TimescaleDB Deployment
TimescaleDB is a pre-requisite for EDA , hence it is needed to be deployed before EDA. If it is deployed already, this step can be skipped.
TimescaleDB for SKA
Introduction
This directory contains a Helm chart to deploy a single node TimescaleDB cluster in a High Availability (HA) configuration on Kubernetes. This chart will do the following:
Creates two (by default) pods using a Kubernetes statefulset.
Each pod has a container created using the TimescaleDB docker image. - TimescaleDB 2.1 and PG 13
Each of the containers runs a TimescaleDB instance and Patroni agent.
Each TimescaleDB instance is configured for replication (1 Master + 1 Replicas).
TimescaleDB is the backend database of the EDA solution. Following table shows the resource configuration of the TimescaleDB server instances for different SKA environments.
Default TimescaleDB values are altered according to the environment where it is getting deployed.
For eg. in ITF-LOW the values required for Resources and PersistentVolumes are as given below. Using itf-low-values.yaml file
present here charts/ska-tango-archiver-timescaledb/environment/itf-low-values.yaml, TimescaleDB can be deployed. Refer Installation section, to install TimescaleDB using yaml file.
Resources |
PersistentVolumes |
||||||
|---|---|---|---|---|---|---|---|
Environment |
Memory(Gi) |
CPU |
Wal(Gi) |
Data(Gi) |
Nodes |
||
Requests |
Limits |
Requests |
Limits |
||||
itf-mid |
16 |
32 |
8 |
16 |
3 |
47 |
za-itf-eda |
itf-low |
6 |
8 |
150m |
200m |
3 |
47 |
au-itf-eda |
psi-mid |
4 |
4 |
2 |
2 |
3 |
47 |
NA |
psi-low |
4 |
4 |
2 |
2 |
3 |
47 |
NA |
Dish |
4 |
4 |
2 |
2 |
3 |
47 |
NA |
Installation
To install the chart with the release name my-release, first in values.yaml you need to set credentials mentioned in list below. If you decide not to set those credentials, they will be randomly generated. Those credentials can be setup via helm only during helm first run and they won’t be rotated with subsequent helm update commands to prevent breaking the database.
The credentials can be found in above sections
The credentials for the superuser, admin and stand-by users
TLS Certificates
pgbackrest config (optional)
Then you can install the chart with:
helm install <pod-name> charts/timescaledb -n <namespace>You can override parameters using the –set key=value[,key=value] argument to helm install, e.g., to install the chart with backup enabled:
helm install <pod-name> charts/timescaledb -n <namespace> --set backup.enabled=trueAlternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart.
helm install <pod-name> -f <path to values.yaml> charts/timescaledbIn this case, a simple example-values.yaml is present in example folder, this way we can write multiple values.yaml as per specifications
Installing for different SKA environments
This repository provides multiple installation options tailored for needs of different SKA deployment environments. This is done because of differences in the computing infrastructure in each environment. The parameters specific to an environment are maintained in separate yaml files. These files should be given as additional parameters while installing the TimescaleDB in respective environment. For example, to install TimescaleDB chart for psi-low specifications, we can use following command
helm install timescaledb-1 -f charts/timescaledb/environment/psi-low-values.yaml charts/timescaledbSimilarly different values.yaml can be used to deploy TimescaleDB as per the specifications of that environment.
For details about what parameters you can set, have a look at the [Administrator Guide](docs/admin-guide.md#configure)
- Note
The password field is blank, user need to set it using CI_CD variable or using Vault(Not been tested)
Values required to set for CI/CD variables are:
--set secrets.credentials.PATRONI_SUPERUSER_PASSWORD="$(CI_CD_VARIABLE_NAME)" --set secrets.credentials.PATRONI_REPLICATION_PASSWORD="$(CI_CD_VARIABLE_NAME)" --set secrets.credentials.PATRONI_admin_PASSWORD="$(CI_CD_VARIABLE_NAME)"
To use vault, please update values.yaml accordingly:
timescaledb: vault: useVault: true secretPath: <secret_path> role: kube-role
or you can use the set option for vault:
--set timescaledb.vault.useVault=$(VAULT_ENABLED) --set timescaledb.vault.secretPath=$(SECRET_PATH) --set timescaledb.vault.role=$(VAULT_ROLE)
Cleanup
To remove the spawned pods you can run a simple
helm delete my-releaseSome items, (pvc’s and S3 backups for example) are not immediately removed. To also purge these items, have a look at the [Administrator Guide](docs/admin-guide#cleanup)
Further reading