diff --git a/charts/paradedb/README.md b/charts/paradedb/README.md index 75bff666e..67ada2d92 100644 --- a/charts/paradedb/README.md +++ b/charts/paradedb/README.md @@ -204,7 +204,7 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | cluster.monitoring.customQueries | list | `[]` | Custom Prometheus metrics Will be stored in the ConfigMap | | cluster.monitoring.customQueriesSecret | list | `[]` | The list of secrets containing the custom queries | | cluster.monitoring.disableDefaultQueries | bool | `false` | Whether the default queries should be injected. Set it to true if you don't want to inject default queries into the cluster. | -| cluster.monitoring.enabled | bool | `true` | Whether to enable monitoring | +| cluster.monitoring.enabled | bool | `false` | Whether to enable monitoring | | cluster.monitoring.podMonitor.enabled | bool | `true` | Whether to enable the PodMonitor | | cluster.monitoring.podMonitor.metricRelabelings | list | `[]` | The list of metric relabelings for the PodMonitor. Applied to samples before ingestion. | | cluster.monitoring.podMonitor.relabelings | list | `[]` | The list of relabelings for the PodMonitor. Applied to samples before scraping. | @@ -212,7 +212,7 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | cluster.monitoring.prometheusRule.excludeRules | list | `[]` | Exclude specified rules | | cluster.postgresGID | int | `-1` | The GID of the postgres user inside the image, defaults to 26 | | cluster.postgresUID | int | `-1` | The UID of the postgres user inside the image, defaults to 26 | -| cluster.postgresql.parameters | object | `{"cron.database_name":"postgres"}` | PostgreSQL configuration options (postgresql.conf) | +| cluster.postgresql.parameters | object | `{}` | PostgreSQL configuration options (postgresql.conf) | | cluster.postgresql.pg_hba | list | `[]` | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) | | cluster.postgresql.pg_ident | list | `[]` | PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file) | | cluster.postgresql.shared_preload_libraries | list | `[]` | Lists of shared preload libraries to add to the default ones | @@ -251,7 +251,27 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | recovery.google.bucket | string | `""` | | | recovery.google.gkeEnvironment | bool | `false` | | | recovery.google.path | string | `"/"` | | -| recovery.method | string | `"backup"` | Available recovery methods: * `backup` - Recovers a CNPG cluster from a CNPG backup (PITR supported) Needs to be on the same cluster in the same namespace. * `object_store` - Recovers a CNPG cluster from a barman object store (PITR supported). * `pg_basebackup` - Recovers a CNPG cluster viaa streaming replication protocol. Useful if you want to migrate databases to CloudNativePG, even from outside Kubernetes. # TODO | +| recovery.import.databases | list | `[]` | Databases to import | +| recovery.import.postImportApplicationSQL | list | `[]` | List of SQL queries to be executed as a superuser in the application database right after is imported. To be used with extreme care. Only available in microservice type. | +| recovery.import.roles | list | `[]` | Roles to import | +| recovery.import.schemaOnly | bool | `false` | When set to true, only the pre-data and post-data sections of pg_restore are invoked, avoiding data import. | +| recovery.import.source.database | string | `"paradedb"` | | +| recovery.import.source.host | string | `""` | | +| recovery.import.source.passwordSecret.create | bool | `false` | Whether to create a secret for the password | +| recovery.import.source.passwordSecret.key | string | `"password"` | The key in the secret containing the password | +| recovery.import.source.passwordSecret.name | string | `""` | Name of the secret containing the password | +| recovery.import.source.passwordSecret.value | string | `""` | The password value to use when creating the secret | +| recovery.import.source.port | int | `5432` | | +| recovery.import.source.sslCertSecret.key | string | `""` | | +| recovery.import.source.sslCertSecret.name | string | `""` | | +| recovery.import.source.sslKeySecret.key | string | `""` | | +| recovery.import.source.sslKeySecret.name | string | `""` | | +| recovery.import.source.sslMode | string | `"verify-full"` | | +| recovery.import.source.sslRootCertSecret.key | string | `""` | | +| recovery.import.source.sslRootCertSecret.name | string | `""` | | +| recovery.import.source.username | string | `""` | | +| recovery.import.type | string | `"microservice"` | One of `microservice` or `monolith.` See: https://cloudnative-pg.io/documentation/1.24/database_import/#how-it-works | +| recovery.method | string | `"backup"` | Available recovery methods: * `backup` - Recovers a CNPG cluster from a CNPG backup (PITR supported) Needs to be on the same cluster in the same namespace. * `object_store` - Recovers a CNPG cluster from a barman object store (PITR supported). * `pg_basebackup` - Recovers a CNPG cluster viaa streaming replication protocol. Useful if you want to migrate databases to CloudNativePG, even from outside Kubernetes. * `import` - Import one or more databases from an existing Postgres cluster. | | recovery.pgBaseBackup.database | string | `"paradedb"` | Name of the database used by the application. Default: `paradedb`. | | recovery.pgBaseBackup.owner | string | `""` | Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch | | recovery.pgBaseBackup.secret | string | `""` | Name of the owner of the database in the instance to be used by applications. Defaults to the value of the `database` key. | @@ -282,18 +302,18 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | type | string | `"paradedb"` | Type of the CNPG database. Available types: * `paradedb` | | version.paradedb | string | `"0.11.0"` | We default to v0.11.0 for testing and local development | | version.postgresql | string | `"16"` | PostgreSQL major version to use | -| poolers[].name | string | `` | Name of the pooler resource | -| poolers[].instances | number | `1` | The number of replicas we want | -| poolers[].type | [PoolerType][PoolerType] | `rw` | Type of service to forward traffic to. Default: `rw`. | -| poolers[].poolMode | [PgBouncerPoolMode][PgBouncerPoolMode] | `session` | The pool mode. Default: `session`. | -| poolers[].authQuerySecret | [LocalObjectReference][LocalObjectReference] | `{}` | The credentials of the user that need to be used for the authentication query. | -| poolers[].authQuery | string | `{}` | The credentials of the user that need to be used for the authentication query. | -| poolers[].parameters | map[string]string | `{}` | Additional parameters to be passed to PgBouncer - please check the CNPG documentation for a list of options you can configure | -| poolers[].template | [PodTemplateSpec][PodTemplateSpec] | `{}` | The template of the Pod to be created | -| poolers[].template | [ServiceTemplateSpec][ServiceTemplateSpec] | `{}` | Template for the Service to be created | -| poolers[].pg_hba | []string | `{}` | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) | -| poolers[].monitoring.enabled | bool | `false` | Whether to enable monitoring for the Pooler. | -| poolers[].monitoring.podMonitor.enabled | bool | `true` | Create a podMonitor for the Pooler. | +| poolers[].name | string | `` | Name of the pooler resource | +| poolers[].instances | number | `1` | The number of replicas we want | +| poolers[].type | [PoolerType][PoolerType] | `rw` | Type of service to forward traffic to. Default: `rw`. | +| poolers[].poolMode | [PgBouncerPoolMode][PgBouncerPoolMode] | `session` | The pool mode. Default: `session`. | +| poolers[].authQuerySecret | [LocalObjectReference][LocalObjectReference] | `{}` | The credentials of the user that need to be used for the authentication query. | +| poolers[].authQuery | string | `{}` | The credentials of the user that need to be used for the authentication query. | +| poolers[].parameters | map[string]string | `{}` | Additional parameters to be passed to PgBouncer - please check the CNPG documentation for a list of options you can configure | +| poolers[].template | [PodTemplateSpec][PodTemplateSpec] | `{}` | The template of the Pod to be created | +| poolers[].template | [ServiceTemplateSpec][ServiceTemplateSpec] | `{}` | Template for the Service to be created | +| poolers[].pg_hba | []string | `{}` | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) | +| poolers[].monitoring.enabled | bool | `false` | Whether to enable monitoring for the Pooler. | +| poolers[].monitoring.podMonitor.enabled | bool | `true` | Create a podMonitor for the Pooler. | ## Maintainers diff --git a/charts/paradedb/README.md.gotmpl b/charts/paradedb/README.md.gotmpl index b55bced91..c40de8dc9 100644 --- a/charts/paradedb/README.md.gotmpl +++ b/charts/paradedb/README.md.gotmpl @@ -41,20 +41,6 @@ helm upgrade --atomic --install cnpg \ cnpg/cloudnative-pg ``` -### Installing the CloudNativePG Operator - -Skip this step if the CloudNativePG operator is already installed in your cluster. If you do not wish to monitor your cluster, omit the `--set` commands. - -```bash -helm repo add cnpg https://cloudnative-pg.github.io/charts -helm upgrade --atomic --install cnpg \ ---create-namespace \ ---namespace cnpg-system \ ---set monitoring.podMonitorEnabled=true \ ---set monitoring.grafanaDashboard.create=true \ -cnpg/cloudnative-pg -``` - ### Setting up a ParadeDB CNPG Cluster Create a `values.yaml` and configure it to your requirements. Here is a basic example: diff --git a/charts/paradedb/templates/_bootstrap.tpl b/charts/paradedb/templates/_bootstrap.tpl index 8aa1fa290..f40643c66 100644 --- a/charts/paradedb/templates/_bootstrap.tpl +++ b/charts/paradedb/templates/_bootstrap.tpl @@ -3,7 +3,7 @@ bootstrap: initdb: {{- with .Values.cluster.initdb }} - {{- with (omit . "postInitSQL" "postInitApplicationSQL" "postInitTemplateSQL" "owner") }} + {{- with (omit . "postInitSQL" "postInitApplicationSQL" "postInitTemplateSQL" "owner" "import") }} {{- . | toYaml | nindent 4 }} {{- end }} {{- end }} @@ -70,33 +70,34 @@ bootstrap: {{- end }} externalClusters: -- name: pgBaseBackupSource - connectionParameters: - host: {{ .Values.recovery.pgBaseBackup.source.host | quote }} - port: {{ .Values.recovery.pgBaseBackup.source.port | quote }} - user: {{ .Values.recovery.pgBaseBackup.source.username | quote }} - dbname: {{ .Values.recovery.pgBaseBackup.source.database | quote }} - sslmode: {{ .Values.recovery.pgBaseBackup.source.sslMode | quote }} - {{- if .Values.recovery.pgBaseBackup.source.passwordSecret.name }} - password: - name: {{ default (printf "%s-pg-basebackup-password" (include "cluster.fullname" .)) .Values.recovery.pgBaseBackup.source.passwordSecret.name }} - key: {{ .Values.recovery.pgBaseBackup.source.passwordSecret.key }} - {{- end }} - {{- if .Values.recovery.pgBaseBackup.source.sslKeySecret.name }} - sslKey: - name: {{ .Values.recovery.pgBaseBackup.source.sslKeySecret.name }} - key: {{ .Values.recovery.pgBaseBackup.source.sslKeySecret.key }} - {{- end }} - {{- if .Values.recovery.pgBaseBackup.source.sslCertSecret.name }} - sslCert: - name: {{ .Values.recovery.pgBaseBackup.source.sslCertSecret.name }} - key: {{ .Values.recovery.pgBaseBackup.source.sslCertSecret.key }} - {{- end }} - {{- if .Values.recovery.pgBaseBackup.source.sslRootCertSecret.name }} - sslRootCert: - name: {{ .Values.recovery.pgBaseBackup.source.sslRootCertSecret.name }} - key: {{ .Values.recovery.pgBaseBackup.source.sslRootCertSecret.key }} - {{- end }} + {{- include "cluster.externalSourceCluster" (list "pgBaseBackupSource" .Values.recovery.pgBaseBackup.source) | nindent 2 }} + +{{- else if eq .Values.recovery.method "import" }} + initdb: + {{- with .Values.cluster.initdb }} + {{- with (omit . "owner" "import") }} + {{- . | toYaml | nindent 4 }} + {{- end }} + {{- end }} + {{- if .Values.cluster.initdb.owner }} + owner: {{ tpl .Values.cluster.initdb.owner . }} + {{- end }} + import: + source: + externalCluster: importSource + type: {{ .Values.recovery.import.type }} + databases: {{ .Values.recovery.import.databases | toJson }} + {{ with .Values.recovery.import.roles }} + roles: {{ . | toJson }} + {{- end }} + {{ with .Values.recovery.import.postImportApplicationSQL }} + postImportApplicationSQL: + {{- . | toYaml | nindent 6 }} + {{- end }} + schemaOnly: {{ .Values.recovery.import.schemaOnly }} + +externalClusters: + {{- include "cluster.externalSourceCluster" (list "importSource" .Values.recovery.import.source) | nindent 2 }} {{- else }} recovery: diff --git a/charts/paradedb/templates/_external_source_cluster.tpl b/charts/paradedb/templates/_external_source_cluster.tpl new file mode 100644 index 000000000..6d21e205e --- /dev/null +++ b/charts/paradedb/templates/_external_source_cluster.tpl @@ -0,0 +1,33 @@ +{{- define "cluster.externalSourceCluster" -}} +{{- $name := first . -}} +{{- $config := last . -}} +- name: {{ first . }} + connectionParameters: + host: {{ $config.host | quote }} + port: {{ $config.port | quote }} + user: {{ $config.username | quote }} + {{- with $config.database }} + dbname: {{ . | quote }} + {{- end }} + sslmode: {{ $config.sslMode | quote }} + {{- if $config.passwordSecret.name }} + password: + name: {{ $config.passwordSecret.name }} + key: {{ $config.passwordSecret.key }} + {{- end }} + {{- if $config.sslKeySecret.name }} + sslKey: + name: {{ $config.sslKeySecret.name }} + key: {{ $config.sslKeySecret.key }} + {{- end }} + {{- if $config.sslCertSecret.name }} + sslCert: + name: {{ $config.sslCertSecret.name }} + key: {{ $config.sslCertSecret.key }} + {{- end }} + {{- if $config.sslRootCertSecret.name }} + sslRootCert: + name: {{ $config.sslRootCertSecret.name }} + key: {{ $config.sslRootCertSecret.key }} + {{- end }} +{{- end }} diff --git a/charts/paradedb/test/postgresql-import/00-source-cluster-assert.yaml b/charts/paradedb/test/postgresql-import/00-source-cluster-assert.yaml new file mode 100644 index 000000000..f68d5419a --- /dev/null +++ b/charts/paradedb/test/postgresql-import/00-source-cluster-assert.yaml @@ -0,0 +1,6 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: source-paradedb +status: + readyInstances: 1 diff --git a/charts/paradedb/test/postgresql-import/00-source-cluster.yaml b/charts/paradedb/test/postgresql-import/00-source-cluster.yaml new file mode 100644 index 000000000..05c95bb54 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/00-source-cluster.yaml @@ -0,0 +1,9 @@ +type: postgresql +mode: "standalone" +cluster: + instances: 1 + superuserSecret: source-paradedb-superuser + storage: + size: 256Mi +backups: + enabled: false diff --git a/charts/paradedb/test/postgresql-import/00-source-superuser-password.yaml b/charts/paradedb/test/postgresql-import/00-source-superuser-password.yaml new file mode 100644 index 000000000..d08b66f87 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/00-source-superuser-password.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: source-paradedb-superuser +type: Opaque +data: + username: "cG9zdGdyZXM=" + password: "cG9zdGdyZXM=" diff --git a/charts/paradedb/test/postgresql-import/01-data_write-assert.yaml b/charts/paradedb/test/postgresql-import/01-data_write-assert.yaml new file mode 100644 index 000000000..831f963d9 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/01-data_write-assert.yaml @@ -0,0 +1,6 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: data-write +status: + succeeded: 1 diff --git a/charts/paradedb/test/postgresql-import/01-data_write.yaml b/charts/paradedb/test/postgresql-import/01-data_write.yaml new file mode 100644 index 000000000..9d538f6cd --- /dev/null +++ b/charts/paradedb/test/postgresql-import/01-data_write.yaml @@ -0,0 +1,31 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: data-write +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: data-write + env: + - name: DB_USER + valueFrom: + secretKeyRef: + name: source-paradedb-superuser + key: username + - name: DB_PASS + valueFrom: + secretKeyRef: + name: source-paradedb-superuser + key: password + - name: DB_URI + value: postgres://$(DB_USER):$(DB_PASS)@source-paradedb-rw:5432 + image: alpine:3.19 + command: ['sh', '-c'] + args: + - | + apk --no-cache add postgresql-client + psql "$DB_URI" -c "CREATE DATABASE mygooddb;" + psql "$DB_URI/mygooddb" -c "CREATE TABLE mygoodtable (id serial PRIMARY KEY);" + psql "$DB_URI/mygooddb" -c "INSERT INTO mygoodtable VALUES (314159265);" diff --git a/charts/paradedb/test/postgresql-import/02-import-cluster-assert.yaml b/charts/paradedb/test/postgresql-import/02-import-cluster-assert.yaml new file mode 100644 index 000000000..86d37e690 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/02-import-cluster-assert.yaml @@ -0,0 +1,6 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: import-paradedb +status: + readyInstances: 2 diff --git a/charts/paradedb/test/postgresql-import/02-import-cluster.yaml b/charts/paradedb/test/postgresql-import/02-import-cluster.yaml new file mode 100644 index 000000000..18c88387d --- /dev/null +++ b/charts/paradedb/test/postgresql-import/02-import-cluster.yaml @@ -0,0 +1,30 @@ +type: postgresql +mode: "recovery" +recovery: + method: "import" + import: + type: "microservice" + databases: [ "mygooddb" ] + source: + host: "source-paradedb-rw" + username: "postgres" + passwordSecret: + name: source-paradedb-superuser + key: password + sslMode: "require" + sslKeySecret: + name: source-paradedb-replication + key: tls.key + sslCertSecret: + name: source-paradedb-replication + key: tls.crt + +cluster: + instances: 2 + storage: + size: 256Mi + initdb: + database: mygooddb + +backups: + enabled: false diff --git a/charts/paradedb/test/postgresql-import/03-data_test-assert.yaml b/charts/paradedb/test/postgresql-import/03-data_test-assert.yaml new file mode 100644 index 000000000..04df941e4 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/03-data_test-assert.yaml @@ -0,0 +1,6 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: data-test +status: + succeeded: 1 diff --git a/charts/paradedb/test/postgresql-import/03-data_test.yaml b/charts/paradedb/test/postgresql-import/03-data_test.yaml new file mode 100644 index 000000000..716f6e4b8 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/03-data_test.yaml @@ -0,0 +1,24 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: data-test +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: data-test + env: + - name: DB_URI + valueFrom: + secretKeyRef: + name: import-paradedb-superuser + key: uri + image: alpine:3.19 + command: ['sh', '-c'] + args: + - | + apk --no-cache add postgresql-client + DB_URI=$(echo $DB_URI | sed "s|/\*|/|" ) + test "$(psql "${DB_URI}mygooddb" -t -c 'SELECT EXISTS (SELECT FROM information_schema.tables WHERE table_name = $$mygoodtable$$)' --csv -q 2>/dev/null)" = "t" + test "$(psql "${DB_URI}mygooddb" -t -c 'SELECT EXISTS (SELECT FROM mygoodtable WHERE id = 314159265)' --csv -q 2>/dev/null)" = "t" diff --git a/charts/paradedb/test/postgresql-import/04-import-cluster-schema_only-assert.yaml b/charts/paradedb/test/postgresql-import/04-import-cluster-schema_only-assert.yaml new file mode 100644 index 000000000..9dd8bd128 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/04-import-cluster-schema_only-assert.yaml @@ -0,0 +1,6 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: import-schemaonly-paradedb +status: + readyInstances: 2 diff --git a/charts/paradedb/test/postgresql-import/04-import-cluster-schema_only.yaml b/charts/paradedb/test/postgresql-import/04-import-cluster-schema_only.yaml new file mode 100644 index 000000000..38f87cea3 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/04-import-cluster-schema_only.yaml @@ -0,0 +1,31 @@ +type: postgresql +mode: "recovery" +recovery: + method: "import" + import: + type: "microservice" + databases: [ "mygooddb" ] + schemaOnly: true + source: + host: "source-paradedb-rw" + username: "postgres" + passwordSecret: + name: source-paradedb-superuser + key: password + sslMode: "require" + sslKeySecret: + name: source-paradedb-replication + key: tls.key + sslCertSecret: + name: source-paradedb-replication + key: tls.crt + +cluster: + instances: 2 + storage: + size: 256Mi + initdb: + database: mygooddb + +backups: + enabled: false diff --git a/charts/paradedb/test/postgresql-import/05-data_test-assert.yaml b/charts/paradedb/test/postgresql-import/05-data_test-assert.yaml new file mode 100644 index 000000000..b29534fcc --- /dev/null +++ b/charts/paradedb/test/postgresql-import/05-data_test-assert.yaml @@ -0,0 +1,6 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: data-test-schemaonly +status: + succeeded: 1 diff --git a/charts/paradedb/test/postgresql-import/05-data_test.yaml b/charts/paradedb/test/postgresql-import/05-data_test.yaml new file mode 100644 index 000000000..5e1f05f6e --- /dev/null +++ b/charts/paradedb/test/postgresql-import/05-data_test.yaml @@ -0,0 +1,24 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: data-test-schemaonly +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: data-test + env: + - name: DB_URI + valueFrom: + secretKeyRef: + name: import-schemaonly-paradedb-superuser + key: uri + image: alpine:3.19 + command: ['sh', '-c'] + args: + - | + apk --no-cache add postgresql-client + DB_URI=$(echo $DB_URI | sed "s|/\*|/|" ) + test "$(psql "${DB_URI}mygooddb" -t -c 'SELECT EXISTS (SELECT FROM information_schema.tables WHERE table_name = $$mygoodtable$$)' --csv -q 2>/dev/null)" = "t" + test "$(psql "${DB_URI}mygooddb" -t -c 'SELECT EXISTS (SELECT FROM mygoodtable WHERE id = 314159265)' --csv -q 2>/dev/null)" = "f" diff --git a/charts/paradedb/test/postgresql-import/chainsaw-test.yaml b/charts/paradedb/test/postgresql-import/chainsaw-test.yaml new file mode 100644 index 000000000..7ecf350d8 --- /dev/null +++ b/charts/paradedb/test/postgresql-import/chainsaw-test.yaml @@ -0,0 +1,97 @@ +## +# This is a test that provisions a regular (non CNPG) PostgreSQL cluster and attempts to perform a pg_basebackup recovery. +apiVersion: chainsaw.kyverno.io/v1alpha1 +kind: Test +metadata: + name: postgresql-import +spec: + timeouts: + apply: 1s + assert: 2m + cleanup: 1m + steps: + - name: Install the external PostgreSQL cluster + try: + - apply: + file: ./00-source-superuser-password.yaml + - script: + content: | + helm upgrade \ + --install \ + --namespace $NAMESPACE \ + --values ./00-source-cluster.yaml \ + --wait \ + source ../../ + - assert: + file: ./00-source-cluster-assert.yaml + - apply: + file: ./01-data_write.yaml + - assert: + file: ./01-data_write-assert.yaml + - name: Install the import cluster + timeouts: + assert: 5m + try: + - script: + content: | + helm upgrade \ + --install \ + --namespace $NAMESPACE \ + --values ./02-import-cluster.yaml \ + --wait \ + import ../../ + - assert: + file: ./02-import-cluster-assert.yaml + catch: + - describe: + apiVersion: postgresql.cnpg.io/v1 + kind: Cluster + - name: Verify the data exists + try: + - apply: + file: ./03-data_test.yaml + - assert: + file: ./03-data_test-assert.yaml + catch: + - describe: + apiVersion: batch/v1 + kind: Job + - podLogs: + selector: batch.kubernetes.io/job-name=data-test + - name: Install the schema-only import cluster + timeouts: + assert: 5m + try: + - script: + content: | + helm upgrade \ + --install \ + --namespace $NAMESPACE \ + --values ./04-import-cluster-schema_only.yaml \ + --wait \ + import-schemaonly ../../ + - assert: + file: ./04-import-cluster-schema_only-assert.yaml + catch: + - describe: + apiVersion: postgresql.cnpg.io/v1 + kind: Cluster + - name: Verify only the schema exists + try: + - apply: + file: ./05-data_test.yaml + - assert: + file: ./05-data_test-assert.yaml + catch: + - describe: + apiVersion: batch/v1 + kind: Job + - podLogs: + selector: batch.kubernetes.io/job-name=data-test-schemaonly + - name: Cleanup + try: + - script: + content: | + helm uninstall --namespace $NAMESPACE source + helm uninstall --namespace $NAMESPACE import + helm uninstall --namespace $NAMESPACE import-schemaonly diff --git a/charts/paradedb/test/postgresql-pg_basebackup/00-source-cluster.yaml b/charts/paradedb/test/postgresql-pg_basebackup/00-source-cluster.yaml index c11fed595..5d0baa1c0 100644 --- a/charts/paradedb/test/postgresql-pg_basebackup/00-source-cluster.yaml +++ b/charts/paradedb/test/postgresql-pg_basebackup/00-source-cluster.yaml @@ -2,5 +2,7 @@ type: postgresql mode: "standalone" cluster: instances: 1 + storage: + size: 256Mi backups: - enabled: false \ No newline at end of file + enabled: false diff --git a/charts/paradedb/test/postgresql-pg_basebackup/02-pg_basebackup-cluster.yaml b/charts/paradedb/test/postgresql-pg_basebackup/02-pg_basebackup-cluster.yaml index 0042bd629..ea7083dbb 100644 --- a/charts/paradedb/test/postgresql-pg_basebackup/02-pg_basebackup-cluster.yaml +++ b/charts/paradedb/test/postgresql-pg_basebackup/02-pg_basebackup-cluster.yaml @@ -17,6 +17,8 @@ recovery: cluster: instances: 2 + storage: + size: 256Mi backups: - enabled: false \ No newline at end of file + enabled: false diff --git a/charts/paradedb/values.schema.json b/charts/paradedb/values.schema.json index c9130b534..b486722e6 100644 --- a/charts/paradedb/values.schema.json +++ b/charts/paradedb/values.schema.json @@ -424,6 +424,96 @@ } } }, + "import": { + "type": "object", + "properties": { + "databases": { + "type": "array" + }, + "postImportApplicationSQL": { + "type": "array" + }, + "roles": { + "type": "array" + }, + "schemaOnly": { + "type": "boolean" + }, + "source": { + "type": "object", + "properties": { + "database": { + "type": "string" + }, + "host": { + "type": "string" + }, + "passwordSecret": { + "type": "object", + "properties": { + "create": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "port": { + "type": "integer" + }, + "sslCertSecret": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "sslKeySecret": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "sslMode": { + "type": "string" + }, + "sslRootCertSecret": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "username": { + "type": "string" + } + } + }, + "type": { + "type": "string" + } + } + }, "method": { "type": "string" }, diff --git a/charts/paradedb/values.yaml b/charts/paradedb/values.yaml index 515db9627..6756e6ef8 100644 --- a/charts/paradedb/values.yaml +++ b/charts/paradedb/values.yaml @@ -28,7 +28,8 @@ recovery: # * `backup` - Recovers a CNPG cluster from a CNPG backup (PITR supported) Needs to be on the same cluster in the same namespace. # * `object_store` - Recovers a CNPG cluster from a barman object store (PITR supported). # * `pg_basebackup` - Recovers a CNPG cluster viaa streaming replication protocol. Useful if you want to - # migrate databases to CloudNativePG, even from outside Kubernetes. # TODO + # migrate databases to CloudNativePG, even from outside Kubernetes. + # * `import` - Import one or more databases from an existing Postgres cluster. method: backup ## -- Point in time recovery target. Specify one of the following: @@ -120,6 +121,44 @@ recovery: name: "" key: "" + # See: https://cloudnative-pg.io/documentation/1.24/cloudnative-pg.v1/#postgresql-cnpg-io-v1-Import + import: + # -- One of `microservice` or `monolith.` + # See: https://cloudnative-pg.io/documentation/1.24/database_import/#how-it-works + type: "microservice" + # -- Databases to import + databases: [] + # -- Roles to import + roles: [] + # -- List of SQL queries to be executed as a superuser in the application database right after is imported. + # To be used with extreme care. Only available in microservice type. + postImportApplicationSQL: [] + # -- When set to true, only the pre-data and post-data sections of pg_restore are invoked, avoiding data import. + schemaOnly: false + source: + host: "" + port: 5432 + username: "" + database: "paradedb" + sslMode: "verify-full" + passwordSecret: + # -- Whether to create a secret for the password + create: false + # -- Name of the secret containing the password + name: "" + # -- The key in the secret containing the password + key: "password" + # -- The password value to use when creating the secret + value: "" + sslKeySecret: + name: "" + key: "" + sslCertSecret: + name: "" + key: "" + sslRootCertSecret: + name: "" + key: "" cluster: # -- Number of instances