diff --git a/charts/postgres-operator/Chart.yaml b/charts/postgres-operator/Chart.yaml index 03025ca..1ba6c67 100644 --- a/charts/postgres-operator/Chart.yaml +++ b/charts/postgres-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 name: postgres-operator description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes -version: 1.10.1 -appVersion: 1.10.0 +version: 1.11.0 +appVersion: 1.11.0 home: https://github.com/zalando/postgres-operator sources: - https://github.com/zalando/postgres-operator diff --git a/charts/postgres-operator/crds/operatorconfigurations.yaml b/charts/postgres-operator/crds/operatorconfigurations.yaml index 46d135f..b10be55 100644 --- a/charts/postgres-operator/crds/operatorconfigurations.yaml +++ b/charts/postgres-operator/crds/operatorconfigurations.yaml @@ -68,7 +68,7 @@ spec: type: string docker_image: type: string - default: "ghcr.io/zalando/spilo-15:3.0-p1" + default: "ghcr.io/zalando/spilo-16:3.2-p2" enable_crd_registration: type: boolean default: true @@ -167,10 +167,10 @@ spec: type: string minimal_major_version: type: string - default: "11" + default: "12" target_major_version: type: string - default: "15" + default: "16" kubernetes: type: object properties: @@ -205,9 +205,15 @@ spec: enable_cross_namespace_secret: type: boolean default: false + enable_finalizers: + type: boolean + default: false enable_init_containers: type: boolean default: true + enable_persistent_volume_claim_deletion: + type: boolean + default: true enable_pod_antiaffinity: type: boolean default: false @@ -278,6 +284,19 @@ spec: pdb_name_format: type: string default: "postgres-{cluster}-pdb" + persistent_volume_claim_retention_policy: + type: object + properties: + when_deleted: + type: string + enum: + - "delete" + - "retain" + when_scaled: + type: string + enum: + - "delete" + - "retain" pod_antiaffinity_preferred_during_scheduling: type: boolean default: false @@ -349,19 +368,15 @@ spec: default_cpu_limit: type: string pattern: '^(\d+m|\d+(\.\d{1,3})?)$' - default: "1" default_cpu_request: type: string pattern: '^(\d+m|\d+(\.\d{1,3})?)$' - default: "100m" default_memory_limit: type: string pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' - default: "500Mi" default_memory_request: type: string pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' - default: "100Mi" max_cpu_request: type: string pattern: '^(\d+m|\d+(\.\d{1,3})?)$' @@ -371,11 +386,9 @@ spec: min_cpu_limit: type: string pattern: '^(\d+m|\d+(\.\d{1,3})?)$' - default: "250m" min_memory_limit: type: string pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' - default: "250Mi" timeouts: type: object properties: @@ -489,7 +502,7 @@ spec: pattern: '^(\d+m|\d+(\.\d{1,3})?)$' logical_backup_docker_image: type: string - default: "registry.opensource.zalan.do/acid/logical-backup:v1.10.0" + default: "registry.opensource.zalan.do/acid/logical-backup:v1.11.0" logical_backup_google_application_credentials: type: string logical_backup_job_prefix: @@ -526,6 +539,8 @@ spec: type: string pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$' default: "30 00 * * *" + logical_backup_cronjob_environment_secret: + type: string debug: type: object properties: @@ -637,7 +652,7 @@ spec: default: "pooler" connection_pooler_image: type: string - default: "registry.opensource.zalan.do/acid/pgbouncer:master-27" + default: "registry.opensource.zalan.do/acid/pgbouncer:master-32" connection_pooler_max_db_connections: type: integer default: 60 @@ -654,19 +669,15 @@ spec: connection_pooler_default_cpu_limit: type: string pattern: '^(\d+m|\d+(\.\d{1,3})?)$' - default: "1" connection_pooler_default_cpu_request: type: string pattern: '^(\d+m|\d+(\.\d{1,3})?)$' - default: "500m" connection_pooler_default_memory_limit: type: string pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' - default: "100Mi" connection_pooler_default_memory_request: type: string pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' - default: "100Mi" patroni: type: object properties: diff --git a/charts/postgres-operator/crds/postgresqls.yaml b/charts/postgres-operator/crds/postgresqls.yaml index 6f938cf..fcb278c 100644 --- a/charts/postgres-operator/crds/postgresqls.yaml +++ b/charts/postgres-operator/crds/postgresqls.yaml @@ -371,12 +371,12 @@ spec: version: type: string enum: - - "10" - "11" - "12" - "13" - "14" - "15" + - "16" parameters: type: object additionalProperties: @@ -441,6 +441,12 @@ spec: pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' # Note: the value specified here must not be zero or be higher # than the corresponding limit. + hugepages-2Mi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + hugepages-1Gi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' requests: type: object properties: @@ -450,6 +456,12 @@ spec: memory: type: string pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + hugepages-2Mi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + hugepages-1Gi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' schedulerName: type: string serviceAnnotations: @@ -501,6 +513,8 @@ spec: type: integer database: type: string + enableRecovery: + type: boolean filter: type: object additionalProperties: @@ -518,6 +532,8 @@ spec: type: string payloadColumn: type: string + recoveryEventType: + type: string teamId: type: string tls: @@ -596,6 +612,11 @@ spec: - SUPERUSER - nosuperuser - NOSUPERUSER + usersIgnoringSecretRotation: + type: array + nullable: true + items: + type: string usersWithInPlaceSecretRotation: type: array nullable: true diff --git a/charts/postgres-operator/templates/_helpers.tpl b/charts/postgres-operator/templates/_helpers.tpl index e496707..86d2ed3 100644 --- a/charts/postgres-operator/templates/_helpers.tpl +++ b/charts/postgres-operator/templates/_helpers.tpl @@ -38,6 +38,13 @@ Create a pod service account name. {{ default (printf "%s-%v" (include "postgres-operator.fullname" .) "pod") .Values.podServiceAccount.name }} {{- end -}} +{{/* +Create a pod priority class name. +*/}} +{{- define "postgres-pod.priorityClassName" -}} +{{ default (printf "%s-%v" (include "postgres-operator.fullname" .) "pod") .Values.podPriorityClassName.name }} +{{- end -}} + {{/* Create a controller ID. */}} diff --git a/charts/postgres-operator/templates/operatorconfiguration.yaml b/charts/postgres-operator/templates/operatorconfiguration.yaml index 5b7449e..db3a62d 100644 --- a/charts/postgres-operator/templates/operatorconfiguration.yaml +++ b/charts/postgres-operator/templates/operatorconfiguration.yaml @@ -1,4 +1,4 @@ -apiVersion: acid.zalan.do/v1 +apiVersion: "acid.zalan.do/v1" kind: OperatorConfiguration metadata: name: {{ template "postgres-operator.fullname" . }} @@ -15,8 +15,8 @@ configuration: major_version_upgrade: {{ toYaml .Values.configMajorVersionUpgrade | indent 4 }} kubernetes: - {{- if .Values.podPriorityClassName }} - pod_priority_class_name: {{ .Values.podPriorityClassName }} + {{- if .Values.podPriorityClassName.name }} + pod_priority_class_name: {{ .Values.podPriorityClassName.name }} {{- end }} pod_service_account_name: {{ include "postgres-pod.serviceAccountName" . }} oauth_token_secret_name: {{ template "postgres-operator.fullname" . }} diff --git a/charts/postgres-operator/templates/postgres-pod-priority-class.yaml b/charts/postgres-operator/templates/postgres-pod-priority-class.yaml index 583639e..d444b28 100644 --- a/charts/postgres-operator/templates/postgres-pod-priority-class.yaml +++ b/charts/postgres-operator/templates/postgres-pod-priority-class.yaml @@ -1,4 +1,4 @@ -{{- if .Values.podPriorityClassName }} +{{- if .Values.podPriorityClassName.create }} apiVersion: scheduling.k8s.io/v1 description: 'Use only for databases controlled by Postgres operator' kind: PriorityClass @@ -8,9 +8,9 @@ metadata: helm.sh/chart: {{ template "postgres-operator.chart" . }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} - name: {{ .Values.podPriorityClassName }} + name: {{ include "postgres-pod.priorityClassName" . }} namespace: {{ .Release.Namespace }} preemptionPolicy: PreemptLowerPriority globalDefault: false -value: 1000000 -{{- end }} +value: {{ .Values.podPriorityClassName.priority }} +{{- end }} \ No newline at end of file diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index 240666c..5f9dcc5 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -1,14 +1,14 @@ image: registry: registry.opensource.zalan.do repository: acid/postgres-operator - tag: v1.10.0 + tag: v1.11.0 pullPolicy: "IfNotPresent" - # Optionally specify an array of imagePullSecrets. - # Secrets must be manually created in the namespace. - # ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod - # imagePullSecrets: - # - name: myRegistryKeySecretName +# Optionally specify an array of imagePullSecrets. +# Secrets must be manually created in the namespace. +# ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod +# imagePullSecrets: +# - name: myRegistryKeySecretName podAnnotations: {} podLabels: {} @@ -36,7 +36,7 @@ configGeneral: # etcd connection string for Patroni. Empty uses K8s-native DCS. etcd_host: "" # Spilo docker image - docker_image: ghcr.io/zalando/spilo-15:3.0-p1 + docker_image: ghcr.io/zalando/spilo-16:3.2-p2 # key name for annotation to ignore globally configured instance limits # ignore_instance_limits_annotation_key: "" @@ -87,9 +87,9 @@ configMajorVersionUpgrade: # - acid # minimal Postgres major version that will not automatically be upgraded - minimal_major_version: "11" + minimal_major_version: "12" # target Postgres major version when upgrading clusters automatically - target_major_version: "15" + target_major_version: "16" configKubernetes: # list of additional capabilities for postgres container @@ -121,8 +121,14 @@ configKubernetes: # allow user secrets in other namespaces than the Postgres cluster enable_cross_namespace_secret: false + # use finalizers to ensure all managed resources are deleted prior to the postgresql CR + # this avoids stale resources in case the operator misses a delete event or is not running + # during deletion + enable_finalizers: false # enables initContainers to run actions before Spilo is started enable_init_containers: true + # toggles if operator should delete PVCs on cluster deletion + enable_persistent_volume_claim_deletion: true # toggles pod anti affinity on the Postgres pods enable_pod_antiaffinity: false # toggles PDB to set to MinAvailabe 0 or 1 @@ -163,6 +169,10 @@ configKubernetes: # defines the template for PDB (Pod Disruption Budget) names pdb_name_format: "postgres-{cluster}-pdb" + # specify the PVC retention policy when scaling down and/or deleting + persistent_volume_claim_retention_policy: + when_deleted: "retain" + when_scaled: "retain" # switches pod anti affinity type to `preferredDuringSchedulingIgnoredDuringExecution` pod_antiaffinity_preferred_during_scheduling: false # override topology key for pod anti affinity @@ -346,7 +356,7 @@ configLogicalBackup: # logical_backup_memory_request: "" # image for pods of the logical backup job (example runs pg_dumpall) - logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.10.0" + logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.11.0" # path of google cloud service account json file # logical_backup_google_application_credentials: "" @@ -370,6 +380,8 @@ configLogicalBackup: logical_backup_s3_retention_time: "" # backup schedule in the cron format logical_backup_schedule: "30 00 * * *" + # secret to be used as reference for env variables in cronjob + logical_backup_cronjob_environment_secret: "" # automate creation of human users with teams API service configTeamsApi: @@ -414,7 +426,7 @@ configConnectionPooler: # db user for pooler to use connection_pooler_user: "pooler" # docker image - connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-27" + connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-32" # max db connections the pooler should hold connection_pooler_max_db_connections: 60 # default pooling mode @@ -456,7 +468,14 @@ podServiceAccount: priorityClassName: "" # priority class for database pods -podPriorityClassName: "" +podPriorityClassName: + # If create is false with no name set, no podPriorityClassName is specified. + # Hence, the pod priorityClass is the one with globalDefault set. + # If there is no PriorityClass with globalDefault set, the priority of Pods with no priorityClassName is zero. + create: true + # If not set a name is generated using the fullname template and "-pod" suffix + name: "" + priority: 1000000 resources: limits: