Hi,
I've created this PR with a couple of small changes.
Firstly, I added options to customize a few things, namely:
securityContext in init-jobs
listen port in nginx (both containerPort and listen port in nginx conf)
Both changes have default values configured in values.yaml corresponding to previous hardcoded values. Reason for this customization is that with Pod Security Policy enabled (which requires runAsUser to be set to non-root) some resources were not able to run. In addition, nginx must be run in unprivileged nginx container which requires containerPort to be set to number higher than 1024.
Secondly, I changed the args in the CronJob to command and split into array. Previous command (args) definition did not work and always ended with error "unknown option -type f". Now CronJob works.
Third, I bumped postgreSQL version to higher one because newer version allows to specify selector on PVC. This means that administrator can create a static PV with a label and postgreSQL will create PVC that binds to this particular PV (handy when you do not want it to dynamically create PVC each time). In order to support this, I added in pgcluster.yaml one if, that correctly indents extra volume arguments (the other if statement indents only with 2 spaces which is probably meant for new key:value pairs, not to extend volume section.)
I would be happy if you accepted this PR, I am open to discussion. I have deployed a fully functional Galaxy with these modifications on restricted cluster and with static Persistent Volume bound by postgreSQL.
Hi, I've created this PR with a couple of small changes.
Firstly, I added options to customize a few things, namely:
securityContext
in init-jobscontainerPort
and listen port in nginx conf)Both changes have default values configured in
values.yaml
corresponding to previous hardcoded values. Reason for this customization is that with Pod Security Policy enabled (which requiresrunAsUser
to be set to non-root) some resources were not able to run. In addition, nginx must be run in unprivileged nginx container which requirescontainerPort
to be set to number higher than 1024.Secondly, I changed the
args
in theCronJob
tocommand
and split into array. Previous command (args) definition did not work and always ended with error"unknown option -type f"
. Now CronJob works.Third, I bumped postgreSQL version to higher one because newer version allows to specify selector on PVC. This means that administrator can create a static PV with a label and postgreSQL will create PVC that binds to this particular PV (handy when you do not want it to dynamically create PVC each time). In order to support this, I added in
pgcluster.yaml
one if, that correctly indents extra volume arguments (the otherif
statement indents only with 2 spaces which is probably meant for new key:value pairs, not to extendvolume
section.)I would be happy if you accepted this PR, I am open to discussion. I have deployed a fully functional Galaxy with these modifications on restricted cluster and with static Persistent Volume bound by postgreSQL.