diff --git a/charts/postgres-operator-ui/index.yaml b/charts/postgres-operator-ui/index.yaml index ccd203a4c..1b89eeb60 100644 --- a/charts/postgres-operator-ui/index.yaml +++ b/charts/postgres-operator-ui/index.yaml @@ -3,10 +3,10 @@ entries: postgres-operator-ui: - apiVersion: v2 appVersion: 1.13.0 - created: "2024-08-14T14:02:17.144914554+02:00" + created: "2024-08-21T18:55:36.524305158+02:00" description: Postgres Operator UI provides a graphical interface for a convenient database-as-a-service user experience - digest: 5a14bbe8e7201ed1e24ef3d8239819342dad732d548f46f7d941a31ebf88abd7 + digest: e0444e516b50f82002d1a733527813c51759a627cefdd1005cea73659f824ea8 home: https://github.com/zalando/postgres-operator keywords: - postgres @@ -26,7 +26,7 @@ entries: version: 1.13.0 - apiVersion: v2 appVersion: 1.12.2 - created: "2024-08-14T14:02:17.144354843+02:00" + created: "2024-08-21T18:55:36.521875733+02:00" description: Postgres Operator UI provides a graphical interface for a convenient database-as-a-service user experience digest: cbcef400c23ccece27d97369ad629278265c013e0a45c0b7f33e7568a082fedd @@ -49,7 +49,7 @@ entries: version: 1.12.2 - apiVersion: v2 appVersion: 1.11.0 - created: "2024-08-14T14:02:17.143700797+02:00" + created: "2024-08-21T18:55:36.51959105+02:00" description: Postgres Operator UI provides a graphical interface for a convenient database-as-a-service user experience digest: a45f2284045c2a9a79750a36997386444f39b01ac722b17c84b431457577a3a2 @@ -72,7 +72,7 @@ entries: version: 1.11.0 - apiVersion: v2 appVersion: 1.10.1 - created: "2024-08-14T14:02:17.143111215+02:00" + created: "2024-08-21T18:55:36.516518177+02:00" description: Postgres Operator UI provides a graphical interface for a convenient database-as-a-service user experience digest: 2e5e7a82aebee519ec57c6243eb8735124aa4585a3a19c66ffd69638fbeb11ce @@ -95,7 +95,7 @@ entries: version: 1.10.1 - apiVersion: v2 appVersion: 1.9.0 - created: "2024-08-14T14:02:17.145472028+02:00" + created: "2024-08-21T18:55:36.52712908+02:00" description: Postgres Operator UI provides a graphical interface for a convenient database-as-a-service user experience digest: df434af6c8b697fe0631017ecc25e3c79e125361ae6622347cea41a545153bdc @@ -116,4 +116,4 @@ entries: urls: - postgres-operator-ui-1.9.0.tgz version: 1.9.0 -generated: "2024-08-14T14:02:17.142392976+02:00" +generated: "2024-08-21T18:55:36.512456099+02:00" diff --git a/charts/postgres-operator-ui/postgres-operator-ui-1.13.0.tgz b/charts/postgres-operator-ui/postgres-operator-ui-1.13.0.tgz index d6e146177..21aadc076 100644 Binary files a/charts/postgres-operator-ui/postgres-operator-ui-1.13.0.tgz and b/charts/postgres-operator-ui/postgres-operator-ui-1.13.0.tgz differ diff --git a/charts/postgres-operator/crds/operatorconfigurations.yaml b/charts/postgres-operator/crds/operatorconfigurations.yaml index e098264bd..5edb7044f 100644 --- a/charts/postgres-operator/crds/operatorconfigurations.yaml +++ b/charts/postgres-operator/crds/operatorconfigurations.yaml @@ -160,7 +160,7 @@ spec: properties: major_version_upgrade_mode: type: string - default: "off" + default: "manual" major_version_upgrade_team_allow_list: type: array items: @@ -472,7 +472,6 @@ spec: type: string additional_secret_mount_path: type: string - default: "/meta/credentials" aws_region: type: string default: "eu-central-1" diff --git a/charts/postgres-operator/index.yaml b/charts/postgres-operator/index.yaml index 047d9eb74..c72604daa 100644 --- a/charts/postgres-operator/index.yaml +++ b/charts/postgres-operator/index.yaml @@ -3,10 +3,10 @@ entries: postgres-operator: - apiVersion: v2 appVersion: 1.13.0 - created: "2024-08-14T14:01:24.925088044+02:00" + created: "2024-08-21T18:54:43.160735116+02:00" description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes - digest: 69a21a58741d68fb41da5de3ab3ffc510a22917808e3ccabd87725ce2fe836f8 + digest: a839601689aea0a7e6bc0712a5244d435683cf3314c95794097ff08540e1dfef home: https://github.com/zalando/postgres-operator keywords: - postgres @@ -25,7 +25,7 @@ entries: version: 1.13.0 - apiVersion: v2 appVersion: 1.12.2 - created: "2024-08-14T14:01:24.922871695+02:00" + created: "2024-08-21T18:54:43.152249286+02:00" description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes digest: 65858d14a40d7fd90c32bd9fc60021acc9555c161079f43a365c70171eaf21d8 @@ -47,7 +47,7 @@ entries: version: 1.12.2 - apiVersion: v2 appVersion: 1.11.0 - created: "2024-08-14T14:01:24.920660291+02:00" + created: "2024-08-21T18:54:43.145837894+02:00" description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes digest: 3914b5e117bda0834f05c9207f007e2ac372864cf6e86dcc2e1362bbe46c14d9 @@ -69,7 +69,7 @@ entries: version: 1.11.0 - apiVersion: v2 appVersion: 1.10.1 - created: "2024-08-14T14:01:24.918849768+02:00" + created: "2024-08-21T18:54:43.139552116+02:00" description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes digest: cc3baa41753da92466223d0b334df27e79c882296577b404a8e9071411fcf19c @@ -91,7 +91,7 @@ entries: version: 1.10.1 - apiVersion: v2 appVersion: 1.9.0 - created: "2024-08-14T14:01:24.927677088+02:00" + created: "2024-08-21T18:54:43.168490032+02:00" description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes digest: 64df90c898ca591eb3a330328173ffaadfbf9ddd474d8c42ed143edc9e3f4276 @@ -111,4 +111,4 @@ entries: urls: - postgres-operator-1.9.0.tgz version: 1.9.0 -generated: "2024-08-14T14:01:24.916933098+02:00" +generated: "2024-08-21T18:54:43.126871802+02:00" diff --git a/charts/postgres-operator/postgres-operator-1.13.0.tgz b/charts/postgres-operator/postgres-operator-1.13.0.tgz index 12a13b7ce..3d7ca4ce6 100644 Binary files a/charts/postgres-operator/postgres-operator-1.13.0.tgz and b/charts/postgres-operator/postgres-operator-1.13.0.tgz differ diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index d667816fb..472be7443 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -83,7 +83,7 @@ configUsers: configMajorVersionUpgrade: # "off": no upgrade, "manual": manifest triggers action, "full": minimal version violation triggers too - major_version_upgrade_mode: "off" + major_version_upgrade_mode: "manual" # upgrades will only be carried out for clusters of listed teams when mode is "off" # major_version_upgrade_team_allow_list: # - acid diff --git a/docs/reference/operator_parameters.md b/docs/reference/operator_parameters.md index 76ccf40da..5b1eb64c9 100644 --- a/docs/reference/operator_parameters.md +++ b/docs/reference/operator_parameters.md @@ -242,7 +242,7 @@ CRD-configuration, they are grouped under the `major_version_upgrade` key. `"manual"` = manifest triggers action, `"full"` = manifest and minimal version violation trigger upgrade. Note, that with all three modes increasing the version in the manifest will - trigger a rolling update of the pods. The default is `"off"`. + trigger a rolling update of the pods. The default is `"manual"`. * **major_version_upgrade_team_allow_list** Upgrades will only be carried out for clusters of listed teams when mode is diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml index 06497b75e..fc1013935 100644 --- a/manifests/configmap.yaml +++ b/manifests/configmap.yaml @@ -18,11 +18,11 @@ data: connection_pooler_default_memory_limit: 100Mi connection_pooler_default_memory_request: 100Mi connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-32" - # connection_pooler_max_db_connections: 60 - # connection_pooler_mode: "transaction" - # connection_pooler_number_of_instances: 2 - # connection_pooler_schema: "pooler" - # connection_pooler_user: "pooler" + connection_pooler_max_db_connections: "60" + connection_pooler_mode: "transaction" + connection_pooler_number_of_instances: "2" + connection_pooler_schema: "pooler" + connection_pooler_user: "pooler" crd_categories: "all" # custom_service_annotations: "keyx:valuez,keya:valuea" # custom_pod_annotations: "keya:valuea,keyb:valueb" @@ -36,15 +36,15 @@ data: # delete_annotation_name_key: delete-clustername docker_image: ghcr.io/zalando/spilo-16:3.3-p1 # downscaler_annotations: "deployment-time,downscaler/*" - # enable_admin_role_for_users: "true" - # enable_crd_registration: "true" - # enable_cross_namespace_secret: "false" + enable_admin_role_for_users: "true" + enable_crd_registration: "true" + enable_cross_namespace_secret: "false" enable_finalizers: "false" - # enable_database_access: "true" + enable_database_access: "true" enable_ebs_gp3_migration: "false" - # enable_ebs_gp3_migration_max_size: "1000" - # enable_init_containers: "true" - # enable_lazy_spilo_upgrade: "false" + enable_ebs_gp3_migration_max_size: "1000" + enable_init_containers: "true" + enable_lazy_spilo_upgrade: "false" enable_master_load_balancer: "false" enable_master_pooler_load_balancer: "false" enable_password_rotation: "false" @@ -52,22 +52,22 @@ data: enable_owner_references: "false" enable_persistent_volume_claim_deletion: "true" enable_pgversion_env_var: "true" - # enable_pod_antiaffinity: "false" - # enable_pod_disruption_budget: "true" - # enable_postgres_team_crd: "false" - # enable_postgres_team_crd_superusers: "false" + enable_pod_antiaffinity: "false" + enable_pod_disruption_budget: "true" + enable_postgres_team_crd: "false" + enable_postgres_team_crd_superusers: "false" enable_readiness_probe: "false" enable_replica_load_balancer: "false" enable_replica_pooler_load_balancer: "false" enable_secrets_deletion: "true" - # enable_shm_volume: "true" - # enable_sidecars: "true" + enable_shm_volume: "true" + enable_sidecars: "true" enable_spilo_wal_path_compat: "true" enable_team_id_clustername_prefix: "false" enable_team_member_deprecation: "false" - # enable_team_superuser: "false" + enable_team_superuser: "false" enable_teams_api: "false" - # etcd_host: "" + etcd_host: "" external_traffic_policy: "Cluster" # gcp_credentials: "" # ignored_annotations: "" @@ -77,56 +77,55 @@ data: # inherited_annotations: owned-by # inherited_labels: application,environment # kube_iam_role: "" - # kubernetes_use_configmaps: "false" + kubernetes_use_configmaps: "false" # log_s3_bucket: "" # logical_backup_azure_storage_account_name: "" # logical_backup_azure_storage_container: "" # logical_backup_azure_storage_account_key: "" # logical_backup_cpu_limit: "" # logical_backup_cpu_request: "" + logical_backup_cronjob_environment_secret: "" logical_backup_docker_image: "ghcr.io/zalando/postgres-operator/logical-backup:v1.13.0" # logical_backup_google_application_credentials: "" logical_backup_job_prefix: "logical-backup-" # logical_backup_memory_limit: "" # logical_backup_memory_request: "" logical_backup_provider: "s3" - # logical_backup_s3_access_key_id: "" + logical_backup_s3_access_key_id: "" logical_backup_s3_bucket: "my-bucket-url" - # logical_backup_s3_bucket_prefix: "spilo" - # logical_backup_s3_region: "" - # logical_backup_s3_endpoint: "" - # logical_backup_s3_secret_access_key: "" + logical_backup_s3_bucket_prefix: "spilo" + logical_backup_s3_region: "" + logical_backup_s3_endpoint: "" + logical_backup_s3_secret_access_key: "" logical_backup_s3_sse: "AES256" - # logical_backup_s3_retention_time: "" + logical_backup_s3_retention_time: "" logical_backup_schedule: "30 00 * * *" - # logical_backup_cronjob_environment_secret: "" major_version_upgrade_mode: "manual" # major_version_upgrade_team_allow_list: "" master_dns_name_format: "{cluster}.{namespace}.{hostedzone}" - # master_legacy_dns_name_format: "{cluster}.{team}.{hostedzone}" - # master_pod_move_timeout: 20m - # max_instances: "-1" - # min_instances: "-1" + master_legacy_dns_name_format: "{cluster}.{team}.{hostedzone}" + master_pod_move_timeout: 20m # max_cpu_request: "1" + max_instances: "-1" # max_memory_request: 4Gi - # min_cpu_limit: 250m - # min_memory_limit: 250Mi - # minimal_major_version: "12" + min_cpu_limit: 250m + min_instances: "-1" + min_memory_limit: 250Mi + minimal_major_version: "12" # node_readiness_label: "status:ready" # node_readiness_label_merge: "OR" - # oauth_token_secret_name: postgresql-operator - # pam_configuration: | - # https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees - # pam_role_name: zalandos + oauth_token_secret_name: postgresql-operator + pam_configuration: "https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees" + pam_role_name: zalandos patroni_api_check_interval: "1s" patroni_api_check_timeout: "5s" - # password_rotation_interval: "90" - # password_rotation_user_retention: "180" + password_rotation_interval: "90" + password_rotation_user_retention: "180" pdb_master_label_selector: "true" pdb_name_format: "postgres-{cluster}-pdb" persistent_volume_claim_retention_policy: "when_deleted:retain,when_scaled:retain" - # pod_antiaffinity_preferred_during_scheduling: "false" - # pod_antiaffinity_topology_key: "kubernetes.io/hostname" + pod_antiaffinity_preferred_during_scheduling: "false" + pod_antiaffinity_topology_key: "kubernetes.io/hostname" pod_deletion_wait_timeout: 10m # pod_environment_configmap: "default/my-custom-config" # pod_environment_secret: "my-custom-secret" @@ -134,17 +133,17 @@ data: pod_management_policy: "ordered_ready" # pod_priority_class_name: "postgres-pod-priority" pod_role_label: spilo-role - # pod_service_account_definition: "" + pod_service_account_definition: "" pod_service_account_name: "postgres-pod" - # pod_service_account_role_binding_definition: "" + pod_service_account_role_binding_definition: "" pod_terminate_grace_period: 5m - # postgres_superuser_teams: "postgres_superusers" - # protected_role_names: "admin,cron_admin" + postgres_superuser_teams: "postgres_superusers" + protected_role_names: "admin,cron_admin" ready_wait_interval: 3s ready_wait_timeout: 30s repair_period: 5m replica_dns_name_format: "{cluster}-repl.{namespace}.{hostedzone}" - # replica_legacy_dns_name_format: "{cluster}-repl.{team}.{hostedzone}" + replica_legacy_dns_name_format: "{cluster}-repl.{team}.{hostedzone}" replication_username: standby resource_check_interval: 3s resource_check_timeout: 10m @@ -154,7 +153,7 @@ data: secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}" share_pgsocket_with_sidecars: "false" # sidecar_docker_images: "" - # set_memory_request_to_limit: "false" + set_memory_request_to_limit: "false" spilo_allow_privilege_escalation: "true" # spilo_runasuser: 101 # spilo_runasgroup: 103 @@ -162,10 +161,10 @@ data: spilo_privileged: "false" storage_resize_mode: "pvc" super_username: postgres - # target_major_version: "16" - # team_admin_role: "admin" - # team_api_role_configuration: "log_statement:all" - # teams_api_url: http://fake-teams-api.default.svc.cluster.local + target_major_version: "16" + team_admin_role: "admin" + team_api_role_configuration: "log_statement:all" + teams_api_url: http://fake-teams-api.default.svc.cluster.local # toleration: "key:db-only,operator:Exists,effect:NoSchedule" # wal_az_storage_account: "" # wal_gs_bucket: "" diff --git a/manifests/operatorconfiguration.crd.yaml b/manifests/operatorconfiguration.crd.yaml index e0e37dde9..c2b0cf398 100644 --- a/manifests/operatorconfiguration.crd.yaml +++ b/manifests/operatorconfiguration.crd.yaml @@ -158,7 +158,7 @@ spec: properties: major_version_upgrade_mode: type: string - default: "off" + default: "manual" major_version_upgrade_team_allow_list: type: array items: @@ -470,7 +470,6 @@ spec: type: string additional_secret_mount_path: type: string - default: "/meta/credentials" aws_region: type: string default: "eu-central-1" diff --git a/manifests/postgres-operator.yaml b/manifests/postgres-operator.yaml index fbba84c7f..19fdc4ef4 100644 --- a/manifests/postgres-operator.yaml +++ b/manifests/postgres-operator.yaml @@ -19,7 +19,7 @@ spec: serviceAccountName: postgres-operator containers: - name: postgres-operator - image: ghcr.io/zalando/postgres-operator:v1.13.0 + image: registry.opensource.zalan.do/acid/postgres-operator-ui-test:3d448b0-pr-2729-3 imagePullPolicy: IfNotPresent resources: requests: diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml index 68273cadc..ecb7a03de 100644 --- a/manifests/postgresql-operator-default-configuration.yaml +++ b/manifests/postgresql-operator-default-configuration.yaml @@ -36,7 +36,7 @@ configuration: replication_username: standby super_username: postgres major_version_upgrade: - major_version_upgrade_mode: "off" + major_version_upgrade_mode: "manual" # major_version_upgrade_team_allow_list: # - acid minimal_major_version: "12" diff --git a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go index 17a1a4688..eb01d450c 100644 --- a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go +++ b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go @@ -47,7 +47,7 @@ type PostgresUsersConfiguration struct { // MajorVersionUpgradeConfiguration defines how to execute major version upgrades of Postgres. type MajorVersionUpgradeConfiguration struct { - MajorVersionUpgradeMode string `json:"major_version_upgrade_mode" default:"off"` // off - no actions, manual - manifest triggers action, full - manifest and minimal version violation trigger upgrade + MajorVersionUpgradeMode string `json:"major_version_upgrade_mode" default:"manual"` // off - no actions, manual - manifest triggers action, full - manifest and minimal version violation trigger upgrade MajorVersionUpgradeTeamAllowList []string `json:"major_version_upgrade_team_allow_list,omitempty"` MinimalMajorVersion string `json:"minimal_major_version" default:"12"` TargetMajorVersion string `json:"target_major_version" default:"16"` @@ -160,7 +160,7 @@ type AWSGCPConfiguration struct { LogS3Bucket string `json:"log_s3_bucket,omitempty"` KubeIAMRole string `json:"kube_iam_role,omitempty"` AdditionalSecretMount string `json:"additional_secret_mount,omitempty"` - AdditionalSecretMountPath string `json:"additional_secret_mount_path" default:"/meta/credentials"` + AdditionalSecretMountPath string `json:"additional_secret_mount_path,omitempty"` EnableEBSGp3Migration bool `json:"enable_ebs_gp3_migration" default:"false"` EnableEBSGp3MigrationMaxSize int64 `json:"enable_ebs_gp3_migration_max_size" default:"1000"` } diff --git a/pkg/controller/operator_config.go b/pkg/controller/operator_config.go index 26d25ebca..78e752f1d 100644 --- a/pkg/controller/operator_config.go +++ b/pkg/controller/operator_config.go @@ -60,7 +60,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur result.PasswordRotationUserRetention = util.CoalesceUInt32(fromCRD.PostgresUsersConfiguration.DeepCopy().PasswordRotationUserRetention, 180) // major version upgrade config - result.MajorVersionUpgradeMode = util.Coalesce(fromCRD.MajorVersionUpgrade.MajorVersionUpgradeMode, "off") + result.MajorVersionUpgradeMode = util.Coalesce(fromCRD.MajorVersionUpgrade.MajorVersionUpgradeMode, "manual") result.MajorVersionUpgradeTeamAllowList = fromCRD.MajorVersionUpgrade.MajorVersionUpgradeTeamAllowList result.MinimalMajorVersion = util.Coalesce(fromCRD.MajorVersionUpgrade.MinimalMajorVersion, "12") result.TargetMajorVersion = util.Coalesce(fromCRD.MajorVersionUpgrade.TargetMajorVersion, "16") @@ -174,7 +174,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur result.GCPCredentials = fromCRD.AWSGCP.GCPCredentials result.WALAZStorageAccount = fromCRD.AWSGCP.WALAZStorageAccount result.AdditionalSecretMount = fromCRD.AWSGCP.AdditionalSecretMount - result.AdditionalSecretMountPath = util.Coalesce(fromCRD.AWSGCP.AdditionalSecretMountPath, "/meta/credentials") + result.AdditionalSecretMountPath = fromCRD.AWSGCP.AdditionalSecretMountPath result.EnableEBSGp3Migration = fromCRD.AWSGCP.EnableEBSGp3Migration result.EnableEBSGp3MigrationMaxSize = util.CoalesceInt64(fromCRD.AWSGCP.EnableEBSGp3MigrationMaxSize, 1000) diff --git a/pkg/util/config/config.go b/pkg/util/config/config.go index 58c0e0de9..4c7b8db10 100644 --- a/pkg/util/config/config.go +++ b/pkg/util/config/config.go @@ -192,7 +192,7 @@ type Config struct { GCPCredentials string `name:"gcp_credentials"` WALAZStorageAccount string `name:"wal_az_storage_account"` AdditionalSecretMount string `name:"additional_secret_mount"` - AdditionalSecretMountPath string `name:"additional_secret_mount_path" default:"/meta/credentials"` + AdditionalSecretMountPath string `name:"additional_secret_mount_path"` EnableEBSGp3Migration bool `name:"enable_ebs_gp3_migration" default:"false"` EnableEBSGp3MigrationMaxSize int64 `name:"enable_ebs_gp3_migration_max_size" default:"1000"` DebugLogging bool `name:"debug_logging" default:"true"` @@ -244,7 +244,7 @@ type Config struct { EnablePgVersionEnvVar bool `name:"enable_pgversion_env_var" default:"true"` EnableSpiloWalPathCompat bool `name:"enable_spilo_wal_path_compat" default:"false"` EnableTeamIdClusternamePrefix bool `name:"enable_team_id_clustername_prefix" default:"false"` - MajorVersionUpgradeMode string `name:"major_version_upgrade_mode" default:"off"` + MajorVersionUpgradeMode string `name:"major_version_upgrade_mode" default:"manual"` MajorVersionUpgradeTeamAllowList []string `name:"major_version_upgrade_team_allow_list" default:""` MinimalMajorVersion string `name:"minimal_major_version" default:"12"` TargetMajorVersion string `name:"target_major_version" default:"16"`