apiVersion: apps/v1
kind: Deployment
metadata:
  name: pgpool
spec:
  replicas: 1
  selector:
    matchLabels:
      app: pgpool
  template:
    metadata:
      labels:
        app: pgpool
    spec:
      containers:
      - name: pgpool
        image: pgpool/pgpool
        env:
        - name: POSTGRES_USERNAME
          valueFrom:
            secretKeyRef:
              name: mypostgres-postgres-secret
              key: username
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mypostgres-postgres-secret
              key: password
        - name: PGPOOL_PASSWORD_ENCRYPTION_METHOD
          value: "scram-sha-256"
        - name: PGPOOL_ENABLE_POOL_PASSWD
          value: "true"
        - name: PGPOOL_SKIP_PASSWORD_ENCRYPTION
          value: "false"
        # The following settings are not required when not using the Pgpool-II PCP command.
        # To enable the following settings, you must define a secret that stores the PCP user's
        # username and password.
        #- name: PGPOOL_PCP_USER
        #  valueFrom:
        #    secretKeyRef:
        #      name: pgpool-pcp-secret
        #      key: username
        #- name: PGPOOL_PCP_PASSWORD
        #  valueFrom:
        #    secretKeyRef:
        #      name: pgpool-pcp-secret
        #      key: password
        volumeMounts:
        - name: pgpool-config
          mountPath: /config
        #- name: pgpool-tls
        #  mountPath: /config/tls
      volumes:
      - name: pgpool-config
        configMap:
          name: pgpool-config
      # Configure your own TLS certificate.
      # If not set, Pgpool-II will automatically generate the TLS certificate if ssl = on.
      #- name: pgpool-tls
      #  secret:
      #    secretName: pgpool-tls
---
apiVersion: v1
kind: Service
metadata:
  name: pgpool
spec:
  selector:
    app: pgpool
  ports:
  - name: pgpool-port
    protocol: TCP
    port: 9999
    targetPort: 9999