feat: add support for customization

Signed-off-by: Ales Verbic <[email protected]>

bootstrap/cell/main.tf

@@ -34,11 +34,13 @@ locals {
   ]
 }
 module "dbsync_pvc" {
-  source       = "../pvc"
-  namespace    = var.namespace
-  volume_name  = var.volume_name
-  storage_size = var.storage_size
-  name         = local.db_volume_claim
+  source             = "../pvc"
+  namespace          = var.namespace
+  access_mode        = var.access_mode
+  volume_name        = var.volume_name
+  storage_class_name = var.storage_class_name
+  storage_size       = var.storage_size
+  name               = local.db_volume_claim
 }
 
 module "dbsync_postgres" {
@@ -53,6 +55,7 @@ module "dbsync_postgres" {
   postgres_secret_name  = var.postgres_secret_name
   postgres_resources    = var.postgres_resources
   is_blockfrost_backend = var.is_blockfrost_backend
+  postgres_tolerations  = var.postgres_tolerations
 }
 
 module "dbsync_pgbouncer" {
@@ -67,6 +70,7 @@ module "dbsync_pgbouncer" {
   instance_name                 = "postgres-dbsync-v3-${var.salt}"
   postgres_instance_name        = local.postgres_host
   pgbouncer_reloader_image_tag  = var.pgbouncer_reloader_image_tag
+  pgbouncer_tolerations         = var.pgbouncer_tolerations
 }
 
 module "dbsync_instances" {

bootstrap/cell/variables.tf

@@ -21,6 +21,14 @@ variable "storage_size" {
   type = string
 }
 
+variable "storage_class_name" {
+  type = string
+}
+
+variable "access_mode" {
+  type = string
+}
+
 variable "db_volume_claim" {
   type    = string
   default = null
@@ -66,6 +74,35 @@ variable "postgres_config_name" {
   default = null
 }
 
+variable "postgres_tolerations" {
+  type = list(object({
+    key      = string
+    operator = string
+    value    = string
+    effect   = string
+  }))
+  default = [
+    {
+      key      = "demeter.run/compute-profile"
+      operator = "Equal"
+      value    = "disk-intensive"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "consistent"
+      effect   = "NoSchedule"
+    }
+  ]
+}
+
 // PGBouncer
 variable "pgbouncer_image_tag" {
   default = "1.21.0"
@@ -83,6 +120,39 @@ variable "pgbouncer_reloader_image_tag" {
   type = string
 }
 
+variable "pgbouncer_secret_name" {
+  type    = string
+  default = ""
+}
+
+variable "pgbouncer_tolerations" {
+  type = list(object({
+    effect   = string
+    key      = string
+    operator = string
+    value    = optional(string)
+  }))
+  default = [
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-profile"
+      operator = "Exists"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "best-effort"
+    }
+  ]
+}
+
 // Instance
 variable "instances" {
   type = map(object({

bootstrap/main.tf

@@ -39,9 +39,11 @@ module "dbsync_cells" {
   salt      = each.key
 
   // PVC
-  volume_name     = each.value.pvc.volume_name
-  storage_size    = each.value.pvc.storage_size
-  db_volume_claim = each.value.pvc.name
+  access_mode        = each.value.pvc.access_mode
+  db_volume_claim    = each.value.pvc.name
+  storage_class_name = each.value.pvc.storage_class_name
+  storage_size       = each.value.pvc.storage_size
+  volume_name        = each.value.pvc.volume_name
 
   // PG
   topology_zone         = each.value.postgres.topology_zone
@@ -50,12 +52,15 @@ module "dbsync_cells" {
   postgres_secret_name  = var.postgres_secret_name
   postgres_resources    = each.value.postgres.resources
   postgres_config_name  = each.value.postgres.config_name
+  postgres_tolerations  = each.value.postgres.tolerations
 
   // PGBouncer
   pgbouncer_image_tag          = var.pgbouncer_image_tag
   pgbouncer_replicas           = each.value.pgbouncer.replicas
   pgbouncer_auth_user_password = var.pgbouncer_auth_user_password
   pgbouncer_reloader_image_tag = var.pgbouncer_reloader_image_tag
+  pgbouncer_secret_name        = var.postgres_secret_name
+  pgbouncer_tolerations        = each.value.pgbouncer.tolerations
 
   // Instances
   instances = each.value.instances

bootstrap/pgbouncer/main.tf

@@ -6,6 +6,10 @@ variable "instance_name" {
   default = "dbsync-v3-pgbouncer"
 }
 
+variable "cloud_provider" {
+  default = "gcp"
+}
+
 variable "service_name" {
   default = "dbsync-v3-pgbouncer"
 }
@@ -55,8 +59,8 @@ variable "postgres_instance_name" {
   default = "postgres-dbsync-v3-ar9"
 }
 
-resource "kubernetes_service_v1" "dbsync_pgbouncer_elb" {
-  count = var.load_balancer ? 1 : 0
+resource "kubernetes_service_v1" "dbsync_pgbouncer_elb_aws" {
+  for_each = var.load_balancer && var.cloud_provider == "aws" ? toset(["loadbalancer"]) : toset([])
   metadata {
     namespace = var.namespace
     name      = var.service_name
@@ -82,3 +86,57 @@ resource "kubernetes_service_v1" "dbsync_pgbouncer_elb" {
     }
   }
 }
+
+resource "kubernetes_service_v1" "dbsync_pgbouncer_elb_gcp" {
+  for_each = var.load_balancer && var.cloud_provider == "gcp" ? toset(["loadbalancer"]) : toset([])
+  metadata {
+    namespace = var.namespace
+    name      = var.service_name
+    annotations = {
+      "cloud.google.com/l4-rbs" : "enabled"
+    }
+  }
+
+  spec {
+    type                    = "LoadBalancer"
+    external_traffic_policy = "Local"
+
+    port {
+      protocol    = "TCP"
+      port        = 5432
+      target_port = 6432
+    }
+
+    selector = {
+      "role" = var.instance_role
+    }
+  }
+}
+
+variable "pgbouncer_tolerations" {
+  type = list(object({
+    effect   = string
+    key      = string
+    operator = string
+    value    = optional(string)
+  }))
+  default = [
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-profile"
+      operator = "Exists"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "best-effort"
+    }
+  ]
+}

bootstrap/pgbouncer/pg-bouncer.tf

@@ -74,7 +74,7 @@ resource "kubernetes_deployment_v1" "pgbouncer" {
             name = "POSTGRESQL_PASSWORD"
             value_from {
               secret_key_ref {
-                name = "postgres.postgres-dbsync-v3"
+                name = var.postgres_secret_name
                 key  = "password"
               }
             }
@@ -281,24 +281,15 @@ resource "kubernetes_deployment_v1" "pgbouncer" {
           }
         }
 
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-profile"
-          operator = "Exists"
-        }
+        dynamic "toleration" {
+          for_each = var.pgbouncer_tolerations
 
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-arch"
-          operator = "Equal"
-          value    = "x86"
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/availability-sla"
-          operator = "Equal"
-          value    = "best-effort"
+          content {
+            effect   = toleration.value.effect
+            key      = toleration.value.key
+            operator = toleration.value.operator
+            value    = toleration.value.value
+          }
         }
       }
     }

bootstrap/pgbouncer/pgbouncer.ini.tftpl

@@ -16,9 +16,9 @@ auth_query=SELECT usename, passwd FROM user_search($1)
 pidfile=/opt/bitnami/pgbouncer/tmp/pgbouncer.pid
 logfile=/opt/bitnami/pgbouncer/logs/pgbouncer.log
 admin_users=postgres
-client_tls_sslmode=allow
-client_tls_key_file=/certs/tls.key
-client_tls_cert_file=/certs/tls.crt
+client_tls_sslmode=disable
+client_tls_key_file=/certs/server.key
+client_tls_cert_file=/certs/server.crt
 server_tls_sslmode=disable
 ignore_startup_parameters=extra_float_digits,statement_timeout
 stats_period=60

bootstrap/postgres/main.tf

@@ -74,3 +74,32 @@ variable "postgres_settings" {
   }
 }
 
+variable "postgres_tolerations" {
+  type = list(object({
+    key      = string
+    operator = string
+    value    = string
+    effect   = string
+  }))
+  default = [
+    {
+      key      = "demeter.run/compute-profile"
+      operator = "Equal"
+      value    = "disk-intensive"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+      effect   = "NoSchedule"
+    },
+    {
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "consistent"
+      effect   = "NoSchedule"
+    }
+  ]
+}
+

bootstrap/postgres/postgres.tf

@@ -149,25 +149,14 @@ resource "kubernetes_stateful_set_v1" "postgres" {
           }
         }
 
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-profile"
-          operator = "Equal"
-          value    = "disk-intensive"
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-arch"
-          operator = "Equal"
-          value    = "x86"
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/availability-sla"
-          operator = "Equal"
-          value    = "consistent"
+        dynamic "toleration" {
+          for_each = var.postgres_tolerations
+          content {
+            effect   = toleration.value.effect
+            key      = toleration.value.key
+            operator = toleration.value.operator
+            value    = toleration.value.value
+          }
         }
       }
     }