bump pooler image and more coalescing for CRD config (#1004)

Co-authored-by: Felix Kunde <felix.kunde@zalando.de>
2020-06-05 11:14:17 +02:00 · 2020-06-05 11:14:17 +02:00 · 3c352fb460
parent 9acdcd8bbf
commit 3c352fb460
13 changed files with 136 additions and 39 deletions
--- a/charts/postgres-operator-ui/index.yaml
+++ b/charts/postgres-operator-ui/index.yaml
@ -3,10 +3,10 @@ entries:
  postgres-operator-ui:
  - apiVersion: v1
    appVersion: 1.5.0
-    created: "2020-05-08T12:07:31.651762139+02:00"
+    created: "2020-06-04T17:06:37.153522579+02:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
-    digest: d7a36de8a3716f7b7954e2e51ed07863ea764dbb129a2fd3ac6a453f9e98a115
+    digest: c91ea39e6d51d57f4048fb1b6ec53b40823f2690eb88e4e4f1a036367b9fdd61
    home: https://github.com/zalando/postgres-operator
    keywords:
    - postgres
@ -26,7 +26,7 @@ entries:
    version: 1.5.0
  - apiVersion: v1
    appVersion: 1.4.0
-    created: "2020-05-08T12:07:31.651223951+02:00"
+    created: "2020-06-04T17:06:37.15302073+02:00"
    description: Postgres Operator UI provides a graphical interface for a convenient
      database-as-a-service user experience
    digest: 00e0eff7056d56467cd5c975657fbb76c8d01accd25a4b7aca81bc42aeac961d
@ -49,4 +49,4 @@ entries:
    urls:
    - postgres-operator-ui-1.4.0.tgz
    version: 1.4.0
-generated: "2020-05-08T12:07:31.650495247+02:00"
+generated: "2020-06-04T17:06:37.152369987+02:00"
--- a/charts/postgres-operator-ui/postgres-operator-ui-1.5.0.tgz
+++ b/charts/postgres-operator-ui/postgres-operator-ui-1.5.0.tgz
--- a/charts/postgres-operator/index.yaml
+++ b/charts/postgres-operator/index.yaml
@ -3,10 +3,10 @@ entries:
  postgres-operator:
  - apiVersion: v1
    appVersion: 1.5.0
-    created: "2020-05-04T16:36:19.646719041+02:00"
+    created: "2020-06-04T17:06:49.41741489+02:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
-    digest: 43510e4ed7005b2b80708df24cfbb0099b263b4a2954cff4e8f305543760be6d
+    digest: 198351d5db52e65cdf383d6f3e1745d91ac1e2a01121f8476f8b1be728b09531
    home: https://github.com/zalando/postgres-operator
    keywords:
    - postgres
@ -25,7 +25,7 @@ entries:
    version: 1.5.0
  - apiVersion: v1
    appVersion: 1.4.0
-    created: "2020-05-04T16:36:19.645338751+02:00"
+    created: "2020-06-04T17:06:49.416001109+02:00"
    description: Postgres Operator creates and manages PostgreSQL clusters running
      in Kubernetes
    digest: f8b90fecfc3cb825b94ed17edd9d5cefc36ae61801d4568597b4a79bcd73b2e9
@ -45,4 +45,4 @@ entries:
    urls:
    - postgres-operator-1.4.0.tgz
    version: 1.4.0
-generated: "2020-05-04T16:36:19.643857452+02:00"
+generated: "2020-06-04T17:06:49.414521538+02:00"
--- a/charts/postgres-operator/postgres-operator-1.5.0.tgz
+++ b/charts/postgres-operator/postgres-operator-1.5.0.tgz
--- a/charts/postgres-operator/values-crd.yaml
+++ b/charts/postgres-operator/values-crd.yaml
@ -45,7 +45,7 @@ configGeneral:
  #  example: "exampleimage:exampletag"

  # number of routines the operator spawns to process requests concurrently
-  workers: 4
+  workers: 8

 # parameters describing Postgres users
 configUsers:
@ -271,7 +271,7 @@ configConnectionPooler:
  # db user for pooler to use
  connection_pooler_user: "pooler"
  # docker image
-  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-7"
+  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-8"
  # max db connections the pooler should hold
  connection_pooler_max_db_connections: 60
  # default pooling mode
--- a/charts/postgres-operator/values.yaml
+++ b/charts/postgres-operator/values.yaml
@ -44,7 +44,7 @@ configGeneral:
  # sidecar_docker_images: ""

  # number of routines the operator spawns to process requests concurrently
-  workers: "4"
+  workers: "8"

 # parameters describing Postgres users
 configUsers:
@ -263,7 +263,7 @@ configConnectionPooler:
  # db user for pooler to use
  connection_pooler_user: "pooler"
  # docker image
-  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-7"
+  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-8"
  # max db connections the pooler should hold
  connection_pooler_max_db_connections: "60"
  # default pooling mode
--- a/manifests/configmap.yaml
+++ b/manifests/configmap.yaml
@ -15,7 +15,7 @@ data:
  # connection_pooler_default_cpu_request: "500m"
  # connection_pooler_default_memory_limit: 100Mi
  # connection_pooler_default_memory_request: 100Mi
-  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-7"
+  connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-8"
  # connection_pooler_max_db_connections: 60
  # connection_pooler_mode: "transaction"
  # connection_pooler_number_of_instances: 2
@ -95,6 +95,7 @@ data:
  secret_name_template: "{username}.{cluster}.credentials"
  # sidecar_docker_images: ""
  # set_memory_request_to_limit: "false"
+  # spilo_fsgroup: 103
  spilo_privileged: "false"
  super_username: postgres
  # team_admin_role: "admin"
@ -104,4 +105,4 @@ data:
  # wal_gs_bucket: ""
  # wal_s3_bucket: ""
  watched_namespace: "*"  # listen to all namespaces
-  workers: "4"
+  workers: "8"
--- a/manifests/operatorconfiguration.crd.yaml
+++ b/manifests/operatorconfiguration.crd.yaml
@ -11,6 +11,26 @@ spec:
    singular: operatorconfiguration
    shortNames:
    - opconfig
+  additionalPrinterColumns:
+  - name: Image
+    type: string
+    description: Spilo image to be used for Pods
+    JSONPath: .configuration.docker_image
+  - name: Cluster-Label
+    type: string
+    description: Label for K8s resources created by operator
+    JSONPath: .configuration.kubernetes.cluster_name_label
+  - name: Service-Account
+    type: string
+    description: Name of service account to be used
+    JSONPath: .configuration.kubernetes.pod_service_account_name
+  - name: Min-Instances
+    type: integer
+    description: Minimum number of instances per Postgres cluster
+    JSONPath: .configuration.min_instances
+  - name: Age
+    type: date
+    JSONPath: .metadata.creationTimestamp
  scope: Namespaced
  subresources:
    status: {}
--- a/manifests/postgresql-operator-default-configuration.yaml
+++ b/manifests/postgresql-operator-default-configuration.yaml
@ -19,7 +19,7 @@ configuration:
  #   name: global-sidecar-1
  #   ports:
  #   - containerPort: 80
-  workers: 4
+  workers: 8
  users:
    replication_username: standby
    super_username: postgres
@ -128,7 +128,7 @@ configuration:
    connection_pooler_default_cpu_request: "500m"
    connection_pooler_default_memory_limit: 100Mi
    connection_pooler_default_memory_request: 100Mi
-    connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-7"
+    connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-8"
    # connection_pooler_max_db_connections: 60
    connection_pooler_mode: "transaction"
    connection_pooler_number_of_instances: 2
--- a/manifests/postgresql.crd.yaml
+++ b/manifests/postgresql.crd.yaml
@ -11,6 +11,38 @@ spec:
    singular: postgresql
    shortNames:
    - pg
+  additionalPrinterColumns:
+  - name: Team
+    type: string
+    description: Team responsible for Postgres CLuster
+    JSONPath: .spec.teamId
+  - name: Version
+    type: string
+    description: PostgreSQL version
+    JSONPath: .spec.postgresql.version
+  - name: Pods
+    type: integer
+    description: Number of Pods per Postgres cluster
+    JSONPath: .spec.numberOfInstances
+  - name: Volume
+    type: string
+    description: Size of the bound volume
+    JSONPath: .spec.volume.size
+  - name: CPU-Request
+    type: string
+    description: Requested CPU for Postgres containers
+    JSONPath: .spec.resources.requests.cpu
+  - name: Memory-Request
+    type: string
+    description: Requested memory for Postgres containers
+    JSONPath: .spec.resources.requests.memory
+  - name: Age
+    type: date
+    JSONPath: .metadata.creationTimestamp
+  - name: Status
+    type: string
+    description: Current sync status of postgresql resource
+    JSONPath: .status.PostgresClusterStatus
  scope: Namespaced
  subresources:
    status: {}
--- a/pkg/controller/operator_config.go
+++ b/pkg/controller/operator_config.go
@ -38,11 +38,11 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
 	result.EtcdHost = fromCRD.EtcdHost
 	result.KubernetesUseConfigMaps = fromCRD.KubernetesUseConfigMaps
 	result.DockerImage = util.Coalesce(fromCRD.DockerImage, "registry.opensource.zalan.do/acid/spilo-12:1.6-p3")
-	result.Workers = fromCRD.Workers
+	result.Workers = util.CoalesceUInt32(fromCRD.Workers, 8)
 	result.MinInstances = fromCRD.MinInstances
 	result.MaxInstances = fromCRD.MaxInstances
-	result.ResyncPeriod = time.Duration(fromCRD.ResyncPeriod)
-	result.RepairPeriod = time.Duration(fromCRD.RepairPeriod)
+	result.ResyncPeriod = util.CoalesceDuration(time.Duration(fromCRD.ResyncPeriod), "30m")
+	result.RepairPeriod = util.CoalesceDuration(time.Duration(fromCRD.RepairPeriod), "5m")
 	result.SetMemoryRequestToLimit = fromCRD.SetMemoryRequestToLimit
 	result.ShmVolume = util.CoalesceBool(fromCRD.ShmVolume, util.True())
 	result.SidecarImages = fromCRD.SidecarImages
@ -58,7 +58,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
 	result.PodServiceAccountDefinition = fromCRD.Kubernetes.PodServiceAccountDefinition
 	result.PodServiceAccountRoleBindingDefinition = fromCRD.Kubernetes.PodServiceAccountRoleBindingDefinition
 	result.PodEnvironmentConfigMap = fromCRD.Kubernetes.PodEnvironmentConfigMap
-	result.PodTerminateGracePeriod = time.Duration(fromCRD.Kubernetes.PodTerminateGracePeriod)
+	result.PodTerminateGracePeriod = util.CoalesceDuration(time.Duration(fromCRD.Kubernetes.PodTerminateGracePeriod), "5m")
 	result.SpiloPrivileged = fromCRD.Kubernetes.SpiloPrivileged
 	result.SpiloFSGroup = fromCRD.Kubernetes.SpiloFSGroup
 	result.ClusterDomain = util.Coalesce(fromCRD.Kubernetes.ClusterDomain, "cluster.local")
@ -71,14 +71,14 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
 	result.OAuthTokenSecretName = fromCRD.Kubernetes.OAuthTokenSecretName
 	result.InfrastructureRolesSecretName = fromCRD.Kubernetes.InfrastructureRolesSecretName
 	result.PodRoleLabel = util.Coalesce(fromCRD.Kubernetes.PodRoleLabel, "spilo-role")
-	result.ClusterLabels = fromCRD.Kubernetes.ClusterLabels
+	result.ClusterLabels = util.CoalesceStrMap(fromCRD.Kubernetes.ClusterLabels, map[string]string{"application": "spilo"})
 	result.InheritedLabels = fromCRD.Kubernetes.InheritedLabels
 	result.DownscalerAnnotations = fromCRD.Kubernetes.DownscalerAnnotations
 	result.ClusterNameLabel = util.Coalesce(fromCRD.Kubernetes.ClusterNameLabel, "cluster-name")
 	result.NodeReadinessLabel = fromCRD.Kubernetes.NodeReadinessLabel
 	result.PodPriorityClassName = fromCRD.Kubernetes.PodPriorityClassName
 	result.PodManagementPolicy = util.Coalesce(fromCRD.Kubernetes.PodManagementPolicy, "ordered_ready")
-	result.MasterPodMoveTimeout = time.Duration(fromCRD.Kubernetes.MasterPodMoveTimeout)
+	result.MasterPodMoveTimeout = util.CoalesceDuration(time.Duration(fromCRD.Kubernetes.MasterPodMoveTimeout), "10m")
 	result.EnablePodAntiAffinity = fromCRD.Kubernetes.EnablePodAntiAffinity
 	result.PodAntiAffinityTopologyKey = util.Coalesce(fromCRD.Kubernetes.PodAntiAffinityTopologyKey, "kubernetes.io/hostname")

@ -91,15 +91,15 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
 	result.MinMemoryLimit = util.Coalesce(fromCRD.PostgresPodResources.MinMemoryLimit, "250Mi")

 	// timeout config
-	result.ResourceCheckInterval = time.Duration(fromCRD.Timeouts.ResourceCheckInterval)
-	result.ResourceCheckTimeout = time.Duration(fromCRD.Timeouts.ResourceCheckTimeout)
-	result.PodLabelWaitTimeout = time.Duration(fromCRD.Timeouts.PodLabelWaitTimeout)
-	result.PodDeletionWaitTimeout = time.Duration(fromCRD.Timeouts.PodDeletionWaitTimeout)
-	result.ReadyWaitInterval = time.Duration(fromCRD.Timeouts.ReadyWaitInterval)
-	result.ReadyWaitTimeout = time.Duration(fromCRD.Timeouts.ReadyWaitTimeout)
+	result.ResourceCheckInterval = util.CoalesceDuration(time.Duration(fromCRD.Timeouts.ResourceCheckInterval), "3s")
+	result.ResourceCheckTimeout = util.CoalesceDuration(time.Duration(fromCRD.Timeouts.ResourceCheckTimeout), "10m")
+	result.PodLabelWaitTimeout = util.CoalesceDuration(time.Duration(fromCRD.Timeouts.PodLabelWaitTimeout), "10m")
+	result.PodDeletionWaitTimeout = util.CoalesceDuration(time.Duration(fromCRD.Timeouts.PodDeletionWaitTimeout), "10m")
+	result.ReadyWaitInterval = util.CoalesceDuration(time.Duration(fromCRD.Timeouts.ReadyWaitInterval), "4s")
+	result.ReadyWaitTimeout = util.CoalesceDuration(time.Duration(fromCRD.Timeouts.ReadyWaitTimeout), "30s")

 	// load balancer config
-	result.DbHostedZone = fromCRD.LoadBalancer.DbHostedZone
+	result.DbHostedZone = util.Coalesce(fromCRD.LoadBalancer.DbHostedZone, "db.example.com")
 	result.EnableMasterLoadBalancer = fromCRD.LoadBalancer.EnableMasterLoadBalancer
 	result.EnableReplicaLoadBalancer = fromCRD.LoadBalancer.EnableReplicaLoadBalancer
 	result.CustomServiceAnnotations = fromCRD.LoadBalancer.CustomServiceAnnotations
@ -114,7 +114,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
 	result.WALGSBucket = fromCRD.AWSGCP.WALGSBucket
 	result.GCPCredentials = fromCRD.AWSGCP.GCPCredentials
 	result.AdditionalSecretMount = fromCRD.AWSGCP.AdditionalSecretMount
-	result.AdditionalSecretMountPath = fromCRD.AWSGCP.AdditionalSecretMountPath
+	result.AdditionalSecretMountPath = util.Coalesce(fromCRD.AWSGCP.AdditionalSecretMountPath, "/meta/credentials")

 	// logical backup config
 	result.LogicalBackupSchedule = util.Coalesce(fromCRD.LogicalBackup.Schedule, "30 00 * * *")
@ -132,20 +132,20 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur

 	// Teams API config
 	result.EnableTeamsAPI = fromCRD.TeamsAPI.EnableTeamsAPI
-	result.TeamsAPIUrl = fromCRD.TeamsAPI.TeamsAPIUrl
-	result.TeamAPIRoleConfiguration = fromCRD.TeamsAPI.TeamAPIRoleConfiguration
+	result.TeamsAPIUrl = util.Coalesce(fromCRD.TeamsAPI.TeamsAPIUrl, "https://teams.example.com/api/")
+	result.TeamAPIRoleConfiguration = util.CoalesceStrMap(fromCRD.TeamsAPI.TeamAPIRoleConfiguration, map[string]string{"log_statement": "all"})
 	result.EnableTeamSuperuser = fromCRD.TeamsAPI.EnableTeamSuperuser
 	result.EnableAdminRoleForUsers = fromCRD.TeamsAPI.EnableAdminRoleForUsers
 	result.TeamAdminRole = fromCRD.TeamsAPI.TeamAdminRole
-	result.PamRoleName = fromCRD.TeamsAPI.PamRoleName
-	result.PamConfiguration = fromCRD.TeamsAPI.PamConfiguration
-	result.ProtectedRoles = fromCRD.TeamsAPI.ProtectedRoles
+	result.PamRoleName = util.Coalesce(fromCRD.TeamsAPI.PamRoleName, "zalandos")
+	result.PamConfiguration = util.Coalesce(fromCRD.TeamsAPI.PamConfiguration, "https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees")
+	result.ProtectedRoles = util.CoalesceStrArr(fromCRD.TeamsAPI.ProtectedRoles, []string{"admin"})
 	result.PostgresSuperuserTeams = fromCRD.TeamsAPI.PostgresSuperuserTeams

 	// logging REST API config
-	result.APIPort = fromCRD.LoggingRESTAPI.APIPort
-	result.RingLogLines = fromCRD.LoggingRESTAPI.RingLogLines
-	result.ClusterHistoryEntries = fromCRD.LoggingRESTAPI.ClusterHistoryEntries
+	result.APIPort = util.CoalesceInt(fromCRD.LoggingRESTAPI.APIPort, 8080)
+	result.RingLogLines = util.CoalesceInt(fromCRD.LoggingRESTAPI.RingLogLines, 100)
+	result.ClusterHistoryEntries = util.CoalesceInt(fromCRD.LoggingRESTAPI.ClusterHistoryEntries, 1000)

 	// Scalyr config
 	result.ScalyrAPIKey = fromCRD.Scalyr.ScalyrAPIKey
--- a/pkg/util/config/config.go
+++ b/pkg/util/config/config.go
@ -150,7 +150,7 @@ type Config struct {
 	EnablePodDisruptionBudget *bool             `name:"enable_pod_disruption_budget" default:"true"`
 	EnableInitContainers      *bool             `name:"enable_init_containers" default:"true"`
 	EnableSidecars            *bool             `name:"enable_sidecars" default:"true"`
-	Workers                   uint32            `name:"workers" default:"4"`
+	Workers                   uint32            `name:"workers" default:"8"`
 	APIPort                   int               `name:"api_port" default:"8080"`
 	RingLogLines              int               `name:"ring_log_lines" default:"100"`
 	ClusterHistoryEntries     int               `name:"cluster_history_entries" default:"1000"`
--- a/pkg/util/util.go
+++ b/pkg/util/util.go
@ -147,6 +147,30 @@ func Coalesce(val, defaultVal string) string {
 	return val
 }

+// CoalesceStrArr returns the first argument if it is not null, otherwise the second one.
+func CoalesceStrArr(val, defaultVal []string) []string {
+	if len(val) == 0 {
+		return defaultVal
+	}
+	return val
+}
+
+// CoalesceStrMap returns the first argument if it is not null, otherwise the second one.
+func CoalesceStrMap(val, defaultVal map[string]string) map[string]string {
+	if len(val) == 0 {
+		return defaultVal
+	}
+	return val
+}
+
+// CoalesceInt works like coalesce but for int
+func CoalesceInt(val, defaultVal int) int {
+	if val == 0 {
+		return defaultVal
+	}
+	return val
+}
+
 // CoalesceInt32 works like coalesce but for *int32
 func CoalesceInt32(val, defaultVal *int32) *int32 {
 	if val == nil {
@ -155,6 +179,14 @@ func CoalesceInt32(val, defaultVal *int32) *int32 {
 	return val
 }

+// CoalesceUInt32 works like coalesce but for uint32
+func CoalesceUInt32(val, defaultVal uint32) uint32 {
+	if val == 0 {
+		return defaultVal
+	}
+	return val
+}
+
 // CoalesceBool works like coalesce but for *bool
 func CoalesceBool(val, defaultVal *bool) *bool {
 	if val == nil {
@ -163,6 +195,18 @@ func CoalesceBool(val, defaultVal *bool) *bool {
 	return val
 }

+// CoalesceDuration works like coalesce but for time.Duration
+func CoalesceDuration(val time.Duration, defaultVal string) time.Duration {
+	if val == 0 {
+		duration, err := time.ParseDuration(defaultVal)
+		if err != nil {
+			panic(err)
+		}
+		return duration
+	}
+	return val
+}
+
 // Test if any of the values is nil
 func testNil(values ...*int32) bool {
 	for _, v := range values {