Postgres operator creates and manages PostgreSQL clusters running in Kubernetes

cluster database-as-a-service data-infrastructure golang kubernetes managed-services operator postgres postgres-operator postgresql

Go to file

Dmitrii Dolgov bd576942f2 Extend infrastructure roles handling Postgres Operator uses infrastructure roles to provide access to a database for external users e.g. for monitoring purposes. Such infrastructure roles are expected to be present in the form of k8s secrets with the following content: inrole1: some_encrypted_role password1: some_encrypted_password user1: some_entrypted_name inrole2: some_encrypted_role password2: some_encrypted_password user2: some_entrypted_name The format of this content is implied implicitely and not flexible enough. In case if we do not have possibility to change the format of a secret we want to use in the Operator, we need to recreate it in this format. To address this lets make the format of secret content explicitely. The idea is to introduce a new configuration option for the Operator. infrastructure_roles_secrets: - secret: k8s_secret_name name: some_encrypted_name password: some_encrypted_password role: some_encrypted_role - secret: k8s_secret_name name: some_encrypted_name password: some_encrypted_password role: some_encrypted_role This would allow Operator to use any avalable secrets to prepare infrastructure roles. To make it backward compatible simulate the old behaviour if the new option is not present. The new configuration option is intended be used mainly from CRD, but it's also available via Operator ConfigMap in a limited fashion. For ConfigMap one can put there only a string with one secret definition in the following format (as a string): infrastructure_roles_secret_name: \| secret: k8s_secret_name, name: some_encrypted_name, password: some_encrypted_password, role: some_encrypted_role		2020-07-22 12:36:51 +02:00
charts	bump pgBouncer image (#1050 )	2020-07-08 11:56:58 +02:00
cmd	define ownership between operator and clusters via annotation (#802 )	2020-03-17 16:34:31 +01:00
docker	Connection pooler (#799 )	2020-03-25 12:57:26 +01:00
docs	Resize volume by changing pvc size if enabled in config. (#958 )	2020-07-03 10:53:37 +02:00
e2e	Propagate annotations to the StatefulSet (#932 )	2020-05-04 14:46:56 +02:00
hack	hack: update shebang (#755 )	2019-12-10 14:54:12 +01:00
kubectl-pg	omit PgVersion diff on sync (#860 )	2020-03-13 11:48:19 +01:00
manifests	bump pgBouncer image (#1050 )	2020-07-08 11:56:58 +02:00
pkg	Extend infrastructure roles handling	2020-07-22 12:36:51 +02:00
ui	Make selector match labels defined in the deployment (#1001 )	2020-06-04 16:49:22 +02:00
.flake8	Implement runner for e2e tests (#548 )	2019-06-05 17:07:27 +02:00
.gitignore	Re-create pods only if all replicas are running (#903 )	2020-04-20 15:14:11 +02:00
.golangci.yml	add .golangci.yml (#422 )	2018-11-27 12:00:15 +01:00
.travis.yml	Move operator to go 1.14 (#882 )	2020-03-30 15:50:17 +02:00
.zappr.yaml	Restore .zappr.yaml (#405 )	2018-11-07 13:06:53 +01:00
CODEOWNERS	Add Rafia to code owners (#588 )	2019-06-14 14:56:40 +02:00
CONTRIBUTING.md	Update docs for v1.2 (#609 )	2019-07-11 17:19:27 +02:00
LICENSE	update copyright in generated code (#779 )	2020-01-02 17:34:49 +01:00
MAINTAINERS	[WIP] Draft codeowners, update maintainers (#358 )	2018-08-06 08:59:00 +02:00
Makefile	Lazy upgrade of the Spilo image (#859 )	2020-04-29 10:07:14 +02:00
README.md	Added image to readme, added/rewrote features. (#1031 )	2020-06-23 10:16:40 +02:00
SECURITY.md	docs(general): Adding Security.md (#88 )	2017-09-04 14:33:30 +02:00
build-ci.sh	reflect change in github url (#496 )	2019-02-25 11:26:55 +01:00
delivery.yaml	Move operator to go 1.14 (#882 )	2020-03-30 15:50:17 +02:00
go.mod	update dependencies (#1019 )	2020-06-16 10:51:49 +02:00
go.sum	update dependencies (#1019 )	2020-06-16 10:51:49 +02:00
mkdocs.yml	use h1 tags to not render titles in sidebar (#626 )	2019-07-19 12:50:39 +02:00
run_operator_locally.sh	Add CRD validation (#599 )	2019-11-28 12:02:05 +01:00

README.md

Postgres Operator

The Postgres Operator delivers an easy to run highly-available PostgreSQL clusters on Kubernetes (K8s) powered by Patroni. It is configured only through Postgres manifests (CRDs) to ease integration into automated CI/CD pipelines with no access to Kubernetes API directly, promoting infrastructure as code vs manual operations.

Operator features

Rolling updates on Postgres cluster changes, incl. quick minor version updates
Live volume resize without pod restarts (AWS EBS, others pending)
Database connection pooler with PGBouncer
Restore and cloning Postgres clusters (incl. major version upgrade)
Additionally logical backups to S3 bucket can be configured
Standby cluster from S3 WAL archive
Configurable for non-cloud environments
Basic credential and user management on K8s, eases application deployments
UI to create and edit Postgres cluster manifests
Works well on Amazon AWS, Google Cloud, OpenShift and locally on Kind

PostgreSQL features

Supports PostgreSQL 12, starting from 9.6+
Streaming replication cluster via Patroni
Point-In-Time-Recovery with pg_basebackup / WAL-E via Spilo
Preload libraries: bg_mon, pg_stat_statements, pgextwlist, pg_auth_mon
Incl. popular Postgres extensions such as decoderbufs, hypopg, pg_cron, pg_partman, pg_stat_kcache, pgq, plpgsql_check, postgis, set_user and timescaledb

The Postgres Operator has been developed at Zalando and is being used in production for over two years.

Getting started

For a quick first impression follow the instructions of this tutorial.

Supported setups of Postgres and Applications

Documentation

There is a browser-friendly version of this documentation at postgres-operator.readthedocs.io

Google Summer of Code

The Postgres Operator made it to the Google Summer of Code 2019! Check our ideas and start discussions in the issue tracker.

Community

There are two places to get in touch with the community:

The GitHub issue tracker
The #postgres-operator slack channel