Skip to content

update to 1.9 (cpo 0.5.0) #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 2, 2023
Merged

update to 1.9 (cpo 0.5.0) #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 45 additions & 5 deletions setup/helm/operator/crds/operatorconfiguration.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ spec:
type: string
docker_image:
type: string
default: "registry.opensource.zalan.do/acid/spilo-14:2.1-p7"
default: "ghcr.io/zalando/spilo-15:2.1-p9"
enable_crd_registration:
type: boolean
default: true
Expand Down Expand Up @@ -165,10 +165,10 @@ spec:
type: string
minimal_major_version:
type: string
default: "9.6"
default: "11"
target_major_version:
type: string
default: "14"
default: "15"
kubernetes:
type: object
properties:
Expand Down Expand Up @@ -276,6 +276,9 @@ spec:
pdb_name_format:
type: string
default: "postgres-{cluster}-pdb"
pod_antiaffinity_preferred_during_scheduling:
type: boolean
default: false
pod_antiaffinity_topology_key:
type: string
default: "kubernetes.io/hostname"
Expand Down Expand Up @@ -309,6 +312,9 @@ spec:
secret_name_template:
type: string
default: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
share_pgsocket_with_sidecars:
type: boolean
default: false
spilo_allow_privilege_escalation:
type: boolean
default: true
Expand Down Expand Up @@ -426,9 +432,15 @@ spec:
master_dns_name_format:
type: string
default: "{cluster}.{namespace}.{hostedzone}"
master_legacy_dns_name_format:
type: string
default: "{cluster}.{team}.{hostedzone}"
replica_dns_name_format:
type: string
default: "{cluster}-repl.{namespace}.{hostedzone}"
replica_legacy_dns_name_format:
type: string
default: "{cluster}-repl.{team}.{hostedzone}"
aws_or_gcp:
type: object
properties:
Expand Down Expand Up @@ -461,16 +473,38 @@ spec:
logical_backup:
type: object
properties:
logical_backup_azure_storage_account_name:
type: string
logical_backup_azure_storage_container:
type: string
logical_backup_azure_storage_account_key:
type: string
logical_backup_cpu_limit:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
logical_backup_cpu_request:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
logical_backup_docker_image:
type: string
default: "registry.opensource.zalan.do/acid/logical-backup:v1.8.2"
default: "registry.opensource.zalan.do/acid/logical-backup:v1.9.0"
logical_backup_google_application_credentials:
type: string
logical_backup_job_prefix:
type: string
default: "logical-backup-"
logical_backup_memory_limit:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
logical_backup_memory_request:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
logical_backup_provider:
type: string
enum:
- "az"
- "gcs"
- "s3"
default: "s3"
logical_backup_s3_access_key_id:
type: string
Expand Down Expand Up @@ -601,7 +635,7 @@ spec:
default: "pooler"
connection_pooler_image:
type: string
default: "registry.opensource.zalan.do/acid/pgbouncer:master-24"
default: "registry.opensource.zalan.do/acid/pgbouncer:master-26"
connection_pooler_max_db_connections:
type: integer
default: 60
Expand Down Expand Up @@ -631,6 +665,12 @@ spec:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "100Mi"
patroni:
type: object
properties:
failsafe_mode:
type: boolean
default: false
status:
type: object
additionalProperties:
Expand Down
146 changes: 146 additions & 0 deletions setup/helm/operator/crds/postgresql.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -213,6 +213,121 @@ spec:
items:
type: object
x-kubernetes-preserve-unknown-fields: true
topologySpreadConstraints:
description: 'Topology spread constraints of a Dedicated
repo host pod. Changing this value causes the repo host
to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/'
items:
description: TopologySpreadConstraint specifies how
to spread matching pods among the given topology.
properties:
labelSelector:
description: LabelSelector is used to find matching
pods. Pods that match this label selector are
counted to determine the number of pods in their
corresponding topology domain.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are
ANDed.
items:
description: A label selector requirement
is a selector that contains values, a key,
and an operator that relates the key and
values.
properties:
key:
description: key is the label key that
the selector applies to.
type: string
operator:
description: operator represents a key's
relationship to a set of values. Valid
operators are In, NotIn, Exists and
DoesNotExist.
type: string
values:
description: values is an array of string
values. If the operator is In or NotIn,
the values array must be non-empty.
If the operator is Exists or DoesNotExist,
the values array must be empty. This
array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value}
pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is
"In", and the values array contains only "value".
The requirements are ANDed.
type: object
type: object
maxSkew:
description: 'MaxSkew describes the degree to which
pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
it is the maximum permitted difference between
the number of matching pods in the target topology
and the global minimum. For example, in a 3-zone
cluster, MaxSkew is set to 1, and pods with the
same labelSelector spread as 1/1/0: | zone1 |
zone2 | zone3 | | P | P | | - if
MaxSkew is 1, incoming pod can only be scheduled
to zone3 to become 1/1/1; scheduling it onto zone1(zone2)
would make the ActualSkew(2-0) on zone1(zone2)
violate MaxSkew(1). - if MaxSkew is 2, incoming
pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
it is used to give higher precedence to topologies
that satisfy it. It''s a required field. Default
value is 1 and 0 is not allowed.'
format: int32
type: integer
topologyKey:
description: TopologyKey is the key of node labels.
Nodes that have a label with this key and identical
values are considered to be in the same topology.
We consider each <key, value> as a "bucket", and
try to put balanced number of pods into each bucket.
It's a required field.
type: string
whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to
deal with a pod if it doesn''t satisfy the spread
constraint. - DoNotSchedule (default) tells the
scheduler not to schedule it. - ScheduleAnyway
tells the scheduler to schedule the pod in any
location, but giving higher precedence to topologies
that would help reduce the skew. A constraint
is considered "Unsatisfiable" for an incoming
pod if and only if every possible node assigment
for that pod would violate "MaxSkew" on some topology.
For example, in a 3-zone cluster, MaxSkew is set
to 1, and pods with the same labelSelector spread
as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P |
If WhenUnsatisfiable is set to DoNotSchedule,
incoming pod can only be scheduled to zone2(zone3)
to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3)
satisfies MaxSkew(1). In other words, the cluster
can still be imbalanced, but scheduler won''t
make it *more* imbalanced. It''s a required field.'
type: string
required:
- maxSkew
- topologyKey
- whenUnsatisfiable
type: object
type: array
logicalBackupSchedule:
type: string
pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$'
Expand All @@ -221,6 +336,10 @@ spec:
items:
type: string
pattern: '^\ *((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\d):([0-5]?\d)|(2[0-3]|[01]?\d):([0-5]?\d))-((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\d):([0-5]?\d)|(2[0-3]|[01]?\d):([0-5]?\d))\ *$'
masterServiceAnnotations:
type: object
additionalProperties:
type: string
nodeAffinity:
type: object
properties:
Expand Down Expand Up @@ -318,6 +437,8 @@ spec:
patroni:
type: object
properties:
failsafe_mode:
type: boolean
initdb:
type: object
additionalProperties:
Expand Down Expand Up @@ -398,6 +519,10 @@ spec:
replicaLoadBalancer:
type: boolean
description: deprecated
replicaServiceAnnotations:
type: object
additionalProperties:
type: string
resources:
type: object
properties:
Expand Down Expand Up @@ -708,6 +833,27 @@ spec:
type: array
items:
type: string
resources:
type: object
properties:
limits:
type: object
properties:
cpu:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
memory:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
requests:
type: object
properties:
cpu:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
memory:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
required:
- image
- repos
Expand Down
49 changes: 20 additions & 29 deletions setup/helm/operator/templates/operator-service-account-rbac-openshift.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: postgres-operator
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.operatorSettings.operator_namespace }}

---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -210,6 +210,15 @@ rules:
verbs:
- get
- create
# to grant privilege to run privileged pods (not needed by default)
#- apiGroups:
# - extensions
# resources:
# - podsecuritypolicies
# resourceNames:
# - privileged
# verbs:
# - use

---
apiVersion: rbac.authorization.k8s.io/v1
Expand All @@ -223,14 +232,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: postgres-operator
namespace: {{ .Release.Namespace }}

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: postgres-pod
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.operatorSettings.operator_namespace }}

---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -270,23 +272,12 @@ rules:
- services
verbs:
- create
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: postgres-pod
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: postgres-pod
subjects:
- kind: ServiceAccount
name: postgres-pod
namespace: {{ .Release.Namespace }}
# to grant privilege to run privileged pods (not needed by default)
#- apiGroups:
# - extensions
# resources:
# - podsecuritypolicies
# resourceNames:
# - privileged
# verbs:
# - use
5 changes: 4 additions & 1 deletion setup/helm/operator/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ imagePullSecretNames: []

# Define the operator settings to add to the configmap
operatorSettings:
operatorImage: 'docker.io/cybertecpostgresql/cybertec-pg-operator:0.3.0-1'
operatorImage: 'docker.io/cybertecpostgresql/cybertec-pg-operator:0.5.0-2'
namespace: '*'
enable_pod_antiaffinity: 'true'
operator_namespace: 'zalando'