feat: add support for customization

verbotenj · verbotenj · commit 164d006810b0 · 2025-02-02T14:39:53.000-05:00
Signed-off-by: Ales Verbic &lt;verbotenj@blinklabs.io&gt;
diff --git a/bootstrap/cell/main.tf b/bootstrap/cell/main.tf
@@ -34,11 +34,13 @@ locals {
   ]
 }
 module "dbsync_pvc" {
-  source       = "../pvc"
-  namespace    = var.namespace
-  volume_name  = var.volume_name
-  storage_size = var.storage_size
-  name         = local.db_volume_claim
+  source             = "../pvc"
+  namespace          = var.namespace
+  access_mode        = var.access_mode
+  volume_name        = var.volume_name
+  storage_class_name = var.storage_class_name
+  storage_size       = var.storage_size
+  name               = local.db_volume_claim
 }
 
 module "dbsync_postgres" {
@@ -53,6 +55,7 @@ module "dbsync_postgres" {
   postgres_secret_name  = var.postgres_secret_name
   postgres_resources    = var.postgres_resources
   is_blockfrost_backend = var.is_blockfrost_backend
+  postgres_tolerations  = var.postgres_tolerations
 }
 
 module "dbsync_pgbouncer" {
@@ -67,6 +70,7 @@ module "dbsync_pgbouncer" {
   instance_name                 = "postgres-dbsync-v3-${var.salt}"
   postgres_instance_name        = local.postgres_host
   pgbouncer_reloader_image_tag  = var.pgbouncer_reloader_image_tag
+  pgbouncer_tolerations         = var.pgbouncer_tolerations
 }
 
 module "dbsync_instances" {
diff --git a/bootstrap/cell/variables.tf b/bootstrap/cell/variables.tf
@@ -21,6 +21,14 @@ variable "storage_size" {
   type = string
 }
 
+variable "storage_class_name" {
+  type = string
+}
+
+variable "access_mode" {
+  type = string
+}
+
 variable "db_volume_claim" {
   type    = string
   default = null
@@ -66,6 +74,35 @@ variable "postgres_config_name" {
   default = null
 }
 
+variable "postgres_tolerations" {
+  type = list(object({
+    key      = string
+    operator = string
+    value    = string
+    effect   = string
+  }))
+  default = [
+    {
+      key      = "demeter.run/compute-profile"
+      operator = "Equal"
+      value    = "disk-intensive"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "consistent"
+      effect   = "NoSchedule"
+    }
+  ]
+}
+
 // PGBouncer
 variable "pgbouncer_image_tag" {
   default = "1.21.0"
@@ -83,6 +120,39 @@ variable "pgbouncer_reloader_image_tag" {
   type = string
 }
 
+variable "pgbouncer_secret_name" {
+  type    = string
+  default = ""
+}
+
+variable "pgbouncer_tolerations" {
+  type = list(object({
+    effect   = string
+    key      = string
+    operator = string
+    value    = optional(string)
+  }))
+  default = [
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-profile"
+      operator = "Exists"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "best-effort"
+    }
+  ]
+}
+
 // Instance
 variable "instances" {
   type = map(object({
diff --git a/bootstrap/main.tf b/bootstrap/main.tf
@@ -39,9 +39,11 @@ module "dbsync_cells" {
   salt      = each.key
 
   // PVC
-  volume_name     = each.value.pvc.volume_name
-  storage_size    = each.value.pvc.storage_size
-  db_volume_claim = each.value.pvc.name
+  access_mode        = each.value.pvc.access_mode
+  db_volume_claim    = each.value.pvc.name
+  storage_class_name = each.value.pvc.storage_class_name
+  storage_size       = each.value.pvc.storage_size
+  volume_name        = each.value.pvc.volume_name
 
   // PG
   topology_zone         = each.value.postgres.topology_zone
@@ -50,12 +52,15 @@ module "dbsync_cells" {
   postgres_secret_name  = var.postgres_secret_name
   postgres_resources    = each.value.postgres.resources
   postgres_config_name  = each.value.postgres.config_name
+  postgres_tolerations  = each.value.postgres.tolerations
 
   // PGBouncer
   pgbouncer_image_tag          = var.pgbouncer_image_tag
   pgbouncer_replicas           = each.value.pgbouncer.replicas
   pgbouncer_auth_user_password = var.pgbouncer_auth_user_password
   pgbouncer_reloader_image_tag = var.pgbouncer_reloader_image_tag
+  pgbouncer_secret_name        = var.postgres_secret_name
+  pgbouncer_tolerations        = each.value.pgbouncer.tolerations
 
   // Instances
   instances = each.value.instances
diff --git a/bootstrap/pgbouncer/main.tf b/bootstrap/pgbouncer/main.tf
@@ -82,3 +82,31 @@ resource "kubernetes_service_v1" "dbsync_pgbouncer_elb" {
     }
   }
 }
+
+variable "pgbouncer_tolerations" {
+  type = list(object({
+    effect   = string
+    key      = string
+    operator = string
+    value    = optional(string)
+  }))
+  default = [
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-profile"
+      operator = "Exists"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "best-effort"
+    }
+  ]
+}
diff --git a/bootstrap/pgbouncer/pg-bouncer.tf b/bootstrap/pgbouncer/pg-bouncer.tf
@@ -74,7 +74,7 @@ resource "kubernetes_deployment_v1" "pgbouncer" {
             name = "POSTGRESQL_PASSWORD"
             value_from {
               secret_key_ref {
-                name = "postgres.postgres-dbsync-v3"
+                name = var.postgres_secret_name
                 key  = "password"
               }
             }
@@ -281,24 +281,15 @@ resource "kubernetes_deployment_v1" "pgbouncer" {
           }
         }
 
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-profile"
-          operator = "Exists"
-        }
+        dynamic "toleration" {
+          for_each = var.pgbouncer_tolerations
 
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-arch"
-          operator = "Equal"
-          value    = "x86"
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/availability-sla"
-          operator = "Equal"
-          value    = "best-effort"
+          content {
+            effect   = toleration.value.effect
+            key      = toleration.value.key
+            operator = toleration.value.operator
+            value    = toleration.value.value
+          }
         }
       }
     }
diff --git a/bootstrap/pgbouncer/pgbouncer.ini.tftpl b/bootstrap/pgbouncer/pgbouncer.ini.tftpl
@@ -16,9 +16,12 @@ auth_query=SELECT usename, passwd FROM user_search($1)
 pidfile=/opt/bitnami/pgbouncer/tmp/pgbouncer.pid
 logfile=/opt/bitnami/pgbouncer/logs/pgbouncer.log
 admin_users=postgres
-client_tls_sslmode=allow
-client_tls_key_file=/certs/server.key
-client_tls_cert_file=/certs/server.crt
+# Disable client TLS entirely:
+# client_tls_sslmode=allow
+client_tls_sslmode=disable
+# Remove TLS files if not needed:
+# client_tls_key_file=/certs/server.key
+# client_tls_cert_file=/certs/server.crt
 server_tls_sslmode=disable
 ignore_startup_parameters=extra_float_digits,statement_timeout
 stats_period=60
diff --git a/bootstrap/postgres/main.tf b/bootstrap/postgres/main.tf
@@ -74,3 +74,32 @@ variable "postgres_settings" {
   }
 }
 
+variable "postgres_tolerations" {
+  type = list(object({
+    key      = string
+    operator = string
+    value    = string
+    effect   = string
+  }))
+  default = [
+    {
+      key      = "demeter.run/compute-profile"
+      operator = "Equal"
+      value    = "disk-intensive"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "consistent"
+      effect   = "NoSchedule"
+    }
+  ]
+}
+
diff --git a/bootstrap/postgres/postgres.tf b/bootstrap/postgres/postgres.tf
@@ -149,25 +149,14 @@ resource "kubernetes_stateful_set_v1" "postgres" {
           }
         }
 
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-profile"
-          operator = "Equal"
-          value    = "disk-intensive"
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-arch"
-          operator = "Equal"
-          value    = "x86"
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/availability-sla"
-          operator = "Equal"
-          value    = "consistent"
+        dynamic "toleration" {
+          for_each = var.postgres_tolerations
+          content {
+            effect   = toleration.value.effect
+            key      = toleration.value.key
+            operator = toleration.value.operator
+            value    = toleration.value.value
+          }
         }
       }
     }
diff --git a/bootstrap/pvc/main.tf b/bootstrap/pvc/main.tf
@@ -1,17 +1,30 @@
 variable "namespace" {
-  description = "the namespace where the resources will be created"
+  description = "The namespace where the resources will be created."
 }
 
 variable "volume_name" {
-  description = "the name of the volume"
+  description = "The name of the volume. If not specified, the volume will be dynamically provisioned."
+  type        = string
+  default     = null
 }
 
 variable "name" {
-  description = "the name of the pvc"
+  description = "The name of the PersistentVolumeClaim (PVC)."
 }
 
 variable "storage_size" {
-  description = "the size of the volume"
+  description = "The size of the volume."
+}
+
+variable "storage_class_name" {
+  description = "The name of the storage class to use."
+  default     = "nvme"
+}
+
+variable "access_mode" {
+  description = "The access mode for the volume."
+  type        = string
+  default     = "ReadWriteMany"
 }
 
 resource "kubernetes_persistent_volume_claim" "shared_disk" {
@@ -23,13 +36,15 @@ resource "kubernetes_persistent_volume_claim" "shared_disk" {
   }
 
   spec {
-    access_modes = ["ReadWriteMany"]
+    access_modes = [var.access_mode]
+
     resources {
       requests = {
         storage = var.storage_size
       }
     }
-    storage_class_name = "nvme"
-    volume_name        = var.volume_name
+
+    storage_class_name = var.storage_class_name
+    volume_name        = var.volume_name != null ? var.volume_name : null
   }
 }
diff --git a/bootstrap/variables.tf b/bootstrap/variables.tf

Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,7 @@ resource "kubernetes_deployment_v1" "pgbouncer" {`
`74`	`74`	`name = "POSTGRESQL_PASSWORD"`
`75`	`75`	`value_from {`
`76`	`76`	`secret_key_ref {`
`77`		`- name = "postgres.postgres-dbsync-v3"`
	`77`	`+ name = var.postgres_secret_name`
`78`	`78`	`key = "password"`
`79`	`79`	`}`
`80`	`80`	`}`
`@@ -281,24 +281,15 @@ resource "kubernetes_deployment_v1" "pgbouncer" {`
`281`	`281`	`}`
`282`	`282`	`}`
`283`	`283`
`284`		`- toleration {`
`285`		`- effect = "NoSchedule"`
`286`		`- key = "demeter.run/compute-profile"`
`287`		`- operator = "Exists"`
`288`		`- }`
	`284`	`+ dynamic "toleration" {`
	`285`	`+ for_each = var.pgbouncer_tolerations`
`289`	`286`
`290`		`- toleration {`
`291`		`- effect = "NoSchedule"`
`292`		`- key = "demeter.run/compute-arch"`
`293`		`- operator = "Equal"`
`294`		`- value = "x86"`
`295`		`- }`
`296`		`-`
`297`		`- toleration {`
`298`		`- effect = "NoSchedule"`
`299`		`- key = "demeter.run/availability-sla"`
`300`		`- operator = "Equal"`
`301`		`- value = "best-effort"`
	`287`	`+ content {`
	`288`	`+ effect = toleration.value.effect`
	`289`	`+ key = toleration.value.key`
	`290`	`+ operator = toleration.value.operator`
	`291`	`+ value = toleration.value.value`
	`292`	`+ }`
`302`	`293`	`}`
`303`	`294`	`}`
`304`	`295`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,17 +1,30 @@`
`1`	`1`	`variable "namespace" {`
`2`		`- description = "the namespace where the resources will be created"`
	`2`	`+ description = "The namespace where the resources will be created."`
`3`	`3`	`}`
`4`	`4`
`5`	`5`	`variable "volume_name" {`
`6`		`- description = "the name of the volume"`
	`6`	`+ description = "The name of the volume. If not specified, the volume will be dynamically provisioned."`
	`7`	`+ type = string`
	`8`	`+ default = null`
`7`	`9`	`}`
`8`	`10`
`9`	`11`	`variable "name" {`
`10`		`- description = "the name of the pvc"`
	`12`	`+ description = "The name of the PersistentVolumeClaim (PVC)."`
`11`	`13`	`}`
`12`	`14`
`13`	`15`	`variable "storage_size" {`
`14`		`- description = "the size of the volume"`
	`16`	`+ description = "The size of the volume."`
	`17`	`+}`
	`18`	`+`
	`19`	`+variable "storage_class_name" {`
	`20`	`+ description = "The name of the storage class to use."`
	`21`	`+ default = "nvme"`
	`22`	`+}`
	`23`	`+`
	`24`	`+variable "access_mode" {`
	`25`	`+ description = "The access mode for the volume."`
	`26`	`+ type = string`
	`27`	`+ default = "ReadWriteMany"`
`15`	`28`	`}`
`16`	`29`
`17`	`30`	`resource "kubernetes_persistent_volume_claim" "shared_disk" {`
`@@ -23,13 +36,15 @@ resource "kubernetes_persistent_volume_claim" "shared_disk" {`
`23`	`36`	`}`
`24`	`37`
`25`	`38`	`spec {`
`26`		`- access_modes = ["ReadWriteMany"]`
	`39`	`+ access_modes = [var.access_mode]`
	`40`	`+`
`27`	`41`	`resources {`
`28`	`42`	`requests = {`
`29`	`43`	`storage = var.storage_size`
`30`	`44`	`}`
`31`	`45`	`}`
`32`		`- storage_class_name = "nvme"`
`33`		`- volume_name = var.volume_name`
	`46`	`+`
	`47`	`+ storage_class_name = var.storage_class_name`
	`48`	`+ volume_name = var.volume_name != null ? var.volume_name : null`
`34`	`49`	`}`
`35`	`50`	`}`