Merge branch 'master' into cluster-status-map2
This commit is contained in:
Felix Kunde
commit
17abf3b5ab
|
|
@ -25,6 +25,7 @@ config:
|
|||
secret_name_template: '{username}.{cluster}.credentials'
|
||||
super_username: postgres
|
||||
enable_teams_api: "false"
|
||||
spilo_privileged: "false"
|
||||
# set_memory_request_to_limit: "true"
|
||||
# postgres_superuser_teams: "postgres_superusers"
|
||||
# enable_team_superuser: "false"
|
||||
|
|
|
|||
|
|
@ -212,6 +212,9 @@ configuration they are grouped under the `kubernetes` key.
|
|||
class](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass)
|
||||
that should be assigned to the Postgres pods. The priority class itself must be defined in advance.
|
||||
Default is empty (use the default priority class).
|
||||
|
||||
* **spilo_privileged**
|
||||
whether the Spilo container should run in privileged mode. Privileged mode is used for AWS volume resizing and not required if you don't need that capability. The default is `false`.
|
||||
|
||||
* **master_pod_move_timeout**
|
||||
The period of time to wait for the success of migration of master pods from an unschedulable node.
|
||||
|
|
|
|||
20
docs/user.md
20
docs/user.md
|
|
@ -43,13 +43,25 @@ $ kubectl get pods -w --show-labels
|
|||
|
||||
## Connect to PostgreSQL
|
||||
|
||||
We can use the generated secret of the `postgres` robot user to connect to our `acid-minimal-cluster` master running in Minikube:
|
||||
With a `port-forward` on one of the database pods (e.g. the master) you can
|
||||
connect to the PostgreSQL database. Use labels to filter for the master pod of
|
||||
our test cluster.
|
||||
|
||||
```bash
|
||||
# get name of master pod of acid-minimal-cluster
|
||||
export PGMASTER=$(kubectl get pods -o jsonpath={.items..metadata.name} -l application=spilo,version=acid-minimal-cluster,spilo-role=master)
|
||||
|
||||
# set up port forward
|
||||
kubectl port-forward $PGMASTER 6432:5432
|
||||
```
|
||||
|
||||
Open another CLI and connect to the database. Use the generated secret of the
|
||||
`postgres` robot user to connect to our `acid-minimal-cluster` master running
|
||||
in Minikube:
|
||||
|
||||
```bash
|
||||
$ export PGHOST=db_host
|
||||
$ export PGPORT=db_port
|
||||
$ export PGPASSWORD=$(kubectl get secret postgres.acid-minimal-cluster.credentials -o 'jsonpath={.data.password}' | base64 -d)
|
||||
$ psql -U postgres
|
||||
$ psql -U postgres -p 6432
|
||||
```
|
||||
|
||||
# Defining database roles in the operator
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ data:
|
|||
secret_name_template: '{username}.{cluster}.credentials'
|
||||
super_username: postgres
|
||||
enable_teams_api: "false"
|
||||
spilo_privileged: "false"
|
||||
# custom_service_annotations:
|
||||
# "keyx:valuez,keya:valuea"
|
||||
# set_memory_request_to_limit: "true"
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ configuration:
|
|||
secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
|
||||
oauth_token_secret_name: postgresql-operator
|
||||
pod_role_label: spilo-role
|
||||
spilo_privileged: false
|
||||
cluster_labels:
|
||||
application: spilo
|
||||
# inherited_labels:
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ type KubernetesMetaConfiguration struct {
|
|||
PodServiceAccountDefinition string `json:"pod_service_account_definition,omitempty"`
|
||||
PodServiceAccountRoleBindingDefinition string `json:"pod_service_account_role_binding_definition,omitempty"`
|
||||
PodTerminateGracePeriod Duration `json:"pod_terminate_grace_period,omitempty"`
|
||||
SpiloPrivileged bool `json:"spilo_privileged,omitemty"`
|
||||
WatchedNamespace string `json:"watched_namespace,omitempty"`
|
||||
PDBNameFormat config.StringTemplate `json:"pdb_name_format,omitempty"`
|
||||
SecretNameTemplate config.StringTemplate `json:"secret_name_template,omitempty"`
|
||||
|
|
|
|||
|
|
@ -358,8 +358,8 @@ func generateSpiloContainer(
|
|||
resourceRequirements *v1.ResourceRequirements,
|
||||
envVars []v1.EnvVar,
|
||||
volumeMounts []v1.VolumeMount,
|
||||
privilegedMode bool,
|
||||
) *v1.Container {
|
||||
privilegedMode := true
|
||||
return &v1.Container{
|
||||
Name: name,
|
||||
Image: *dockerImage,
|
||||
|
|
@ -797,6 +797,7 @@ func (c *Cluster) generateStatefulSet(spec *acidv1.PostgresSpec) (*v1beta1.State
|
|||
resourceRequirements,
|
||||
spiloEnvVars,
|
||||
volumeMounts,
|
||||
c.OpConfig.Resources.SpiloPrivileged,
|
||||
)
|
||||
|
||||
// resolve conflicts between operator-global and per-cluster sidecars
|
||||
|
|
|
|||
|
|
@ -41,6 +41,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
|
|||
result.PodServiceAccountRoleBindingDefinition = fromCRD.Kubernetes.PodServiceAccountRoleBindingDefinition
|
||||
result.PodEnvironmentConfigMap = fromCRD.Kubernetes.PodEnvironmentConfigMap
|
||||
result.PodTerminateGracePeriod = time.Duration(fromCRD.Kubernetes.PodTerminateGracePeriod)
|
||||
result.SpiloPrivileged = fromCRD.Kubernetes.SpiloPrivileged
|
||||
result.WatchedNamespace = fromCRD.Kubernetes.WatchedNamespace
|
||||
result.PDBNameFormat = fromCRD.Kubernetes.PDBNameFormat
|
||||
result.SecretNameTemplate = fromCRD.Kubernetes.SecretNameTemplate
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ type Resources struct {
|
|||
PodDeletionWaitTimeout time.Duration `name:"pod_deletion_wait_timeout" default:"10m"`
|
||||
PodTerminateGracePeriod time.Duration `name:"pod_terminate_grace_period" default:"5m"`
|
||||
PodPriorityClassName string `name:"pod_priority_class_name"`
|
||||
SpiloPrivileged bool `name:"spilo_privileged" default:"false"`
|
||||
ClusterLabels map[string]string `name:"cluster_labels" default:"application:spilo"`
|
||||
InheritedLabels []string `name:"inherited_labels" default:""`
|
||||
ClusterNameLabel string `name:"cluster_name_label" default:"cluster-name"`
|
||||
|
|
|
|||
Loading…
Reference in New Issue