API Reference v1
Package v1 contains API Schema definitions for the postgresql v1 API group
Resource Types
Backup
Backup is the Schema for the backups API
Field | Description |
---|---|
apiVersion [Required]string | postgresql.k8s.enterprisedb.io/v1 |
kind [Required]string | Backup |
metadata [Required]meta/v1.ObjectMeta | No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field. |
spec [Required]BackupSpec | Specification of the desired behavior of the backup. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
status BackupStatus | Most recently observed status of the backup. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
Cluster
Cluster is the Schema for the PostgreSQL API
Field | Description |
---|---|
apiVersion [Required]string | postgresql.k8s.enterprisedb.io/v1 |
kind [Required]string | Cluster |
metadata [Required]meta/v1.ObjectMeta | No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field. |
spec [Required]ClusterSpec | Specification of the desired behavior of the cluster. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
status ClusterStatus | Most recently observed status of the cluster. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
ClusterImageCatalog
ClusterImageCatalog is the Schema for the clusterimagecatalogs API
Field | Description |
---|---|
apiVersion [Required]string | postgresql.k8s.enterprisedb.io/v1 |
kind [Required]string | ClusterImageCatalog |
metadata [Required]meta/v1.ObjectMeta | No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field. |
spec [Required]ImageCatalogSpec | Specification of the desired behavior of the ClusterImageCatalog. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
ImageCatalog
ImageCatalog is the Schema for the imagecatalogs API
Field | Description |
---|---|
apiVersion [Required]string | postgresql.k8s.enterprisedb.io/v1 |
kind [Required]string | ImageCatalog |
metadata [Required]meta/v1.ObjectMeta | No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field. |
spec [Required]ImageCatalogSpec | Specification of the desired behavior of the ImageCatalog. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
Pooler
Pooler is the Schema for the poolers API
Field | Description |
---|---|
apiVersion [Required]string | postgresql.k8s.enterprisedb.io/v1 |
kind [Required]string | Pooler |
metadata [Required]meta/v1.ObjectMeta | No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field. |
spec [Required]PoolerSpec | Specification of the desired behavior of the Pooler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
status PoolerStatus | Most recently observed status of the Pooler. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
ScheduledBackup
ScheduledBackup is the Schema for the scheduledbackups API
Field | Description |
---|---|
apiVersion [Required]string | postgresql.k8s.enterprisedb.io/v1 |
kind [Required]string | ScheduledBackup |
metadata [Required]meta/v1.ObjectMeta | No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field. |
spec [Required]ScheduledBackupSpec | Specification of the desired behavior of the ScheduledBackup. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
status ScheduledBackupStatus | Most recently observed status of the ScheduledBackup. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
AffinityConfiguration
Appears in:
AffinityConfiguration contains the info we need to create the affinity rules for Pods
Field | Description |
---|---|
enablePodAntiAffinity bool | Activates anti-affinity for the pods. The operator will define pods anti-affinity unless this field is explicitly set to false |
topologyKey string | TopologyKey to use for anti-affinity configuration. See k8s documentation for more info on that |
nodeSelector map[string]string | NodeSelector is map of key-value pairs used to define the nodes on which the pods can run. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ |
nodeAffinity core/v1.NodeAffinity | NodeAffinity describes node affinity scheduling rules for the pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity |
tolerations []core/v1.Toleration | Tolerations is a list of Tolerations that should be set for all the pods, in order to allow them to run on tainted nodes. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ |
podAntiAffinityType string | PodAntiAffinityType allows the user to decide whether pod anti-affinity between cluster instance has to be considered a strong requirement during scheduling or not. Allowed values are: "preferred" (default if empty) or "required". Setting it to "required", could lead to instances remaining pending until new kubernetes nodes are added if all the existing nodes don't match the required pod anti-affinity rule. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity |
additionalPodAntiAffinity core/v1.PodAntiAffinity | AdditionalPodAntiAffinity allows to specify pod anti-affinity terms to be added to the ones generated by the operator if EnablePodAntiAffinity is set to true (default) or to be used exclusively if set to false. |
additionalPodAffinity core/v1.PodAffinity | AdditionalPodAffinity allows to specify pod affinity terms to be passed to all the cluster's pods. |
AvailableArchitecture
Appears in:
AvailableArchitecture represents the state of a cluster's architecture
Field | Description |
---|---|
goArch [Required]string | GoArch is the name of the executable architecture |
hash [Required]string | Hash is the hash of the executable |
AzureCredentials
Appears in:
AzureCredentials is the type for the credentials to be used to upload files to Azure Blob Storage. The connection string contains every needed information. If the connection string is not specified, we'll need the storage account name and also one (and only one) of:
storageKey
storageSasToken
inheriting the credentials from the pod environment by setting inheritFromAzureAD to true
Field | Description |
---|---|
connectionString SecretKeySelector | The connection string to be used |
storageAccount SecretKeySelector | The storage account where to upload data |
storageKey SecretKeySelector | The storage account key to be used in conjunction with the storage account name |
storageSasToken SecretKeySelector | A shared-access-signature to be used in conjunction with the storage account name |
inheritFromAzureAD bool | Use the Azure AD based authentication without providing explicitly the keys. |
BackupConfiguration
Appears in:
BackupConfiguration defines how the backup of the cluster are taken. The supported backup methods are BarmanObjectStore and VolumeSnapshot. For details and examples refer to the Backup and Recovery section of the documentation
Field | Description |
---|---|
volumeSnapshot VolumeSnapshotConfiguration | VolumeSnapshot provides the configuration for the execution of volume snapshot backups. |
barmanObjectStore BarmanObjectStoreConfiguration | The configuration for the barman-cloud tool suite |
retentionPolicy string | RetentionPolicy is the retention policy to be used for backups and WALs (i.e. '60d'). The retention policy is expressed in the form of |
target BackupTarget | The policy to decide which instance should perform backups. Available options are empty string, which will default to |
BackupMethod
(Alias of string
)
Appears in:
BackupMethod defines the way of executing the physical base backups of the selected PostgreSQL instance
BackupPhase
(Alias of string
)
Appears in:
BackupPhase is the phase of the backup
BackupPluginConfiguration
Appears in:
BackupPluginConfiguration contains the backup configuration used by the backup plugin
Field | Description |
---|---|
name [Required]string | Name is the name of the plugin managing this backup |
parameters map[string]string | Parameters are the configuration parameters passed to the backup plugin for this backup |
BackupSnapshotElementStatus
Appears in:
BackupSnapshotElementStatus is a volume snapshot that is part of a volume snapshot method backup
Field | Description |
---|---|
name [Required]string | Name is the snapshot resource name |
type [Required]string | Type is tho role of the snapshot in the cluster, such as PG_DATA, PG_WAL and PG_TABLESPACE |
tablespaceName [Required]string | TablespaceName is the name of the snapshotted tablespace. Only set when type is PG_TABLESPACE |
BackupSnapshotStatus
Appears in:
BackupSnapshotStatus the fields exclusive to the volumeSnapshot method backup
Field | Description |
---|---|
elements []BackupSnapshotElementStatus | The elements list, populated with the gathered volume snapshots |
BackupSource
Appears in:
BackupSource contains the backup we need to restore from, plus some information that could be needed to correctly restore it.
Field | Description |
---|---|
LocalObjectReference LocalObjectReference | (Members of LocalObjectReference are embedded into this type.)No description provided. |
endpointCA SecretKeySelector | EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive. |
BackupSpec
Appears in:
BackupSpec defines the desired state of Backup
Field | Description |
---|---|
cluster [Required]LocalObjectReference | The cluster to backup |
target BackupTarget | The policy to decide which instance should perform this backup. If empty, it defaults to |
method BackupMethod | The backup method to be used, possible options are |
pluginConfiguration BackupPluginConfiguration | Configuration parameters passed to the plugin managing this backup |
online bool | Whether the default type of backup with volume snapshots is online/hot ( |
onlineConfiguration OnlineConfiguration | Configuration parameters to control the online/hot backup with volume snapshots Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza |
BackupStatus
Appears in:
BackupStatus defines the observed state of Backup
Field | Description |
---|---|
BarmanCredentials BarmanCredentials | (Members of BarmanCredentials are embedded into this type.)The potential credentials for each cloud provider |
endpointCA SecretKeySelector | EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive. |
endpointURL string | Endpoint to be used to upload data to the cloud, overriding the automatic endpoint discovery |
destinationPath string | The path where to store the backup (i.e. s3://bucket/path/to/folder) this path, with different destination folders, will be used for WALs and for data. This may not be populated in case of errors. |
serverName string | The server name on S3, the cluster name is used if this parameter is omitted |
encryption string | Encryption method required to S3 API |
backupId string | The ID of the Barman backup |
backupName string | The Name of the Barman backup |
phase BackupPhase | The last backup status |
startedAt meta/v1.Time | When the backup was started |
stoppedAt meta/v1.Time | When the backup was terminated |
beginWal string | The starting WAL |
endWal string | The ending WAL |
beginLSN string | The starting xlog |
endLSN string | The ending xlog |
error string | The detected error |
commandOutput string | Unused. Retained for compatibility with old versions. |
commandError string | The backup command output in case of error |
backupLabelFile []byte | Backup label file content as returned by Postgres in case of online (hot) backups |
tablespaceMapFile []byte | Tablespace map file content as returned by Postgres in case of online (hot) backups |
instanceID InstanceID | Information to identify the instance where the backup has been taken from |
snapshotBackupStatus BackupSnapshotStatus | Status of the volumeSnapshot backup |
method BackupMethod | The backup method being used |
online [Required]bool | Whether the backup was online/hot ( |
BackupTarget
(Alias of string
)
Appears in:
BackupTarget describes the preferred targets for a backup
BarmanCredentials
Appears in:
BarmanCredentials an object containing the potential credentials for each cloud provider
Field | Description |
---|---|
googleCredentials GoogleCredentials | The credentials to use to upload data to Google Cloud Storage |
s3Credentials S3Credentials | The credentials to use to upload data to S3 |
azureCredentials AzureCredentials | The credentials to use to upload data to Azure Blob Storage |
BarmanObjectStoreConfiguration
Appears in:
BarmanObjectStoreConfiguration contains the backup configuration using Barman against an S3-compatible object storage
Field | Description |
---|---|
BarmanCredentials BarmanCredentials | (Members of BarmanCredentials are embedded into this type.)The potential credentials for each cloud provider |
endpointURL string | Endpoint to be used to upload data to the cloud, overriding the automatic endpoint discovery |
endpointCA SecretKeySelector | EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive |
destinationPath [Required]string | The path where to store the backup (i.e. s3://bucket/path/to/folder) this path, with different destination folders, will be used for WALs and for data |
serverName string | The server name on S3, the cluster name is used if this parameter is omitted |
wal WalBackupConfiguration | The configuration for the backup of the WAL stream. When not defined, WAL files will be stored uncompressed and may be unencrypted in the object store, according to the bucket default policy. |
data DataBackupConfiguration | The configuration to be used to backup the data files When not defined, base backups files will be stored uncompressed and may be unencrypted in the object store, according to the bucket default policy. |
tags map[string]string | Tags is a list of key value pairs that will be passed to the Barman --tags option. |
historyTags map[string]string | HistoryTags is a list of key value pairs that will be passed to the Barman --history-tags option. |
BootstrapConfiguration
Appears in:
BootstrapConfiguration contains information about how to create the PostgreSQL cluster. Only a single bootstrap method can be defined among the supported ones. initdb
will be used as the bootstrap method if left unspecified. Refer to the Bootstrap page of the documentation for more information.
Field | Description |
---|---|
initdb BootstrapInitDB | Bootstrap the cluster via initdb |
recovery BootstrapRecovery | Bootstrap the cluster from a backup |
pg_basebackup BootstrapPgBaseBackup | Bootstrap the cluster taking a physical backup of another compatible PostgreSQL instance |
BootstrapInitDB
Appears in:
BootstrapInitDB is the configuration of the bootstrap process when initdb is used Refer to the Bootstrap page of the documentation for more information.
Field | Description |
---|---|
database string | Name of the database used by the application. Default: |
owner string | Name of the owner of the database in the instance to be used by applications. Defaults to the value of the |
secret LocalObjectReference | Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch |
redwood bool | If we need to enable/disable Redwood compatibility. Requires EPAS and for EPAS defaults to true |
options []string | The list of options that must be passed to initdb when creating the cluster. Deprecated: This could lead to inconsistent configurations, please use the explicit provided parameters instead. If defined, explicit values will be ignored. |
dataChecksums bool | Whether the |
encoding string | The value to be passed as option |
localeCollate string | The value to be passed as option |
localeCType string | The value to be passed as option |
walSegmentSize int | The value in megabytes (1 to 1024) to be passed to the |
postInitSQL []string | List of SQL queries to be executed as a superuser immediately after the cluster has been created - to be used with extreme care (by default empty) |
postInitApplicationSQL []string | List of SQL queries to be executed as a superuser in the application database right after is created - to be used with extreme care (by default empty) |
postInitTemplateSQL []string | List of SQL queries to be executed as a superuser in the |
import Import | Bootstraps the new cluster by importing data from an existing PostgreSQL instance using logical backup ( |
postInitApplicationSQLRefs PostInitApplicationSQLRefs | PostInitApplicationSQLRefs points references to ConfigMaps or Secrets which contain SQL files, the general implementation order to these references is from all Secrets to all ConfigMaps, and inside Secrets or ConfigMaps, the implementation order is same as the order of each array (by default empty) |
BootstrapPgBaseBackup
Appears in:
BootstrapPgBaseBackup contains the configuration required to take a physical backup of an existing PostgreSQL cluster
Field | Description |
---|---|
source [Required]string | The name of the server of which we need to take a physical backup |
database string | Name of the database used by the application. Default: |
owner string | Name of the owner of the database in the instance to be used by applications. Defaults to the value of the |
secret LocalObjectReference | Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch |
BootstrapRecovery
Appears in:
BootstrapRecovery contains the configuration required to restore from an existing cluster using 3 methodologies: external cluster, volume snapshots or backup objects. Full recovery and Point-In-Time Recovery are supported. The method can be also be used to create clusters in continuous recovery (replica clusters), also supporting cascading replication when instances
>
- Once the cluster exits recovery, the password for the superuser will be changed through the provided secret. Refer to the Bootstrap page of the documentation for more information.
Field | Description |
---|---|
backup BackupSource | The backup object containing the physical base backup from which to initiate the recovery procedure. Mutually exclusive with |
source string | The external cluster whose backup we will restore. This is also used as the name of the folder under which the backup is stored, so it must be set to the name of the source cluster Mutually exclusive with |
volumeSnapshots DataSource | The static PVC data source(s) from which to initiate the recovery procedure. Currently supporting |
recoveryTarget RecoveryTarget | By default, the recovery process applies all the available WAL files in the archive (full recovery). However, you can also end the recovery as soon as a consistent state is reached or recover to a point-in-time (PITR) by specifying a |
database string | Name of the database used by the application. Default: |
owner string | Name of the owner of the database in the instance to be used by applications. Defaults to the value of the |
secret LocalObjectReference | Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch |
CatalogImage
Appears in:
CatalogImage defines the image and major version
Field | Description |
---|---|
image [Required]string | The image reference |
major [Required]int | The PostgreSQL major version of the image. Must be unique within the catalog. |
CertificatesConfiguration
Appears in:
CertificatesConfiguration contains the needed configurations to handle server certificates.
Field | Description |
---|---|
serverCASecret string | The secret containing the Server CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate the TLS certificate ServerTLSSecret. Contains:
|
serverTLSSecret string | The secret of type kubernetes.io/tls containing the server TLS certificate and key that will be set as |
replicationTLSSecret string | The secret of type kubernetes.io/tls containing the client certificate to authenticate as the |
clientCASecret string | The secret containing the Client CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate all the client certificates. Contains:
|
serverAltDNSNames []string | The list of the server alternative DNS names to be added to the generated server TLS certificates, when required. |
CertificatesStatus
Appears in:
CertificatesStatus contains configuration certificates and related expiration dates.
Field | Description |
---|---|
CertificatesConfiguration CertificatesConfiguration | (Members of CertificatesConfiguration are embedded into this type.)Needed configurations to handle server certificates, initialized with default values, if needed. |
expirations map[string]string | Expiration dates for all certificates. |
ClusterSpec
Appears in:
ClusterSpec defines the desired state of Cluster
Field | Description |
---|---|
description string | Description of this PostgreSQL cluster |
inheritedMetadata EmbeddedObjectMetadata | Metadata that will be inherited by all objects related to the Cluster |
imageName string | Name of the container image, supporting both tags ( |
imageCatalogRef ImageCatalogRef | Defines the major PostgreSQL version we want to use within an ImageCatalog |
imagePullPolicy core/v1.PullPolicy | Image pull policy. One of |
schedulerName string | If specified, the pod will be dispatched by specified Kubernetes scheduler. If not specified, the pod will be dispatched by the default scheduler. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/ |
postgresUID int64 | The UID of the |
postgresGID int64 | The GID of the |
instances [Required]int | Number of instances required in the cluster |
minSyncReplicas int | Minimum number of instances required in synchronous replication with the primary. Undefined or 0 allow writes to complete when no standby is available. |
maxSyncReplicas int | The target value for the synchronous replication quorum, that can be decreased if the number of ready standbys is lower than this. Undefined or 0 disable synchronous replication. |
postgresql PostgresConfiguration | Configuration of the PostgreSQL server |
replicationSlots ReplicationSlotsConfiguration | Replication slots management configuration |
bootstrap BootstrapConfiguration | Instructions to bootstrap this cluster |
replica ReplicaClusterConfiguration | Replica cluster configuration |
superuserSecret LocalObjectReference | The secret containing the superuser password. If not defined a new secret will be created with a randomly generated password |
enableSuperuserAccess bool | When this option is enabled, the operator will use the |
certificates CertificatesConfiguration | The configuration for the CA and related certificates |
imagePullSecrets []LocalObjectReference | The list of pull secrets to be used to pull the images. If the license key contains a pull secret that secret will be automatically included. |
storage StorageConfiguration | Configuration of the storage of the instances |
serviceAccountTemplate ServiceAccountTemplate | Configure the generation of the service account |
walStorage StorageConfiguration | Configuration of the storage for PostgreSQL WAL (Write-Ahead Log) |
ephemeralVolumeSource core/v1.EphemeralVolumeSource | EphemeralVolumeSource allows the user to configure the source of ephemeral volumes. |
startDelay int32 | The time in seconds that is allowed for a PostgreSQL instance to successfully start up (default 3600). The startup probe failure threshold is derived from this value using the formula: ceiling(startDelay / 10). |
stopDelay int32 | The time in seconds that is allowed for a PostgreSQL instance to gracefully shutdown (default 1800) |
smartStopDelay int32 | Deprecated: please use SmartShutdownTimeout instead |
smartShutdownTimeout int32 | The time in seconds that controls the window of time reserved for the smart shutdown of Postgres to complete. Make sure you reserve enough time for the operator to request a fast shutdown of Postgres (that is: |
switchoverDelay int32 | The time in seconds that is allowed for a primary PostgreSQL instance to gracefully shutdown during a switchover. Default value is 3600 seconds (1 hour). |
failoverDelay int32 | The amount of time (in seconds) to wait before triggering a failover after the primary PostgreSQL instance in the cluster was detected to be unhealthy |
livenessProbeTimeout int32 | LivenessProbeTimeout is the time (in seconds) that is allowed for a PostgreSQL instance to successfully respond to the liveness probe (default 30). The Liveness probe failure threshold is derived from this value using the formula: ceiling(livenessProbe / 10). |
affinity AffinityConfiguration | Affinity/Anti-affinity rules for Pods |
topologySpreadConstraints []core/v1.TopologySpreadConstraint | TopologySpreadConstraints specifies how to spread matching pods among the given topology. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ |
resources core/v1.ResourceRequirements | Resources requirements of every generated Pod. Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information. |
ephemeralVolumesSizeLimit [Required]EphemeralVolumesSizeLimitConfiguration | EphemeralVolumesSizeLimit allows the user to set the limits for the ephemeral volumes |
priorityClassName string | Name of the priority class which will be used in every generated Pod, if the PriorityClass specified does not exist, the pod will not be able to schedule. Please refer to https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass for more information |
primaryUpdateStrategy PrimaryUpdateStrategy | Deployment strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be automated ( |
primaryUpdateMethod PrimaryUpdateMethod | Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be with a switchover ( |
backup BackupConfiguration | The configuration to be used for backups |
nodeMaintenanceWindow NodeMaintenanceWindow | Define a maintenance window for the Kubernetes nodes |
licenseKey string | The license key of the cluster. When empty, the cluster operates in trial mode and after the expiry date (default 30 days) the operator will cease any reconciliation attempt. For details, please refer to the license agreement that comes with the operator. |
licenseKeySecret core/v1.SecretKeySelector | The reference to the license key. When this is set it take precedence over LicenseKey. |
monitoring MonitoringConfiguration | The configuration of the monitoring infrastructure of this cluster |
externalClusters []ExternalCluster | The list of external clusters which are used in the configuration |
logLevel string | The instances' log level, one of the following values: error, warning, info (default), debug, trace |
projectedVolumeTemplate core/v1.ProjectedVolumeSource | Template to be used to define projected volumes, projected volumes will be mounted under |
env []core/v1.EnvVar | Env follows the Env format to pass environment variables to the pods created in the cluster |
envFrom []core/v1.EnvFromSource | EnvFrom follows the EnvFrom format to pass environment variables sources to the pods to be used by Env |
managed ManagedConfiguration | The configuration that is used by the portions of PostgreSQL that are managed by the instance manager |
seccompProfile core/v1.SeccompProfile | The SeccompProfile applied to every Pod and Container. Defaults to: |
tablespaces []TablespaceConfiguration | The tablespaces configuration |
enablePDB bool | Manage the |
plugins [Required]PluginConfigurationList | The plugins configuration, containing any plugin to be loaded with the corresponding configuration |
ClusterStatus
Appears in:
ClusterStatus defines the observed state of Cluster
Field | Description |
---|---|
instances int | The total number of PVC Groups detected in the cluster. It may differ from the number of existing instance pods. |
readyInstances int | The total number of ready instances in the cluster. It is equal to the number of ready instance pods. |
instancesStatus map[PodStatus][]string | InstancesStatus indicates in which status the instances are |
instancesReportedState map[PodName]InstanceReportedState | The reported state of the instances during the last reconciliation loop |
managedRolesStatus ManagedRoles | ManagedRolesStatus reports the state of the managed roles in the cluster |
tablespacesStatus []TablespaceState | TablespacesStatus reports the state of the declarative tablespaces in the cluster |
timelineID int | The timeline of the Postgres cluster |
topology Topology | Instances topology. |
latestGeneratedNode int | ID of the latest generated node (used to avoid node name clashing) |
currentPrimary string | Current primary instance |
targetPrimary string | Target primary instance, this is different from the previous one during a switchover or a failover |
pvcCount int32 | How many PVCs have been created by this cluster |
jobCount int32 | How many Jobs have been created by this cluster |
danglingPVC []string | List of all the PVCs created by this cluster and still available which are not attached to a Pod |
resizingPVC []string | List of all the PVCs that have ResizingPVC condition. |
initializingPVC []string | List of all the PVCs that are being initialized by this cluster |
healthyPVC []string | List of all the PVCs not dangling nor initializing |
unusablePVC []string | List of all the PVCs that are unusable because another PVC is missing |
licenseStatus github.com/EnterpriseDB/cloud-native-postgres/pkg/licensekey.Status | Status of the license |
writeService string | Current write pod |
readService string | Current list of read pods |
phase string | Current phase of the cluster |
phaseReason string | Reason for the current phase |
secretsResourceVersion SecretsResourceVersion | The list of resource versions of the secrets managed by the operator. Every change here is done in the interest of the instance manager, which will refresh the secret data |
configMapResourceVersion ConfigMapResourceVersion | The list of resource versions of the configmaps, managed by the operator. Every change here is done in the interest of the instance manager, which will refresh the configmap data |
certificates CertificatesStatus | The configuration for the CA and related certificates, initialized with defaults. |
firstRecoverabilityPoint string | The first recoverability point, stored as a date in RFC3339 format. This field is calculated from the content of FirstRecoverabilityPointByMethod |
firstRecoverabilityPointByMethod map[BackupMethod]meta/v1.Time | The first recoverability point, stored as a date in RFC3339 format, per backup method type |
lastSuccessfulBackup string | Last successful backup, stored as a date in RFC3339 format This field is calculated from the content of LastSuccessfulBackupByMethod |
lastSuccessfulBackupByMethod map[BackupMethod]meta/v1.Time | Last successful backup, stored as a date in RFC3339 format, per backup method type |
lastFailedBackup string | Stored as a date in RFC3339 format |
cloudNativePostgresqlCommitHash string | The commit hash number of which this operator running |
currentPrimaryTimestamp string | The timestamp when the last actual promotion to primary has occurred |
currentPrimaryFailingSinceTimestamp string | The timestamp when the primary was detected to be unhealthy This field is reported when |
targetPrimaryTimestamp string | The timestamp when the last request for a new primary has occurred |
poolerIntegrations PoolerIntegrations | The integration needed by poolers referencing the cluster |
cloudNativePostgresqlOperatorHash string | The hash of the binary of the operator |
availableArchitectures []AvailableArchitecture | AvailableArchitectures reports the available architectures of a cluster |
conditions []meta/v1.Condition | Conditions for cluster object |
instanceNames []string | List of instance names in the cluster |
onlineUpdateEnabled bool | OnlineUpdateEnabled shows if the online upgrade is enabled inside the cluster |
azurePVCUpdateEnabled bool | AzurePVCUpdateEnabled shows if the PVC online upgrade is enabled for this cluster |
image string | Image contains the image name used by the pods |
pluginStatus [Required][]PluginStatus | PluginStatus is the status of the loaded plugins |
switchReplicaClusterStatus SwitchReplicaClusterStatus | SwitchReplicaClusterStatus is the status of the switch to replica cluster |
CompressionType
(Alias of string
)
Appears in:
CompressionType encapsulates the available types of compression
ConfigMapKeySelector
Appears in:
ConfigMapKeySelector contains enough information to let you locate the key of a ConfigMap
Field | Description |
---|---|
LocalObjectReference LocalObjectReference | (Members of LocalObjectReference are embedded into this type.)The name of the secret in the pod's namespace to select from. |
key [Required]string | The key to select |
ConfigMapResourceVersion
Appears in:
ConfigMapResourceVersion is the resource versions of the secrets managed by the operator
Field | Description |
---|---|
metrics map[string]string | A map with the versions of all the config maps used to pass metrics. Map keys are the config map names, map values are the versions |
DataBackupConfiguration
Appears in:
DataBackupConfiguration is the configuration of the backup of the data directory
Field | Description |
---|---|
compression CompressionType | Compress a backup file (a tar file per tablespace) while streaming it to the object store. Available options are empty string (no compression, default), |
encryption EncryptionType | Whenever to force the encryption of files (if the bucket is not already configured for that). Allowed options are empty string (use the bucket policy, default), |
jobs int32 | The number of parallel jobs to be used to upload the backup, defaults to 2 |
immediateCheckpoint bool | Control whether the I/O workload for the backup initial checkpoint will be limited, according to the |
additionalCommandArgs [Required][]string | AdditionalCommandArgs represents additional arguments that can be appended to the 'barman-cloud-backup' command-line invocation. These arguments provide flexibility to customize the backup process further according to specific requirements or configurations. Example: In a scenario where specialized backup options are required, such as setting a specific timeout or defining custom behavior, users can use this field to specify additional command arguments. Note: It's essential to ensure that the provided arguments are valid and supported by the 'barman-cloud-backup' command, to avoid potential errors or unintended behavior during execution. |
DataSource
Appears in:
DataSource contains the configuration required to bootstrap a PostgreSQL cluster from an existing storage
Field | Description |
---|---|
storage [Required]core/v1.TypedLocalObjectReference | Configuration of the storage of the instances |
walStorage core/v1.TypedLocalObjectReference | Configuration of the storage for PostgreSQL WAL (Write-Ahead Log) |
tablespaceStorage map[string]core/v1.TypedLocalObjectReference | Configuration of the storage for PostgreSQL tablespaces |
DatabaseRoleRef
Appears in:
DatabaseRoleRef is a reference an a role available inside PostgreSQL
Field | Description |
---|---|
name string | No description provided. |
EPASConfiguration
Appears in:
EPASConfiguration contains EDB Postgres Advanced Server specific configurations
Field | Description |
---|---|
audit bool | If true enables edb_audit logging |
tde TDEConfiguration | TDE configuration |
EmbeddedObjectMetadata
Appears in:
EmbeddedObjectMetadata contains metadata to be inherited by all resources related to a Cluster
Field | Description |
---|---|
labels map[string]string | No description provided. |
annotations map[string]string | No description provided. |
EncryptionType
(Alias of string
)
Appears in:
EncryptionType encapsulated the available types of encryption
EnsureOption
(Alias of string
)
Appears in:
EnsureOption represents whether we should enforce the presence or absence of a Role in a PostgreSQL instance
EphemeralVolumesSizeLimitConfiguration
Appears in:
EphemeralVolumesSizeLimitConfiguration contains the configuration of the ephemeral storage
Field | Description |
---|---|
shm [Required]k8s.io/apimachinery/pkg/api/resource.Quantity | Shm is the size limit of the shared memory volume |
temporaryData [Required]k8s.io/apimachinery/pkg/api/resource.Quantity | TemporaryData is the size limit of the temporary data volume |
ExternalCluster
Appears in:
ExternalCluster represents the connection parameters to an external cluster which is used in the other sections of the configuration
Field | Description |
---|---|
name [Required]string | The server name, required |
connectionParameters map[string]string | The list of connection parameters, such as dbname, host, username, etc |
sslCert core/v1.SecretKeySelector | The reference to an SSL certificate to be used to connect to this instance |
sslKey core/v1.SecretKeySelector | The reference to an SSL private key to be used to connect to this instance |
sslRootCert core/v1.SecretKeySelector | The reference to an SSL CA public key to be used to connect to this instance |
password core/v1.SecretKeySelector | The reference to the password to be used to connect to the server. If a password is provided, EDB Postgres for Kubernetes creates a PostgreSQL passfile at |
barmanObjectStore BarmanObjectStoreConfiguration | The configuration for the barman-cloud tool suite |
GoogleCredentials
Appears in:
GoogleCredentials is the type for the Google Cloud Storage credentials. This needs to be specified even if we run inside a GKE environment.
Field | Description |
---|---|
applicationCredentials SecretKeySelector | The secret containing the Google Cloud Storage JSON file with the credentials |
gkeEnvironment bool | If set to true, will presume that it's running inside a GKE environment, default to false. |
ImageCatalogRef
Appears in:
ImageCatalogRef defines the reference to a major version in an ImageCatalog
Field | Description |
---|---|
TypedLocalObjectReference core/v1.TypedLocalObjectReference | (Members of TypedLocalObjectReference are embedded into this type.)No description provided. |
major [Required]int | The major version of PostgreSQL we want to use from the ImageCatalog |
ImageCatalogSpec
Appears in:
ImageCatalogSpec defines the desired ImageCatalog
Field | Description |
---|---|
images [Required][]CatalogImage | List of CatalogImages available in the catalog |
Import
Appears in:
Import contains the configuration to init a database from a logic snapshot of an externalCluster
Field | Description |
---|---|
source [Required]ImportSource | The source of the import |
type [Required]SnapshotType | The import type. Can be |
databases [Required][]string | The databases to import |
roles []string | The roles to import |
postImportApplicationSQL []string | List of SQL queries to be executed as a superuser in the application database right after is imported - to be used with extreme care (by default empty). Only available in microservice type. |
schemaOnly bool | When set to true, only the |
ImportSource
Appears in:
ImportSource describes the source for the logical snapshot
Field | Description |
---|---|
externalCluster [Required]string | The name of the externalCluster used for import |
InstanceID
Appears in:
InstanceID contains the information to identify an instance
Field | Description |
---|---|
podName string | The pod name |
ContainerID string | The container ID |
InstanceReportedState
Appears in:
InstanceReportedState describes the last reported state of an instance during a reconciliation loop
Field | Description |
---|---|
isPrimary [Required]bool | indicates if an instance is the primary one |
timeLineID int | indicates on which TimelineId the instance is |
LDAPBindAsAuth
Appears in:
LDAPBindAsAuth provides the required fields to use the bind authentication for LDAP
Field | Description |
---|---|
prefix string | Prefix for the bind authentication option |
suffix string | Suffix for the bind authentication option |
LDAPBindSearchAuth
Appears in:
LDAPBindSearchAuth provides the required fields to use the bind+search LDAP authentication process
Field | Description |
---|---|
baseDN string | Root DN to begin the user search |
bindDN string | DN of the user to bind to the directory |
bindPassword core/v1.SecretKeySelector | Secret with the password for the user to bind to the directory |
searchAttribute string | Attribute to match against the username |
searchFilter string | Search filter to use when doing the search+bind authentication |
LDAPConfig
Appears in:
LDAPConfig contains the parameters needed for LDAP authentication
Field | Description |
---|---|
server string | LDAP hostname or IP address |
port int | LDAP server port |
scheme LDAPScheme | LDAP schema to be used, possible options are |
bindAsAuth LDAPBindAsAuth | Bind as authentication configuration |
bindSearchAuth LDAPBindSearchAuth | Bind+Search authentication configuration |
tls bool | Set to 'true' to enable LDAP over TLS. 'false' is default |
LDAPScheme
(Alias of string
)
Appears in:
LDAPScheme defines the possible schemes for LDAP
LocalObjectReference
Appears in:
LocalObjectReference contains enough information to let you locate a local object with a known type inside the same namespace
Field | Description |
---|---|
name [Required]string | Name of the referent. |
ManagedConfiguration
Appears in:
ManagedConfiguration represents the portions of PostgreSQL that are managed by the instance manager
Field | Description |
---|---|
roles []RoleConfiguration | Database roles managed by the |
ManagedRoles
Appears in:
ManagedRoles tracks the status of a cluster's managed roles
Field | Description |
---|---|
byStatus map[RoleStatus][]string | ByStatus gives the list of roles in each state |
cannotReconcile map[string][]string | CannotReconcile lists roles that cannot be reconciled in PostgreSQL, with an explanation of the cause |
passwordStatus map[string]PasswordState | PasswordStatus gives the last transaction id and password secret version for each managed role |
Metadata
Appears in:
Metadata is a structure similar to the metav1.ObjectMeta, but still parseable by controller-gen to create a suitable CRD for the user. The comment of PodTemplateSpec has an explanation of why we are not using the core data types.
Field | Description |
---|---|
labels map[string]string | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels |
annotations map[string]string | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations |
MonitoringConfiguration
Appears in:
MonitoringConfiguration is the type containing all the monitoring configuration for a certain cluster
Field | Description |
---|---|
disableDefaultQueries bool | Whether the default queries should be injected. Set it to |
customQueriesConfigMap []ConfigMapKeySelector | The list of config maps containing the custom queries |
customQueriesSecret []SecretKeySelector | The list of secrets containing the custom queries |
enablePodMonitor bool | Enable or disable the |
podMonitorMetricRelabelings []github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig | The list of metric relabelings for the |
podMonitorRelabelings []github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig | The list of relabelings for the |
NodeMaintenanceWindow
Appears in:
NodeMaintenanceWindow contains information that the operator will use while upgrading the underlying node.
This option is only useful when the chosen storage prevents the Pods from being freely moved across nodes.
Field | Description |
---|---|
reusePVC bool | Reuse the existing PVC (wait for the node to come up again) or not (recreate it elsewhere - when |
inProgress bool | Is there a node maintenance activity in progress? |
OnlineConfiguration
Appears in:
OnlineConfiguration contains the configuration parameters for the online volume snapshot
Field | Description |
---|---|
waitForArchive bool | If false, the function will return immediately after the backup is completed, without waiting for WAL to be archived. This behavior is only useful with backup software that independently monitors WAL archiving. Otherwise, WAL required to make the backup consistent might be missing and make the backup useless. By default, or when this parameter is true, pg_backup_stop will wait for WAL to be archived when archiving is enabled. On a standby, this means that it will wait only when archive_mode = always. If write activity on the primary is low, it may be useful to run pg_switch_wal on the primary in order to trigger an immediate segment switch. |
immediateCheckpoint bool | Control whether the I/O workload for the backup initial checkpoint will be limited, according to the |
PasswordState
Appears in:
PasswordState represents the state of the password of a managed RoleConfiguration
Field | Description |
---|---|
transactionID int64 | the last transaction ID to affect the role definition in PostgreSQL |
resourceVersion string | the resource version of the password secret |
PgBouncerIntegrationStatus
Appears in:
PgBouncerIntegrationStatus encapsulates the needed integration for the pgbouncer poolers referencing the cluster
Field | Description |
---|---|
secrets []string | No description provided. |
PgBouncerPoolMode
(Alias of string
)
Appears in:
PgBouncerPoolMode is the mode of PgBouncer
PgBouncerSecrets
Appears in:
PgBouncerSecrets contains the versions of the secrets used by pgbouncer
Field | Description |
---|---|
authQuery SecretVersion | The auth query secret version |
PgBouncerSpec
Appears in:
PgBouncerSpec defines how to configure PgBouncer
Field | Description |
---|---|
poolMode PgBouncerPoolMode | The pool mode. Default: |
authQuerySecret LocalObjectReference | The credentials of the user that need to be used for the authentication query. In case it is specified, also an AuthQuery (e.g. "SELECT usename, passwd FROM pg_catalog.pg_shadow WHERE usename=$1") has to be specified and no automatic CNP Cluster integration will be triggered. |
authQuery string | The query that will be used to download the hash of the password of a certain user. Default: "SELECT usename, passwd FROM public.user_search($1)". In case it is specified, also an AuthQuerySecret has to be specified and no automatic CNP Cluster integration will be triggered. |
parameters map[string]string | Additional parameters to be passed to PgBouncer - please check the CNP documentation for a list of options you can configure |
pg_hba []string | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) |
paused bool | When set to |
PluginStatus
Appears in:
PluginStatus is the status of a loaded plugin
Field | Description |
---|---|
name [Required]string | Name is the name of the plugin |
version [Required]string | Version is the version of the plugin loaded by the latest reconciliation loop |
capabilities [Required][]string | Capabilities are the list of capabilities of the plugin |
operatorCapabilities [Required][]string | OperatorCapabilities are the list of capabilities of the plugin regarding the reconciler |
walCapabilities [Required][]string | WALCapabilities are the list of capabilities of the plugin regarding the WAL management |
backupCapabilities [Required][]string | BackupCapabilities are the list of capabilities of the plugin regarding the Backup management |
PodTemplateSpec
Appears in:
PodTemplateSpec is a structure allowing the user to set a template for Pod generation.
Unfortunately we can't use the corev1.PodTemplateSpec type because the generated CRD won't have the field for the metadata section.
References: https://github.com/kubernetes-sigs/controller-tools/issues/385 https://github.com/kubernetes-sigs/controller-tools/issues/448 https://github.com/prometheus-operator/prometheus-operator/issues/3041
Field | Description |
---|---|
metadata Metadata | Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata |
spec core/v1.PodSpec | Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
PodTopologyLabels
(Alias of map[string]string
)
Appears in:
PodTopologyLabels represent the topology of a Pod. map[labelName]labelValue
PoolerIntegrations
Appears in:
PoolerIntegrations encapsulates the needed integration for the poolers referencing the cluster
Field | Description |
---|---|
pgBouncerIntegration PgBouncerIntegrationStatus | No description provided. |
PoolerMonitoringConfiguration
Appears in:
PoolerMonitoringConfiguration is the type containing all the monitoring configuration for a certain Pooler.
Mirrors the Cluster's MonitoringConfiguration but without the custom queries part for now.
Field | Description |
---|---|
enablePodMonitor bool | Enable or disable the |
podMonitorMetricRelabelings []github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig | The list of metric relabelings for the |
podMonitorRelabelings []github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig | The list of relabelings for the |
PoolerSecrets
Appears in:
PoolerSecrets contains the versions of all the secrets used
Field | Description |
---|---|
serverTLS SecretVersion | The server TLS secret version |
serverCA SecretVersion | The server CA secret version |
clientCA SecretVersion | The client CA secret version |
pgBouncerSecrets PgBouncerSecrets | The version of the secrets used by PgBouncer |
PoolerSpec
Appears in:
PoolerSpec defines the desired state of Pooler
Field | Description |
---|---|
cluster [Required]LocalObjectReference | This is the cluster reference on which the Pooler will work. Pooler name should never match with any cluster name within the same namespace. |
type PoolerType | Type of service to forward traffic to. Default: |
instances int32 | The number of replicas we want. Default: 1. |
template PodTemplateSpec | The template of the Pod to be created |
pgbouncer [Required]PgBouncerSpec | The PgBouncer configuration |
deploymentStrategy apps/v1.DeploymentStrategy | The deployment strategy to use for pgbouncer to replace existing pods with new ones |
monitoring PoolerMonitoringConfiguration | The configuration of the monitoring infrastructure of this pooler. |
serviceTemplate ServiceTemplateSpec | Template for the Service to be created |
PoolerStatus
Appears in:
PoolerStatus defines the observed state of Pooler
Field | Description |
---|---|
secrets PoolerSecrets | The resource version of the config object |
instances int32 | The number of pods trying to be scheduled |
PoolerType
(Alias of string
)
Appears in:
PoolerType is the type of the connection pool, meaning the service we are targeting. Allowed values are rw
and ro
.
PostInitApplicationSQLRefs
Appears in:
PostInitApplicationSQLRefs points references to ConfigMaps or Secrets which contain SQL files, the general implementation order to these references is from all Secrets to all ConfigMaps, and inside Secrets or ConfigMaps, the implementation order is same as the order of each array
Field | Description |
---|---|
secretRefs []SecretKeySelector | SecretRefs holds a list of references to Secrets |
configMapRefs []ConfigMapKeySelector | ConfigMapRefs holds a list of references to ConfigMaps |
PostgresConfiguration
Appears in:
PostgresConfiguration defines the PostgreSQL configuration
Field | Description |
---|---|
parameters map[string]string | PostgreSQL configuration options (postgresql.conf) |
pg_hba []string | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) |
pg_ident []string | PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file) |
epas EPASConfiguration | EDB Postgres Advanced Server specific configurations |
syncReplicaElectionConstraint SyncReplicaElectionConstraints | Requirements to be met by sync replicas. This will affect how the "synchronous_standby_names" parameter will be set up. |
shared_preload_libraries []string | Lists of shared preload libraries to add to the default ones |
ldap LDAPConfig | Options to specify LDAP configuration |
promotionTimeout int32 | Specifies the maximum number of seconds to wait when promoting an instance to primary. Default value is 40000000, greater than one year in seconds, big enough to simulate an infinite timeout |
enableAlterSystem bool | If this parameter is true, the user will be able to invoke |
PrimaryUpdateMethod
(Alias of string
)
Appears in:
PrimaryUpdateMethod contains the method to use when upgrading the primary server of the cluster as part of rolling updates
PrimaryUpdateStrategy
(Alias of string
)
Appears in:
PrimaryUpdateStrategy contains the strategy to follow when upgrading the primary server of the cluster as part of rolling updates
RecoveryTarget
Appears in:
RecoveryTarget allows to configure the moment where the recovery process will stop. All the target options except TargetTLI are mutually exclusive.
Field | Description |
---|---|
backupID string | The ID of the backup from which to start the recovery process. If empty (default) the operator will automatically detect the backup based on targetTime or targetLSN if specified. Otherwise use the latest available backup in chronological order. |
targetTLI string | The target timeline ("latest" or a positive integer) |
targetXID string | The target transaction ID |
targetName string | The target name (to be previously created with |
targetLSN string | The target LSN (Log Sequence Number) |
targetTime string | The target time as a timestamp in the RFC3339 standard |
targetImmediate bool | End recovery as soon as a consistent state is reached |
exclusive bool | Set the target to be exclusive. If omitted, defaults to false, so that in Postgres, |
ReplicaClusterConfiguration
Appears in:
ReplicaClusterConfiguration encapsulates the configuration of a replica cluster
Field | Description |
---|---|
source [Required]string | The name of the external cluster which is the replication origin |
enabled [Required]bool | If replica mode is enabled, this cluster will be a replica of an existing cluster. Replica cluster can be created from a recovery object store or via streaming through pg_basebackup. Refer to the Replica clusters page of the documentation for more information. |
ReplicationSlotsConfiguration
Appears in:
ReplicationSlotsConfiguration encapsulates the configuration of replication slots
Field | Description |
---|---|
highAvailability ReplicationSlotsHAConfiguration | Replication slots for high availability configuration |
updateInterval int | Standby will update the status of the local replication slots every |
synchronizeReplicas SynchronizeReplicasConfiguration | Configures the synchronization of the user defined physical replication slots |
ReplicationSlotsHAConfiguration
Appears in:
ReplicationSlotsHAConfiguration encapsulates the configuration of the replication slots that are automatically managed by the operator to control the streaming replication connections with the standby instances for high availability (HA) purposes. Replication slots are a PostgreSQL feature that makes sure that PostgreSQL automatically keeps WAL files in the primary when a streaming client (in this specific case a replica that is part of the HA cluster) gets disconnected.
Field | Description |
---|---|
enabled bool | If enabled (default), the operator will automatically manage replication slots on the primary instance and use them in streaming replication connections with all the standby instances that are part of the HA cluster. If disabled, the operator will not take advantage of replication slots in streaming connections with the replicas. This feature also controls replication slots in replica cluster, from the designated primary to its cascading replicas. |
slotPrefix string | Prefix for replication slots managed by the operator for HA. It may only contain lower case letters, numbers, and the underscore character. This can only be set at creation time. By default set to |
RoleConfiguration
Appears in:
RoleConfiguration is the representation, in Kubernetes, of a PostgreSQL role with the additional field Ensure specifying whether to ensure the presence or absence of the role in the database
The defaults of the CREATE ROLE command are applied Reference: https://www.postgresql.org/docs/current/sql-createrole.html
Field | Description |
---|---|
name [Required]string | Name of the role |
comment string | Description of the role |
ensure EnsureOption | Ensure the role is |
passwordSecret LocalObjectReference | Secret containing the password of the role (if present) If null, the password will be ignored unless DisablePassword is set |
connectionLimit int64 | If the role can log in, this specifies how many concurrent connections the role can make. |
validUntil meta/v1.Time | Date and time after which the role's password is no longer valid. When omitted, the password will never expire (default). |
inRoles []string | List of one or more existing roles to which this role will be immediately added as a new member. Default empty. |
inherit bool | Whether a role "inherits" the privileges of roles it is a member of. Defaults is |
disablePassword bool | DisablePassword indicates that a role's password should be set to NULL in Postgres |
superuser bool | Whether the role is a |
createdb bool | When set to |
createrole bool | Whether the role will be permitted to create, alter, drop, comment on, change the security label for, and grant or revoke membership in other roles. Default is |
login bool | Whether the role is allowed to log in. A role having the |
replication bool | Whether a role is a replication role. A role must have this attribute (or be a superuser) in order to be able to connect to the server in replication mode (physical or logical replication) and in order to be able to create or drop replication slots. A role having the |
bypassrls bool | Whether a role bypasses every row-level security (RLS) policy. Default is |
S3Credentials
Appears in:
S3Credentials is the type for the credentials to be used to upload files to S3. It can be provided in two alternative ways:
explicitly passing accessKeyId and secretAccessKey
inheriting the role from the pod environment by setting inheritFromIAMRole to true
Field | Description |
---|---|
accessKeyId SecretKeySelector | The reference to the access key id |
secretAccessKey SecretKeySelector | The reference to the secret access key |
region SecretKeySelector | The reference to the secret containing the region name |
sessionToken SecretKeySelector | The references to the session key |
inheritFromIAMRole bool | Use the role based authentication without providing explicitly the keys. |
ScheduledBackupSpec
Appears in:
ScheduledBackupSpec defines the desired state of ScheduledBackup
Field | Description |
---|---|
suspend bool | If this backup is suspended or not |
immediate bool | If the first backup has to be immediately start after creation or not |
schedule [Required]string | The schedule does not follow the same format used in Kubernetes CronJobs as it includes an additional seconds specifier, see https://pkg.go.dev/github.com/robfig/cron#hdr-CRON_Expression_Format |
cluster [Required]LocalObjectReference | The cluster to backup |
backupOwnerReference string | Indicates which ownerReference should be put inside the created backup resources.
|
target BackupTarget | The policy to decide which instance should perform this backup. If empty, it defaults to |
method BackupMethod | The backup method to be used, possible options are |
pluginConfiguration BackupPluginConfiguration | Configuration parameters passed to the plugin managing this backup |
online bool | Whether the default type of backup with volume snapshots is online/hot ( |
onlineConfiguration OnlineConfiguration | Configuration parameters to control the online/hot backup with volume snapshots Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza |
ScheduledBackupStatus
Appears in:
ScheduledBackupStatus defines the observed state of ScheduledBackup
Field | Description |
---|---|
lastCheckTime meta/v1.Time | The latest time the schedule |
lastScheduleTime meta/v1.Time | Information when was the last time that backup was successfully scheduled. |
nextScheduleTime meta/v1.Time | Next time we will run a backup |
SecretKeySelector
Appears in:
SecretKeySelector contains enough information to let you locate the key of a Secret
Field | Description |
---|---|
LocalObjectReference LocalObjectReference | (Members of LocalObjectReference are embedded into this type.)The name of the secret in the pod's namespace to select from. |
key [Required]string | The key to select |
SecretVersion
Appears in:
SecretVersion contains a secret name and its ResourceVersion
Field | Description |
---|---|
name string | The name of the secret |
version string | The ResourceVersion of the secret |
SecretsResourceVersion
Appears in:
SecretsResourceVersion is the resource versions of the secrets managed by the operator
Field | Description |
---|---|
superuserSecretVersion string | The resource version of the "postgres" user secret |
replicationSecretVersion string | The resource version of the "streaming_replica" user secret |
applicationSecretVersion string | The resource version of the "app" user secret |
managedRoleSecretVersion map[string]string | The resource versions of the managed roles secrets |
caSecretVersion string | Unused. Retained for compatibility with old versions. |
clientCaSecretVersion string | The resource version of the PostgreSQL client-side CA secret version |
serverCaSecretVersion string | The resource version of the PostgreSQL server-side CA secret version |
serverSecretVersion string | The resource version of the PostgreSQL server-side secret version |
barmanEndpointCA string | The resource version of the Barman Endpoint CA if provided |
externalClusterSecretVersion map[string]string | The resource versions of the external cluster secrets |
metrics map[string]string | A map with the versions of all the secrets used to pass metrics. Map keys are the secret names, map values are the versions |
ServiceAccountTemplate
Appears in:
ServiceAccountTemplate contains the template needed to generate the service accounts
Field | Description |
---|---|
metadata [Required]Metadata | Metadata are the metadata to be used for the generated service account |
ServiceTemplateSpec
Appears in:
ServiceTemplateSpec is a structure allowing the user to set a template for Service generation.
Field | Description |
---|---|
metadata Metadata | Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata |
spec core/v1.ServiceSpec | Specification of the desired behavior of the service. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
SnapshotOwnerReference
(Alias of string
)
Appears in:
SnapshotOwnerReference defines the reference type for the owner of the snapshot. This specifies which owner the processed resources should relate to.
SnapshotType
(Alias of string
)
Appears in:
SnapshotType is a type of allowed import
StorageConfiguration
Appears in:
StorageConfiguration is the configuration used to create and reconcile PVCs, usable for WAL volumes, PGDATA volumes, or tablespaces
Field | Description |
---|---|
storageClass string | StorageClass to use for PVCs. Applied after evaluating the PVC template, if available. If not specified, the generated PVCs will use the default storage class |
size string | Size of the storage. Required if not already specified in the PVC template. Changes to this field are automatically reapplied to the created PVCs. Size cannot be decreased. |
resizeInUseVolumes bool | Resize existent PVCs, defaults to true |
pvcTemplate core/v1.PersistentVolumeClaimSpec | Template to be used to generate the Persistent Volume Claim |
SwitchReplicaClusterStatus
Appears in:
SwitchReplicaClusterStatus contains all the statuses regarding the switch of a cluster to a replica cluster
Field | Description |
---|---|
inProgress bool | InProgress indicates if there is an ongoing procedure of switching a cluster to a replica cluster. |
SyncReplicaElectionConstraints
Appears in:
SyncReplicaElectionConstraints contains the constraints for sync replicas election.
For anti-affinity parameters two instances are considered in the same location if all the labels values match.
In future synchronous replica election restriction by name will be supported.
Field | Description |
---|---|
nodeLabelsAntiAffinity []string | A list of node labels values to extract and compare to evaluate if the pods reside in the same topology or not |
enabled [Required]bool | This flag enables the constraints for sync replicas |
SynchronizeReplicasConfiguration
Appears in:
SynchronizeReplicasConfiguration contains the configuration for the synchronization of user defined physical replication slots
Field | Description |
---|---|
enabled [Required]bool | When set to true, every replication slot that is on the primary is synchronized on each standby |
excludePatterns []string | List of regular expression patterns to match the names of replication slots to be excluded (by default empty) |
- [Required]synchronizeReplicasCache | No description provided. |
TDEConfiguration
Appears in:
TDEConfiguration contains the Transparent Data Encryption configuration
Field | Description |
---|---|
enabled bool | True if we want to have TDE enabled |
secretKeyRef core/v1.SecretKeySelector | Reference to the secret that contains the encryption key |
wrapCommand core/v1.SecretKeySelector | WrapCommand is the encrypt command provided by the user |
unwrapCommand core/v1.SecretKeySelector | UnwrapCommand is the decryption command provided by the user |
passphraseCommand core/v1.SecretKeySelector | PassphraseCommand is the command executed to get the passphrase that will be passed to the OpenSSL command to encrypt and decrypt |
TablespaceConfiguration
Appears in:
TablespaceConfiguration is the configuration of a tablespace, and includes the storage specification for the tablespace
Field | Description |
---|---|
name [Required]string | The name of the tablespace |
storage [Required]StorageConfiguration | The storage configuration for the tablespace |
owner DatabaseRoleRef | Owner is the PostgreSQL user owning the tablespace |
temporary bool | When set to true, the tablespace will be added as a |
TablespaceState
Appears in:
TablespaceState represents the state of a tablespace in a cluster
Field | Description |
---|---|
name [Required]string | Name is the name of the tablespace |
owner string | Owner is the PostgreSQL user owning the tablespace |
state [Required]TablespaceStatus | State is the latest reconciliation state |
error string | Error is the reconciliation error, if any |
TablespaceStatus
(Alias of string
)
Appears in:
TablespaceStatus represents the status of a tablespace in the cluster
Topology
Appears in:
Topology contains the cluster topology
Field | Description |
---|---|
instances map[PodName]PodTopologyLabels | Instances contains the pod topology of the instances |
nodesUsed int32 | NodesUsed represents the count of distinct nodes accommodating the instances. A value of '1' suggests that all instances are hosted on a single node, implying the absence of High Availability (HA). Ideally, this value should be the same as the number of instances in the Postgres HA cluster, implying shared nothing architecture on the compute side. |
successfullyExtracted bool | SuccessfullyExtracted indicates if the topology data was extract. It is useful to enact fallback behaviors in synchronous replica election in case of failures |
VolumeSnapshotConfiguration
Appears in:
VolumeSnapshotConfiguration represents the configuration for the execution of snapshot backups.
Field | Description |
---|---|
labels map[string]string | Labels are key-value pairs that will be added to .metadata.labels snapshot resources. |
annotations map[string]string | Annotations key-value pairs that will be added to .metadata.annotations snapshot resources. |
className string | ClassName specifies the Snapshot Class to be used for PG_DATA PersistentVolumeClaim. It is the default class for the other types if no specific class is present |
walClassName string | WalClassName specifies the Snapshot Class to be used for the PG_WAL PersistentVolumeClaim. |
tablespaceClassName map[string]string | TablespaceClassName specifies the Snapshot Class to be used for the tablespaces. defaults to the PGDATA Snapshot Class, if set |
snapshotOwnerReference SnapshotOwnerReference | SnapshotOwnerReference indicates the type of owner reference the snapshot should have |
online bool | Whether the default type of backup with volume snapshots is online/hot ( |
onlineConfiguration OnlineConfiguration | Configuration parameters to control the online/hot backup with volume snapshots |
WalBackupConfiguration
Appears in:
WalBackupConfiguration is the configuration of the backup of the WAL stream
Field | Description |
---|---|
compression CompressionType | Compress a WAL file before sending it to the object store. Available options are empty string (no compression, default), |
encryption EncryptionType | Whenever to force the encryption of files (if the bucket is not already configured for that). Allowed options are empty string (use the bucket policy, default), |
maxParallel int | Number of WAL files to be either archived in parallel (when the PostgreSQL instance is archiving to a backup object store) or restored in parallel (when a PostgreSQL standby is fetching WAL files from a recovery object store). If not specified, WAL files will be processed one at a time. It accepts a positive integer as a value - with 1 being the minimum accepted value. |
- On this page
- Resource Types
- Backup
- Cluster
- ClusterImageCatalog
- ImageCatalog
- Pooler
- ScheduledBackup
- AffinityConfiguration
- AvailableArchitecture
- AzureCredentials
- BackupConfiguration
- BackupMethod
- BackupPhase
- BackupPluginConfiguration
- BackupSnapshotElementStatus
- BackupSnapshotStatus
- BackupSource
- BackupSpec
- BackupStatus
- BackupTarget
- BarmanCredentials
- BarmanObjectStoreConfiguration
- BootstrapConfiguration
- BootstrapInitDB
- BootstrapPgBaseBackup
- BootstrapRecovery
- CatalogImage
- CertificatesConfiguration
- CertificatesStatus
- ClusterSpec
- ClusterStatus
- CompressionType
- ConfigMapKeySelector
- ConfigMapResourceVersion
- DataBackupConfiguration
- DataSource
- DatabaseRoleRef
- EPASConfiguration
- EmbeddedObjectMetadata
- EncryptionType
- EnsureOption
- EphemeralVolumesSizeLimitConfiguration
- ExternalCluster
- GoogleCredentials
- ImageCatalogRef
- ImageCatalogSpec
- Import
- ImportSource
- InstanceID
- InstanceReportedState
- LDAPBindAsAuth
- LDAPBindSearchAuth
- LDAPConfig
- LDAPScheme
- LocalObjectReference
- ManagedConfiguration
- ManagedRoles
- Metadata
- MonitoringConfiguration
- NodeMaintenanceWindow
- OnlineConfiguration
- PasswordState
- PgBouncerIntegrationStatus
- PgBouncerPoolMode
- PgBouncerSecrets
- PgBouncerSpec
- PluginStatus
- PodTemplateSpec
- PodTopologyLabels
- PoolerIntegrations
- PoolerMonitoringConfiguration
- PoolerSecrets
- PoolerSpec
- PoolerStatus
- PoolerType
- PostInitApplicationSQLRefs
- PostgresConfiguration
- PrimaryUpdateMethod
- PrimaryUpdateStrategy
- RecoveryTarget
- ReplicaClusterConfiguration
- ReplicationSlotsConfiguration
- ReplicationSlotsHAConfiguration
- RoleConfiguration
- S3Credentials
- ScheduledBackupSpec
- ScheduledBackupStatus
- SecretKeySelector
- SecretVersion
- SecretsResourceVersion
- ServiceAccountTemplate
- ServiceTemplateSpec
- SnapshotOwnerReference
- SnapshotType
- StorageConfiguration
- SwitchReplicaClusterStatus
- SyncReplicaElectionConstraints
- SynchronizeReplicasConfiguration
- TDEConfiguration
- TablespaceConfiguration
- TablespaceState
- TablespaceStatus
- Topology
- VolumeSnapshotConfiguration
- WalBackupConfiguration