infrastructure/kubernetes
2
0
Fork 0
mirror of https://github.com/nofusscomputing/kubernetes.git synced 2025-08-02 04:22:42 +00:00
Code Issues Activity

feat(cloudnativepg_operator): upgrade 1.23.2 -> 1.26.0

Browse Source 
https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/1535f3c1742525b93f4f8bbb7dd37e42e122f41f/releases/cnpg-1.26.0.yaml

ref: #15 #13 infrastructure/argo#3
This commit is contained in:
Jon Lockwood
2025-07-16 00:26:01 +09:30
parent 68648160b6
commit 7c686554ec
25 changed files with 2574 additions and 614 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
manifests/cloudnativepg-operator/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
base/Namespace**

27
manifests/cloudnativepg-operator/base/ClusterRole-cnpg-database-editor-role.yaml Normal file
View File

@ -0,0 +1,27 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
name: cnpg-database-editor-role
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- databases
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- databases/status
verbs:
- get

23
manifests/cloudnativepg-operator/base/ClusterRole-cnpg-database-viewer-role.yaml Normal file
View File

@ -0,0 +1,23 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
name: cnpg-database-viewer-role
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- databases
verbs:
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- databases/status
verbs:
- get

161
manifests/cloudnativepg-operator/base/ClusterRole-cnpg-manager.yaml
View File

@ -8,6 +8,8 @@ rules:
- ''
resources:
- configmaps
- secrets
- services
verbs:
- create
- delete
@ -20,6 +22,7 @@ rules:
- ''
resources:
- configmaps/status
- secrets/status
verbs:
- get
- patch
@ -43,27 +46,7 @@ rules:
- ''
resources:
- persistentvolumeclaims
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- pods
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- pods/exec
verbs:
- create
@ -78,26 +61,6 @@ rules:
- pods/status
verbs:
- get
- apiGroups:
- ''
resources:
- secrets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ''
resources:
- secrets/status
verbs:
- get
- patch
- update
- apiGroups:
- ''
resources:
@ -109,44 +72,14 @@ rules:
- patch
- update
- watch
- apiGroups:
- ''
resources:
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- update
- apiGroups:
- apps
resources:
@ -205,6 +138,12 @@ rules:
- postgresql.cnpg.io
resources:
- backups
- clusters
- databases
- poolers
- publications
- scheduledbackups
- subscriptions
verbs:
- create
- delete
@ -217,6 +156,10 @@ rules:
- postgresql.cnpg.io
resources:
- backups/status
- databases/status
- publications/status
- scheduledbackups/status
- subscriptions/status
verbs:
- get
- patch
@ -225,40 +168,6 @@ rules:
- postgresql.cnpg.io
resources:
- clusterimagecatalogs
verbs:
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/finalizers
verbs:
- update
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/status
verbs:
- get
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- imagecatalogs
verbs:
- get
@ -267,64 +176,24 @@ rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- poolers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/finalizers
- poolers/finalizers
verbs:
- update
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/status
- poolers/status
verbs:
- get
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- scheduledbackups
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- scheduledbackups/status
verbs:
- get
- patch
- update
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- roles
verbs:
- create

27
manifests/cloudnativepg-operator/base/ClusterRole-cnpg-publication-editor-role.yaml Normal file
View File

@ -0,0 +1,27 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
name: cnpg-publication-editor-role
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- publications
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- publications/status
verbs:
- get

23
manifests/cloudnativepg-operator/base/ClusterRole-cnpg-publication-viewer-role.yaml Normal file
View File

@ -0,0 +1,23 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
name: cnpg-publication-viewer-role
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- publications
verbs:
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- publications/status
verbs:
- get

27
manifests/cloudnativepg-operator/base/ClusterRole-cnpg-subscription-editor-role.yaml Normal file
View File

@ -0,0 +1,27 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
name: cnpg-subscription-editor-role
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- subscriptions
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- subscriptions/status
verbs:
- get

23
manifests/cloudnativepg-operator/base/ClusterRole-cnpg-subscription-viewer-role.yaml Normal file
View File

@ -0,0 +1,23 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
name: cnpg-subscription-viewer-role
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- subscriptions
verbs:
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- subscriptions/status
verbs:
- get

2
manifests/cloudnativepg-operator/base/ClusterRoleBinding-cnpg-manager-rolebinding.yaml
View File

@ -10,4 +10,4 @@ roleRef:
subjects:
- kind: ServiceAccount
name: cnpg-manager
namespace: postgres
namespace: cnpg-system

100
manifests/cloudnativepg-operator/base/ConfigMap-cnpg-default-monitoring.yaml
View File

@ -78,6 +78,7 @@ data:
, pg_catalog.age(datfrozenxid) AS xid_age
, pg_catalog.mxid_age(datminmxid) AS mxid_age
FROM pg_catalog.pg_database
WHERE datallowconn
metrics:
- datname:
usage: "LABEL"
@ -242,6 +243,71 @@ data:
usage: "COUNTER"
description: "Number of buffers allocated"
pg_stat_bgwriter_17:
runonserver: ">=17.0.0"
name: pg_stat_bgwriter
query: |
SELECT buffers_clean
, maxwritten_clean
, buffers_alloc
, EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
FROM pg_catalog.pg_stat_bgwriter
metrics:
- buffers_clean:
usage: "COUNTER"
description: "Number of buffers written by the background writer"
- maxwritten_clean:
usage: "COUNTER"
description: "Number of times the background writer stopped a cleaning scan because it had written too many buffers"
- buffers_alloc:
usage: "COUNTER"
description: "Number of buffers allocated"
- stats_reset_time:
usage: "GAUGE"
description: "Time at which these statistics were last reset"
pg_stat_checkpointer:
runonserver: ">=17.0.0"
query: |
SELECT num_timed AS checkpoints_timed
, num_requested AS checkpoints_req
, restartpoints_timed
, restartpoints_req
, restartpoints_done
, write_time
, sync_time
, buffers_written
, EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
FROM pg_catalog.pg_stat_checkpointer
metrics:
- checkpoints_timed:
usage: "COUNTER"
description: "Number of scheduled checkpoints that have been performed"
- checkpoints_req:
usage: "COUNTER"
description: "Number of requested checkpoints that have been performed"
- restartpoints_timed:
usage: "COUNTER"
description: "Number of scheduled restartpoints due to timeout or after a failed attempt to perform it"
- restartpoints_req:
usage: "COUNTER"
description: "Number of requested restartpoints that have been performed"
- restartpoints_done:
usage: "COUNTER"
description: "Number of restartpoints that have been performed"
- write_time:
usage: "COUNTER"
description: "Total amount of time that has been spent in the portion of processing checkpoints and restartpoints where files are written to disk, in milliseconds"
- sync_time:
usage: "COUNTER"
description: "Total amount of time that has been spent in the portion of processing checkpoints and restartpoints where files are synchronized to disk, in milliseconds"
- buffers_written:
usage: "COUNTER"
description: "Number of buffers written during checkpoints and restartpoints"
- stats_reset_time:
usage: "GAUGE"
description: "Time at which these statistics were last reset"
pg_stat_database:
query: |
SELECT datname
@ -383,9 +449,41 @@ data:
- setting:
usage: "GAUGE"
description: "Setting value"
pg_extensions:
query: |
SELECT
current_database() as datname,
name as extname,
default_version,
installed_version,
CASE
WHEN default_version = installed_version THEN 0
ELSE 1
END AS update_available
FROM pg_catalog.pg_available_extensions
WHERE installed_version IS NOT NULL
metrics:
- datname:
usage: "LABEL"
description: "Name of the database"
- extname:
usage: "LABEL"
description: "Extension name"
- default_version:
usage: "LABEL"
description: "Default version"
- installed_version:
usage: "LABEL"
description: "Installed version"
- update_available:
usage: "GAUGE"
description: "An update is available"
target_databases:
- '*'
kind: ConfigMap
metadata:
labels:
cnpg.io/reload: ''
name: cnpg-default-monitoring
namespace: postgres
namespace: cnpg-system

10
manifests/cloudnativepg-operator/base/CustomResourceDefinition-backups-postgresql-cnpg-io.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
controller-gen.kubebuilder.io/version: v0.17.3
name: backups.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
@ -33,7 +33,8 @@ spec:
name: v1
schema:
openAPIV3Schema:
description: Backup is the Schema for the backups API
description: A Backup resource is a request for a PostgreSQL backup by
the user.
properties:
apiVersion:
description: |-
@ -321,6 +322,11 @@ spec:
phase:
description: The last backup status
type: string
pluginMetadata:
additionalProperties:
type: string
description: A map containing the plugin metadata
type: object
s3Credentials:
description: The credentials to use to upload data to S3
properties:

2
manifests/cloudnativepg-operator/base/CustomResourceDefinition-clusterimagecatalogs-postgresql-cnpg-io.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
controller-gen.kubebuilder.io/version: v0.17.3
name: clusterimagecatalogs.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io

1194
manifests/cloudnativepg-operator/base/CustomResourceDefinition-clusters-postgresql-cnpg-io.yaml
View File

File diff suppressed because it is too large Load Diff

382
manifests/cloudnativepg-operator/base/CustomResourceDefinition-databases-postgresql-cnpg-io.yaml Normal file
View File

@ -0,0 +1,382 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.3
name: databases.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: Database
listKind: DatabaseList
plural: databases
singular: database
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .spec.name
name: PG Name
type: string
- jsonPath: .status.applied
name: Applied
type: boolean
- description: Latest reconciliation message
jsonPath: .status.message
name: Message
type: string
name: v1
schema:
openAPIV3Schema:
description: Database is the Schema for the databases API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Specification of the desired Database.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
allowConnections:
description: |-
Maps to the `ALLOW_CONNECTIONS` parameter of `CREATE DATABASE` and
`ALTER DATABASE`. If false then no one can connect to this database.
type: boolean
builtinLocale:
description: |-
Maps to the `BUILTIN_LOCALE` parameter of `CREATE DATABASE`. This
setting cannot be changed. Specifies the locale name when the
builtin provider is used. This option requires `localeProvider` to
be set to `builtin`. Available from PostgreSQL 17.
type: string
x-kubernetes-validations:
- message: builtinLocale is immutable
rule: self == oldSelf
cluster:
description: The name of the PostgreSQL cluster hosting the
database.
properties:
name:
default: ''
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
collationVersion:
description: |-
Maps to the `COLLATION_VERSION` parameter of `CREATE DATABASE`. This
setting cannot be changed.
type: string
x-kubernetes-validations:
- message: collationVersion is immutable
rule: self == oldSelf
connectionLimit:
description: |-
Maps to the `CONNECTION LIMIT` clause of `CREATE DATABASE` and
`ALTER DATABASE`. How many concurrent connections can be made to
this database. -1 (the default) means no limit.
type: integer
databaseReclaimPolicy:
default: retain
description: The policy for end-of-life maintenance of this
database.
enum:
- delete
- retain
type: string
encoding:
description: |-
Maps to the `ENCODING` parameter of `CREATE DATABASE`. This setting
cannot be changed. Character set encoding to use in the database.
type: string
x-kubernetes-validations:
- message: encoding is immutable
rule: self == oldSelf
ensure:
default: present
description: Ensure the PostgreSQL database is `present` or
`absent` - defaults to "present".
enum:
- present
- absent
type: string
extensions:
description: The list of extensions to be managed in the
database
items:
description: ExtensionSpec configures an extension in a
database
properties:
ensure:
default: present
description: |-
Specifies whether an extension/schema should be present or absent in
the database. If set to `present`, the extension/schema will be
created if it does not exist. If set to `absent`, the
extension/schema will be removed if it exists.
enum:
- present
- absent
type: string
name:
description: Name of the extension/schema
type: string
schema:
description: |-
The name of the schema in which to install the extension's objects,
in case the extension allows its contents to be relocated. If not
specified (default), and the extension's control file does not
specify a schema either, the current default object creation schema
is used.
type: string
version:
description: |-
The version of the extension to install. If empty, the operator will
install the default version (whatever is specified in the
extension's control file)
type: string
required:
- name
type: object
type: array
icuLocale:
description: |-
Maps to the `ICU_LOCALE` parameter of `CREATE DATABASE`. This
setting cannot be changed. Specifies the ICU locale when the ICU
provider is used. This option requires `localeProvider` to be set to
`icu`. Available from PostgreSQL 15.
type: string
x-kubernetes-validations:
- message: icuLocale is immutable
rule: self == oldSelf
icuRules:
description: |-
Maps to the `ICU_RULES` parameter of `CREATE DATABASE`. This setting
cannot be changed. Specifies additional collation rules to customize
the behavior of the default collation. This option requires
`localeProvider` to be set to `icu`. Available from PostgreSQL 16.
type: string
x-kubernetes-validations:
- message: icuRules is immutable
rule: self == oldSelf
isTemplate:
description: |-
Maps to the `IS_TEMPLATE` parameter of `CREATE DATABASE` and `ALTER
DATABASE`. If true, this database is considered a template and can
be cloned by any user with `CREATEDB` privileges.
type: boolean
locale:
description: |-
Maps to the `LOCALE` parameter of `CREATE DATABASE`. This setting
cannot be changed. Sets the default collation order and character
classification in the new database.
type: string
x-kubernetes-validations:
- message: locale is immutable
rule: self == oldSelf
localeCType:
description: |-
Maps to the `LC_CTYPE` parameter of `CREATE DATABASE`. This setting
cannot be changed.
type: string
x-kubernetes-validations:
- message: localeCType is immutable
rule: self == oldSelf
localeCollate:
description: |-
Maps to the `LC_COLLATE` parameter of `CREATE DATABASE`. This
setting cannot be changed.
type: string
x-kubernetes-validations:
- message: localeCollate is immutable
rule: self == oldSelf
localeProvider:
description: |-
Maps to the `LOCALE_PROVIDER` parameter of `CREATE DATABASE`. This
setting cannot be changed. This option sets the locale provider for
databases created in the new cluster. Available from PostgreSQL 16.
type: string
x-kubernetes-validations:
- message: localeProvider is immutable
rule: self == oldSelf
name:
description: The name of the database to create inside
PostgreSQL. This setting cannot be changed.
type: string
x-kubernetes-validations:
- message: name is immutable
rule: self == oldSelf
- message: the name postgres is reserved
rule: self != 'postgres'
- message: the name template0 is reserved
rule: self != 'template0'
- message: the name template1 is reserved
rule: self != 'template1'
owner:
description: |-
Maps to the `OWNER` parameter of `CREATE DATABASE`.
Maps to the `OWNER TO` command of `ALTER DATABASE`.
The role name of the user who owns the database inside PostgreSQL.
type: string
schemas:
description: The list of schemas to be managed in the database
items:
description: SchemaSpec configures a schema in a database
properties:
ensure:
default: present
description: |-
Specifies whether an extension/schema should be present or absent in
the database. If set to `present`, the extension/schema will be
created if it does not exist. If set to `absent`, the
extension/schema will be removed if it exists.
enum:
- present
- absent
type: string
name:
description: Name of the extension/schema
type: string
owner:
description: |-
The role name of the user who owns the schema inside PostgreSQL.
It maps to the `AUTHORIZATION` parameter of `CREATE SCHEMA` and the
`OWNER TO` command of `ALTER SCHEMA`.
type: string
required:
- name
type: object
type: array
tablespace:
description: |-
Maps to the `TABLESPACE` parameter of `CREATE DATABASE`.
Maps to the `SET TABLESPACE` command of `ALTER DATABASE`.
The name of the tablespace (in PostgreSQL) that will be associated
with the new database. This tablespace will be the default
tablespace used for objects created in this database.
type: string
template:
description: |-
Maps to the `TEMPLATE` parameter of `CREATE DATABASE`. This setting
cannot be changed. The name of the template from which to create
this database.
type: string
x-kubernetes-validations:
- message: template is immutable
rule: self == oldSelf
required:
- cluster
- name
- owner
type: object
x-kubernetes-validations:
- message: builtinLocale is only available when localeProvider
is set to `builtin`
rule: "!has(self.builtinLocale) || self.localeProvider == 'builtin'"
- message: icuLocale is only available when localeProvider is
set to `icu`
rule: "!has(self.icuLocale) || self.localeProvider == 'icu'"
- message: icuRules is only available when localeProvider is set
to `icu`
rule: "!has(self.icuRules) || self.localeProvider == 'icu'"
status:
description: |-
Most recently observed status of the Database. This data may not be up to
date. Populated by the system. Read-only.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
applied:
description: Applied is true if the database was reconciled
correctly
type: boolean
extensions:
description: Extensions is the status of the managed
extensions
items:
description: DatabaseObjectStatus is the status of the
managed database objects
properties:
applied:
description: |-
True of the object has been installed successfully in
the database
type: boolean
message:
description: Message is the object reconciliation
message
type: string
name:
description: The name of the object
type: string
required:
- applied
- name
type: object
type: array
message:
description: Message is the reconciliation output message
type: string
observedGeneration:
description: |-
A sequence number representing the latest
desired state that was synchronized
format: int64
type: integer
schemas:
description: Schemas is the status of the managed schemas
items:
description: DatabaseObjectStatus is the status of the
managed database objects
properties:
applied:
description: |-
True of the object has been installed successfully in
the database
type: boolean
message:
description: Message is the object reconciliation
message
type: string
name:
description: The name of the object
type: string
required:
- applied
- name
type: object
type: array
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

2
manifests/cloudnativepg-operator/base/CustomResourceDefinition-imagecatalogs-postgresql-cnpg-io.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
controller-gen.kubebuilder.io/version: v0.17.3
name: imagecatalogs.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io

744
manifests/cloudnativepg-operator/base/CustomResourceDefinition-poolers-postgresql-cnpg-io.yaml
View File

File diff suppressed because it is too large Load Diff

201
manifests/cloudnativepg-operator/base/CustomResourceDefinition-publications-postgresql-cnpg-io.yaml Normal file
View File

@ -0,0 +1,201 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.3
name: publications.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: Publication
listKind: PublicationList
plural: publications
singular: publication
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .spec.name
name: PG Name
type: string
- jsonPath: .status.applied
name: Applied
type: boolean
- description: Latest reconciliation message
jsonPath: .status.message
name: Message
type: string
name: v1
schema:
openAPIV3Schema:
description: Publication is the Schema for the publications API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PublicationSpec defines the desired state of
Publication
properties:
cluster:
description: The name of the PostgreSQL cluster that
identifies the "publisher"
properties:
name:
default: ''
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
dbname:
description: |-
The name of the database where the publication will be installed in
the "publisher" cluster
type: string
x-kubernetes-validations:
- message: dbname is immutable
rule: self == oldSelf
name:
description: The name of the publication inside PostgreSQL
type: string
x-kubernetes-validations:
- message: name is immutable
rule: self == oldSelf
parameters:
additionalProperties:
type: string
description: |-
Publication parameters part of the `WITH` clause as expected by
PostgreSQL `CREATE PUBLICATION` command
type: object
publicationReclaimPolicy:
default: retain
description: The policy for end-of-life maintenance of this
publication
enum:
- delete
- retain
type: string
target:
description: Target of the publication as expected by
PostgreSQL `CREATE PUBLICATION` command
properties:
allTables:
description: |-
Marks the publication as one that replicates changes for all tables
in the database, including tables created in the future.
Corresponding to `FOR ALL TABLES` in PostgreSQL.
type: boolean
x-kubernetes-validations:
- message: allTables is immutable
rule: self == oldSelf
objects:
description: Just the following schema objects
items:
description: PublicationTargetObject is an object to
publish
properties:
table:
description: |-
Specifies a list of tables to add to the publication. Corresponding
to `FOR TABLE` in PostgreSQL.
properties:
columns:
description: The columns to publish
items:
type: string
type: array
name:
description: The table name
type: string
only:
description: Whether to limit to the table only
or include all its descendants
type: boolean
schema:
description: The schema name
type: string
required:
- name
type: object
tablesInSchema:
description: |-
Marks the publication as one that replicates changes for all tables
in the specified list of schemas, including tables created in the
future. Corresponding to `FOR TABLES IN SCHEMA` in PostgreSQL.
type: string
type: object
x-kubernetes-validations:
- message: tablesInSchema and table are mutually
exclusive
rule: (has(self.tablesInSchema) && !has(self.table))
|| (!has(self.tablesInSchema) && has(self.table))
maxItems: 100000
type: array
x-kubernetes-validations:
- message: specifying a column list when the publication
also publishes tablesInSchema is not supported
rule: '!(self.exists(o, has(o.table) && has(o.table.columns))
&& self.exists(o, has(o.tablesInSchema)))'
type: object
x-kubernetes-validations:
- message: allTables and objects are mutually exclusive
rule: (has(self.allTables) && !has(self.objects)) ||
(!has(self.allTables) && has(self.objects))
required:
- cluster
- dbname
- name
- target
type: object
status:
description: PublicationStatus defines the observed state of
Publication
properties:
applied:
description: Applied is true if the publication was reconciled
correctly
type: boolean
message:
description: Message is the reconciliation output message
type: string
observedGeneration:
description: |-
A sequence number representing the latest
desired state that was synchronized
format: int64
type: integer
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

7
manifests/cloudnativepg-operator/base/CustomResourceDefinition-scheduledbackups-postgresql-cnpg-io.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
controller-gen.kubebuilder.io/version: v0.17.3
name: scheduledbackups.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
@ -80,11 +80,12 @@ spec:
method:
default: barmanObjectStore
description: |-
The backup method to be used, possible options are `barmanObjectStore`
and `volumeSnapshot`. Defaults to: `barmanObjectStore`.
The backup method to be used, possible options are `barmanObjectStore`,
`volumeSnapshot` or `plugin`. Defaults to: `barmanObjectStore`.
enum:
- barmanObjectStore
- volumeSnapshot
- plugin
type: string
online:
description: |-

150
manifests/cloudnativepg-operator/base/CustomResourceDefinition-subscriptions-postgresql-cnpg-io.yaml Normal file
View File

@ -0,0 +1,150 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.3
name: subscriptions.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: Subscription
listKind: SubscriptionList
plural: subscriptions
singular: subscription
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .spec.name
name: PG Name
type: string
- jsonPath: .status.applied
name: Applied
type: boolean
- description: Latest reconciliation message
jsonPath: .status.message
name: Message
type: string
name: v1
schema:
openAPIV3Schema:
description: Subscription is the Schema for the subscriptions API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: SubscriptionSpec defines the desired state of
Subscription
properties:
cluster:
description: The name of the PostgreSQL cluster that
identifies the "subscriber"
properties:
name:
default: ''
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
dbname:
description: |-
The name of the database where the publication will be installed in
the "subscriber" cluster
type: string
x-kubernetes-validations:
- message: dbname is immutable
rule: self == oldSelf
externalClusterName:
description: The name of the external cluster with the
publication ("publisher")
type: string
name:
description: The name of the subscription inside PostgreSQL
type: string
x-kubernetes-validations:
- message: name is immutable
rule: self == oldSelf
parameters:
additionalProperties:
type: string
description: |-
Subscription parameters part of the `WITH` clause as expected by
PostgreSQL `CREATE SUBSCRIPTION` command
type: object
publicationDBName:
description: |-
The name of the database containing the publication on the external
cluster. Defaults to the one in the external cluster definition.
type: string
publicationName:
description: |-
The name of the publication inside the PostgreSQL database in the
"publisher"
type: string
subscriptionReclaimPolicy:
default: retain
description: The policy for end-of-life maintenance of this
subscription
enum:
- delete
- retain
type: string
required:
- cluster
- dbname
- externalClusterName
- name
- publicationName
type: object
status:
description: SubscriptionStatus defines the observed state of
Subscription
properties:
applied:
description: Applied is true if the subscription was
reconciled correctly
type: boolean
message:
description: Message is the reconciliation output message
type: string
observedGeneration:
description: |-
A sequence number representing the latest
desired state that was synchronized
format: int64
type: integer
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

15
manifests/cloudnativepg-operator/base/Deployment-cnpg-controller-manager.yaml
View File

@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: cloudnative-pg
name: cnpg-controller-manager
namespace: postgres
namespace: cnpg-system
spec:
replicas: 1
selector:
@ -20,6 +20,7 @@ spec:
- args:
- controller
- --leader-elect
- --max-concurrent-reconciles=10
- --config-map-name=cnpg-controller-manager-config
- --secret-name=cnpg-controller-manager-config
- --webhook-port=9443
@ -27,14 +28,15 @@ spec:
- /manager
env:
- name: OPERATOR_IMAGE_NAME
value: ghcr.io/cloudnative-pg/cloudnative-pg:1.23.2
value: ghcr.io/cloudnative-pg/cloudnative-pg:1.26.0
- name: OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: MONITORING_QUERIES_CONFIGMAP
value: cnpg-default-monitoring
image: ghcr.io/cloudnative-pg/cloudnative-pg:1.23.2
image: ghcr.io/cloudnative-pg/cloudnative-pg:1.26.0
imagePullPolicy: Always
livenessProbe:
httpGet:
path: /readyz
@ -70,6 +72,13 @@ spec:
runAsUser: 10001
seccompProfile:
type: RuntimeDefault
startupProbe:
failureThreshold: 6
httpGet:
path: /readyz
port: 9443
scheme: HTTPS
periodSeconds: 5
volumeMounts:
- mountPath: /controller
name: scratch-data

26
manifests/cloudnativepg-operator/base/MutatingWebhookConfiguration-cnpg-mutating-webhook-configuration.yaml
View File

@ -9,7 +9,7 @@ webhooks:
clientConfig:
service:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
path: /mutate-postgresql-cnpg-io-v1-backup
failurePolicy: Fail
name: mbackup.cnpg.io
@ -29,7 +29,7 @@ webhooks:
clientConfig:
service:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
path: /mutate-postgresql-cnpg-io-v1-cluster
failurePolicy: Fail
name: mcluster.cnpg.io
@ -49,7 +49,27 @@ webhooks:
clientConfig:
service:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
path: /mutate-postgresql-cnpg-io-v1-database
failurePolicy: Fail
name: mdatabase.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- databases
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cnpg-system
path: /mutate-postgresql-cnpg-io-v1-scheduledbackup
failurePolicy: Fail
name: mscheduledbackup.cnpg.io

2
manifests/cloudnativepg-operator/base/Service-cnpg-webhook-service.yaml
View File

@ -3,7 +3,7 @@ apiVersion: v1
kind: Service
metadata:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
spec:
ports:
- port: 443

2
manifests/cloudnativepg-operator/base/ServiceAccount-cnpg-manager.yaml
View File

@ -3,4 +3,4 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: cnpg-manager
namespace: postgres
namespace: cnpg-system

28
manifests/cloudnativepg-operator/base/ValidatingWebhookConfiguration-cnpg-validating-webhook-configuration.yaml
View File

@ -9,7 +9,7 @@ webhooks:
clientConfig:
service:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
path: /validate-postgresql-cnpg-io-v1-backup
failurePolicy: Fail
name: vbackup.cnpg.io
@ -29,7 +29,7 @@ webhooks:
clientConfig:
service:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
path: /validate-postgresql-cnpg-io-v1-cluster
failurePolicy: Fail
name: vcluster.cnpg.io
@ -49,7 +49,27 @@ webhooks:
clientConfig:
service:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
path: /validate-postgresql-cnpg-io-v1-database
failurePolicy: Fail
name: vdatabase.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- databases
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cnpg-system
path: /validate-postgresql-cnpg-io-v1-pooler
failurePolicy: Fail
name: vpooler.cnpg.io
@ -69,7 +89,7 @@ webhooks:
clientConfig:
service:
name: cnpg-webhook-service
namespace: postgres
namespace: cnpg-system
path: /validate-postgresql-cnpg-io-v1-scheduledbackup
failurePolicy: Fail
name: vscheduledbackup.cnpg.io

9
manifests/cloudnativepg-operator/base/kustomization.yaml
View File

@ -7,15 +7,24 @@ namespace: operators
resources:
- ClusterRole-cnpg-database-editor-role.yaml
- ClusterRole-cnpg-database-viewer-role.yaml
- ClusterRole-cnpg-manager.yaml
- ClusterRole-cnpg-publication-editor-role.yaml
- ClusterRole-cnpg-publication-viewer-role.yaml
- ClusterRole-cnpg-subscription-editor-role.yaml
- ClusterRole-cnpg-subscription-viewer-role.yaml
- ClusterRoleBinding-cnpg-manager-rolebinding.yaml
- ConfigMap-cnpg-default-monitoring.yaml
- CustomResourceDefinition-backups-postgresql-cnpg-io.yaml
- CustomResourceDefinition-clusterimagecatalogs-postgresql-cnpg-io.yaml
- CustomResourceDefinition-clusters-postgresql-cnpg-io.yaml
- CustomResourceDefinition-databases-postgresql-cnpg-io.yaml
- CustomResourceDefinition-imagecatalogs-postgresql-cnpg-io.yaml
- CustomResourceDefinition-poolers-postgresql-cnpg-io.yaml
- CustomResourceDefinition-publications-postgresql-cnpg-io.yaml
- CustomResourceDefinition-scheduledbackups-postgresql-cnpg-io.yaml
- CustomResourceDefinition-subscriptions-postgresql-cnpg-io.yaml
- Deployment-cnpg-controller-manager.yaml
- MutatingWebhookConfiguration-cnpg-mutating-webhook-configuration.yaml
- Service-cnpg-webhook-service.yaml