Merge branch 'master' into crd-defaulting

charts/postgres-operator/values.yaml

@@ -239,20 +239,21 @@ configAwsOrGcp:
 # configure K8s cron job managed by the operator
 configLogicalBackup:
   # image for pods of the logical backup job (example runs pg_dumpall)
-  logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v.1.6.0"
+  logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.6.0"
   # path of google cloud service account json file
   # logical_backup_google_application_credentials: ""
-
+  # prefix for the backup job name
+  logical_backup_job_prefix: "logical-backup-"
   # storage provider - either "s3" or "gcs"
   logical_backup_provider: "s3"
   # S3 Access Key ID
   logical_backup_s3_access_key_id: ""
   # S3 bucket to store backup results
   logical_backup_s3_bucket: "my-bucket-url"
-  # S3 region of bucket
-  logical_backup_s3_region: ""
   # S3 endpoint url when not using AWS
   logical_backup_s3_endpoint: ""
+  # S3 region of bucket
+  logical_backup_s3_region: ""
   # S3 Secret Access Key
   logical_backup_s3_secret_access_key: ""
   # S3 server side encryption
@@ -260,6 +261,7 @@ configLogicalBackup:
   # backup schedule in the cron format
   logical_backup_schedule: "30 00 * * *"
 
+
 # automate creation of human users with teams API service
 configTeamsApi:
   # team_admin_role will have the rights to grant roles coming from PG manifests

docs/reference/operator_parameters.md

@@ -551,11 +551,6 @@ These parameters configure a K8s cron job managed by the operator to produce
 Postgres logical backups. In the CRD-based configuration those parameters are
 grouped under the `logical_backup` key.
 
-* **logical_backup_schedule**
-  Backup schedule in the cron format. Please take the
-  [reference schedule format](https://kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/#schedule)
-  into account. Default: "30 00 \* \* \*"
-
 * **logical_backup_docker_image**
   An image for pods of the logical backup job. The [example image](../../docker/logical-backup/Dockerfile)
   runs `pg_dumpall` on a replica if possible and uploads compressed results to
@@ -563,32 +558,40 @@ grouped under the `logical_backup` key.
   The default image is the same image built with the Zalando-internal CI
   pipeline. Default: "registry.opensource.zalan.do/acid/logical-backup:v.1.6.0"
 
+* **logical_backup_google_application_credentials**
+  Specifies the path of the google cloud service account json file. Default is empty.
+
+* **logical_backup_job_prefix**
+  The prefix to be prepended to the name of a k8s CronJob running the backups. Beware the prefix counts towards the name length restrictions imposed by k8s. Empty string is a legitimate value. Operator does not do the actual renaming: It simply creates the job with the new prefix. You will have to delete the old cron job manually. Default: "logical-backup-".
+
 * **logical_backup_provider**
   Specifies the storage provider to which the backup should be uploaded (`s3` or `gcs`).
   Default: "s3"
 
+* **logical_backup_s3_access_key_id**
+  When set, value will be in AWS_ACCESS_KEY_ID env variable. The Default is empty.
+
 * **logical_backup_s3_bucket**
   S3 bucket to store backup results. The bucket has to be present and
   accessible by Postgres pods. Default: empty.
 
+* **logical_backup_s3_endpoint**
+  When using non-AWS S3 storage, endpoint can be set as a ENV variable. The default is empty.
+
 * **logical_backup_s3_region**
   Specifies the region of the bucket which is required with some non-AWS S3 storage services. The default is empty.
 
-* **logical_backup_s3_endpoint**
+* **logical_backup_s3_secret_access_key**
-  When using non-AWS S3 storage, endpoint can be set as a ENV variable. The default is empty.
+  When set, value will be in AWS_SECRET_ACCESS_KEY env variable. The Default is empty.
 
 * **logical_backup_s3_sse**
   Specify server side encryption that S3 storage is using. If empty string
   is specified, no argument will be passed to `aws s3` command. Default: "AES256".
 
-* **logical_backup_s3_access_key_id**
+* **logical_backup_schedule**
-  When set, value will be in AWS_ACCESS_KEY_ID env variable. The Default is empty.
+  Backup schedule in the cron format. Please take the
-
+  [reference schedule format](https://kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/#schedule)
-* **logical_backup_s3_secret_access_key**
+  into account. Default: "30 00 \* \* \*"
-  When set, value will be in AWS_SECRET_ACCESS_KEY env variable. The Default is empty.
-
-* **logical_backup_google_application_credentials**
-  Specifies the path of the google cloud service account json file. Default is empty.
 
 ## Debugging the operator
 

manifests/operatorconfiguration.crd.yaml

@@ -377,6 +377,8 @@ spec:
                     default: "registry.opensource.zalan.do/acid/logical-backup:v1.6.0"
                   logical_backup_google_application_credentials:
                     type: string
+                  logical_backup_job_prefix:
+                    type: string
                   logical_backup_provider:
                     type: string
                     default: "s3"

manifests/postgresql-operator-default-configuration.yaml

@@ -115,8 +115,9 @@ configuration:
     # wal_gs_bucket: ""
     # wal_s3_bucket: ""
   logical_backup:
-    logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v.1.6.0"
+    logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.6.0"
     # logical_backup_google_application_credentials: ""
+    logical_backup_job_prefix: "logical-backup-"
     logical_backup_provider: "s3"
     # logical_backup_s3_access_key_id: ""
     logical_backup_s3_bucket: "my-bucket-url"

pkg/apis/acid.zalan.do/v1/operator_configuration_type.go

@@ -196,6 +196,7 @@ type OperatorLogicalBackupConfiguration struct {
 	S3SecretAccessKey            string `json:"logical_backup_s3_secret_access_key,omitempty"`
 	S3SSE                        string `json:"logical_backup_s3_sse,omitempty"`
 	GoogleApplicationCredentials string `json:"logical_backup_google_application_credentials,omitempty"`
+	JobPrefix                    string `json:"logical_backup_job_prefix,omitempty"`
 }
 
 // OperatorConfigurationData defines the operation config

pkg/cluster/k8sres.go

@@ -2079,7 +2079,7 @@ func (c *Cluster) generateLogicalBackupPodEnvVars() []v1.EnvVar {
 
 // getLogicalBackupJobName returns the name; the job itself may not exists
 func (c *Cluster) getLogicalBackupJobName() (jobName string) {
-	return "logical-backup-" + c.clusterName().Name
+	return c.OpConfig.LogicalBackupJobPrefix + c.clusterName().Name
 }
 
 // Return an array of ownerReferences to make an arbitraty object dependent on

pkg/cluster/pod.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"math/rand"
+	"time"
 
 	appsv1 "k8s.io/api/apps/v1"
 	v1 "k8s.io/api/core/v1"
@@ -11,6 +12,7 @@ import (
 
 	"github.com/zalando/postgres-operator/pkg/spec"
 	"github.com/zalando/postgres-operator/pkg/util"
+	"github.com/zalando/postgres-operator/pkg/util/retryutil"
 )
 
 func (c *Cluster) listPods() ([]v1.Pod, error) {
@@ -309,7 +311,23 @@ func (c *Cluster) isSafeToRecreatePods(pods *v1.PodList) bool {
 	}
 
 	for _, pod := range pods.Items {
-		state, err := c.patroni.GetPatroniMemberState(&pod)
+
+		var state string
+
+		err := retryutil.Retry(1*time.Second, 5*time.Second,
+			func() (bool, error) {
+
+				var err error
+
+				state, err = c.patroni.GetPatroniMemberState(&pod)
+
+				if err != nil {
+					return false, err
+				}
+				return true, nil
+			},
+		)
+
 		if err != nil {
 			c.logger.Errorf("failed to get Patroni state for pod: %s", err)
 			return false

pkg/controller/operator_config.go

@@ -154,6 +154,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur
 	result.LogicalBackupS3SecretAccessKey = fromCRD.LogicalBackup.S3SecretAccessKey
 	result.LogicalBackupS3SSE = fromCRD.LogicalBackup.S3SSE
 	result.LogicalBackupGoogleApplicationCredentials = fromCRD.LogicalBackup.GoogleApplicationCredentials
+	result.LogicalBackupJobPrefix = fromCRD.LogicalBackup.JobPrefix
 
 	// debug config
 	result.DebugLogging = fromCRD.OperatorDebug.DebugLogging

pkg/util/config/config.go

@@ -121,6 +121,7 @@ type LogicalBackup struct {
 	LogicalBackupS3SecretAccessKey            string `name:"logical_backup_s3_secret_access_key" default:""`
 	LogicalBackupS3SSE                        string `name:"logical_backup_s3_sse" default:""`
 	LogicalBackupGoogleApplicationCredentials string `name:"logical_backup_google_application_credentials" default:""`
+	LogicalBackupJobPrefix                    string `name:"logical_backup_job_prefix" default:"logical-backup-"`
 }
 
 // Operator options for connection pooler

ui/operator_ui/spiloutils.py

@@ -21,7 +21,7 @@ AWS_ENDPOINT = getenv('AWS_ENDPOINT')
 OPERATOR_CLUSTER_NAME_LABEL = getenv('OPERATOR_CLUSTER_NAME_LABEL', 'cluster-name')
 
 COMMON_CLUSTER_LABEL = getenv('COMMON_CLUSTER_LABEL', '{"application":"spilo"}')
-COMMON_POOLER_LABEL = getenv('COMMONG_POOLER_LABEL', '{"application":"db-connection-pooler"}')
+COMMON_POOLER_LABEL = getenv('COMMON_POOLER_LABEL', '{"application":"db-connection-pooler"}')
 
 logger.info("Common Cluster Label: {}".format(COMMON_CLUSTER_LABEL))
 logger.info("Common Pooler Label: {}".format(COMMON_POOLER_LABEL))
@@ -107,6 +107,12 @@ def encode_labels(label_selector):
     ])
 
 
+def cluster_labels(spilo_cluster):
+    labels = COMMON_CLUSTER_LABEL
+    labels[OPERATOR_CLUSTER_NAME_LABEL] = spilo_cluster
+    return labels
+
+
 def kubernetes_url(
     resource_type,
     namespace='default',
@@ -151,7 +157,7 @@ def read_pods(cluster, namespace, spilo_cluster):
         cluster=cluster,
         resource_type='pods',
         namespace=namespace,
-        label_selector={OPERATOR_CLUSTER_NAME_LABEL: spilo_cluster},
+        label_selector=cluster_labels(spilo_cluster),
     )