feat: adds cert issuer and cloudnative-pg
This commit is contained in:
@@ -0,0 +1,77 @@
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: cnpg
|
||||
namespace: cnpg-system
|
||||
spec:
|
||||
interval: 10m
|
||||
releaseName: cnpg
|
||||
chart:
|
||||
spec:
|
||||
chart: cloudnative-pg
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: cloudnative-pg
|
||||
namespace: flux-system
|
||||
install:
|
||||
createNamespace: true
|
||||
values:
|
||||
# CloudNative-PG Operator resource limits
|
||||
operator:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 64Mi
|
||||
# Security context
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65534
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
# Pod security context
|
||||
podSecurityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65534
|
||||
fsGroup: 65534
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
|
||||
# Webhook configuration
|
||||
webhook:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 50m
|
||||
memory: 64Mi
|
||||
requests:
|
||||
cpu: 25m
|
||||
memory: 32Mi
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65534
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
|
||||
# Monitoring configuration
|
||||
monitoring:
|
||||
enabled: true
|
||||
# Set to true if you have Prometheus
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
|
||||
# Additional configuration
|
||||
config:
|
||||
# Default storage class for PostgreSQL clusters
|
||||
# storageClass: ""
|
||||
|
||||
# Default monitoring configuration
|
||||
monitoring:
|
||||
enabled: true
|
||||
Reference in New Issue
Block a user