switch yugabyte for cnpg

manifests/prod/addons/cpng/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+helmCharts:
+  - name: cnpg
+    includeCRDs: true
+    valuesFile: values.yaml
+    releaseName: cnpg
+    version: 0.19.1
+    repo: https://cloudnative-pg.github.io/charts
+    namespace: cnpg

manifests/prod/addons/cpng/values.yaml

@@ -0,0 +1,119 @@
+replicaCount: 2
+
+image:
+  repository: ghcr.io/cloudnative-pg/cloudnative-pg
+  pullPolicy: IfNotPresent
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+crds:
+  # -- Specifies whether the CRDs should be created when installing the chart.
+  create: true
+
+# -- The webhook configuration.
+webhook:
+  port: 9443
+  mutating:
+    create: true
+    failurePolicy: Fail
+  validating:
+    create: true
+    failurePolicy: Fail
+  livenessProbe:
+    initialDelaySeconds: 3
+  readinessProbe:
+    initialDelaySeconds: 3
+
+# -- Operator configuration.
+config:
+  # -- Specifies whether the secret should be created.
+  create: true
+  # -- The name of the configmap/secret to use.
+  name: cnpg-controller-manager-config
+  # -- Specifies whether it should be stored in a secret, instead of a configmap.
+  secret: false
+  # -- The content of the configmap/secret, see
+  # https://cloudnative-pg.io/documentation/current/operator_conf/#available-options
+  # for all the available options.
+  data:
+  # INHERITED_ANNOTATIONS: categories
+  # INHERITED_LABELS: environment, workload, app
+   WATCH_NAMESPACE: cnpg
+
+# -- Additinal arguments to be added to the operator's args list.
+additionalArgs: []
+
+serviceAccount:
+  # -- Specifies whether the service account should be created.
+  create: true
+  # -- The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template.
+  name: ""
+
+rbac:
+  # -- Specifies whether ClusterRole and ClusterRoleBinding should be created.
+  create: true
+  # -- Aggregate ClusterRoles to Kubernetes default user-facing roles.
+  # Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
+  aggregateClusterRoles: false
+
+# -- Annotations to be added to all other resources.
+commonAnnotations: {}
+# -- Annotations to be added to the pod.
+podAnnotations: {}
+# -- Labels to be added to the pod.
+podLabels: {}
+
+# -- Container Security Context.
+containerSecurityContext:
+  allowPrivilegeEscalation: false
+  readOnlyRootFilesystem: true
+  runAsUser: 10001
+  runAsGroup: 10001
+  seccompProfile:
+    type: RuntimeDefault
+  capabilities:
+    drop:
+      - "ALL"
+
+# -- Security Context for the whole pod.
+podSecurityContext:
+  runAsNonRoot: true
+  seccompProfile:
+    type: RuntimeDefault
+  # fsGroup: 2000
+
+# -- Priority indicates the importance of a Pod relative to other Pods.
+priorityClassName: ""
+
+service:
+  type: ClusterIP
+  # -- DO NOT CHANGE THE SERVICE NAME as it is currently used to generate the certificate
+  # and can not be configured
+  name: cnpg-webhook-service
+  port: 443
+
+resources:
+   limits:
+     cpu: 100m
+     memory: 200Mi
+   requests:
+     cpu: 100m
+     memory: 100Mi
+
+# -- Nodeselector for the operator to be installed.
+nodeSelector: {}
+
+# -- Tolerations for the operator to be installed.
+tolerations: []
+
+# -- Affinity for the operator to be installed.
+affinity: {}
+
+monitoring:
+  # -- Specifies whether the monitoring should be enabled. Requires Prometheus Operator CRDs.
+  podMonitorEnabled: false

manifests/prod/apps/postgres/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: cnpg
+
+resources:
+  - resources/postgres-cluster.yaml

manifests/prod/apps/postgres/resources/postgres-cluster.yaml

@@ -0,0 +1,11 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: postgres
+spec:
+  instances: 3
+  # unsupervised: automated update of the primary once all replicas have been upgraded
+  primaryUpdateStrategy: unsupervised
+
+  storage:
+    size: 10Gi