public_git
/
ckotzbauer_helm-charts
mirror of https://github.com/ckotzbauer/helm-charts.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
ckotzbauer_helm-charts/charts/postgres-operator/README.md

179 lines
9.8 KiB
Markdown
Raw Blame History

# Postgres-operator
Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes
Learn more: [https://github.com/zalando/postgres-operator](https://github.com/zalando/postgres-operator)
## TL;DR;
```bash
$ helm install ckotzbauer/postgres-operator
```
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install my-release ckotzbauer/postgres-operator
```
The command deploys the operator on the Kubernetes cluster using the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
## Uninstalling the Chart
To uninstall/delete the `my-release` installation:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the Postgres-operator chart and their default values.
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| image.registry | string | `"registry.opensource.zalan.do"` | |
| image.repository | string | `"acid/postgres-operator"` | |
| image.tag | string | `"v1.8.0"` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| podAnnotations | object | `{}` | |
| podLabels | object | `{}` | |
| enableJsonLogging | bool | `false` | |
| configGeneral.enable_crd_registration | bool | `true` | |
| configGeneral.crd_categories[0] | string | `"all"` | |
| configGeneral.enable_lazy_spilo_upgrade | bool | `false` | |
| configGeneral.enable_pgversion_env_var | bool | `true` | |
| configGeneral.enable_shm_volume | bool | `true` | |
| configGeneral.enable_spilo_wal_path_compat | bool | `false` | |
| configGeneral.etcd_host | string | `""` | |
| configGeneral.docker_image | string | `"registry.opensource.zalan.do/acid/spilo-14:2.1-p5"` | |
| configGeneral.min_instances | int | `-1` | |
| configGeneral.max_instances | int | `-1` | |
| configGeneral.repair_period | string | `"5m"` | |
| configGeneral.resync_period | string | `"30m"` | |
| configGeneral.workers | int | `8` | |
| configUsers.enable_password_rotation | bool | `false` | |
| configUsers.password_rotation_interval | int | `90` | |
| configUsers.password_rotation_user_retention | int | `180` | |
| configUsers.replication_username | string | `"standby"` | |
| configUsers.super_username | string | `"postgres"` | |
| configMajorVersionUpgrade.major_version_upgrade_mode | string | `"off"` | |
| configMajorVersionUpgrade.minimal_major_version | string | `"9.6"` | |
| configMajorVersionUpgrade.target_major_version | string | `"14"` | |
| configKubernetes.cluster_domain | string | `"cluster.local"` | |
| configKubernetes.cluster_labels.application | string | `"spilo"` | |
| configKubernetes.cluster_name_label | string | `"cluster-name"` | |
| configKubernetes.enable_cross_namespace_secret | bool | `false` | |
| configKubernetes.enable_init_containers | bool | `true` | |
| configKubernetes.enable_pod_antiaffinity | bool | `false` | |
| configKubernetes.enable_pod_disruption_budget | bool | `true` | |
| configKubernetes.enable_sidecars | bool | `true` | |
| configKubernetes.pdb_name_format | string | `"postgres-{cluster}-pdb"` | |
| configKubernetes.pod_antiaffinity_topology_key | string | `"kubernetes.io/hostname"` | |
| configKubernetes.pod_management_policy | string | `"ordered_ready"` | |
| configKubernetes.pod_role_label | string | `"spilo-role"` | |
| configKubernetes.pod_terminate_grace_period | string | `"5m"` | |
| configKubernetes.secret_name_template | string | `"{username}.{cluster}.credentials.{tprkind}.{tprgroup}"` | |
| configKubernetes.spilo_privileged | bool | `false` | |
| configKubernetes.spilo_allow_privilege_escalation | bool | `true` | |
| configKubernetes.storage_resize_mode | string | `"pvc"` | |
| configKubernetes.watched_namespace | string | `"*"` | |
| configPostgresPodResources.default_cpu_limit | string | `"1"` | |
| configPostgresPodResources.default_cpu_request | string | `"100m"` | |
| configPostgresPodResources.default_memory_limit | string | `"500Mi"` | |
| configPostgresPodResources.default_memory_request | string | `"100Mi"` | |
| configPostgresPodResources.min_cpu_limit | string | `"250m"` | |
| configPostgresPodResources.min_memory_limit | string | `"250Mi"` | |
| configTimeouts.patroni_api_check_interval | string | `"1s"` | |
| configTimeouts.patroni_api_check_timeout | string | `"5s"` | |
| configTimeouts.pod_deletion_wait_timeout | string | `"10m"` | |
| configTimeouts.pod_label_wait_timeout | string | `"10m"` | |
| configTimeouts.ready_wait_interval | string | `"3s"` | |
| configTimeouts.ready_wait_timeout | string | `"30s"` | |
| configTimeouts.resource_check_interval | string | `"3s"` | |
| configTimeouts.resource_check_timeout | string | `"10m"` | |
| configLoadBalancer.db_hosted_zone | string | `"db.example.com"` | |
| configLoadBalancer.enable_master_load_balancer | bool | `false` | |
| configLoadBalancer.enable_master_pooler_load_balancer | bool | `false` | |
| configLoadBalancer.enable_replica_load_balancer | bool | `false` | |
| configLoadBalancer.enable_replica_pooler_load_balancer | bool | `false` | |
| configLoadBalancer.external_traffic_policy | string | `"Cluster"` | |
| configLoadBalancer.master_dns_name_format | string | `"{cluster}.{team}.{hostedzone}"` | |
| configLoadBalancer.replica_dns_name_format | string | `"{cluster}-repl.{team}.{hostedzone}"` | |
| configDebug.debug_logging | bool | `true` | |
| configDebug.enable_database_access | bool | `true` | |
| configLoggingRestApi.api_port | int | `8080` | |
| configLoggingRestApi.cluster_history_entries | int | `1000` | |
| configLoggingRestApi.ring_log_lines | int | `100` | |
| configAwsOrGcp.aws_region | string | `"eu-central-1"` | |
| configAwsOrGcp.enable_ebs_gp3_migration | bool | `false` | |
| configLogicalBackup.logical_backup_docker_image | string | `"registry.opensource.zalan.do/acid/logical-backup:v1.8.0"` | |
| configLogicalBackup.logical_backup_job_prefix | string | `"logical-backup-"` | |
| configLogicalBackup.logical_backup_provider | string | `"s3"` | |
| configLogicalBackup.logical_backup_s3_access_key_id | string | `""` | |
| configLogicalBackup.logical_backup_s3_bucket | string | `"my-bucket-url"` | |
| configLogicalBackup.logical_backup_s3_region | string | `""` | |
| configLogicalBackup.logical_backup_s3_endpoint | string | `""` | |
| configLogicalBackup.logical_backup_s3_secret_access_key | string | `""` | |
| configLogicalBackup.logical_backup_s3_sse | string | `"AES256"` | |
| configLogicalBackup.logical_backup_s3_retention_time | string | `""` | |
| configLogicalBackup.logical_backup_schedule | string | `"30 00 * * *"` | |
| configTeamsApi.enable_admin_role_for_users | bool | `true` | |
| configTeamsApi.enable_postgres_team_crd | bool | `false` | |
| configTeamsApi.enable_postgres_team_crd_superusers | bool | `false` | |
| configTeamsApi.enable_team_member_deprecation | bool | `false` | |
| configTeamsApi.enable_team_superuser | bool | `false` | |
| configTeamsApi.enable_teams_api | bool | `false` | |
| configTeamsApi.pam_role_name | string | `"zalandos"` | |
| configTeamsApi.postgres_superuser_teams[0] | string | `"postgres_superusers"` | |
| configTeamsApi.protected_role_names[0] | string | `"admin"` | |
| configTeamsApi.protected_role_names[1] | string | `"cron_admin"` | |
| configTeamsApi.role_deletion_suffix | string | `"_deleted"` | |
| configTeamsApi.team_admin_role | string | `"admin"` | |
| configTeamsApi.team_api_role_configuration.log_statement | string | `"all"` | |
| configConnectionPooler.connection_pooler_schema | string | `"pooler"` | |
| configConnectionPooler.connection_pooler_user | string | `"pooler"` | |
| configConnectionPooler.connection_pooler_image | string | `"registry.opensource.zalan.do/acid/pgbouncer:master-22"` | |
| configConnectionPooler.connection_pooler_max_db_connections | int | `60` | |
| configConnectionPooler.connection_pooler_mode | string | `"transaction"` | |
| configConnectionPooler.connection_pooler_number_of_instances | int | `2` | |
| configConnectionPooler.connection_pooler_default_cpu_request | string | `"500m"` | |
| configConnectionPooler.connection_pooler_default_memory_request | string | `"100Mi"` | |
| configConnectionPooler.connection_pooler_default_cpu_limit | string | `"1"` | |
| configConnectionPooler.connection_pooler_default_memory_limit | string | `"100Mi"` | |
| enableStreams | bool | `false` | |
| rbac.create | bool | `true` | |
| rbac.createAggregateClusterRoles | bool | `false` | |
| serviceAccount.create | bool | `true` | |
| serviceAccount.name | string | `nil` | |
| podServiceAccount.name | string | `"postgres-pod"` | |
| priorityClassName | string | `""` | |
| podPriorityClassName | string | `""` | |
| resources.limits.cpu | string | `"500m"` | |
| resources.limits.memory | string | `"500Mi"` | |
| resources.requests.cpu | string | `"100m"` | |
| resources.requests.memory | string | `"250Mi"` | |
| securityContext.runAsUser | int | `1000` | |
| securityContext.runAsNonRoot | bool | `true` | |
| securityContext.readOnlyRootFilesystem | bool | `true` | |
| securityContext.allowPrivilegeEscalation | bool | `false` | |
| securityContext.capabilities.drop[0] | string | `"ALL"` | |
| affinity | object | `{}` | |
| nodeSelector | object | `{}` | |
| tolerations | list | `[]` | |
| controllerID.create | bool | `false` | |
| controllerID.name | string | `nil` | |
| pod_environment_config | object | `{}` | |
## Changes compared to the [official chart](https://github.com/zalando/postgres-operator/tree/master/charts/postgres-operator)
- No `ConfigMap` config-target.
- `pod_environment_configmap` is created automatically. Contents can be configured via `pod_environment_config`.
- Enhanced security (dropped ALL capabilities for the operator-pod).
Reference in New Issue View Git Blame Copy Permalink