ircs-prod-config/ircs-prod/core/manifests/postgres.yaml

apiVersion: v1
kind: Service
metadata:
  name: postgres-svc
  namespace: ircs-prod
  labels:
    app: postgres
    app.kubernetes.io/part-of: ircs
    environment: prod
spec:
  type: ClusterIP
  selector:
    app: postgres
  ports:
    - name: postgres
      port: 5432
      targetPort: postgres
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: postgres
  namespace: ircs-prod
  labels:
    app: postgres
    app.kubernetes.io/part-of: ircs
    environment: prod
spec:
  serviceName: postgres-svc
  replicas: 1
  podManagementPolicy: OrderedReady
  revisionHistoryLimit: 10
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  updateStrategy:
    type: RollingUpdate
    rollingUpdate:
      partition: 0
      maxUnavailable: 1
  selector:
    matchLabels:
      app: postgres
  template:
    metadata:
      labels:
        app: postgres
        app.kubernetes.io/part-of: ircs
        environment: prod
    spec:
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      containers:
        - name: postgres
          image: postgres:18-alpine
          imagePullPolicy: IfNotPresent
          ports:
            - name: postgres
              containerPort: 5432
              protocol: TCP
          env:
            - name: POSTGRES_DB
              value: ircs
            - name: POSTGRES_USER
              value: postgres
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: ircs-prod-secrets
                  key: DB_PASSWORD
            - name: PGDATA
              value: /var/lib/postgresql/data/pgdata
          startupProbe:
            exec:
              command: ["pg_isready", "-U", "postgres", "-d", "ircs"]
            failureThreshold: 30
            periodSeconds: 5
            successThreshold: 1
            timeoutSeconds: 1
          readinessProbe:
            exec:
              command: ["pg_isready", "-U", "postgres", "-d", "ircs"]
            failureThreshold: 3
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          livenessProbe:
            exec:
              command: ["pg_isready", "-U", "postgres", "-d", "ircs"]
            failureThreshold: 3
            periodSeconds: 30
            successThreshold: 1
            timeoutSeconds: 1
          resources:
            requests:
              cpu: 100m
              memory: 256Mi
            limits:
              cpu: 500m
              memory: 512Mi
          volumeMounts:
            - name: postgres-data
              mountPath: /var/lib/postgresql/data
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
  volumeClaimTemplates:
    - apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: postgres-data
        labels:
          app: postgres
          app.kubernetes.io/part-of: ircs
          environment: prod
      spec:
        accessModes: ["ReadWriteOnce"]
        volumeMode: Filesystem
        resources:
          requests:
            storage: 2Gi