## tmpfs volume to remove this limitation. +shmVolume: + enable: true + ## PostgreSQL data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning diff --git a/stable/postgresql/values.yaml b/stable/postgresql/values.yaml index a4a615dd0460..b458872dba89 100644 --- a/stable/postgresql/values.yaml +++ b/stable/postgresql/values.yaml @@ -239,6 +239,15 @@ service: # loadBalancerSourceRanges: # - 10.10.10.0/24 +## Start a database pod without limitations on shm memory. By default docker +## limit `/dev/shm` to `64M` (see e.g. the [docker +## issue](https://github.com/docker-library/postgres/issues/416), which could be +## not enough if PostgreSQL uses parallel workers heavily. If this option is +## present and value is `true`, to the target database pod will be mounted a new +## tmpfs volume to remove this limitation. +shmVolume: + enable: true + ## PostgreSQL data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning From 48e8c0d61796667b886702366b96bcf9a0874242 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20de=20Saint=20Martin?= Date: Thu, 21 Nov 2019 11:21:55 +0100 Subject: [PATCH 2/2] [stable/postgresql] SHM: Second version after review + improvements. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Cédric de Saint Martin --- stable/postgresql/README.md | 2 +- stable/postgresql/ci/default-values.yaml | 1 + .../ci/shmvolume-disabled-values.yaml | 2 ++ .../templates/statefulset-slaves.yaml | 18 +++++++-------- stable/postgresql/templates/statefulset.yaml | 22 +++++++++---------- stable/postgresql/values-production.yaml | 17 ++++++++------ stable/postgresql/values.yaml | 17 ++++++++------ 7 files changed, 44 insertions(+), 35 deletions(-) create mode 100644 stable/postgresql/ci/default-values.yaml create mode 100644 stable/postgresql/ci/shmvolume-disabled-values.yaml diff --git a/stable/postgresql/README.md b/stable/postgresql/README.md index 12fe201989b7..d70a13251c3b 100644 --- a/stable/postgresql/README.md +++ b/stable/postgresql/README.md @@ -116,7 +116,7 @@ The following tables lists the configurable parameters of the PostgreSQL chart a | `service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `nil` | | `service.loadBalancerSourceRanges` | Address that are allowed when svc is LoadBalancer | [] | | `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | -| `enableShmVolume` | Enable emptyDir volume for /dev/shm | `true` | +| `shmVolume.enabled` | Enable emptyDir volume for /dev/shm for master and slave(s) Pod(s) | `true` | | `persistence.enabled` | Enable persistence using PVC | `true` | | `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim`, the value is evaluated as a template. | `nil` | | `persistence.mountPath` | Path to mount the volume at | `/bitnami/postgresql` | diff --git a/stable/postgresql/ci/default-values.yaml b/stable/postgresql/ci/default-values.yaml new file mode 100644 index 000000000000..fc2ba605adae --- /dev/null +++ b/stable/postgresql/ci/default-values.yaml @@ -0,0 +1 @@ +# Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. diff --git a/stable/postgresql/ci/shmvolume-disabled-values.yaml b/stable/postgresql/ci/shmvolume-disabled-values.yaml new file mode 100644 index 000000000000..347d3b40a8ea --- /dev/null +++ b/stable/postgresql/ci/shmvolume-disabled-values.yaml @@ -0,0 +1,2 @@ +shmVolume: + enabled: false diff --git a/stable/postgresql/templates/statefulset-slaves.yaml b/stable/postgresql/templates/statefulset-slaves.yaml index 97cfd25ec65e..888a96bd42ca 100644 --- a/stable/postgresql/templates/statefulset-slaves.yaml +++ b/stable/postgresql/templates/statefulset-slaves.yaml @@ -66,9 +66,9 @@ spec: {{- if .Values.serviceAccount.enabled }} serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name}} {{- end }} - {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) }} + {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }} initContainers: - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} + {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }} - name: init-chmod-data image: {{ template "postgresql.volumePermissions.image" . }} imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}" @@ -83,19 +83,19 @@ spec: chmod 700 {{ .Values.persistence.mountPath }}/data find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \ xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} -{{- if .Values.shmVolume.enable }} + {{- if .Values.shmVolume.enabled }} chmod -R 777 /dev/shm -{{- end }} + {{- end }} securityContext: runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} volumeMounts: - name: data mountPath: {{ .Values.persistence.mountPath }} subPath: {{ .Values.persistence.subPath }} -{{- if .Values.shmVolume.enable }} + {{- if .Values.shmVolume.enabled }} - name: dshm mountPath: /dev/shm -{{- end }} + {{- end }} {{- end }} {{- if .Values.slave.extraInitContainers }} {{ tpl .Values.slave.extraInitContainers . | indent 8 }} @@ -204,7 +204,7 @@ spec: - name: postgresql-password mountPath: /opt/bitnami/postgresql/secrets/ {{- end }} - {{- if .Values.shmVolume.enable }} + {{- if .Values.shmVolume.enabled }} - name: dshm mountPath: /dev/shm {{- end }} @@ -240,12 +240,12 @@ spec: configMap: name: {{ template "postgresql.extendedConfigurationCM" . }} {{- end }} -{{- if .Values.shmVolume.enable }} + {{- if .Values.shmVolume.enabled }} - name: dshm emptyDir: medium: Memory sizeLimit: 1Gi -{{- end }} + {{- end }} {{- if not .Values.persistence.enabled }} - name: data emptyDir: {} diff --git a/stable/postgresql/templates/statefulset.yaml b/stable/postgresql/templates/statefulset.yaml index 3a3df09a3685..b6fb379ccb04 100644 --- a/stable/postgresql/templates/statefulset.yaml +++ b/stable/postgresql/templates/statefulset.yaml @@ -70,9 +70,9 @@ spec: {{- if .Values.serviceAccount.enabled }} serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name }} {{- end }} - {{- if or .Values.master.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) }} + {{- if or .Values.master.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }} initContainers: - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} + {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }} - name: init-chmod-data image: {{ template "postgresql.volumePermissions.image" . }} imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}" @@ -87,19 +87,19 @@ spec: chmod 700 {{ .Values.persistence.mountPath }}/data find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \ xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} -{{- if .Values.shmVolume.enable }} + {{- if .Values.shmVolume.enabled }} chmod -R 777 /dev/shm -{{- end }} + {{- end }} securityContext: runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} volumeMounts: - name: data mountPath: {{ .Values.persistence.mountPath }} subPath: {{ .Values.persistence.subPath }} -{{- if .Values.shmVolume.enable }} + {{- if .Values.shmVolume.enabled }} - name: dshm mountPath: /dev/shm -{{- end }} + {{- end }} {{- end }} {{- if .Values.master.extraInitContainers }} {{ tpl .Values.master.extraInitContainers . | indent 8 }} @@ -284,7 +284,7 @@ spec: - name: postgresql-password mountPath: /opt/bitnami/postgresql/secrets/ {{- end }} - {{- if .Values.shmVolume.enable }} + {{- if .Values.shmVolume.enabled }} - name: dshm mountPath: /dev/shm {{- end }} @@ -393,17 +393,17 @@ spec: {{- if .Values.master.extraVolumes }} {{- toYaml .Values.master.extraVolumes | nindent 8 }} {{- end }} -{{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} + {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} - name: custom-metrics configMap: name: {{ template "postgresql.metricsCM" . }} -{{- end }} -{{- if .Values.shmVolume.enable }} + {{- end }} + {{- if .Values.shmVolume.enabled }} - name: dshm emptyDir: medium: Memory sizeLimit: 1Gi -{{- end }} + {{- end }} {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} - name: data persistentVolumeClaim: diff --git a/stable/postgresql/values-production.yaml b/stable/postgresql/values-production.yaml index 4e1471f53566..d18ed84826b5 100644 --- a/stable/postgresql/values-production.yaml +++ b/stable/postgresql/values-production.yaml @@ -239,14 +239,17 @@ service: # loadBalancerSourceRanges: # - 10.10.10.0/24 -## Start a database pod without limitations on shm memory. By default docker -## limit `/dev/shm` to `64M` (see e.g. the [docker -## issue](https://github.com/docker-library/postgres/issues/416), which could be -## not enough if PostgreSQL uses parallel workers heavily. If this option is -## present and value is `true`, to the target database pod will be mounted a new -## tmpfs volume to remove this limitation. +## Start master and slave(s) pod(s) without limitations on shm memory. +## By default docker and containerd (and possibly other container runtimes) +## limit `/dev/shm` to `64M` (see e.g. the +## [docker issue](https://github.com/docker-library/postgres/issues/416) and the +## [containerd issue](https://github.com/containerd/containerd/issues/3654), +## which could be not enough if PostgreSQL uses parallel workers heavily. +## If this option is present and value is `true`, +## to the target database pod will be mounted a new tmpfs volume to remove +## this limitation. shmVolume: - enable: true + enabled: true ## PostgreSQL data Persistent Volume Storage Class ## If defined, storageClassName: diff --git a/stable/postgresql/values.yaml b/stable/postgresql/values.yaml index b458872dba89..c39c64d7ab60 100644 --- a/stable/postgresql/values.yaml +++ b/stable/postgresql/values.yaml @@ -239,14 +239,17 @@ service: # loadBalancerSourceRanges: # - 10.10.10.0/24 -## Start a database pod without limitations on shm memory. By default docker -## limit `/dev/shm` to `64M` (see e.g. the [docker -## issue](https://github.com/docker-library/postgres/issues/416), which could be -## not enough if PostgreSQL uses parallel workers heavily. If this option is -## present and value is `true`, to the target database pod will be mounted a new -## tmpfs volume to remove this limitation. +## Start master and slave(s) pod(s) without limitations on shm memory. +## By default docker and containerd (and possibly other container runtimes) +## limit `/dev/shm` to `64M` (see e.g. the +## [docker issue](https://github.com/docker-library/postgres/issues/416) and the +## [containerd issue](https://github.com/containerd/containerd/issues/3654), +## which could be not enough if PostgreSQL uses parallel workers heavily. +## If this option is present and value is `true`, +## to the target database pod will be mounted a new tmpfs volume to remove +## this limitation. shmVolume: - enable: true + enabled: true ## PostgreSQL data Persistent Volume Storage Class ## If defined, storageClassName: