Compare commits
17 Commits
062043cdad
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 5f74877156 | |||
| b20faf66fa | |||
| 8a5a5d8389 | |||
| 8043111d71 | |||
| 8433d068a4 | |||
| 4904e75e75 | |||
| bc8c2ed89f | |||
| 49e38f06dd | |||
| 4afca455e9 | |||
| 08b67f59b2 | |||
| 0c2f23d963 | |||
| fc5032ab20 | |||
| a627d30dae | |||
| d65719f474 | |||
| 3239de967f | |||
| 929846c7b5 | |||
| 8d4232fae6 |
101
Jenkinsfile
vendored
101
Jenkinsfile
vendored
@@ -1,101 +0,0 @@
|
||||
pipeline {
|
||||
agent {
|
||||
label 'puppet'
|
||||
}
|
||||
|
||||
post {
|
||||
always {
|
||||
deleteDir() /* clean up our workspace */
|
||||
}
|
||||
success {
|
||||
updateGitlabCommitStatus state: 'success'
|
||||
}
|
||||
failure {
|
||||
updateGitlabCommitStatus state: 'failed'
|
||||
step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
|
||||
}
|
||||
}
|
||||
|
||||
options {
|
||||
gitLabConnection('gitlab.confdroid.com')
|
||||
}
|
||||
|
||||
stages {
|
||||
|
||||
stage('SonarScan') {
|
||||
steps {
|
||||
withCredentials([string(credentialsId: 'sonar-token', variable: 'SONAR_TOKEN')]) {
|
||||
sh '''
|
||||
/opt/sonar-scanner/bin/sonar-scanner \
|
||||
-Dsonar.projectKey=confdroid_pgbouncer \
|
||||
-Dsonar.sources=. \
|
||||
-Dsonar.host.url=https://sonarqube.confdroid.com \
|
||||
-Dsonar.token=$SONAR_TOKEN
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('build and push image to gitlab') {
|
||||
steps {
|
||||
withCredentials([usernamePassword(credentialsId: 'jenkins-gitlab-registry-token-2026', passwordVariable: 'pw', usernameVariable: 'un')]) {
|
||||
sh '''
|
||||
set +xe
|
||||
docker login gitlab.confdroid.com:5050 -u $un -p $pw
|
||||
docker build --network=host -t gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:1.1.4 .
|
||||
docker build --network=host -t gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:latest .
|
||||
docker push gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:1.1.4
|
||||
docker push gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:latest
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('build and push image to gitea') {
|
||||
steps {
|
||||
withCredentials([usernamePassword(credentialsId: 'Gitea-package-token', passwordVariable: 'pw', usernameVariable: 'un')]) {
|
||||
sh '''
|
||||
set +xe
|
||||
docker login sourcecode.confdroid.com -u $un -p $pw
|
||||
docker build --network=host -t sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:1.1.4 .
|
||||
docker build --network=host -t sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:latest .
|
||||
docker push sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:1.1.4
|
||||
#docker push sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:latest
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('update repo') {
|
||||
steps {
|
||||
sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
|
||||
sh '''
|
||||
git config user.name "Jenkins Server"
|
||||
git config user.email jenkins@confdroid.com
|
||||
git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
|
||||
git push origin HEAD:master
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
stage('Mirror to Gitea') {
|
||||
steps {
|
||||
withCredentials([usernamePassword(
|
||||
credentialsId: 'Jenkins-gitea',
|
||||
usernameVariable: 'GITEA_USER',
|
||||
passwordVariable: 'GITEA_TOKEN')]) {
|
||||
script {
|
||||
// Checkout from GitLab (already done implicitly)
|
||||
sh '''
|
||||
git checkout master
|
||||
git pull origin master
|
||||
git remote add master https://sourcecode.confdroid.com/confdroid/confdroid_pgbouncer.git
|
||||
git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
|
||||
push master --mirror
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
26
README.md
26
README.md
@@ -1,9 +1,31 @@
|
||||
# README
|
||||
|
||||
[](https://jenkins.confdroid.com/job/confdroid_pgbouncer/)
|
||||
[](https://sonarqube.confdroid.com/dashboard?id=confdroid_pgbouncer)
|
||||
|
||||
# Purpose
|
||||
- [README](#readme)
|
||||
- [Purpose](#purpose)
|
||||
- [Download](#download)
|
||||
- [Configuration](#configuration)
|
||||
- [Contact Us](#contact-us)
|
||||
|
||||
## Purpose
|
||||
|
||||
`Pgbouncer` is a loadbalancer for postgresql connections and very helpful in managing aspects of postgresql performance through the reuse of connections.
|
||||
|
||||
`confdroid_pgbouncer`is a standalone container suitable for running on kubernetes etc to facilitate loadbalancer deployments.
|
||||
`confdroid_pgbouncer`is a standalone container suitable for running on kubernetes etc to facilitate loadbalancer deployments. It can and should run with multiple instances. Each instance will take the configuration from the same source and works independently.
|
||||
|
||||
## Download
|
||||
|
||||
[confdroid_pgbouncer:latest](https://sourcecode.confdroid.com/confdroid/-/packages/container/confdroid_pgbouncer/latest)
|
||||
|
||||
## Configuration
|
||||
|
||||
The container takes its configuration via config map and secrets.
|
||||
|
||||
- see [example config](docs/example_config.yaml)
|
||||
|
||||
## Contact Us
|
||||
|
||||
- [contact form](https://confdroid.com/contact/)
|
||||
- [feedback portal](https://feedback.confdroid.com/)
|
||||
|
||||
148
docs/example_config.yaml
Normal file
148
docs/example_config.yaml
Normal file
@@ -0,0 +1,148 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: pgbouncer
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: pgbouncer-users
|
||||
namespace: pgbouncer
|
||||
type: Opaque
|
||||
stringData:
|
||||
userlist.txt: |
|
||||
"example_user "md535412bdc28167fbcdcef2c25bafd2f21"
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: pgbouncer-tls
|
||||
namespace: pgbouncer
|
||||
type: Opaque
|
||||
data:
|
||||
data:
|
||||
ca.crt: <encrypted cert>
|
||||
client.crt: <encrypted cert>
|
||||
client.key: <encrypted key>
|
||||
server.crt: <encrypted cert>
|
||||
server.key: <encrypted key>
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: pgbouncer-config
|
||||
namespace: pgbouncer
|
||||
data:
|
||||
pgbouncer.ini: |
|
||||
[pgbouncer]
|
||||
listen_addr = 0.0.0.0
|
||||
listen_port = 6432
|
||||
auth_type = md5
|
||||
auth_file = /etc/pgbouncer/userlist.txt
|
||||
# admin_users = admin
|
||||
pool_mode = transaction
|
||||
max_client_conn = 100
|
||||
default_pool_size = 20
|
||||
ignore_startup_parameters = extra_float_digits
|
||||
|
||||
log_connections = 1
|
||||
log_disconnections = 1
|
||||
log_pooler_errors = 1
|
||||
log_stats = 1
|
||||
verbose = 0
|
||||
pidfile = /var/run/pgbouncer/pgbouncer.pid
|
||||
|
||||
# TLS backend: PgBouncer → PostgreSQL
|
||||
server_tls_sslmode = verify-ca
|
||||
server_tls_ca_file = /etc/pgbouncer/tls/ca.crt
|
||||
server_tls_cert_file = /etc/pgbouncer/tls/client.crt
|
||||
server_tls_key_file = /etc/pgbouncer/tls/client.key
|
||||
server_tls_protocols = secure
|
||||
|
||||
# TLS frontend
|
||||
client_tls_sslmode = require
|
||||
client_tls_key_file = /etc/pgbouncer/tls/server.key
|
||||
client_tls_cert_file = /etc/pgbouncer/tls/server.crt
|
||||
client_tls_ca_file = /etc/pgbouncer/tls/ca.crt
|
||||
client_tls_protocols = secure
|
||||
|
||||
[databases]
|
||||
<example_db> = host=<example_host> port=5432 pool_mode=session dbname=<example_db> auth_user="<example_user>"
|
||||
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: pgbouncer-deployment
|
||||
namespace: pgbouncer
|
||||
spec:
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app: pgbouncer
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: pgbouncer
|
||||
spec:
|
||||
containers:
|
||||
- name: pgbouncer
|
||||
image: sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 6432
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/pgbouncer/pgbouncer.ini
|
||||
subPath: pgbouncer.ini
|
||||
readOnly: true
|
||||
- name: users
|
||||
mountPath: /etc/pgbouncer/userlist.txt
|
||||
subPath: userlist.txt
|
||||
readOnly: true
|
||||
- name: tls
|
||||
mountPath: /etc/pgbouncer/tls
|
||||
readOnly: true
|
||||
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: 6432
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: 6432
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: pgbouncer-config
|
||||
- name: users
|
||||
secret:
|
||||
secretName: pgbouncer-users
|
||||
- name: tls
|
||||
secret:
|
||||
secretName: pgbouncer-tls
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: pgbouncer-service
|
||||
namespace: pgbouncer
|
||||
spec:
|
||||
selector:
|
||||
app: pgbouncer
|
||||
ports:
|
||||
- name: pgbouncer_port
|
||||
port: 6432
|
||||
targetPort: 6432
|
||||
protocol: TCP
|
||||
|
||||
Reference in New Issue
Block a user