6.4. Use external PostgreSQL database

This section describes, how you can use an external PostgreSQL database management system for all services. Use this configuration, if you have a PostgreSQL database cluster already in place, with redundancy and failover mechanisms.

Important

You need to ensure that your PostgreSQL database is at least version 12.

6.4.1. Configure external PostgreSQL database

To configure an external PostgreSQL database, you need to provide the connection details in the Helm Chart configuration in your custom_values.yaml values file as outlined in Listing 6.12. Use the following configuration values:

global.postgresql.connection.host

The hostname of the external PostgreSQL database management system.

postgresql.enabled

Defines whether Helm deploys the bundled PostgreSQL database, the value true, or use a PostgreSQL database that’s external to Nubus, the value false.

postgresql.auth.existingSecret

The name of the Kubernetes secret containing the passwords for the PostgreSQL service. postgresql.auth.secretKeys.* defines the names of the keys inside the secret.

postgresql.auth.username

The username for authentication with the PostgreSQL database for the respective service.

postgresql.auth.secretKeys.adminPasswordKey

The name of the key inside the Kubernetes secret containing the password for the administrator to authenticate with the PostgreSQL database. The default value is admin_password.

postgresql.auth.secretKeys.userPasswordKey

The name of the key inside the Kubernetes secret containing the password for the user to authenticate with the PostgreSQL database. The default value is user_password.

postgresql.auth.secretKeys.replicationPasswordKey

The name of the key inside the Kubernetes secret containing the password for the PostgreSQL replication. The default value is replication_password.

Listing 6.12 Example for custom_values.yaml values file to configure external PostgreSQL database

global:
  postgresql:
    connection:
      host: "postgres.db.example.com"
      port: 5432
postgresql:
  enabled: false
  auth:
    existingSecret: "Your secret"
    username: "Your username"
    secretKeys:
      adminPasswordKey: "Your secret key name for the administrator password."
      userPasswordKey: "Your secret key name for the user password."
      replicationPasswordKey: "Your secret key name for the replication password."

6.4.2. Define custom database names

The default deployment of Nubus for Kubernetes creates databases with the following names:

• guardian

• keycloak

• keycloak_extensions

• notificationsapi

• selfservice

To define custom database names, add the content from Listing 6.13 to your custom_values.yaml. Replace custom_name_for_* with your respective values for the database name.

Important

You need to follow the lexical structure for identifiers and keywords for PostgreSQL database names. Otherwise, the database setup fails, which has subsequent consequences to the Nubus deployment. Database names are identifiers. See Identifiers and Key Words in PostgreSQL 15.8 Documentation [4].

Listing 6.13 Define custom database names for PostgreSQL databases used by Nubus

nubusGuardian:
  postgresql:
    auth:
      database: "custom_name_for_guardian"

keycloak:
  postgresql:
    auth:
      database: "custom_name_for_keycloak"

nubusKeycloakExtensions:
  postgresql:
    auth:
      database: "custom_name_for_keycloak_extensions"

nubusNotificationsApi:
  postgresql:
    auth:
      database: "custom_name_for_notifications_api"

nubusUmcServer:
  postgresql:
    auth:
      database: "custom_name_for_selfservice"

Tip

To lookup the database names in your cluster:

1. Render the Helm Chart template as described in Render Helm Chart template.

2. Look for the ConfigMap with metadata.name: "release-name-postgresql-provisioning".

3. You find the list of database names in the ConfigMap data.databases.list.