[stable/postgresql] Add dedicated tmpfs for /dev/shm. (helm#19025)

desaintmartin · dargolith · commit 68c84ff24ac4 · 2020-01-10T17:42:16.000+01:00
* [stable/postgresql] Add dedicated tmpsfs for /dev/shm. Start a database pod without limitations on shm memory. By default docker limit to (see e.g. the [docker issue](docker-library/postgres#416), which could be not enough if PostgreSQL uses parallel workers heavily. If this option is present and value is , to the target database pod will be mounted a new tmpfs volume to remove this limitation. Signed-off-by: Cédric de Saint Martin <cdesaintmartin@wiremind.fr> * [stable/postgresql] SHM: Second version after review + improvements. Signed-off-by: Cédric de Saint Martin <cdesaintmartin@wiremind.fr>
diff --git a/stable/postgresql/Chart.yaml b/stable/postgresql/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 name: postgresql
-version: 7.4.0
+version: 7.5.0
 appVersion: 11.6.0
 description: Chart for PostgreSQL, an object-relational database management system (ORDBMS) with an emphasis on extensibility and on standards-compliance.
 keywords:
diff --git a/stable/postgresql/README.md b/stable/postgresql/README.md
@@ -116,6 +116,7 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `service.loadBalancerIP`                      | loadBalancerIP if service type is `LoadBalancer`                                                                                                                          | `nil`                                                         |
 | `service.loadBalancerSourceRanges`            | Address that are allowed when svc is LoadBalancer                                                                                                                         | []                                                            |
 | `schedulerName`                               | Name of the k8s scheduler (other than default)                                                                                                                            | `nil`                                                         |
+| `shmVolume.enabled`                           | Enable emptyDir volume for /dev/shm for master and slave(s) Pod(s)                                                                                                        | `true`                                                        |
 | `persistence.enabled`                         | Enable persistence using PVC                                                                                                                                              | `true`                                                        |
 | `persistence.existingClaim`                   | Provide an existing `PersistentVolumeClaim`, the value is evaluated as a template.                                                                                        | `nil`                                                         |
 | `persistence.mountPath`                       | Path to mount the volume at                                                                                                                                               | `/bitnami/postgresql`                                         |
diff --git a/stable/postgresql/ci/default-values.yaml b/stable/postgresql/ci/default-values.yaml
@@ -0,0 +1 @@
+# Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml.
diff --git a/stable/postgresql/ci/shmvolume-disabled-values.yaml b/stable/postgresql/ci/shmvolume-disabled-values.yaml
@@ -0,0 +1,2 @@
+shmVolume:
+  enabled: false
diff --git a/stable/postgresql/templates/statefulset-slaves.yaml b/stable/postgresql/templates/statefulset-slaves.yaml
@@ -66,9 +66,9 @@ spec:
       {{- if .Values.serviceAccount.enabled }}
       serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name}}
       {{- end }}
-      {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) }}
+      {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
       initContainers:
-      {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
+      {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
         - name: init-chmod-data
           image: {{ template "postgresql.volumePermissions.image" . }}
           imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}"
@@ -83,12 +83,19 @@ spec:
               chmod 700 {{ .Values.persistence.mountPath }}/data
               find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
                 xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}
+              {{- if .Values.shmVolume.enabled }}
+              chmod -R 777 /dev/shm
+              {{- end }}
           securityContext:
             runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
           volumeMounts:
             - name: data
               mountPath: {{ .Values.persistence.mountPath }}
               subPath: {{ .Values.persistence.subPath }}
+            {{- if .Values.shmVolume.enabled }}
+            - name: dshm
+              mountPath: /dev/shm
+            {{- end }}
       {{- end }}
       {{- if .Values.slave.extraInitContainers }}
 {{ tpl .Values.slave.extraInitContainers . | indent 8 }}
@@ -197,6 +204,10 @@ spec:
             - name: postgresql-password
               mountPath: /opt/bitnami/postgresql/secrets/
             {{- end }}
+            {{- if .Values.shmVolume.enabled }}
+            - name: dshm
+              mountPath: /dev/shm
+            {{- end }}
             {{- if .Values.persistence.enabled }}
             - name: data
               mountPath: {{ .Values.persistence.mountPath }}
@@ -229,6 +240,12 @@ spec:
           configMap:
             name: {{ template "postgresql.extendedConfigurationCM" . }}
         {{- end }}
+        {{- if .Values.shmVolume.enabled }}
+        - name: dshm
+          emptyDir:
+            medium: Memory
+            sizeLimit: 1Gi
+        {{- end }}
         {{- if not .Values.persistence.enabled }}
         - name: data
           emptyDir: {}
diff --git a/stable/postgresql/templates/statefulset.yaml b/stable/postgresql/templates/statefulset.yaml
@@ -70,9 +70,9 @@ spec:
       {{- if .Values.serviceAccount.enabled }}
       serviceAccountName: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name }}
       {{- end }}
-      {{- if or .Values.master.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) }}
+      {{- if or .Values.master.extraInitContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
       initContainers:
-      {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
+      {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.shmVolume.enabled }}
         - name: init-chmod-data
           image: {{ template "postgresql.volumePermissions.image" . }}
           imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}"
@@ -87,12 +87,19 @@ spec:
               chmod 700 {{ .Values.persistence.mountPath }}/data
               find {{ .Values.persistence.mountPath }} -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
                 xargs chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}
+              {{- if .Values.shmVolume.enabled }}
+              chmod -R 777 /dev/shm
+              {{- end }}
           securityContext:
             runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
           volumeMounts:
             - name: data
               mountPath: {{ .Values.persistence.mountPath }}
               subPath: {{ .Values.persistence.subPath }}
+            {{- if .Values.shmVolume.enabled }}
+            - name: dshm
+              mountPath: /dev/shm
+            {{- end }}
       {{- end }}
       {{- if .Values.master.extraInitContainers }}
 {{ tpl .Values.master.extraInitContainers . | indent 8 }}
@@ -277,6 +284,10 @@ spec:
             - name: postgresql-password
               mountPath: /opt/bitnami/postgresql/secrets/
             {{- end }}
+            {{- if .Values.shmVolume.enabled }}
+            - name: dshm
+              mountPath: /dev/shm
+            {{- end }}
             {{- if .Values.persistence.enabled }}
             - name: data
               mountPath: {{ .Values.persistence.mountPath }}
@@ -382,11 +393,17 @@ spec:
         {{- if .Values.master.extraVolumes }}
         {{- toYaml .Values.master.extraVolumes | nindent 8 }}
         {{- end }}
-{{- if and .Values.metrics.enabled .Values.metrics.customMetrics }}
+        {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }}
         - name: custom-metrics
           configMap:
             name: {{ template "postgresql.metricsCM" . }}
-{{- end }}
+        {{- end }}
+        {{- if .Values.shmVolume.enabled }}
+        - name: dshm
+          emptyDir:
+            medium: Memory
+            sizeLimit: 1Gi
+        {{- end }}
 {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
         - name: data
           persistentVolumeClaim:
diff --git a/stable/postgresql/values-production.yaml b/stable/postgresql/values-production.yaml
@@ -239,6 +239,18 @@ service:
   # loadBalancerSourceRanges:
   # - 10.10.10.0/24
 
+## Start master and slave(s) pod(s) without limitations on shm memory.
+## By default docker and containerd (and possibly other container runtimes)
+## limit `/dev/shm` to `64M` (see e.g. the
+## [docker issue](https://github.com/docker-library/postgres/issues/416) and the
+## [containerd issue](https://github.com/containerd/containerd/issues/3654),
+## which could be not enough if PostgreSQL uses parallel workers heavily.
+## If this option is present and value is `true`,
+## to the target database pod will be mounted a new tmpfs volume to remove
+## this limitation.
+shmVolume:
+  enabled: true
+
 ## PostgreSQL data Persistent Volume Storage Class
 ## If defined, storageClassName: <storageClass>
 ## If set to "-", storageClassName: "", which disables dynamic provisioning
diff --git a/stable/postgresql/values.yaml b/stable/postgresql/values.yaml
@@ -239,6 +239,18 @@ service:
   # loadBalancerSourceRanges:
   # - 10.10.10.0/24
 
+## Start master and slave(s) pod(s) without limitations on shm memory.
+## By default docker and containerd (and possibly other container runtimes)
+## limit `/dev/shm` to `64M` (see e.g. the
+## [docker issue](https://github.com/docker-library/postgres/issues/416) and the
+## [containerd issue](https://github.com/containerd/containerd/issues/3654),
+## which could be not enough if PostgreSQL uses parallel workers heavily.
+## If this option is present and value is `true`,
+## to the target database pod will be mounted a new tmpfs volume to remove
+## this limitation.
+shmVolume:
+  enabled: true
+
 ## PostgreSQL data Persistent Volume Storage Class
 ## If defined, storageClassName: <storageClass>
 ## If set to "-", storageClassName: "", which disables dynamic provisioning

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+# Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml.`