diff --git a/charts/postgres-operator/Chart.yaml b/charts/postgres-operator/Chart.yaml index 160a39c..c45c61e 100644 --- a/charts/postgres-operator/Chart.yaml +++ b/charts/postgres-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 name: postgres-operator description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes -version: 1.6.3 -appVersion: 1.6.3 +version: 1.7.0 +appVersion: 1.7.0 home: https://github.com/zalando/postgres-operator sources: - https://github.com/zalando/postgres-operator diff --git a/charts/postgres-operator/README.md b/charts/postgres-operator/README.md index fd41c03..ee4291b 100644 --- a/charts/postgres-operator/README.md +++ b/charts/postgres-operator/README.md @@ -38,7 +38,7 @@ The following table lists the configurable parameters of the Postgres-operator c | ------------------------ | ----------------------- | -------------- | | `image.registry` | | `"registry.opensource.zalan.do"` | | `image.repository` | | `"acid/postgres-operator"` | -| `image.tag` | | `"v1.6.3"` | +| `image.tag` | | `"v1.7.0"` | | `image.pullPolicy` | | `"IfNotPresent"` | | `podAnnotations` | | `{}` | | `podLabels` | | `{}` | @@ -49,7 +49,7 @@ The following table lists the configurable parameters of the Postgres-operator c | `configGeneral.enable_shm_volume` | | `true` | | `configGeneral.enable_spilo_wal_path_compat` | | `false` | | `configGeneral.etcd_host` | | `""` | -| `configGeneral.docker_image` | | `"registry.opensource.zalan.do/acid/spilo-13:2.0-p7"` | +| `configGeneral.docker_image` | | `"registry.opensource.zalan.do/acid/spilo-13:2.1-p1"` | | `configGeneral.min_instances` | | `-1` | | `configGeneral.max_instances` | | `-1` | | `configGeneral.repair_period` | | `"5m"` | @@ -63,6 +63,7 @@ The following table lists the configurable parameters of the Postgres-operator c | `configKubernetes.cluster_domain` | | `"cluster.local"` | | `configKubernetes.cluster_labels.application` | | `"spilo"` | | `configKubernetes.cluster_name_label` | | `"cluster-name"` | +| `configKubernetes.enable_cross_namespace_secret` | | `false` | | `configKubernetes.enable_init_containers` | | `true` | | `configKubernetes.enable_pod_antiaffinity` | | `false` | | `configKubernetes.enable_pod_disruption_budget` | | `true` | @@ -102,7 +103,7 @@ The following table lists the configurable parameters of the Postgres-operator c | `configLoggingRestApi.ring_log_lines` | | `100` | | `configAwsOrGcp.aws_region` | | `"eu-central-1"` | | `configAwsOrGcp.enable_ebs_gp3_migration` | | `false` | -| `configLogicalBackup.logical_backup_docker_image` | | `"registry.opensource.zalan.do/acid/logical-backup:v1.6.3"` | +| `configLogicalBackup.logical_backup_docker_image` | | `"registry.opensource.zalan.do/acid/logical-backup:v1.7.0"` | | `configLogicalBackup.logical_backup_job_prefix` | | `"logical-backup-"` | | `configLogicalBackup.logical_backup_provider` | | `"s3"` | | `configLogicalBackup.logical_backup_s3_access_key_id` | | `""` | @@ -126,7 +127,7 @@ The following table lists the configurable parameters of the Postgres-operator c | `configTeamsApi.team_api_role_configuration.log_statement` | | `"all"` | | `configConnectionPooler.connection_pooler_schema` | | `"pooler"` | | `configConnectionPooler.connection_pooler_user` | | `"pooler"` | -| `configConnectionPooler.connection_pooler_image` | | `"registry.opensource.zalan.do/acid/pgbouncer:master-16"` | +| `configConnectionPooler.connection_pooler_image` | | `"registry.opensource.zalan.do/acid/pgbouncer:master-18"` | | `configConnectionPooler.connection_pooler_max_db_connections` | | `60` | | `configConnectionPooler.connection_pooler_mode` | | `"transaction"` | | `configConnectionPooler.connection_pooler_number_of_instances` | | `2` | diff --git a/charts/postgres-operator/crds/operatorconfigurations.yaml b/charts/postgres-operator/crds/operatorconfigurations.yaml index 82a737a..c29ab30 100644 --- a/charts/postgres-operator/crds/operatorconfigurations.yaml +++ b/charts/postgres-operator/crds/operatorconfigurations.yaml @@ -65,7 +65,7 @@ spec: properties: docker_image: type: string - default: "registry.opensource.zalan.do/acid/spilo-13:2.0-p7" + default: "registry.opensource.zalan.do/acid/spilo-13:2.1-p1" enable_crd_validation: type: boolean default: true @@ -173,6 +173,9 @@ spec: enable_init_containers: type: boolean default: true + enable_cross_namespace_secret: + type: boolean + default: false enable_pod_antiaffinity: type: boolean default: false @@ -392,12 +395,14 @@ spec: type: string wal_s3_bucket: type: string + wal_az_storage_account: + type: string logical_backup: type: object properties: logical_backup_docker_image: type: string - default: "registry.opensource.zalan.do/acid/logical-backup:v1.6.3" + default: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0" logical_backup_google_application_credentials: type: string logical_backup_job_prefix: @@ -532,7 +537,7 @@ spec: default: "pooler" connection_pooler_image: type: string - default: "registry.opensource.zalan.do/acid/pgbouncer:master-16" + default: "registry.opensource.zalan.do/acid/pgbouncer:master-18" connection_pooler_max_db_connections: type: integer default: 60 diff --git a/charts/postgres-operator/crds/postgresqls.yaml b/charts/postgres-operator/crds/postgresqls.yaml index aead7fe..4f97a29 100644 --- a/charts/postgres-operator/crds/postgresqls.yaml +++ b/charts/postgres-operator/crds/postgresqls.yaml @@ -223,6 +223,97 @@ spec: items: type: string pattern: '^\ *((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\d):([0-5]?\d)|(2[0-3]|[01]?\d):([0-5]?\d))-((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\d):([0-5]?\d)|(2[0-3]|[01]?\d):([0-5]?\d))\ *$' + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + required: + - weight + - preference + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + format: int32 + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string numberOfInstances: type: integer minimum: 0 @@ -303,6 +394,8 @@ spec: type: boolean defaultRoles: type: boolean + secretNamespace: + type: string replicaLoadBalancer: # deprecated type: boolean resources: @@ -396,97 +489,6 @@ spec: type: string caSecretName: type: string - nodeAffinity: - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - type: array - items: - type: object - required: - - weight - - preference - properties: - preference: - type: object - properties: - matchExpressions: - type: array - items: - type: object - required: - - key - - operator - properties: - key: - type: string - operator: - type: string - values: - type: array - items: - type: string - matchFields: - type: array - items: - type: object - required: - - key - - operator - properties: - key: - type: string - operator: - type: string - values: - type: array - items: - type: string - weight: - format: int32 - type: integer - requiredDuringSchedulingIgnoredDuringExecution: - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - type: array - items: - type: object - properties: - matchExpressions: - type: array - items: - type: object - required: - - key - - operator - properties: - key: - type: string - operator: - type: string - values: - type: array - items: - type: string - matchFields: - type: array - items: - type: object - required: - - key - - operator - properties: - key: - type: string - operator: - type: string - values: - type: array - items: - type: string tolerations: type: array items: @@ -559,6 +561,24 @@ spec: properties: iops: type: integer + selector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object size: type: string pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' diff --git a/charts/postgres-operator/templates/deployment.yaml b/charts/postgres-operator/templates/deployment.yaml index c84e0dd..a3dabc7 100644 --- a/charts/postgres-operator/templates/deployment.yaml +++ b/charts/postgres-operator/templates/deployment.yaml @@ -7,6 +7,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} name: {{ template "postgres-operator.fullname" . }} + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/charts/postgres-operator/templates/operatorconfiguration.yaml b/charts/postgres-operator/templates/operatorconfiguration.yaml index c160691..61ce30e 100644 --- a/charts/postgres-operator/templates/operatorconfiguration.yaml +++ b/charts/postgres-operator/templates/operatorconfiguration.yaml @@ -2,6 +2,7 @@ apiVersion: acid.zalan.do/v1 kind: OperatorConfiguration metadata: name: {{ template "postgres-operator.fullname" . }} + namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: {{ template "postgres-operator.name" . }} helm.sh/chart: {{ template "postgres-operator.chart" . }} diff --git a/charts/postgres-operator/templates/postgres-pod-priority-class.yaml b/charts/postgres-operator/templates/postgres-pod-priority-class.yaml index 7ee0f2e..583639e 100644 --- a/charts/postgres-operator/templates/postgres-pod-priority-class.yaml +++ b/charts/postgres-operator/templates/postgres-pod-priority-class.yaml @@ -9,6 +9,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} name: {{ .Values.podPriorityClassName }} + namespace: {{ .Release.Namespace }} preemptionPolicy: PreemptLowerPriority globalDefault: false value: 1000000 diff --git a/charts/postgres-operator/templates/service.yaml b/charts/postgres-operator/templates/service.yaml index 38ea9a0..c1b5274 100644 --- a/charts/postgres-operator/templates/service.yaml +++ b/charts/postgres-operator/templates/service.yaml @@ -7,6 +7,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} name: {{ template "postgres-operator.fullname" . }} + namespace: {{ .Release.Namespace }} spec: type: ClusterIP ports: diff --git a/charts/postgres-operator/templates/serviceaccount.yaml b/charts/postgres-operator/templates/serviceaccount.yaml index e04e8ad..4f42559 100644 --- a/charts/postgres-operator/templates/serviceaccount.yaml +++ b/charts/postgres-operator/templates/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "postgres-operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: {{ template "postgres-operator.name" . }} helm.sh/chart: {{ template "postgres-operator.chart" . }} diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index bc4caf2..40f2580 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -1,7 +1,7 @@ image: registry: registry.opensource.zalan.do repository: acid/postgres-operator - tag: v1.6.3 + tag: v1.7.0 pullPolicy: "IfNotPresent" # Optionally specify an array of imagePullSecrets. @@ -33,7 +33,7 @@ configGeneral: # Select if setup uses endpoints (default), or configmaps to manage leader (DCS=k8s) # kubernetes_use_configmaps: false # Spilo docker image - docker_image: registry.opensource.zalan.do/acid/spilo-13:2.0-p7 + docker_image: registry.opensource.zalan.do/acid/spilo-13:2.1-p1 # min number of instances in Postgres cluster. -1 = no limit min_instances: -1 # max number of instances in Postgres cluster. -1 = no limit @@ -95,6 +95,8 @@ configKubernetes: # - deployment-time # - downscaler/* + # allow user secrets in other namespaces than the Postgres cluster + enable_cross_namespace_secret: false # enables initContainers to run actions before Spilo is started enable_init_containers: true # toggles pod anti affinity on the Postgres pods @@ -144,7 +146,10 @@ configKubernetes: # Postgres pods are terminated forcefully after this timeout pod_terminate_grace_period: 5m - # template for database user secrets generated by the operator + # template for database user secrets generated by the operator, + # here username contains the namespace in the format namespace.username + # if the user is in different namespace than cluster and cross namespace secrets + # are enabled via `enable_cross_namespace_secret` flag in the configuration. secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}" # set user and group for the spilo container (required to run Spilo as non-root process) # spilo_runasuser: 101 @@ -259,10 +264,13 @@ configAwsOrGcp: # GCS bucket to use for shipping WAL segments with WAL-E # wal_gs_bucket: "" + # Azure Storage Account to use for shipping WAL segments with WAL-G + # wal_az_storage_account: "" + # configure K8s cron job managed by the operator configLogicalBackup: # image for pods of the logical backup job (example runs pg_dumpall) - logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.6.3" + logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.7.0" # path of google cloud service account json file # logical_backup_google_application_credentials: "" @@ -327,7 +335,7 @@ configConnectionPooler: # db user for pooler to use connection_pooler_user: "pooler" # docker image - connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-16" + connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-18" # max db connections the pooler should hold connection_pooler_max_db_connections: 60 # default pooling mode