Adding database containers to the Application Template
Best practices for running your application's database in a container
This document should cover the basics for adding a database to your application.
A few caveats that come with running databases in containers:
- Containers and pods in Kubernetes can be restarted, deleted, or moved at any time, so you should not rely on them for any critical services.
- Containers are ephemeral and can move around, so it is vital to use a persistent storage volume so that restarting a container does not erase the database. We mitigate this risk by recommending you use a Stateful Set with
stateful: true
. - Kubernetes may start a container before the database is completely initialized or ready, so you should use readiness probes to ensure deployments wait for the database to be ready to receive traffic.
- Passwords can be randomized and the database connections should be kept internal only so that external people cannot access the data or store their own data in your tables, even if it is a test database.
services:
- name: db
image: public.ecr.aws/lts/postgres:12-20.04_edge
stateful: true
volumes:
- type: persistent
name: db_data
mount_path: "/var/lib/postgresql/data"
ports:
- type: container_port
port: '5432'
readiness_probe:
exec:
command:
- psql
- "-h"
- localhost
- "-U"
- postgres
- "-c"
- SELECT 1
period_seconds: 2
timeout_seconds: 2
failure_threshold: 30
storage:
size: 10Gi
mapping:
DATABASE_URL: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB}"
services:
db:
- key: POSTGRES_PASSWORD
value: secretPassword
secret: true
- key: POSTGRES_USER
value: postgres
- key: POSTGRES_DB
value: postgres
- key: POSTGRES_HOST_AUTH_METHOD
value: trust
- key: PGDATA
value: "/var/lib/postgresql/data/pgdata"
- name: db
image: mysql:5.7
stateful: true
volumes:
- type: persistent
name: db_data
mount_path: "/var/lib/mysql"
ports:
- type: container_port
port: '5432'
liveness_probe:
exec:
command: ["mysqladmin", "ping"]
initial_delay_seconds: 30
period_seconds: 10
timeout_seconds: 5
failure_threshold: 10
readiness_probe:
exec:
# Check we can execute queries over TCP (skip-networking is off).
command: ["mysql", "-h", "127.0.0.1", "-e", "SELECT 1"]
initial_delay_seconds: 5
period_seconds: 2
timeout_seconds: 1
failure_threshold: 30
storage:
size: 10Gi
services:
db:
- name: MYSQL_ALLOW_EMPTY_PASSWORD
value: "1"
- Change the value for
name:
to a more specific name if you have more than one database. This is especially important for App Imports. - Change the value for
image:
to match the version number of the database you want and the Cloud provider you use. See AWS Public Gallery, Dockerhub Registries, and GCP registry. When using DockerHub or a private registry, be sure to configure the integrations with your credentials.
Last modified 3d ago