* Avoid overwriting critical users.
Disallow defining new users either in the cluster manifest, teams
API or infrastructure roles with the names mentioned in the new
protected_role_names parameter (list of comma-separated names)
Additionally, forbid defining a user with the name matching either
super_username or replication_username, so that we don't overwrite
system roles required for correct working of the operator itself.
Also, clear PostgreSQL roles on each sync first in order to avoid using
the old definitions that are no longer present in the current manifest,
infrastructure roles secret or the teams API.
* Add node toleration config to PodSpec
This allows to taint nodes dedicated to Postgres and prevents other pods from running on these nodes.
* Document taint and toleration setup
And remove setting from default operator ConfigMap
* Allow to overwrite tolerations with Postgres manifest
removing parts of config.
* chaning secret name pattern to make things shorter.
* Move section on self building docker image.
* Fix typo.
* Bump image.
* bump version for pdb fix.
* Changes in regards to review.
* Fix xhyve driver link.
* Move to new api, remove service account, not needed for minikube.
* Changed minimal manifest and example to use right file.
* Added service account for operator again, it is needed in pods anyways later.
- Specify context in kubectl commands.
- Add a section on installing zkubectl and getting access to the DB cluster.
- Add a section on installing the service account.
Oleksii Kliukin
András Váczi
Henning Jacobs
Georg Kunz
zerg-junior
Jan Mussler
Murat Kabilov
Murat Kabilov
Oleksii Kliukin