From 1e973407e31a63e937c1615bd6fd90c4a6c0a58c Mon Sep 17 00:00:00 2001 From: Steffen Rath Date: Wed, 12 Nov 2025 13:13:21 +0100 Subject: [PATCH 1/3] feat: Add minio and postgres config for Creance --- helm/qs-minio/values.yaml | 18 ++++++++++++++++++ helm/qs-postgresql-cluster/values.yaml | 10 ++++++++++ helm/qs-postgresql-db/values.yaml | 12 ++++++++++++ 3 files changed, 40 insertions(+) diff --git a/helm/qs-minio/values.yaml b/helm/qs-minio/values.yaml index 31ea058..aa8d548 100644 --- a/helm/qs-minio/values.yaml +++ b/helm/qs-minio/values.yaml @@ -101,3 +101,21 @@ minio-pharia-finetuning: existingSecretUserKey: "user" ## @param auth.existingSecretPasswordKey Key in existing secret containing password existingSecretPasswordKey: "password" + +minio-creance: + enabled: false + fullnameOverride: qs-minio-creance + ## @section Bucket provisioning + ## @param defaultBuckets Comma, semi-colon or space separated list of buckets to create at initialization + ## Format: "bucket-name" or "bucket-name:policy" where policy can be: none, download, upload, or public + ## e.g: "my-bucket, my-second-bucket:download, my-public-bucket:public" + defaultBuckets: "creance" + auth: + ## @param auth.existingSecret Name of existing secret containing MinIO credentials + existingSecret: "qs-minio-access-creance" + ## @param auth.username Username put in existing secret + user: "creance" + ## @param auth.existingSecretUserKey Key in existing secret containing username + existingSecretUserKey: "user" + ## @param auth.existingSecretPasswordKey Key in existing secret containing password + existingSecretPasswordKey: "password" diff --git a/helm/qs-postgresql-cluster/values.yaml b/helm/qs-postgresql-cluster/values.yaml index 1ab1050..e4f8372 100644 --- a/helm/qs-postgresql-cluster/values.yaml +++ b/helm/qs-postgresql-cluster/values.yaml @@ -262,6 +262,16 @@ clusterPharia: login: true superuser: false replication: false + - name: "creance" + connectionLimit: -1 + ensure: present + inherit: true + # `password` and `username` key should exist in secret. username key should be the name of the user (mlflow) + passwordSecret: + name: "qs-postgresql-cluster-access-creance" + login: true + superuser: false + replication: false backups: # -- You need to configure backups manually, so backups are disabled by default. # For detailed configuration options, see: https://github.com/cloudnative-pg/charts/tree/main/charts/cluster diff --git a/helm/qs-postgresql-db/values.yaml b/helm/qs-postgresql-db/values.yaml index 65eaf5f..fda02fe 100644 --- a/helm/qs-postgresql-db/values.yaml +++ b/helm/qs-postgresql-db/values.yaml @@ -375,3 +375,15 @@ databases: - pg_stat_statements - pg_trgm - btree_gin + + - name: "creance" + enabled: false + cluster: "qs-postgresql-cluster-pharia" + owner: "creance" + connectionLimit: 50 + extensions: + - uuid-ossp + - pgcrypto + - pg_stat_statements + - pg_trgm + - btree_gin From 48b86715c73dfc1308bffc304f4f9fe527be7df9 Mon Sep 17 00:00:00 2001 From: Steffen Rath Date: Wed, 19 Nov 2025 10:24:43 +0100 Subject: [PATCH 2/3] Add dependency for minio-creance in Chart.yaml --- helm/qs-minio/Chart.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/helm/qs-minio/Chart.yaml b/helm/qs-minio/Chart.yaml index 6820004..90f7653 100644 --- a/helm/qs-minio/Chart.yaml +++ b/helm/qs-minio/Chart.yaml @@ -16,3 +16,8 @@ dependencies: alias: minio-pharia-finetuning condition: minio-pharia-finetuning.enabled repository: oci://registry-1.docker.io/cloudpirates + - name: minio + version: 0.5.5 + alias: minio-creance + condition: minio-creance.enabled + repository: oci://registry-1.docker.io/cloudpirates From d66a96bd0cc7728bceacfcda59cea96b76a5ef0a Mon Sep 17 00:00:00 2001 From: Steffen Rath Date: Wed, 19 Nov 2025 10:29:26 +0100 Subject: [PATCH 3/3] Have pre-commit hook format files I did not touch to fix the build --- helm/README.md | 30 +++++++++++++------------- helm/qs-postgresql-cluster/values.yaml | 4 ++-- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/helm/README.md b/helm/README.md index 4aef9ab..88ef8af 100644 --- a/helm/README.md +++ b/helm/README.md @@ -740,13 +740,13 @@ clusterPharia: backups: enabled: true # Enable backups target: prefer-standby # Run backups on standby replicas to avoid impacting primary - + # S3 endpoint (leave empty for AWS S3, set for MinIO or other S3-compatible storage) endpointURL: "https://s3.eu-central-1.amazonaws.com" # or "http://minio.example.com:9000" - + # Backup destination path with timestamp for versioning destinationPath: "s3://my-backups/postgresql-pharia-2025-11-17/" - + # S3 provider configuration provider: s3 s3: @@ -757,24 +757,24 @@ clusterPharia: secretKey: "YOUR_SECRET_KEY" # OR use IAM role-based authentication (recommended for AWS): inheritFromIAMRole: false # Set to true to use IAM roles instead of keys - + # WAL archiving configuration wal: compression: gzip maxParallel: 8 # Number of parallel WAL archive/restore operations - + # Base backup configuration data: compression: gzip jobs: 2 # Number of parallel backup jobs - + # Scheduled backup configuration scheduledBackups: - name: daily-backup schedule: "0 0 2 * * *" # Daily at 2:00 AM (cron format) backupOwnerReference: self method: barmanObjectStore - + # Backup retention policy retentionPolicy: "30d" # Keep backups for 30 days ``` @@ -815,7 +815,7 @@ kubectl logs -n pharia-ai -l cnpg.io/cluster=qs-postgresql-cluster-pharia | grep **Successful Backup Example:** ``` NAME AGE CLUSTER PHASE ERROR -qs-postgresql-cluster-pharia-daily-backup-... 5m qs-postgresql-cluster-pharia completed +qs-postgresql-cluster-pharia-daily-backup-... 5m qs-postgresql-cluster-pharia completed ``` #### Disaster Recovery Guide @@ -830,29 +830,29 @@ Update `qs-postgresql-cluster/values.yaml` to configure recovery mode: clusterPharia: mode: recovery # Change from 'standalone' to 'recovery' fullnameOverride: qs-postgresql-cluster-pharia # Keep the SAME cluster name - + backups: enabled: true # NEW timestamp for post-recovery backups destinationPath: "s3://my-backups/postgresql-pharia-2025-11-18/" # ... (keep same S3 credentials configuration) - + recovery: method: object_store # Recover from S3 backup - + # The original cluster name in backups (must match the backed-up cluster) clusterName: "qs-postgresql-cluster-pharia" - + # OLD timestamp to read backups from destinationPath: "s3://my-backups/postgresql-pharia-2025-11-17/" - + # Recovery target (promote immediately after recovery) recoveryTarget: "promote" - + # Point-in-Time Recovery (optional) pitrTarget: time: "" # Leave empty to recover to latest, or specify RFC3339 timestamp - + # S3 configuration (must match backup configuration) endpointURL: "https://s3.eu-central-1.amazonaws.com" provider: s3 diff --git a/helm/qs-postgresql-cluster/values.yaml b/helm/qs-postgresql-cluster/values.yaml index e4f8372..41f004b 100644 --- a/helm/qs-postgresql-cluster/values.yaml +++ b/helm/qs-postgresql-cluster/values.yaml @@ -350,7 +350,7 @@ clusterPharia: pitrTarget: # -- Time in RFC3339 format time: "" - + ## -- Recovery target settings for controlling recovery behavior # Options: pause, promote, shutdown # 'promote' is recommended - promotes to read-write immediately after recovery @@ -599,7 +599,7 @@ clusterTemporal: pitrTarget: # -- Time in RFC3339 format time: "" - + ## -- Recovery target settings for controlling recovery behavior # Options: pause, promote, shutdown # 'promote' is recommended - promotes to read-write immediately after recovery