Skip to main content

Adding a Database

Need a datastore for your application? You can drop these snippets into an app definition and adjust names to suit your environment to get started.

PostgreSQL with Persistent EFS Backing

This service uses the AWS EFS CSI storage class for durable storage and locks the pod UID/GID to 999 so the mounted directory remains writable across restarts.

shared_volumes:
  - name: postgres-data
    type: persistent
    size: 50Gi
    storage_class: efs-uid999-sc

services:
  - name: postgres
    image: public.ecr.aws/docker/library/postgres:16-alpine
    ports:
      - containerPort: 5432
    env:
      - name: POSTGRES_DB
        value: postgres
      - name: POSTGRES_USER
        value: postgres
      - name: POSTGRES_HOST_AUTH_METHOD
        value: host
      - name: PGDATA
        value: /pgdata/data
    securityContext:
      runAsUser: 999
      runAsGroup: 999
    resources:
      requests:
        cpu: '1'
        memory: 1Gi
      limits:
        cpu: '1'
        memory: 1Gi
    volumes:
      - name: postgres-data-mount
        mount_path: /pgdata
        claim: postgres-data
note

efs-uid999-sc is a storage class designated to work with greyhound environments. It has a fixed UID/GID combination of 999 rather than an dynamically incrementing one. This is required by the Postgres docker containers (and possibly others). You must also use 999 as the user and group in your pod securityContext to match.

  • POSTGRES_PASSWORD points at a Kubernetes secret; replace or seed the secret provider that backs app-postgres.
  • PGDATA targets an empty directory inside the mounted volume so PostgreSQL skips the default path that ships in the container image.
  • Tune resources.requests and resources.limits to match expected workload size.

Valkey (Redis-Compatible) Ephemeral Cache

Valkey can run without persistence. This snippet sticks to the public ECR image and exposes the standard port.

services:
  - name: valkey
    image: public.ecr.aws/docker/library/valkey:7.2-alpine
    ports:
      - containerPort: 6379
    env:
      - name: VALKEY_DATABASES
        value: '16'
      - name: VALKEY_MAXMEMORY
        value: 256mb
    command:
      - sh
      - -c
      - |
        valkey-server \
          --appendonly no \
          --save "" \
          --protected-mode yes
    resources:
      requests:
        cpu: '1'
        memory: 1Gi
      limits:
        cpu: '1'
        memory: 1Gi
  • Remove the command override if you want Valkey's default snapshotting behavior.
  • Inject passwords with requirepass in the command or attach a secret-derived config if you need AUTH enforcement.