Database
Direktiv requires a PostgreSQL 13+ database. It acts as datastore as well as pub/sub system between Direktiv's components. It has been tested with Postgres offerings from cloud providers as well as on-premise installations.
The following documentation explains how to install a HA PostgreSQL in a Kubernetes cluster. This is just an example and it is important to assess inidividual project requirements.
PostgreSQL Installation
In this example CrunchyData's postgres operator is used. To install the operator Direktiv provides a helm chart based on this source helm chart.
helm repo add direktiv https://charts.direktiv.io
helm install -n postgres --create-namespace --set singleNamespace=true postgres direktiv/pgo
After installing the operator the PostgreSQL cluster can be created with Kubernetes YAML as custom resource definition:
apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
metadata:
name: direktiv
namespace: postgres
spec:
users:
- name: direktiv
databases:
- direktiv
image: >-
registry.developers.crunchydata.com/crunchydata/crunchy-postgres-ha:centos8-13.4-0
postgresVersion: 13
instances:
- name: instance1
dataVolumeClaimSpec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 4Gi
backups:
pgbackrest:
image: >-
registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:centos8-2.33-2
repoHost:
dedicated: {}
repos:
- name: repo1
volume:
volumeClaimSpec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 4Gi
The above example can be installed with the following command:
kubectl apply -f https://raw.githubusercontent.com/direktiv/direktiv/main/kubernetes/install/db/pg.yaml
The details of this PostgreSQL cluster are stored as secrets in the 'postgres' namespace called direktiv-pguser-direktiv.
- uri
- port
- user
- verifier
- dbname
- host
- password
Retrieve the database settings and secrets
#!/bin/bash
echo "database:
host: \"$(kubectl get secrets -n postgres direktiv-pguser-direktiv -o 'go-template={{index .data "host"}}' | base64 --decode)\"
port: $(kubectl get secrets -n postgres direktiv-pguser-direktiv -o 'go-template={{index .data "port"}}' | base64 --decode)
user: \"$(kubectl get secrets -n postgres direktiv-pguser-direktiv -o 'go-template={{index .data "user"}}' | base64 --decode)\"
password: \"$(kubectl get secrets -n postgres direktiv-pguser-direktiv -o 'go-template={{index .data "password"}}' | base64 --decode)\"
name: \"$(kubectl get secrets -n postgres direktiv-pguser-direktiv -o 'go-template={{index .data "dbname"}}' | base64 --decode)\"
sslmode: require"
Retrieve the database password secret
kubectl get secrets -n postgres direktiv-pguser-direktiv -o 'go-template={{index .data "password"}}' | base64 --decode
❗ Please be aware that persistent volume claims are not deleted and must be manually deleted when uninstalling.
Backup
Direktiv stores all relevant data in the database so that it can be recreated on a new Kubernetes environment without any additional backup or restore of Kubernetes components. CrunchyData's postgres operator comes with 'pgBackRest' as an automated backup solution. Alternatively, a simple cron job can export Direktiv's data as a plain SQL text file.
A simple backup can be created with the following Kubernetes cron job:
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: backupdb
spec:
schedule: '* 0 * * *' # change to different interval if needed
jobTemplate:
spec:
template:
metadata:
annotations:
linkerd.io/inject: disabled
spec:
containers:
- name: dbbackup
image: 'postgres:13.4'
imagePullPolicy: IfNotPresent
env:
- name: PGPASSWORD
# change password
value: direktivdirektiv
# here and add additional commands. the example is bad btw but works :)
command:
- /bin/sh
- '-c'
- >-
date; echo "backup start";
/usr/bin/pg_dump -d direktiv -h
postgres-postgresql-ha-pgpool.postgres -f /tmp/data.sql -U direktiv; ls -la /tmp;
apt-get update; apt install -y sshpass;
sshpass -p "pwd" scp -o StrictHostKeyChecking=no /tmp/data.sql username@192.168.1.1:/tmp/data.sql;
echo "copied"
restartPolicy: Never