본문 바로가기
kubernetes

Kubernetes PostgresSQL 설치

by aws-evan 2024. 4. 25.
반응형

 

 

  • Kubernets Postgres DB 설치
    • Deployment , Service 
    • Postgres image 버전은 선택
    • Configmap, Secret를 통한 계정 정보 저장하기
    • 환경 변수
      • POSTGRES_DB : DB Name
      • POSTGRES_USER : DB USER
      • POSTGRES_PASSWORD : DB 패스워드

 

  • Configmap으로 패스워드 설정하는 방법
    • 사실 보안상 Configmap으로 하면 평문으로 처리하기에 secret를 통해서 설정해야한다!
apiVersion: v1
kind: ConfigMap
metadata:
  name: postgres-config
data:
  POSTGRES_DB: mydatabase
  POSTGRES_USER: myuser
  POSTGRES_PASSWORD: mypassword
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgres
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres
  template:
    metadata:
      labels:
        app: postgres
    spec:
      containers:
      - name: postgres
        image: postgres:latest
        ports:
        - containerPort: 5432
        envFrom:
        - configMapRef:
            name: postgres-config
        volumeMounts:
        - mountPath: /var/lib/postgresql/data
          name: postgres-storage
      volumes:
      - name: postgres-storage
        persistentVolumeClaim:
          claimName: postgres-pvc
---
apiVersion: v1
kind: Service
metadata:
  name: postgres
spec:
  selector:
    app: postgres
  ports:
    - protocol: TCP
      port: 5432
      targetPort: 5432

 

 

 

  • Secret로 처리하는 방법
    • 먼저 원하는 패스워드를 처리
echo -n 'mydatabase' | base64
# Output: bXlkYXRhYmFzZQ==
echo -n 'myuser' | base64
# Output: bXl1c2Vy
echo -n 'mypassword' | base64
# Output: bXlwYXNzd29yZA==

 

 

  • 출력된 base64 정보를 secret적용하기
apiVersion: v1
kind: Secret
metadata:
  name: postgres-secret
type: Opaque
data:
  POSTGRES_DB: bXlkYXRhYmFzZQ==
  POSTGRES_USER: bXl1c2Vy
  POSTGRES_PASSWORD: bXlwYXNzd29yZA==

 

 

  • secret Deployment에 적용하기
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgres
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres
  template:
    metadata:
      labels:
        app: postgres
    spec:
      containers:
      - name: postgres
        image: postgres:latest
        ports:
        - containerPort: 5432
        env:
        - name: POSTGRES_DB
          valueFrom:
            secretKeyRef:
              name: postgres-secret
              key: POSTGRES_DB
        - name: POSTGRES_USER
          valueFrom:
            secretKeyRef:
              name: postgres-secret
              key: POSTGRES_USER
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: postgres-secret
              key: POSTGRES_PASSWORD
        volumeMounts:
        - mountPath: /var/lib/postgresql/data
          name: postgres-storage
      volumes:
      - name: postgres-storage
        persistentVolumeClaim:
          claimName: postgres-pvc

 

 

 

반응형
저작자표시 비영리 변경금지

'kubernetes' 카테고리의 다른 글

Kubernetes NFS Provisioner  (0) 2024.05.02
Kubernetes 모니터링 시스템(Promtail + Loki + Grafana) Helm  (0) 2024.05.01
Kubernetes LoadBalancer(MetalLB)  (0) 2024.04.23
CNI Flannel 설치 가이드  (0) 2024.04.22
kubespray 구축  (0) 2024.04.18

관련글

댓글

티스토리툴바