diff --git a/.github/actions/verify-ready-instances/action.yml b/.github/actions/verify-cluster-ready/action.yml similarity index 81% rename from .github/actions/verify-ready-instances/action.yml rename to .github/actions/verify-cluster-ready/action.yml index 7a848e7f3..7e3a522b8 100644 --- a/.github/actions/verify-ready-instances/action.yml +++ b/.github/actions/verify-cluster-ready/action.yml @@ -13,7 +13,7 @@ inputs: runs: using: composite steps: - - name: Wait for cluster to become ready + - name: Wait for the cluster to become ready shell: bash run: | ITER=0 @@ -22,7 +22,7 @@ runs: echo "Cluster not ready" exit 1 fi - READY_INSTANCES=$(kubectl get cluster ${INPUT_CLUSTER_NAME} -o jsonpath='{.status.readyInstances}') + READY_INSTANCES=$(kubectl get clusters.postgresql.cnpg.io ${INPUT_CLUSTER_NAME} -o jsonpath='{.status.readyInstances}') if [[ "$READY_INSTANCES" == ${INPUT_READY_INSTANCES} ]]; then echo "Cluster up and running" break diff --git a/.github/actions/verify-pooler-ready/action.yml b/.github/actions/verify-pooler-ready/action.yml new file mode 100644 index 000000000..38a7f493b --- /dev/null +++ b/.github/actions/verify-pooler-ready/action.yml @@ -0,0 +1,32 @@ +name: Verifies that a CNPG cluster has a certain amount of ready instances +description: Verifies that a CNPG cluster has a certain amount of ready instances +inputs: + pooler-name: + description: The name of the pooler to verify + required: true + default: database-cluster + ready-instances: + description: The amount of ready instances to wait for + required: true + default: "3" + +runs: + using: composite + steps: + - name: Wait for the pooler to become ready + shell: bash + run: | + ITER=0 + while true; do + if [[ $ITER -ge 300 ]]; then + echo "Pooler not ready" + exit 1 + fi + READY_INSTANCES=$(kubectl get deployments.apps ${INPUT_POOLER_NAME} -o jsonpath='{.status.readyReplicas}') + if [[ "$READY_INSTANCES" == ${INPUT_READY_INSTANCES} ]]; then + echo "Pooler up and running" + break + fi + sleep 1 + (( ++ITER )) + done diff --git a/.github/workflows/tests-cluster-standalone.yml b/.github/workflows/tests-cluster-standalone.yml index d2b6166f8..d162c84e3 100644 --- a/.github/workflows/tests-cluster-standalone.yml +++ b/.github/workflows/tests-cluster-standalone.yml @@ -30,7 +30,42 @@ jobs: database ./charts/cluster - name: Verify that the cluster is ready - uses: ./.github/actions/verify-ready-instances + uses: ./.github/actions/verify-cluster-ready with: cluster-name: database-cluster ready-instances: 1 + + test-cluster-pgbouncer: + runs-on: ubuntu-22.04 + steps: + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + - name: Setup kind + uses: ./.github/actions/setup-kind + + - name: Deploy the operator + uses: ./.github/actions/deploy-operator + + - name: Deploy a standalone cluster + run: | + helm upgrade --install \ + --values charts/cluster/examples/pgbouncer.yaml \ + --namespace database \ + --create-namespace \ + --wait \ + database ./charts/cluster + + - name: Verify that the cluster is ready + uses: ./.github/actions/verify-cluster-ready + with: + cluster-name: database-cluster + ready-instances: 1 + + - name: Verify that the pooler is ready + uses: ./.github/actions/verify-pooler-ready + with: + pooler-name: database-cluster-pooler-rw + ready-instances: 1 diff --git a/.github/workflows/tests-operator.yml b/.github/workflows/tests-operator.yml index 1e043e43c..3177e32f5 100644 --- a/.github/workflows/tests-operator.yml +++ b/.github/workflows/tests-operator.yml @@ -35,7 +35,7 @@ jobs: EOF - name: Verify that the cluster is ready - uses: ./.github/actions/verify-ready-instances + uses: ./.github/actions/verify-cluster-ready with: cluster-name: cluster-example ready-instances: 3 diff --git a/charts/cluster/README.md b/charts/cluster/README.md index 0ad2c7973..85094a2ce 100644 --- a/charts/cluster/README.md +++ b/charts/cluster/README.md @@ -120,6 +120,9 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | backups.azure.storageAccount | string | `""` | | | backups.azure.storageKey | string | `""` | | | backups.azure.storageSasToken | string | `""` | | +| backups.data.compression | string | `"gzip"` | Data compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. | +| backups.data.encryption | string | `"AES256"` | Whether to instruct the storage provider to encrypt data files. One of `` (use the storage container default), `AES256` or `aws:kms`. | +| backups.data.jobs | int | `2` | Number of data files to be archived or restored in parallel. | | backups.destinationPath | string | `""` | Overrides the provider specific default path. Defaults to: S3: s3:// Azure: https://..core.windows.net/ Google: gs:// | | backups.enabled | bool | `false` | You need to configure backups manually, so backups are disabled by default. | | backups.endpointURL | string | `""` | Overrides the provider specific default endpoint. Defaults to: S3: https://s3..amazonaws.com" | @@ -137,24 +140,27 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | backups.scheduledBackups[0].backupOwnerReference | string | `"self"` | Backup owner reference | | backups.scheduledBackups[0].name | string | `"daily-backup"` | Scheduled backup name | | backups.scheduledBackups[0].schedule | string | `"0 0 0 * * *"` | Schedule in cron format | +| backups.wal.compression | string | `"gzip"` | WAL compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. | +| backups.wal.encryption | string | `"AES256"` | Whether to instruct the storage provider to encrypt WAL files. One of `` (use the storage container default), `AES256` or `aws:kms`. | +| backups.wal.maxParallel | int | `1` | Number of WAL files to be archived or restored in parallel. | | cluster.additionalLabels | object | `{}` | | -| cluster.affinity | object | `{"topologyKey":"topology.kubernetes.io/zone"}` | Affinity/Anti-affinity rules for Pods See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-AffinityConfiguration | +| cluster.affinity | object | `{"topologyKey":"topology.kubernetes.io/zone"}` | Affinity/Anti-affinity rules for Pods. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-AffinityConfiguration | | cluster.annotations | object | `{}` | | -| cluster.certificates | string | `nil` | The configuration for the CA and related certificates See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration | +| cluster.certificates | string | `nil` | The configuration for the CA and related certificates. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration | | cluster.enableSuperuserAccess | bool | `true` | When this option is enabled, the operator will use the SuperuserSecret to update the postgres user password. If the secret is not present, the operator will automatically create one. When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, and then blank the password of the postgres user by setting it to NULL. | | cluster.imageName | string | `""` | Name of the container image, supporting both tags (:) and digests for deterministic and repeatable deployments: :@sha256: | | cluster.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | -| cluster.imagePullSecrets | list | `[]` | The list of pull secrets to be used to pull the images See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-LocalObjectReference | -| cluster.initdb | object | `{}` | BootstrapInitDB is the configuration of the bootstrap process when initdb is used See: https://cloudnative-pg.io/documentation/current/bootstrap/ See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb | +| cluster.imagePullSecrets | list | `[]` | The list of pull secrets to be used to pull the images. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-LocalObjectReference | +| cluster.initdb | object | `{}` | BootstrapInitDB is the configuration of the bootstrap process when initdb is used. See: https://cloudnative-pg.io/documentation/current/bootstrap/ See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb | | cluster.instances | int | `3` | Number of instances | | cluster.logLevel | string | `"info"` | The instances' log level, one of the following values: error, warning, info (default), debug, trace | -| cluster.monitoring.customQueries | list | `[]` | | -| cluster.monitoring.enabled | bool | `false` | | -| cluster.monitoring.podMonitor.enabled | bool | `true` | | -| cluster.monitoring.prometheusRule.enabled | bool | `true` | | +| cluster.monitoring.customQueries | list | `[]` | Custom Prometheus metrics | +| cluster.monitoring.enabled | bool | `false` | Whether to enable monitoring | +| cluster.monitoring.podMonitor.enabled | bool | `true` | Whether to enable the PodMonitor | +| cluster.monitoring.prometheusRule.enabled | bool | `true` | Whether to enable the PrometheusRule automated alerts | | cluster.postgresGID | int | `26` | The GID of the postgres user inside the image, defaults to 26 | | cluster.postgresUID | int | `26` | The UID of the postgres user inside the image, defaults to 26 | -| cluster.postgresql | object | `{}` | Configuration of the PostgreSQL server See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration | +| cluster.postgresql | object | `{}` | Configuration of the PostgreSQL server. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration | | cluster.primaryUpdateMethod | string | `"switchover"` | Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated. It can be switchover (default) or in-place (restart). | | cluster.primaryUpdateStrategy | string | `"unsupervised"` | Strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be automated (unsupervised - default) or manual (supervised) | | cluster.priorityClassName | string | `""` | | @@ -167,8 +173,12 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | nameOverride | string | `""` | Override the name of the chart | | pooler.enabled | bool | `false` | Whether to enable PgBouncer | | pooler.instances | int | `3` | Number of PgBouncer instances | +| pooler.monitoring.enabled | bool | `false` | Whether to enable monitoring | +| pooler.monitoring.podMonitor.enabled | bool | `true` | Whether to enable the PodMonitor | | pooler.parameters | object | `{"default_pool_size":"25","max_client_conn":"1000"}` | PgBouncer configuration parameters | | pooler.poolMode | string | `"transaction"` | PgBouncer pooling mode | +| pooler.template | object | `{}` | Custom PgBouncer deployment template. Use to override image, specify resources, etc. | +| pooler.type | string | `"rw"` | PgBouncer type of service to forward traffic to. | | recovery.azure.connectionString | string | `""` | | | recovery.azure.containerName | string | `""` | | | recovery.azure.inheritFromAzureAD | bool | `false` | | diff --git a/charts/cluster/examples/pgbouncer.yaml b/charts/cluster/examples/pgbouncer.yaml new file mode 100644 index 000000000..1da966275 --- /dev/null +++ b/charts/cluster/examples/pgbouncer.yaml @@ -0,0 +1,8 @@ +mode: standalone +cluster: + instances: 1 +backups: + enabled: false +pooler: + enabled: true + instances: 1 diff --git a/charts/cluster/templates/_backup.tpl b/charts/cluster/templates/_backup.tpl index cb76d9b74..8b9a094d3 100644 --- a/charts/cluster/templates/_backup.tpl +++ b/charts/cluster/templates/_backup.tpl @@ -5,12 +5,13 @@ backup: retentionPolicy: {{ .Values.backups.retentionPolicy }} barmanObjectStore: wal: - compression: gzip - encryption: AES256 + compression: {{ .Values.backups.wal.compression }} + encryption: {{ .Values.backups.wal.encryption }} + maxParallel: {{ .Values.backups.wal.maxParallel }} data: - compression: gzip - encryption: AES256 - jobs: 2 + compression: {{ .Values.backups.data.compression }} + encryption: {{ .Values.backups.data.encryption }} + jobs: {{ .Values.backups.data.jobs }} {{- $d := dict "chartFullname" (include "cluster.fullname" .) "scope" .Values.backups }} {{- include "cluster.barmanObjectStoreConfig" $d | nindent 2 }} diff --git a/charts/cluster/templates/pooler.yaml b/charts/cluster/templates/pooler.yaml index 5a606d96d..5e01fe498 100644 --- a/charts/cluster/templates/pooler.yaml +++ b/charts/cluster/templates/pooler.yaml @@ -7,9 +7,15 @@ spec: cluster: name: {{ include "cluster.fullname" . }} instances: {{ .Values.pooler.instances }} - type: rw + type: {{ .Values.pooler.type }} pgbouncer: poolMode: {{ .Values.pooler.poolMode }} parameters: {{- .Values.pooler.parameters | toYaml | nindent 6 }} -{{ end }} \ No newline at end of file + monitoring: + enablePodMonitor: {{ and .Values.pooler.monitoring.enabled .Values.pooler.monitoring.podMonitor.enabled }} + {{- with .Values.pooler.template }} + template: + {{- . | toYaml | nindent 4 }} + {{- end }} +{{ end }} diff --git a/charts/cluster/templates/prometheus-rule.yaml b/charts/cluster/templates/prometheus-rule.yaml index 3da33025b..bc3ffde84 100644 --- a/charts/cluster/templates/prometheus-rule.yaml +++ b/charts/cluster/templates/prometheus-rule.yaml @@ -173,5 +173,5 @@ spec: ) > 0.9 for: 5m labels: - severity: warning + severity: critical {{ end }} diff --git a/charts/cluster/values.schema.json b/charts/cluster/values.schema.json index 2f08a58cd..3ee174fdc 100644 --- a/charts/cluster/values.schema.json +++ b/charts/cluster/values.schema.json @@ -34,6 +34,20 @@ } } }, + "data": { + "type": "object", + "properties": { + "compression": { + "type": "string" + }, + "encryption": { + "type": "string" + }, + "jobs": { + "type": "integer" + } + } + }, "destinationPath": { "type": "string" }, @@ -102,6 +116,20 @@ } } } + }, + "wal": { + "type": "object", + "properties": { + "compression": { + "type": "string" + }, + "encryption": { + "type": "string" + }, + "maxParallel": { + "type": "integer" + } + } } } }, @@ -228,6 +256,22 @@ "instances": { "type": "integer" }, + "monitoring": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "podMonitor": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + } + } + } + } + }, "parameters": { "type": "object", "properties": { @@ -241,6 +285,12 @@ }, "poolMode": { "type": "string" + }, + "template": { + "type": "object" + }, + "type": { + "type": "string" } } }, diff --git a/charts/cluster/values.yaml b/charts/cluster/values.yaml index c2b46ee65..07d979a4c 100644 --- a/charts/cluster/values.yaml +++ b/charts/cluster/values.yaml @@ -82,7 +82,7 @@ cluster: # More info: https://kubernetes.io/docs/concepts/containers/images#updating-images imagePullPolicy: IfNotPresent - # -- The list of pull secrets to be used to pull the images + # -- The list of pull secrets to be used to pull the images. # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-LocalObjectReference imagePullSecrets: [] @@ -121,12 +121,12 @@ cluster: # -- The instances' log level, one of the following values: error, warning, info (default), debug, trace logLevel: "info" - # -- Affinity/Anti-affinity rules for Pods + # -- Affinity/Anti-affinity rules for Pods. # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-AffinityConfiguration affinity: topologyKey: topology.kubernetes.io/zone - # -- The configuration for the CA and related certificates + # -- The configuration for the CA and related certificates. # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration certificates: @@ -138,11 +138,15 @@ cluster: superuserSecret: "" monitoring: + # -- Whether to enable monitoring enabled: false podMonitor: + # -- Whether to enable the PodMonitor enabled: true prometheusRule: + # -- Whether to enable the PrometheusRule automated alerts enabled: true + # -- Custom Prometheus metrics customQueries: [] # - name: "pg_cache_hit_ratio" # query: "SELECT current_database() as datname, sum(heap_blks_hit) / (sum(heap_blks_hit) + sum(heap_blks_read)) as ratio FROM pg_statio_user_tables;" @@ -154,12 +158,12 @@ cluster: # usage: GAUGE # description: "Cache hit ratio" - # -- Configuration of the PostgreSQL server + # -- Configuration of the PostgreSQL server. # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration postgresql: {} # max_connections: 300 - # -- BootstrapInitDB is the configuration of the bootstrap process when initdb is used + # -- BootstrapInitDB is the configuration of the bootstrap process when initdb is used. # See: https://cloudnative-pg.io/documentation/current/bootstrap/ # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb initdb: {} @@ -209,6 +213,21 @@ backups: gkeEnvironment: false applicationCredentials: "" + wal: + # -- WAL compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. + compression: gzip + # -- Whether to instruct the storage provider to encrypt WAL files. One of `` (use the storage container default), `AES256` or `aws:kms`. + encryption: AES256 + # -- Number of WAL files to be archived or restored in parallel. + maxParallel: 1 + data: + # -- Data compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. + compression: gzip + # -- Whether to instruct the storage provider to encrypt data files. One of `` (use the storage container default), `AES256` or `aws:kms`. + encryption: AES256 + # -- Number of data files to be archived or restored in parallel. + jobs: 2 + scheduledBackups: - # -- Scheduled backup name @@ -221,9 +240,12 @@ backups: # -- Retention policy for backups retentionPolicy: "30d" + pooler: # -- Whether to enable PgBouncer enabled: false + # -- PgBouncer type of service to forward traffic to. + type: rw # -- PgBouncer pooling mode poolMode: transaction # -- Number of PgBouncer instances @@ -232,3 +254,14 @@ pooler: parameters: max_client_conn: "1000" default_pool_size: "25" + + monitoring: + # -- Whether to enable monitoring + enabled: false + podMonitor: + # -- Whether to enable the PodMonitor + enabled: true + + # -- Custom PgBouncer deployment template. + # Use to override image, specify resources, etc. + template: {}