├── helm ├── install │ ├── .helmignore │ ├── .gitattributes │ ├── Chart.yaml │ ├── templates │ │ ├── service_account.yaml │ │ ├── role_binding.yaml │ │ ├── role-upgrade.yaml │ │ ├── manager-upgrade.yaml │ │ ├── manager.yaml │ │ ├── NOTES.txt │ │ ├── role.yaml │ │ └── _helpers.tpl │ └── values.yaml └── postgres │ ├── Chart.yaml │ ├── templates │ ├── _gcs.tpl │ ├── _azure.tpl │ ├── _s3.tpl │ ├── pgbackrest-secret.yaml │ ├── NOTES.txt │ └── postgres.yaml │ └── values.yaml ├── kustomize ├── s3 │ ├── .gitignore │ ├── s3.conf.example │ ├── kustomization.yaml │ └── postgres.yaml ├── azure │ ├── .gitignore │ ├── azure.conf.example │ ├── kustomization.yaml │ └── postgres.yaml ├── gcs │ ├── .gitignore │ ├── gcs.conf │ ├── kustomization.yaml │ └── postgres.yaml ├── install │ ├── namespace │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── manager │ │ ├── kustomization.yaml │ │ ├── manager-upgrade.yaml │ │ └── manager.yaml │ ├── crd │ │ └── kustomization.yaml │ ├── rbac │ │ ├── cluster │ │ │ ├── kustomization.yaml │ │ │ ├── service_account.yaml │ │ │ ├── service_account-upgrade.yaml │ │ │ ├── role_binding.yaml │ │ │ ├── role_binding-upgrade.yaml │ │ │ ├── role-upgrade.yaml │ │ │ └── role.yaml │ │ └── namespace │ │ │ ├── kustomization.yaml │ │ │ ├── service_account.yaml │ │ │ ├── service_account-upgrade.yaml │ │ │ ├── role_binding.yaml │ │ │ ├── role_binding-upgrade.yaml │ │ │ ├── role-upgrade.yaml │ │ │ └── role.yaml │ ├── singlenamespace │ │ ├── manager-target.yaml │ │ ├── manager-target-upgrade.yaml │ │ ├── selectors.yaml │ │ └── kustomization.yaml │ └── default │ │ ├── selectors.yaml │ │ └── kustomization.yaml ├── multi-backup-repo │ ├── .gitignore │ ├── gcs.conf │ ├── azure.conf.example │ ├── s3.conf.example │ ├── kustomization.yaml │ └── postgres.yaml ├── postgres │ ├── kustomization.yaml │ └── postgres.yaml ├── high-availability │ ├── kustomization.yaml │ └── ha-postgres.yaml ├── keycloak │ ├── kustomization.yaml │ ├── postgres.yaml │ └── keycloak.yaml ├── certmanager │ ├── certman │ │ ├── kustomization.yaml │ │ ├── selfsigned-issuer.yaml │ │ ├── ca-issuer.yaml │ │ ├── selfsigned-clusterissuer.yaml │ │ └── ca-cert.yaml │ ├── postgres │ │ ├── kustomization.yaml │ │ ├── postgres.yaml │ │ ├── cert-repl.yaml │ │ └── cert.yaml │ └── README.md └── monitoring │ ├── README.md │ ├── grafana-secret.yaml │ ├── rbac-crb.yaml │ ├── rbac-cr.yaml │ ├── crunchy_grafana_dashboards.yml │ ├── rbac-sa.yaml │ ├── dashboards │ ├── kustomization.yaml │ ├── postgres_overview.json │ ├── crud_details.json │ ├── postgresql_service_health.json │ ├── pgbackrest.json │ └── prometheus_alerts.json │ ├── kustomization.yaml │ ├── pvcs.yaml │ ├── service.yaml │ ├── grafana-datasources.yaml │ ├── deploy-alertmanager.yaml │ ├── deploy-prometheus.yaml │ ├── alertmanager-config.yaml │ ├── prometheus-config.yaml │ ├── deploy-grafana.yaml │ └── alertmanager-rules-config.yaml ├── .github └── ISSUE_TEMPLATE │ └── issue.md ├── README.md └── LICENSE.md /helm/install/.helmignore: -------------------------------------------------------------------------------- 1 | .git* 2 | -------------------------------------------------------------------------------- /kustomize/s3/.gitignore: -------------------------------------------------------------------------------- 1 | s3.conf 2 | -------------------------------------------------------------------------------- /kustomize/azure/.gitignore: -------------------------------------------------------------------------------- 1 | azure.conf 2 | -------------------------------------------------------------------------------- /kustomize/gcs/.gitignore: -------------------------------------------------------------------------------- 1 | gcs-key.json 2 | -------------------------------------------------------------------------------- /kustomize/install/namespace/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - namespace.yaml 3 | -------------------------------------------------------------------------------- /kustomize/multi-backup-repo/.gitignore: -------------------------------------------------------------------------------- 1 | azure.conf 2 | gcs-key.json 3 | s3.conf 4 | -------------------------------------------------------------------------------- /kustomize/gcs/gcs.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | repo1-gcs-key=/etc/pgbackrest/conf.d/gcs-key.json 3 | -------------------------------------------------------------------------------- /kustomize/multi-backup-repo/gcs.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | repo3-gcs-key=/etc/pgbackrest/conf.d/gcs-key.json 3 | -------------------------------------------------------------------------------- /kustomize/install/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | - manager-upgrade.yaml 4 | -------------------------------------------------------------------------------- /kustomize/postgres/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | resources: 4 | - postgres.yaml 5 | -------------------------------------------------------------------------------- /kustomize/high-availability/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | resources: 4 | - ha-postgres.yaml 5 | -------------------------------------------------------------------------------- /kustomize/install/namespace/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: postgres-operator 5 | -------------------------------------------------------------------------------- /kustomize/s3/s3.conf.example: -------------------------------------------------------------------------------- 1 | [global] 2 | repo1-s3-key= 3 | repo1-s3-key-secret= 4 | -------------------------------------------------------------------------------- /kustomize/azure/azure.conf.example: -------------------------------------------------------------------------------- 1 | [global] 2 | repo1-azure-account= 3 | repo1-azure-key= 4 | -------------------------------------------------------------------------------- /kustomize/keycloak/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | resources: 4 | - postgres.yaml 5 | - keycloak.yaml 6 | -------------------------------------------------------------------------------- /kustomize/certmanager/certman/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - selfsigned-clusterissuer.yaml 3 | - ca-cert.yaml 4 | - ca-issuer.yaml 5 | -------------------------------------------------------------------------------- /kustomize/multi-backup-repo/azure.conf.example: -------------------------------------------------------------------------------- 1 | [global] 2 | repo4-azure-account= 3 | repo4-azure-key= 4 | -------------------------------------------------------------------------------- /kustomize/multi-backup-repo/s3.conf.example: -------------------------------------------------------------------------------- 1 | [global] 2 | repo2-s3-key= 3 | repo2-s3-key-secret= 4 | -------------------------------------------------------------------------------- /kustomize/certmanager/postgres/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | resources: 4 | - cert.yaml 5 | - cert-repl.yaml 6 | - postgres.yaml 7 | -------------------------------------------------------------------------------- /kustomize/certmanager/certman/selfsigned-issuer.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: Issuer 4 | metadata: 5 | name: selfsigned-issuer 6 | spec: 7 | selfSigned: {} 8 | -------------------------------------------------------------------------------- /kustomize/install/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bases/postgres-operator.crunchydata.com_postgresclusters.yaml 3 | - bases/postgres-operator.crunchydata.com_pgupgrades.yaml 4 | -------------------------------------------------------------------------------- /helm/install/.gitattributes: -------------------------------------------------------------------------------- 1 | # https://github.com/github/linguist/issues/4905 2 | # https://github.com/github/linguist/issues/5092#issuecomment-730262298 3 | /templates/*.tpl linguist-language=handlebars 4 | -------------------------------------------------------------------------------- /kustomize/install/rbac/cluster/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - service_account.yaml 3 | - role.yaml 4 | - role_binding.yaml 5 | - service_account-upgrade.yaml 6 | - role-upgrade.yaml 7 | - role_binding-upgrade.yaml 8 | -------------------------------------------------------------------------------- /kustomize/install/rbac/cluster/service_account.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: pgo 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator 8 | -------------------------------------------------------------------------------- /kustomize/install/rbac/namespace/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - service_account.yaml 3 | - role.yaml 4 | - role_binding.yaml 5 | - service_account-upgrade.yaml 6 | - role-upgrade.yaml 7 | - role_binding-upgrade.yaml 8 | -------------------------------------------------------------------------------- /kustomize/install/rbac/namespace/service_account.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: pgo 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator 8 | -------------------------------------------------------------------------------- /kustomize/certmanager/certman/ca-issuer.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: ClusterIssuer 4 | metadata: 5 | name: ca-issuer 6 | namespace: cert-manager 7 | spec: 8 | ca: 9 | secretName: root-secret 10 | -------------------------------------------------------------------------------- /kustomize/certmanager/certman/selfsigned-clusterissuer.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: ClusterIssuer 4 | metadata: 5 | name: selfsigned-cluster-issuer 6 | namespace: cert-manager 7 | spec: 8 | selfSigned: {} 9 | -------------------------------------------------------------------------------- /helm/postgres/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: postgrescluster 3 | description: A Helm chart for Kubernetes 4 | type: application 5 | # The version below should match the version on the PostgresCluster CRD 6 | version: 0.6.0 7 | appVersion: 5.2.0 8 | -------------------------------------------------------------------------------- /kustomize/s3/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | secretGenerator: 4 | - name: pgo-s3-creds 5 | files: 6 | - s3.conf 7 | 8 | generatorOptions: 9 | disableNameSuffixHash: true 10 | 11 | resources: 12 | - postgres.yaml 13 | -------------------------------------------------------------------------------- /kustomize/install/rbac/cluster/service_account-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: postgres-operator-upgrade 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 8 | -------------------------------------------------------------------------------- /kustomize/install/rbac/namespace/service_account-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: postgres-operator-upgrade 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 8 | -------------------------------------------------------------------------------- /kustomize/monitoring/README.md: -------------------------------------------------------------------------------- 1 | To deploy monitoring, 2 | 3 | 1. verify the namespace is correct in kustomization.yaml 4 | 2. If you are deploying in openshift, edit deploy*.yaml and comment out fsGroup line under securityContext 5 | 3. kubectl apply -k . 6 | -------------------------------------------------------------------------------- /kustomize/azure/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | secretGenerator: 4 | - name: pgo-azure-creds 5 | files: 6 | - azure.conf 7 | 8 | generatorOptions: 9 | disableNameSuffixHash: true 10 | 11 | resources: 12 | - postgres.yaml 13 | -------------------------------------------------------------------------------- /helm/postgres/templates/_gcs.tpl: -------------------------------------------------------------------------------- 1 | {{/* Allow for GCS secret information to be stored in a Secret */}} 2 | {{- define "postgres.gcs" }} 3 | [global] 4 | {{- if .gcs }} 5 | repo{{ add .index 1 }}-gcs-key=/etc/pgbackrest/conf.d/gcs-key.json 6 | {{- end }} 7 | {{ end }} 8 | -------------------------------------------------------------------------------- /kustomize/gcs/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | secretGenerator: 4 | - name: pgo-gcs-creds 5 | files: 6 | - gcs.conf 7 | - gcs-key.json 8 | 9 | generatorOptions: 10 | disableNameSuffixHash: true 11 | 12 | resources: 13 | - postgres.yaml 14 | -------------------------------------------------------------------------------- /helm/install/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: pgo 3 | description: Installer for PGO, the open source Postgres Operator from Crunchy Data 4 | 5 | type: application 6 | # The version below should match the version on the PostgresCluster CRD 7 | version: 0.6.0 8 | appVersion: 5.2.0 9 | -------------------------------------------------------------------------------- /kustomize/monitoring/grafana-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | password: YWRtaW4= 4 | username: YWRtaW4= 5 | kind: Secret 6 | metadata: 7 | labels: 8 | app.kubernetes.io/name: postgres-operator-monitoring 9 | vendor: crunchydata 10 | name: grafana-secret 11 | type: Opaque 12 | 13 | -------------------------------------------------------------------------------- /kustomize/multi-backup-repo/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | secretGenerator: 4 | - name: pgo-multi-repo-creds 5 | files: 6 | - azure.conf 7 | - gcs.conf 8 | - gcs-key.json 9 | - s3.conf 10 | 11 | generatorOptions: 12 | disableNameSuffixHash: true 13 | 14 | resources: 15 | - postgres.yaml 16 | -------------------------------------------------------------------------------- /kustomize/monitoring/rbac-crb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | labels: 5 | vendor: crunchydata 6 | name: prometheus-crb 7 | roleRef: 8 | apiGroup: rbac.authorization.k8s.io 9 | kind: ClusterRole 10 | name: prometheus-cr 11 | subjects: 12 | - kind: ServiceAccount 13 | name: prometheus-sa 14 | -------------------------------------------------------------------------------- /kustomize/monitoring/rbac-cr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: postgres-operator-monitoring 6 | vendor: crunchydata 7 | name: prometheus-cr 8 | rules: 9 | - resources: 10 | - pods 11 | apiGroups: 12 | - "" 13 | verbs: 14 | - get 15 | - list 16 | - watch 17 | -------------------------------------------------------------------------------- /kustomize/install/singlenamespace/manager-target.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: pgo 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: operator 11 | env: 12 | - name: PGO_TARGET_NAMESPACE 13 | valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } } 14 | -------------------------------------------------------------------------------- /kustomize/install/singlenamespace/manager-target-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: pgo-upgrade 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: operator 11 | env: 12 | - name: PGO_TARGET_NAMESPACE 13 | valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } } 14 | -------------------------------------------------------------------------------- /helm/postgres/templates/_azure.tpl: -------------------------------------------------------------------------------- 1 | {{/* Allow for Azure secret information to be stored in a Secret */}} 2 | {{- define "postgres.azure" }} 3 | [global] 4 | {{- if .azure }} 5 | {{- if .azure.account }} 6 | repo{{ add .index 1 }}-azure-account={{ .azure.account }} 7 | {{- end }} 8 | {{- if .azure.key }} 9 | repo{{ add .index 1 }}-azure-key={{ .azure.key }} 10 | {{- end }} 11 | {{- end }} 12 | {{ end }} 13 | -------------------------------------------------------------------------------- /kustomize/install/rbac/namespace/role_binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: postgres-operator 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: Role 11 | name: postgres-operator 12 | subjects: 13 | - kind: ServiceAccount 14 | name: pgo 15 | -------------------------------------------------------------------------------- /kustomize/install/rbac/cluster/role_binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: postgres-operator 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: ClusterRole 11 | name: postgres-operator 12 | subjects: 13 | - kind: ServiceAccount 14 | name: pgo 15 | -------------------------------------------------------------------------------- /kustomize/certmanager/certman/ca-cert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: Certificate 4 | metadata: 5 | name: selfsigned-ca 6 | namespace: cert-manager 7 | spec: 8 | isCA: true 9 | commonName: postgres-operator 10 | secretName: root-secret 11 | privateKey: 12 | algorithm: ECDSA 13 | size: 256 14 | issuerRef: 15 | name: selfsigned-cluster-issuer 16 | kind: ClusterIssuer 17 | group: cert-manager.io -------------------------------------------------------------------------------- /kustomize/monitoring/crunchy_grafana_dashboards.yml: -------------------------------------------------------------------------------- 1 | ### 2 | # 3 | # Copyright 2017-2022 Crunchy Data Solutions, Inc. All Rights Reserved. 4 | # 5 | ### 6 | apiVersion: 1 7 | 8 | providers: 9 | - name: 'crunchy_dashboards' 10 | orgId: 1 11 | folder: '' 12 | type: file 13 | disableDeletion: false 14 | updateIntervalSeconds: 3 #how often Grafana will scan for changed dashboards 15 | options: 16 | path: $GF_PATHS_PROVISIONING/dashboards 17 | -------------------------------------------------------------------------------- /kustomize/monitoring/rbac-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | labels: 5 | vendor: crunchydata 6 | name: prometheus-sa 7 | 8 | --- 9 | 10 | apiVersion: v1 11 | kind: ServiceAccount 12 | metadata: 13 | labels: 14 | vendor: crunchydata 15 | name: alertmanager 16 | 17 | --- 18 | 19 | apiVersion: v1 20 | kind: ServiceAccount 21 | metadata: 22 | labels: 23 | vendor: crunchydata 24 | name: grafana 25 | -------------------------------------------------------------------------------- /kustomize/install/rbac/namespace/role_binding-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: postgres-operator-upgrade 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: Role 11 | name: postgres-operator-upgrade 12 | subjects: 13 | - kind: ServiceAccount 14 | name: postgres-operator-upgrade 15 | -------------------------------------------------------------------------------- /kustomize/monitoring/dashboards/kustomization.yaml: -------------------------------------------------------------------------------- 1 | kind: Kustomization 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | configMapGenerator: 4 | - name: grafana-dashboards 5 | files: 6 | - pgbackrest.json 7 | - pod_details.json 8 | - postgres_overview.json 9 | - postgresql_details.json 10 | - postgresql_service_health.json 11 | - prometheus_alerts.json 12 | - query_statistics.json 13 | generatorOptions: 14 | disableNameSuffixHash: true 15 | -------------------------------------------------------------------------------- /kustomize/install/rbac/cluster/role_binding-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: postgres-operator-upgrade 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: ClusterRole 11 | name: postgres-operator-upgrade 12 | subjects: 13 | - kind: ServiceAccount 14 | name: postgres-operator-upgrade 15 | -------------------------------------------------------------------------------- /helm/postgres/templates/_s3.tpl: -------------------------------------------------------------------------------- 1 | {{/* Allow for S3 secret information to be stored in a Secret */}} 2 | {{- define "postgres.s3" }} 3 | [global] 4 | {{- if .s3 }} 5 | {{- if .s3.key }} 6 | repo{{ add .index 1 }}-s3-key={{ .s3.key }} 7 | {{- end }} 8 | {{- if .s3.keySecret }} 9 | repo{{ add .index 1 }}-s3-key-secret={{ .s3.keySecret }} 10 | {{- end }} 11 | {{- if .s3.encryptionPassphrase }} 12 | repo{{ add .index 1 }}-cipher-pass={{ .s3.encryptionPassphrase }} 13 | {{- end }} 14 | {{- end }} 15 | {{ end }} 16 | -------------------------------------------------------------------------------- /kustomize/install/default/selectors.yaml: -------------------------------------------------------------------------------- 1 | # We add the app version as a "commonLabel" and change it with each release. 2 | # Remove it from selectors until we use "labels" of Kustomize v4.1. 3 | # See: https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/commonlabels/ 4 | # See: https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv4.1.0 5 | - op: remove 6 | path: /spec/selector/matchLabels/app.kubernetes.io~1name 7 | - op: remove 8 | path: /spec/selector/matchLabels/app.kubernetes.io~1version 9 | -------------------------------------------------------------------------------- /kustomize/install/singlenamespace/selectors.yaml: -------------------------------------------------------------------------------- 1 | # We add the app version as a "commonLabel" and change it with each release. 2 | # Remove it from selectors until we use "labels" of Kustomize v4.1. 3 | # See: https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/commonlabels/ 4 | # See: https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv4.1.0 5 | - op: remove 6 | path: /spec/selector/matchLabels/app.kubernetes.io~1name 7 | - op: remove 8 | path: /spec/selector/matchLabels/app.kubernetes.io~1version 9 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/issue.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Open an Issue for PGO Examples 3 | about: Open an issue specific to the "postgres-operator-examples" repository. For all other issues please visit https://github.com/CrunchyData/postgres-operator 4 | --- 5 | 6 | Please report any bugs or feature requests specific to the PGO Examples that are in this repository. This includes anything around the examples for Kustomize and Helm. 7 | 8 | For any bugs or feature request related to PGO itself, please visit https://github.com/CrunchyData/postgres-operator 9 | -------------------------------------------------------------------------------- /helm/install/templates/service_account.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "install.serviceAccountName" . }} 6 | labels: 7 | {{- include "install.labels" . | nindent 4 }} 8 | {{- include "install.clusterLabels" . | nindent 4 }} 9 | --- 10 | apiVersion: v1 11 | kind: ServiceAccount 12 | metadata: 13 | name: {{ include "install.serviceAccountName" . }}-upgrade 14 | labels: 15 | {{- include "install.labels" . | nindent 4 }} 16 | {{- include "install.upgradeLabels" . | nindent 4 }} 17 | -------------------------------------------------------------------------------- /kustomize/monitoring/kustomization.yaml: -------------------------------------------------------------------------------- 1 | kind: Kustomization 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | namespace: postgres-operator 4 | resources: 5 | - pvcs.yaml 6 | - ./dashboards 7 | # configuration files 8 | - prometheus-config.yaml 9 | - alertmanager-config.yaml 10 | - alertmanager-rules-config.yaml 11 | - grafana-datasources.yaml 12 | # secrets 13 | - grafana-secret.yaml 14 | # RBAC 15 | - rbac-sa.yaml 16 | - rbac-cr.yaml 17 | - rbac-crb.yaml 18 | # Deployments 19 | - deploy-alertmanager.yaml 20 | - deploy-grafana.yaml 21 | - deploy-prometheus.yaml 22 | # Services 23 | - service.yaml 24 | configMapGenerator: 25 | - name: grafana-dashboards 26 | behavior: merge 27 | files: 28 | - crunchy_grafana_dashboards.yml 29 | generatorOptions: 30 | disableNameSuffixHash: true 31 | -------------------------------------------------------------------------------- /kustomize/gcs/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: hippo-gcs 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | instances: 9 | - dataVolumeClaimSpec: 10 | accessModes: 11 | - "ReadWriteOnce" 12 | resources: 13 | requests: 14 | storage: 1Gi 15 | backups: 16 | pgbackrest: 17 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 18 | configuration: 19 | - secret: 20 | name: pgo-gcs-creds 21 | global: 22 | repo1-path: /pgbackrest/postgres-operator/hippo-gcs/repo1 23 | repos: 24 | - name: repo1 25 | gcs: 26 | bucket: "" 27 | -------------------------------------------------------------------------------- /kustomize/postgres/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: hippo 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | instances: 9 | - name: instance1 10 | dataVolumeClaimSpec: 11 | accessModes: 12 | - "ReadWriteOnce" 13 | resources: 14 | requests: 15 | storage: 1Gi 16 | backups: 17 | pgbackrest: 18 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 19 | repos: 20 | - name: repo1 21 | volume: 22 | volumeClaimSpec: 23 | accessModes: 24 | - "ReadWriteOnce" 25 | resources: 26 | requests: 27 | storage: 1Gi 28 | -------------------------------------------------------------------------------- /kustomize/install/default/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | commonLabels: 4 | app.kubernetes.io/name: pgo 5 | # The version below should match the version on the PostgresCluster CRD 6 | app.kubernetes.io/version: 5.2.0 7 | 8 | bases: 9 | - ../crd 10 | - ../rbac/cluster 11 | - ../manager 12 | 13 | images: 14 | - name: postgres-operator 15 | newName: registry.developers.crunchydata.com/crunchydata/postgres-operator 16 | newTag: ubi8-5.2.0-0 17 | - name: postgres-operator-upgrade 18 | newName: registry.developers.crunchydata.com/crunchydata/postgres-operator-upgrade 19 | newTag: ubi8-5.2.0-0 20 | 21 | patchesJson6902: 22 | - target: { group: apps, version: v1, kind: Deployment, name: pgo } 23 | path: selectors.yaml 24 | - target: { group: apps, version: v1, kind: Deployment, name: pgo-upgrade } 25 | path: selectors.yaml 26 | -------------------------------------------------------------------------------- /kustomize/azure/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: hippo-azure 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | instances: 9 | - dataVolumeClaimSpec: 10 | accessModes: 11 | - "ReadWriteOnce" 12 | resources: 13 | requests: 14 | storage: 1Gi 15 | backups: 16 | pgbackrest: 17 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 18 | configuration: 19 | - secret: 20 | name: pgo-azure-creds 21 | global: 22 | repo1-path: /pgbackrest/postgres-operator/hippo-azure/repo1 23 | repos: 24 | - name: repo1 25 | azure: 26 | container: "" 27 | -------------------------------------------------------------------------------- /kustomize/monitoring/pvcs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: pgo-monitoring 6 | vendor: crunchydata 7 | name: alertmanagerdata 8 | spec: 9 | accessModes: 10 | - ReadWriteOnce 11 | resources: 12 | requests: 13 | storage: 5Gi 14 | --- 15 | apiVersion: v1 16 | kind: PersistentVolumeClaim 17 | metadata: 18 | labels: 19 | app.kubernetes.io/name: pgo-monitoring 20 | vendor: crunchydata 21 | name: grafanadata 22 | spec: 23 | accessModes: 24 | - ReadWriteOnce 25 | resources: 26 | requests: 27 | storage: 5Gi 28 | --- 29 | apiVersion: v1 30 | kind: PersistentVolumeClaim 31 | metadata: 32 | labels: 33 | app.kubernetes.io/name: pgo-monitoring 34 | vendor: crunchydata 35 | name: prometheusdata 36 | spec: 37 | accessModes: 38 | - ReadWriteOnce 39 | resources: 40 | requests: 41 | storage: 5Gi 42 | -------------------------------------------------------------------------------- /kustomize/s3/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: hippo-s3 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | instances: 9 | - dataVolumeClaimSpec: 10 | accessModes: 11 | - "ReadWriteOnce" 12 | resources: 13 | requests: 14 | storage: 1Gi 15 | backups: 16 | pgbackrest: 17 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 18 | configuration: 19 | - secret: 20 | name: pgo-s3-creds 21 | global: 22 | repo1-path: /pgbackrest/postgres-operator/hippo-s3/repo1 23 | repos: 24 | - name: repo1 25 | s3: 26 | bucket: "" 27 | endpoint: "" 28 | region: "" 29 | -------------------------------------------------------------------------------- /kustomize/install/singlenamespace/kustomization.yaml: -------------------------------------------------------------------------------- 1 | namespace: postgres-operator 2 | 3 | commonLabels: 4 | app.kubernetes.io/name: pgo 5 | # The version below should match the version on the PostgresCluster CRD 6 | app.kubernetes.io/version: 5.2.0 7 | 8 | bases: 9 | - ../crd 10 | - ../rbac/namespace 11 | - ../manager 12 | 13 | images: 14 | - name: postgres-operator 15 | newName: registry.developers.crunchydata.com/crunchydata/postgres-operator 16 | newTag: ubi8-5.2.0-0 17 | - name: postgres-operator-upgrade 18 | newName: registry.developers.crunchydata.com/crunchydata/postgres-operator-upgrade 19 | newTag: ubi8-5.2.0-0 20 | 21 | patchesJson6902: 22 | - target: { group: apps, version: v1, kind: Deployment, name: pgo } 23 | path: selectors.yaml 24 | - target: { group: apps, version: v1, kind: Deployment, name: pgo-upgrade } 25 | path: selectors.yaml 26 | 27 | patchesStrategicMerge: 28 | - manager-target.yaml 29 | - manager-target-upgrade.yaml 30 | -------------------------------------------------------------------------------- /kustomize/certmanager/postgres/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: hippo 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | customReplicationTLSSecret: 9 | name: hippo-repl-tls 10 | customTLSSecret: 11 | name: hippo-tls 12 | instances: 13 | - replicas: 2 14 | dataVolumeClaimSpec: 15 | accessModes: 16 | - "ReadWriteOnce" 17 | resources: 18 | requests: 19 | storage: 1Gi 20 | backups: 21 | pgbackrest: 22 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 23 | repos: 24 | - name: repo1 25 | volume: 26 | volumeClaimSpec: 27 | accessModes: 28 | - "ReadWriteOnce" 29 | resources: 30 | requests: 31 | storage: 1Gi 32 | -------------------------------------------------------------------------------- /kustomize/monitoring/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: postgres-operator-monitoring 6 | vendor: crunchydata 7 | name: crunchy-alertmanager 8 | name: crunchy-alertmanager 9 | spec: 10 | type: ClusterIP 11 | ports: 12 | - name: alertmanager 13 | port: 9093 14 | selector: 15 | name: crunchy-alertmanager 16 | 17 | --- 18 | 19 | apiVersion: v1 20 | kind: Service 21 | metadata: 22 | labels: 23 | app.kubernetes.io/name: postgres-operator-monitoring 24 | vendor: crunchydata 25 | name: crunchy-grafana 26 | name: crunchy-grafana 27 | spec: 28 | type: ClusterIP 29 | ports: 30 | - name: grafana 31 | port: 3000 32 | selector: 33 | name: crunchy-grafana 34 | 35 | --- 36 | 37 | apiVersion: v1 38 | kind: Service 39 | metadata: 40 | labels: 41 | app.kubernetes.io/name: postgres-operator-monitoring 42 | vendor: crunchydata 43 | name: crunchy-prometheus 44 | name: crunchy-prometheus 45 | spec: 46 | type: ClusterIP 47 | ports: 48 | - name: prometheus 49 | port: 9090 50 | selector: 51 | name: crunchy-prometheus 52 | -------------------------------------------------------------------------------- /kustomize/certmanager/postgres/cert-repl.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cert-manager.io/v1 2 | kind: Certificate 3 | metadata: 4 | name: hippo-repl-certmanager 5 | spec: 6 | # Secret names are always required. 7 | secretName: hippo-repl-tls 8 | duration: 2160h # 90d 9 | renewBefore: 360h # 15d 10 | subject: 11 | organizations: 12 | - hippo-org 13 | # The use of the common name field has been deprecated since 2000 and is 14 | # discouraged from being used. 15 | commonName: _crunchyrepl 16 | isCA: false 17 | privateKey: 18 | algorithm: ECDSA 19 | size: 256 20 | usages: 21 | - digital signature 22 | - key encipherment 23 | # At least one of a DNS Name, URI, or IP address is required. 24 | dnsNames: 25 | - _crunchyrepl 26 | issuerRef: 27 | name: ca-issuer 28 | # We can reference ClusterIssuers by changing the kind here. 29 | # The default value is Issuer (i.e. a locally namespaced Issuer) 30 | kind: ClusterIssuer 31 | # This is optional since cert-manager will default to this value however 32 | # if you are using an external issuer, change this to that issuer group. 33 | group: cert-manager.io 34 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # [PGO](https://github.com/CrunchyData/postgres-operator), Crunchy [Postgres Operator](https://github.com/CrunchyData/postgres-operator) Examples 2 | 3 | This repository contains examples for deploying PGO, the Postgres Operator from Crunchy Data, using a variety of examples. 4 | 5 | The examples are grouped by various tools that can be used to deploy them. 6 | 7 | The best way to get started is to fork this repository and experiment with the examples. 8 | 9 | Each of the examples has its own README that guides you through the process of deploying it. 10 | 11 | You can find the full [PGO documentation](https://access.crunchydata.com/documentation/postgres-operator/v5/) for the project here: 12 | 13 | [https://access.crunchydata.com/documentation/postgres-operator/v5/](https://access.crunchydata.com/documentation/postgres-operator/v5/) 14 | 15 | You can find out more information about [PGO](https://github.com/CrunchyData/postgres-operator), the [Postgres Operator](https://github.com/CrunchyData/postgres-operator) from [Crunchy Data](https://www.crunchydata.com) at the project page: 16 | 17 | [https://github.com/CrunchyData/postgres-operator](https://github.com/CrunchyData/postgres-operator) 18 | -------------------------------------------------------------------------------- /helm/install/templates/role_binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: {{ include "install.roleBindingKind" . }} 4 | metadata: 5 | name: {{ include "install.roleBindingName" . }} 6 | labels: 7 | {{- include "install.labels" . | nindent 4 }} 8 | {{- include "install.clusterLabels" . | nindent 4 }} 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: {{ include "install.roleKind" . }} 12 | name: {{ include "install.roleName" . }} 13 | subjects: 14 | - kind: ServiceAccount 15 | name: {{ include "install.serviceAccountName" . }} 16 | namespace: {{ .Release.Namespace }} 17 | --- 18 | apiVersion: rbac.authorization.k8s.io/v1 19 | kind: {{ include "install.roleBindingKind" . }} 20 | metadata: 21 | name: {{ include "install.roleBindingName" . }}-upgrade 22 | labels: 23 | {{- include "install.labels" . | nindent 4 }} 24 | {{- include "install.upgradeLabels" . | nindent 4 }} 25 | roleRef: 26 | apiGroup: rbac.authorization.k8s.io 27 | kind: {{ include "install.roleKind" . }} 28 | name: {{ include "install.roleName" . }}-upgrade 29 | subjects: 30 | - kind: ServiceAccount 31 | name: {{ include "install.serviceAccountName" . }}-upgrade 32 | namespace: {{ .Release.Namespace }} 33 | -------------------------------------------------------------------------------- /kustomize/install/manager/manager-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: pgo-upgrade 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 8 | spec: 9 | replicas: 1 10 | strategy: { type: Recreate } 11 | selector: 12 | matchLabels: 13 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 14 | template: 15 | metadata: 16 | labels: 17 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 18 | spec: 19 | containers: 20 | - name: operator 21 | image: postgres-operator-upgrade 22 | env: 23 | - name: PGO_NAMESPACE 24 | valueFrom: 25 | fieldRef: 26 | fieldPath: metadata.namespace 27 | - name: CRUNCHY_DEBUG 28 | value: "true" 29 | - name: RELATED_IMAGE_PGUPGRADE 30 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-upgrade:ubi8-5.2.0-0" 31 | securityContext: 32 | allowPrivilegeEscalation: false 33 | capabilities: { drop: [ALL] } 34 | readOnlyRootFilesystem: true 35 | runAsNonRoot: true 36 | serviceAccountName: postgres-operator-upgrade 37 | -------------------------------------------------------------------------------- /kustomize/certmanager/postgres/cert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cert-manager.io/v1 2 | kind: Certificate 3 | metadata: 4 | name: hippo-certmanager 5 | spec: 6 | # Secret names are always required. 7 | secretName: hippo-tls 8 | duration: 2160h # 90d 9 | renewBefore: 360h # 15d 10 | subject: 11 | organizations: 12 | - hippo-org 13 | # The use of the common name field has been deprecated since 2000 and is 14 | # discouraged from being used. 15 | commonName: hippo-primary 16 | isCA: false 17 | privateKey: 18 | algorithm: ECDSA 19 | size: 256 20 | usages: 21 | - digital signature 22 | - key encipherment 23 | # At least one of a DNS Name, URI, or IP address is required. 24 | dnsNames: 25 | - hippo-primary 26 | - hippo-primary.postgres-operator 27 | - hippo-primary.postgres-operator.svc 28 | - hippo-primary.postgres-operator.svc.cluster.local 29 | issuerRef: 30 | name: ca-issuer 31 | # We can reference ClusterIssuers by changing the kind here. 32 | # The default value is Issuer (i.e. a locally namespaced Issuer) 33 | kind: ClusterIssuer 34 | # This is optional since cert-manager will default to this value however 35 | # if you are using an external issuer, change this to that issuer group. 36 | group: cert-manager.io 37 | -------------------------------------------------------------------------------- /kustomize/keycloak/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: keycloakdb 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | instances: 9 | - replicas: 2 10 | dataVolumeClaimSpec: 11 | accessModes: 12 | - "ReadWriteOnce" 13 | resources: 14 | requests: 15 | storage: 1Gi 16 | affinity: 17 | podAntiAffinity: 18 | preferredDuringSchedulingIgnoredDuringExecution: 19 | - weight: 1 20 | podAffinityTerm: 21 | topologyKey: kubernetes.io/hostname 22 | labelSelector: 23 | matchLabels: 24 | postgres-operator.crunchydata.com/cluster: keycloakdb 25 | postgres-operator.crunchydata.com/instance-set: "00" 26 | backups: 27 | pgbackrest: 28 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 29 | repos: 30 | - name: repo1 31 | volume: 32 | volumeClaimSpec: 33 | accessModes: 34 | - "ReadWriteOnce" 35 | resources: 36 | requests: 37 | storage: 1Gi 38 | -------------------------------------------------------------------------------- /kustomize/install/rbac/namespace/role-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | creationTimestamp: null 6 | name: postgres-operator-upgrade 7 | labels: 8 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 9 | rules: 10 | - apiGroups: 11 | - "" 12 | resources: 13 | - endpoints 14 | verbs: 15 | - delete 16 | - get 17 | - list 18 | - watch 19 | - apiGroups: 20 | - apps 21 | resources: 22 | - statefulsets 23 | verbs: 24 | - list 25 | - watch 26 | - apiGroups: 27 | - batch 28 | resources: 29 | - jobs 30 | verbs: 31 | - create 32 | - delete 33 | - list 34 | - patch 35 | - watch 36 | - apiGroups: 37 | - postgres-operator.crunchydata.com 38 | resources: 39 | - pgupgrades 40 | verbs: 41 | - get 42 | - list 43 | - watch 44 | - apiGroups: 45 | - postgres-operator.crunchydata.com 46 | resources: 47 | - pgupgrades/finalizers 48 | verbs: 49 | - patch 50 | - update 51 | - apiGroups: 52 | - postgres-operator.crunchydata.com 53 | resources: 54 | - pgupgrades/status 55 | verbs: 56 | - get 57 | - patch 58 | - apiGroups: 59 | - postgres-operator.crunchydata.com 60 | resources: 61 | - postgresclusters 62 | verbs: 63 | - get 64 | - list 65 | - watch 66 | - apiGroups: 67 | - postgres-operator.crunchydata.com 68 | resources: 69 | - postgresclusters/status 70 | verbs: 71 | - patch 72 | -------------------------------------------------------------------------------- /kustomize/install/rbac/cluster/role-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | creationTimestamp: null 6 | name: postgres-operator-upgrade 7 | labels: 8 | postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade 9 | rules: 10 | - apiGroups: 11 | - "" 12 | resources: 13 | - endpoints 14 | verbs: 15 | - delete 16 | - get 17 | - list 18 | - watch 19 | - apiGroups: 20 | - apps 21 | resources: 22 | - statefulsets 23 | verbs: 24 | - list 25 | - watch 26 | - apiGroups: 27 | - batch 28 | resources: 29 | - jobs 30 | verbs: 31 | - create 32 | - delete 33 | - list 34 | - patch 35 | - watch 36 | - apiGroups: 37 | - postgres-operator.crunchydata.com 38 | resources: 39 | - pgupgrades 40 | verbs: 41 | - get 42 | - list 43 | - watch 44 | - apiGroups: 45 | - postgres-operator.crunchydata.com 46 | resources: 47 | - pgupgrades/finalizers 48 | verbs: 49 | - patch 50 | - update 51 | - apiGroups: 52 | - postgres-operator.crunchydata.com 53 | resources: 54 | - pgupgrades/status 55 | verbs: 56 | - get 57 | - patch 58 | - apiGroups: 59 | - postgres-operator.crunchydata.com 60 | resources: 61 | - postgresclusters 62 | verbs: 63 | - get 64 | - list 65 | - watch 66 | - apiGroups: 67 | - postgres-operator.crunchydata.com 68 | resources: 69 | - postgresclusters/status 70 | verbs: 71 | - patch 72 | -------------------------------------------------------------------------------- /helm/install/templates/role-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: {{ include "install.roleKind" . }} 4 | metadata: 5 | name: {{ include "install.roleName" . }}-upgrade 6 | labels: 7 | {{- include "install.labels" . | nindent 4 }} 8 | {{- include "install.upgradeLabels" . | nindent 4 }} 9 | rules: 10 | - apiGroups: 11 | - "" 12 | resources: 13 | - endpoints 14 | verbs: 15 | - delete 16 | - get 17 | - list 18 | - watch 19 | - apiGroups: 20 | - apps 21 | resources: 22 | - statefulsets 23 | verbs: 24 | - list 25 | - watch 26 | - apiGroups: 27 | - batch 28 | resources: 29 | - jobs 30 | verbs: 31 | - create 32 | - delete 33 | - list 34 | - patch 35 | - watch 36 | - apiGroups: 37 | - postgres-operator.crunchydata.com 38 | resources: 39 | - pgupgrades 40 | verbs: 41 | - get 42 | - list 43 | - watch 44 | - apiGroups: 45 | - postgres-operator.crunchydata.com 46 | resources: 47 | - pgupgrades/finalizers 48 | verbs: 49 | - patch 50 | - update 51 | - apiGroups: 52 | - postgres-operator.crunchydata.com 53 | resources: 54 | - pgupgrades/status 55 | verbs: 56 | - get 57 | - patch 58 | - apiGroups: 59 | - postgres-operator.crunchydata.com 60 | resources: 61 | - postgresclusters 62 | verbs: 63 | - get 64 | - list 65 | - watch 66 | - apiGroups: 67 | - postgres-operator.crunchydata.com 68 | resources: 69 | - postgresclusters/status 70 | verbs: 71 | - patch 72 | -------------------------------------------------------------------------------- /helm/postgres/templates/pgbackrest-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if or .Values.multiBackupRepos .Values.s3 .Values.gcs .Values.azure }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ default .Release.Name .Values.name }}-pgbackrest-secret 6 | type: Opaque 7 | data: 8 | {{- if .Values.multiBackupRepos }} 9 | {{- range $index, $repo := .Values.multiBackupRepos }} 10 | {{- if $repo.s3 }} 11 | {{- $args := dict "s3" $repo.s3 "index" $index }} 12 | s3.conf: |- 13 | {{ include "postgres.s3" $args | b64enc }} 14 | {{- else if $repo.gcs }} 15 | {{- $args := dict "gcs" $repo.gcs "index" $index }} 16 | gcs.conf: |- 17 | {{ include "postgres.gcs" $args | b64enc }} 18 | gcs-key.json: |- 19 | {{ $repo.gcs.key | b64enc }} 20 | {{- else if $repo.azure }} 21 | {{- $args := dict "azure" $repo.azure "index" $index }} 22 | azure.conf: |- 23 | {{ include "postgres.azure" $args | b64enc }} 24 | {{- end }} 25 | {{- end }} 26 | {{- else if .Values.s3 }} 27 | {{- $args := dict "s3" .Values.s3 "index" 0 }} 28 | s3.conf: |- 29 | {{ include "postgres.s3" $args | b64enc }} 30 | {{- else if .Values.gcs }} 31 | {{- $args := dict "gcs" .Values.gcs "index" 0 }} 32 | gcs.conf: |- 33 | {{ include "postgres.gcs" $args | b64enc }} 34 | gcs-key.json: |- 35 | {{ .Values.gcs.key | b64enc }} 36 | {{- else if .Values.azure }} 37 | {{- $args := dict "azure" .Values.azure "index" 0 }} 38 | azure.conf: |- 39 | {{ include "postgres.azure" $args | b64enc }} 40 | {{- end }} 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /kustomize/multi-backup-repo/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: hippo-multi-repo 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | instances: 9 | - dataVolumeClaimSpec: 10 | accessModes: 11 | - "ReadWriteOnce" 12 | resources: 13 | requests: 14 | storage: 1Gi 15 | backups: 16 | pgbackrest: 17 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 18 | configuration: 19 | - secret: 20 | name: pgo-multi-repo-creds 21 | global: 22 | repo2-path: /pgbackrest/postgres-operator/hippo-multi-repo/repo2 23 | repo3-path: /pgbackrest/postgres-operator/hippo-multi-repo/repo3 24 | repo4-path: /pgbackrest/postgres-operator/hippo-multi-repo/repo4 25 | repos: 26 | - name: repo1 27 | volume: 28 | volumeClaimSpec: 29 | accessModes: 30 | - "ReadWriteOnce" 31 | resources: 32 | requests: 33 | storage: 1Gi 34 | - name: repo2 35 | s3: 36 | bucket: "" 37 | endpoint: "" 38 | region: "" 39 | - name: repo3 40 | gcs: 41 | bucket: "" 42 | - name: repo4 43 | azure: 44 | container: "" 45 | -------------------------------------------------------------------------------- /helm/install/templates/manager-upgrade.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ .Chart.Name }}-upgrade 6 | labels: 7 | {{- include "install.labels" . | nindent 4 }} 8 | {{- include "install.upgradeLabels" . | nindent 4 }} 9 | spec: 10 | replicas: 1 11 | strategy: { type: Recreate } 12 | selector: 13 | matchLabels: 14 | {{- include "install.upgradeLabels" . | nindent 6 }} 15 | template: 16 | metadata: 17 | labels: 18 | {{- include "install.upgradeLabels" . | nindent 8 }} 19 | spec: 20 | {{- include "install.imagePullSecrets" . | indent 6 }} 21 | serviceAccountName: {{ include "install.serviceAccountName" . }}-upgrade 22 | containers: 23 | - name: operator 24 | image: {{ required ".Values.controllerImages.upgrade is required" .Values.controllerImages.upgrade | quote }} 25 | env: 26 | - name: CRUNCHY_DEBUG 27 | value: {{ .Values.debug | ne false | quote }} 28 | {{- if .Values.singleNamespace }} 29 | - name: PGO_TARGET_NAMESPACE 30 | valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } } 31 | {{- end }} 32 | {{- if .Values.workers }} 33 | - name: PGO_WORKERS 34 | value: {{ .Values.workers | quote }} 35 | {{- end }} 36 | {{- include "install.relatedImages" . | indent 8 }} 37 | securityContext: 38 | allowPrivilegeEscalation: false 39 | capabilities: { drop: [ALL] } 40 | readOnlyRootFilesystem: true 41 | runAsNonRoot: true 42 | -------------------------------------------------------------------------------- /kustomize/keycloak/keycloak.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: keycloak 5 | namespace: postgres-operator 6 | labels: 7 | app.kubernetes.io/name: keycloak 8 | spec: 9 | selector: 10 | matchLabels: 11 | app.kubernetes.io/name: keycloak 12 | template: 13 | metadata: 14 | labels: 15 | app.kubernetes.io/name: keycloak 16 | spec: 17 | containers: 18 | - image: quay.io/keycloak/keycloak:latest 19 | name: keycloak 20 | env: 21 | - name: DB_VENDOR 22 | value: "postgres" 23 | - name: DB_ADDR 24 | valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: host } } 25 | - name: DB_PORT 26 | valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: port } } 27 | - name: DB_DATABASE 28 | valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: dbname } } 29 | - name: DB_USER 30 | valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: user } } 31 | - name: DB_PASSWORD 32 | valueFrom: { secretKeyRef: { name: keycloakdb-pguser-keycloakdb, key: password } } 33 | - name: KEYCLOAK_USER 34 | value: "admin" 35 | - name: KEYCLOAK_PASSWORD 36 | value: "admin" 37 | - name: PROXY_ADDRESS_FORWARDING 38 | value: "true" 39 | ports: 40 | - name: http 41 | containerPort: 8080 42 | - name: https 43 | containerPort: 8443 44 | readinessProbe: 45 | httpGet: 46 | path: /auth/realms/master 47 | port: 8080 48 | restartPolicy: Always 49 | -------------------------------------------------------------------------------- /kustomize/monitoring/grafana-datasources.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | crunchy_grafana_datasource.yml: | 4 | ### 5 | # 6 | # Copyright 2017-2022 Crunchy Data Solutions, Inc. All Rights Reserved. 7 | # 8 | ### 9 | 10 | # config file version 11 | apiVersion: 1 12 | 13 | # list of datasources to insert/update depending 14 | # what's available in the database 15 | datasources: 16 | # name of the datasource. Required 17 | - name: PROMETHEUS 18 | # datasource type. Required 19 | type: prometheus 20 | # access mode. proxy or direct (Server or Browser in the UI). Required 21 | access: proxy 22 | # org id. will default to orgId 1 if not specified 23 | orgId: 1 24 | # url 25 | url: http://$PROM_HOST:$PROM_PORT 26 | # database password, if used 27 | password: 28 | # database user, if used 29 | user: 30 | # database name, if used 31 | database: 32 | # enable/disable basic auth 33 | basicAuth: 34 | # basic auth username 35 | basicAuthUser: 36 | # basic auth password 37 | basicAuthPassword: 38 | # enable/disable with credentials headers 39 | withCredentials: 40 | # mark as default datasource. Max one per org 41 | isDefault: true 42 | version: 1 43 | # allow users to edit datasources from the UI. 44 | editable: false 45 | kind: ConfigMap 46 | metadata: 47 | labels: 48 | app.kubernetes.io/name: postgres-operator-monitoring 49 | vendor: crunchydata 50 | name: grafana-datasources 51 | -------------------------------------------------------------------------------- /helm/install/templates/manager.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ .Chart.Name }} 6 | labels: 7 | {{- include "install.labels" . | nindent 4 }} 8 | {{- include "install.clusterLabels" . | nindent 4 }} 9 | spec: 10 | replicas: 1 11 | strategy: { type: Recreate } 12 | selector: 13 | matchLabels: 14 | {{- include "install.clusterLabels" . | nindent 6 }} 15 | template: 16 | metadata: 17 | labels: 18 | {{- include "install.clusterLabels" . | nindent 8 }} 19 | spec: 20 | {{- include "install.imagePullSecrets" . | indent 6 }} 21 | serviceAccountName: {{ include "install.serviceAccountName" . }} 22 | containers: 23 | - name: operator 24 | image: {{ required ".Values.controllerImages.cluster is required" .Values.controllerImages.cluster | quote }} 25 | env: 26 | - name: CRUNCHY_DEBUG 27 | value: {{ .Values.debug | ne false | quote }} 28 | - name: PGO_NAMESPACE 29 | valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } } 30 | {{- if .Values.singleNamespace }} 31 | - name: PGO_TARGET_NAMESPACE 32 | valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } } 33 | {{- end }} 34 | {{- if .Values.workers }} 35 | - name: PGO_WORKERS 36 | value: {{ .Values.workers | quote }} 37 | {{- end }} 38 | {{- include "install.relatedImages" . | indent 8 }} 39 | {{- if .Values.disable_check_for_upgrades }} 40 | - name: CHECK_FOR_UPGRADES 41 | value: "false" 42 | {{- end }} 43 | securityContext: 44 | allowPrivilegeEscalation: false 45 | capabilities: { drop: [ALL] } 46 | readOnlyRootFilesystem: true 47 | runAsNonRoot: true 48 | -------------------------------------------------------------------------------- /kustomize/high-availability/ha-postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: hippo-ha 5 | spec: 6 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 7 | postgresVersion: 14 8 | instances: 9 | - name: pgha1 10 | replicas: 2 11 | dataVolumeClaimSpec: 12 | accessModes: 13 | - "ReadWriteOnce" 14 | resources: 15 | requests: 16 | storage: 1Gi 17 | affinity: 18 | podAntiAffinity: 19 | preferredDuringSchedulingIgnoredDuringExecution: 20 | - weight: 1 21 | podAffinityTerm: 22 | topologyKey: kubernetes.io/hostname 23 | labelSelector: 24 | matchLabels: 25 | postgres-operator.crunchydata.com/cluster: hippo-ha 26 | postgres-operator.crunchydata.com/instance-set: pgha1 27 | backups: 28 | pgbackrest: 29 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 30 | repos: 31 | - name: repo1 32 | volume: 33 | volumeClaimSpec: 34 | accessModes: 35 | - "ReadWriteOnce" 36 | resources: 37 | requests: 38 | storage: 1Gi 39 | proxy: 40 | pgBouncer: 41 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.17-1 42 | replicas: 2 43 | affinity: 44 | podAntiAffinity: 45 | preferredDuringSchedulingIgnoredDuringExecution: 46 | - weight: 1 47 | podAffinityTerm: 48 | topologyKey: kubernetes.io/hostname 49 | labelSelector: 50 | matchLabels: 51 | postgres-operator.crunchydata.com/cluster: hippo-ha 52 | postgres-operator.crunchydata.com/role: pgbouncer 53 | -------------------------------------------------------------------------------- /helm/install/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Thank you for deploying PGO v{{ .Chart.AppVersion }}! 2 | 3 | (((((((((((((((((((((( 4 | (((((((((((((%%%%%%%((((((((((((((( 5 | (((((((((((%%% %%%%(((((((((((( 6 | (((((((((((%%( (((( ( %%%((((((((((( 7 | (((((((((((((%% (( ,(( %%%((((((((((( 8 | (((((((((((((((%% *%%/ %%%%%%%(((((((((( 9 | (((((((((((((((((((%%(( %%%%%%%%%%#(((((%%%%%%%%%%#(((((((((((( 10 | ((((((((((((((((((%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%(((((((((((((( 11 | *((((((((((((((((((((%%%%%% /%%%%%%%%%%%%%%%%%%%(((((((((((((((( 12 | (((((((((((((((((((((((%%%/ .%, %%%((((((((((((((((((, 13 | ((((((((((((((((((((((% %#((((((((((((((((( 14 | (((((((((((((((%%%%%% #%((((((((((((((((( 15 | ((((((((((((((%% %%(((((((((((((((, 16 | ((((((((((((%%%#% % %%((((((((((((((( 17 | ((((((((((((%. % % #(((((((((((((( 18 | (((((((((((%% % %%* %((((((((((((( 19 | #(###(###(#%% %%% %% %%% #%%#(###(###(# 20 | ###########%%%%% /%%%%%%%%%%%%% %% %%%%% ,%%####### 21 | ###############%% %%%%%% %%% %%%%%%%% %%##### 22 | ################%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %%## 23 | ################%% %%%%%%%%%%%%%%%%% %%%% % 24 | ##############%# %% (%%%%%%% %%%%%% 25 | #############% %%%%% %%%%%%%%%%% 26 | ###########% %%%%%%%%%%% %%%%%%%%% 27 | #########%% %% %%%%%%%%%%%%%%%# 28 | ########%% %% %%%%%%%%% 29 | ######%% %% %%%%%% 30 | ####%%% %%%%% % 31 | %% %%%% 32 | -------------------------------------------------------------------------------- /helm/postgres/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Thank you for deploying a Crunchy PostgreSQL cluster! 2 | 3 | (((((((((((((((((((((( 4 | (((((((((((((%%%%%%%((((((((((((((( 5 | (((((((((((%%% %%%%(((((((((((( 6 | (((((((((((%%( (((( ( %%%((((((((((( 7 | (((((((((((((%% (( ,(( %%%((((((((((( 8 | (((((((((((((((%% *%%/ %%%%%%%(((((((((( 9 | (((((((((((((((((((%%(( %%%%%%%%%%#(((((%%%%%%%%%%#(((((((((((( 10 | ((((((((((((((((((%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%(((((((((((((( 11 | *((((((((((((((((((((%%%%%% /%%%%%%%%%%%%%%%%%%%(((((((((((((((( 12 | (((((((((((((((((((((((%%%/ .%, %%%((((((((((((((((((, 13 | ((((((((((((((((((((((% %#((((((((((((((((( 14 | (((((((((((((((%%%%%% #%((((((((((((((((( 15 | ((((((((((((((%% %%(((((((((((((((, 16 | ((((((((((((%%%#% % %%((((((((((((((( 17 | ((((((((((((%. % % #(((((((((((((( 18 | (((((((((((%% % %%* %((((((((((((( 19 | #(###(###(#%% %%% %% %%% #%%#(###(###(# 20 | ###########%%%%% /%%%%%%%%%%%%% %% %%%%% ,%%####### 21 | ###############%% %%%%%% %%% %%%%%%%% %%##### 22 | ################%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %%## 23 | ################%% %%%%%%%%%%%%%%%%% %%%% % 24 | ##############%# %% (%%%%%%% %%%%%% 25 | #############% %%%%% %%%%%%%%%%% 26 | ###########% %%%%%%%%%%% %%%%%%%%% 27 | #########%% %% %%%%%%%%%%%%%%%# 28 | ########%% %% %%%%%%%%% 29 | ######%% %% %%%%%% 30 | ####%%% %%%%% % 31 | %% %%%% 32 | -------------------------------------------------------------------------------- /helm/install/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # controllerImages are used to run the PostgresCluster and PGUpgrade controllers. 3 | controllerImages: 4 | cluster: registry.developers.crunchydata.com/crunchydata/postgres-operator:ubi8-5.2.0-0 5 | upgrade: registry.developers.crunchydata.com/crunchydata/postgres-operator-upgrade:ubi8-5.2.0-0 6 | 7 | # relatedImages are used when an image is omitted from PostgresCluster or PGUpgrade specs. 8 | relatedImages: 9 | postgres_14: 10 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1 11 | postgres_14_gis_3.1: 12 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.5-3.1-1 13 | postgres_14_gis_3.2: 14 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.5-3.2-1 15 | postgres_13: 16 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-13.8-1 17 | postgres_13_gis_3.0: 18 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-13.8-3.0-1 19 | postgres_13_gis_3.1: 20 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-13.8-3.1-1 21 | pgadmin: 22 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-4.30-4 23 | pgbackrest: 24 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 25 | pgbouncer: 26 | image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.17-1 27 | pgexporter: 28 | image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.2.0-0 29 | pgupgrade: 30 | image: registry.developers.crunchydata.com/crunchydata/crunchy-upgrade:ubi8-5.2.0-0 31 | 32 | # singleNamespace controls where PGO watches for PostgresClusters. When false, 33 | # PGO watches for and responds to PostgresClusters in all namespaces. When true, 34 | # PGO watches only the namespace in which it is installed. 35 | singleNamespace: false 36 | 37 | # debug allows you to enable or disable the "debug" level of logging. 38 | debug: true 39 | 40 | # imagePullSecretNames is a list of secret names to use for pulling controller images. 41 | # More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod 42 | imagePullSecretNames: [] 43 | -------------------------------------------------------------------------------- /kustomize/install/rbac/namespace/role.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: postgres-operator 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator 8 | rules: 9 | - apiGroups: 10 | - '' 11 | resources: 12 | - configmaps 13 | - persistentvolumeclaims 14 | - secrets 15 | - services 16 | verbs: 17 | - create 18 | - delete 19 | - get 20 | - list 21 | - patch 22 | - watch 23 | - apiGroups: 24 | - '' 25 | resources: 26 | - endpoints 27 | verbs: 28 | - create 29 | - delete 30 | - deletecollection 31 | - get 32 | - list 33 | - patch 34 | - watch 35 | - apiGroups: 36 | - '' 37 | resources: 38 | - endpoints/restricted 39 | - pods/exec 40 | verbs: 41 | - create 42 | - apiGroups: 43 | - '' 44 | resources: 45 | - events 46 | verbs: 47 | - create 48 | - patch 49 | - apiGroups: 50 | - '' 51 | resources: 52 | - pods 53 | verbs: 54 | - delete 55 | - get 56 | - list 57 | - patch 58 | - watch 59 | - apiGroups: 60 | - '' 61 | resources: 62 | - serviceaccounts 63 | verbs: 64 | - create 65 | - get 66 | - list 67 | - patch 68 | - watch 69 | - apiGroups: 70 | - apps 71 | resources: 72 | - deployments 73 | - statefulsets 74 | verbs: 75 | - create 76 | - delete 77 | - get 78 | - list 79 | - patch 80 | - watch 81 | - apiGroups: 82 | - batch 83 | resources: 84 | - cronjobs 85 | - jobs 86 | verbs: 87 | - create 88 | - delete 89 | - get 90 | - list 91 | - patch 92 | - watch 93 | - apiGroups: 94 | - policy 95 | resources: 96 | - poddisruptionbudgets 97 | verbs: 98 | - create 99 | - delete 100 | - get 101 | - list 102 | - patch 103 | - watch 104 | - apiGroups: 105 | - postgres-operator.crunchydata.com 106 | resources: 107 | - postgresclusters 108 | verbs: 109 | - get 110 | - list 111 | - patch 112 | - watch 113 | - apiGroups: 114 | - postgres-operator.crunchydata.com 115 | resources: 116 | - postgresclusters/finalizers 117 | verbs: 118 | - update 119 | - apiGroups: 120 | - postgres-operator.crunchydata.com 121 | resources: 122 | - postgresclusters/status 123 | verbs: 124 | - patch 125 | - apiGroups: 126 | - rbac.authorization.k8s.io 127 | resources: 128 | - rolebindings 129 | - roles 130 | verbs: 131 | - create 132 | - get 133 | - list 134 | - patch 135 | - watch 136 | -------------------------------------------------------------------------------- /kustomize/install/rbac/cluster/role.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: postgres-operator 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator 8 | rules: 9 | - apiGroups: 10 | - '' 11 | resources: 12 | - configmaps 13 | - persistentvolumeclaims 14 | - secrets 15 | - services 16 | verbs: 17 | - create 18 | - delete 19 | - get 20 | - list 21 | - patch 22 | - watch 23 | - apiGroups: 24 | - '' 25 | resources: 26 | - endpoints 27 | verbs: 28 | - create 29 | - delete 30 | - deletecollection 31 | - get 32 | - list 33 | - patch 34 | - watch 35 | - apiGroups: 36 | - '' 37 | resources: 38 | - endpoints/restricted 39 | - pods/exec 40 | verbs: 41 | - create 42 | - apiGroups: 43 | - '' 44 | resources: 45 | - events 46 | verbs: 47 | - create 48 | - patch 49 | - apiGroups: 50 | - '' 51 | resources: 52 | - pods 53 | verbs: 54 | - delete 55 | - get 56 | - list 57 | - patch 58 | - watch 59 | - apiGroups: 60 | - '' 61 | resources: 62 | - serviceaccounts 63 | verbs: 64 | - create 65 | - get 66 | - list 67 | - patch 68 | - watch 69 | - apiGroups: 70 | - apps 71 | resources: 72 | - deployments 73 | - statefulsets 74 | verbs: 75 | - create 76 | - delete 77 | - get 78 | - list 79 | - patch 80 | - watch 81 | - apiGroups: 82 | - batch 83 | resources: 84 | - cronjobs 85 | - jobs 86 | verbs: 87 | - create 88 | - delete 89 | - get 90 | - list 91 | - patch 92 | - watch 93 | - apiGroups: 94 | - policy 95 | resources: 96 | - poddisruptionbudgets 97 | verbs: 98 | - create 99 | - delete 100 | - get 101 | - list 102 | - patch 103 | - watch 104 | - apiGroups: 105 | - postgres-operator.crunchydata.com 106 | resources: 107 | - postgresclusters 108 | verbs: 109 | - get 110 | - list 111 | - patch 112 | - watch 113 | - apiGroups: 114 | - postgres-operator.crunchydata.com 115 | resources: 116 | - postgresclusters/finalizers 117 | verbs: 118 | - update 119 | - apiGroups: 120 | - postgres-operator.crunchydata.com 121 | resources: 122 | - postgresclusters/status 123 | verbs: 124 | - patch 125 | - apiGroups: 126 | - rbac.authorization.k8s.io 127 | resources: 128 | - rolebindings 129 | - roles 130 | verbs: 131 | - create 132 | - get 133 | - list 134 | - patch 135 | - watch 136 | -------------------------------------------------------------------------------- /kustomize/install/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: pgo 6 | labels: 7 | postgres-operator.crunchydata.com/control-plane: postgres-operator 8 | spec: 9 | replicas: 1 10 | strategy: { type: Recreate } 11 | selector: 12 | matchLabels: 13 | postgres-operator.crunchydata.com/control-plane: postgres-operator 14 | template: 15 | metadata: 16 | labels: 17 | postgres-operator.crunchydata.com/control-plane: postgres-operator 18 | spec: 19 | containers: 20 | - name: operator 21 | image: postgres-operator 22 | env: 23 | - name: PGO_NAMESPACE 24 | valueFrom: 25 | fieldRef: 26 | fieldPath: metadata.namespace 27 | - name: CRUNCHY_DEBUG 28 | value: "true" 29 | - name: RELATED_IMAGE_POSTGRES_13 30 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-13.8-1" 31 | - name: RELATED_IMAGE_POSTGRES_13_GIS_3.0 32 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-13.8-3.0-1" 33 | - name: RELATED_IMAGE_POSTGRES_13_GIS_3.1 34 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-13.8-3.1-1" 35 | - name: RELATED_IMAGE_POSTGRES_14 36 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.5-1" 37 | - name: RELATED_IMAGE_POSTGRES_14_GIS_3.1 38 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.5-3.1-1" 39 | - name: RELATED_IMAGE_POSTGRES_14_GIS_3.2 40 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.5-3.2-1" 41 | - name: RELATED_IMAGE_PGADMIN 42 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-4.30-4" 43 | - name: RELATED_IMAGE_PGBACKREST 44 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1" 45 | - name: RELATED_IMAGE_PGBOUNCER 46 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.17-1" 47 | - name: RELATED_IMAGE_PGEXPORTER 48 | value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.2.0-0" 49 | securityContext: 50 | allowPrivilegeEscalation: false 51 | capabilities: { drop: [ALL] } 52 | readOnlyRootFilesystem: true 53 | runAsNonRoot: true 54 | serviceAccountName: pgo 55 | -------------------------------------------------------------------------------- /helm/install/templates/role.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: {{ include "install.roleKind" . }} 4 | metadata: 5 | name: {{ include "install.roleName" . }} 6 | labels: 7 | {{- include "install.labels" . | nindent 4 }} 8 | {{- include "install.clusterLabels" . | nindent 4 }} 9 | rules: 10 | - apiGroups: 11 | - '' 12 | resources: 13 | - configmaps 14 | - persistentvolumeclaims 15 | - secrets 16 | - services 17 | verbs: 18 | - create 19 | - delete 20 | - get 21 | - list 22 | - patch 23 | - watch 24 | - apiGroups: 25 | - '' 26 | resources: 27 | - endpoints 28 | verbs: 29 | - create 30 | - delete 31 | - deletecollection 32 | - get 33 | - list 34 | - patch 35 | - watch 36 | - apiGroups: 37 | - '' 38 | resources: 39 | - endpoints/restricted 40 | - pods/exec 41 | verbs: 42 | - create 43 | - apiGroups: 44 | - '' 45 | resources: 46 | - events 47 | verbs: 48 | - create 49 | - patch 50 | - apiGroups: 51 | - '' 52 | resources: 53 | - pods 54 | verbs: 55 | - delete 56 | - get 57 | - list 58 | - patch 59 | - watch 60 | - apiGroups: 61 | - '' 62 | resources: 63 | - serviceaccounts 64 | verbs: 65 | - create 66 | - get 67 | - list 68 | - patch 69 | - watch 70 | - apiGroups: 71 | - apps 72 | resources: 73 | - deployments 74 | - statefulsets 75 | verbs: 76 | - create 77 | - delete 78 | - get 79 | - list 80 | - patch 81 | - watch 82 | - apiGroups: 83 | - batch 84 | resources: 85 | - cronjobs 86 | - jobs 87 | verbs: 88 | - create 89 | - delete 90 | - get 91 | - list 92 | - patch 93 | - watch 94 | - apiGroups: 95 | - policy 96 | resources: 97 | - poddisruptionbudgets 98 | verbs: 99 | - create 100 | - delete 101 | - get 102 | - list 103 | - patch 104 | - watch 105 | - apiGroups: 106 | - postgres-operator.crunchydata.com 107 | resources: 108 | - postgresclusters 109 | verbs: 110 | - get 111 | - list 112 | - patch 113 | - watch 114 | - apiGroups: 115 | - postgres-operator.crunchydata.com 116 | resources: 117 | - postgresclusters/finalizers 118 | verbs: 119 | - update 120 | - apiGroups: 121 | - postgres-operator.crunchydata.com 122 | resources: 123 | - postgresclusters/status 124 | verbs: 125 | - patch 126 | - apiGroups: 127 | - rbac.authorization.k8s.io 128 | resources: 129 | - rolebindings 130 | - roles 131 | verbs: 132 | - create 133 | - get 134 | - list 135 | - patch 136 | - watch 137 | -------------------------------------------------------------------------------- /kustomize/monitoring/deploy-alertmanager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | annotations: 5 | deployment.kubernetes.io/revision: "1" 6 | labels: 7 | app.kubernetes.io/name: postgres-operator-monitoring 8 | name: crunchy-alertmanager 9 | spec: 10 | progressDeadlineSeconds: 600 11 | replicas: 1 12 | revisionHistoryLimit: 10 13 | selector: 14 | matchLabels: 15 | app.kubernetes.io/name: postgres-operator-monitoring 16 | name: crunchy-alertmanager 17 | strategy: 18 | rollingUpdate: 19 | maxSurge: 25% 20 | maxUnavailable: 25% 21 | type: RollingUpdate 22 | template: 23 | metadata: 24 | labels: 25 | app.kubernetes.io/name: postgres-operator-monitoring 26 | name: crunchy-alertmanager 27 | spec: 28 | containers: 29 | - args: 30 | - --config.file=/etc/alertmanager/alertmanager.yml 31 | - --storage.path=/alertmanager 32 | - --log.level=info 33 | - --cluster.advertise-address=0.0.0.0:9093 34 | image: prom/alertmanager:v0.22.2 35 | imagePullPolicy: IfNotPresent 36 | livenessProbe: 37 | failureThreshold: 3 38 | httpGet: 39 | path: /-/healthy 40 | port: 9093 41 | scheme: HTTP 42 | initialDelaySeconds: 25 43 | periodSeconds: 20 44 | successThreshold: 1 45 | timeoutSeconds: 1 46 | name: alertmanager 47 | ports: 48 | - containerPort: 9093 49 | protocol: TCP 50 | readinessProbe: 51 | failureThreshold: 3 52 | httpGet: 53 | path: /-/ready 54 | port: 9093 55 | scheme: HTTP 56 | periodSeconds: 10 57 | successThreshold: 1 58 | timeoutSeconds: 1 59 | terminationMessagePath: /dev/termination-log 60 | terminationMessagePolicy: File 61 | volumeMounts: 62 | - mountPath: /etc/alertmanager 63 | name: alertmanagerconf 64 | - mountPath: /alertmanager 65 | name: alertmanagerdata 66 | dnsPolicy: ClusterFirst 67 | restartPolicy: Always 68 | securityContext: 69 | fsGroup: 26 70 | # supplementalGroups: 71 | # - 65534 72 | schedulerName: default-scheduler 73 | serviceAccount: alertmanager 74 | serviceAccountName: alertmanager 75 | terminationGracePeriodSeconds: 30 76 | volumes: 77 | - name: alertmanagerdata 78 | persistentVolumeClaim: 79 | claimName: alertmanagerdata 80 | - configMap: 81 | defaultMode: 420 82 | name: alertmanager-config 83 | name: alertmanagerconf 84 | -------------------------------------------------------------------------------- /kustomize/monitoring/deploy-prometheus.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | annotations: 5 | deployment.kubernetes.io/revision: "1" 6 | labels: 7 | app.kubernetes.io/name: postgres-operator-monitoring 8 | name: crunchy-prometheus 9 | spec: 10 | progressDeadlineSeconds: 600 11 | replicas: 1 12 | revisionHistoryLimit: 10 13 | selector: 14 | matchLabels: 15 | app.kubernetes.io/name: postgres-operator-monitoring 16 | name: crunchy-prometheus 17 | strategy: 18 | rollingUpdate: 19 | maxSurge: 25% 20 | maxUnavailable: 25% 21 | type: RollingUpdate 22 | template: 23 | metadata: 24 | creationTimestamp: null 25 | labels: 26 | app.kubernetes.io/name: postgres-operator-monitoring 27 | name: crunchy-prometheus 28 | spec: 29 | containers: 30 | - image: prom/prometheus:v2.27.1 31 | imagePullPolicy: IfNotPresent 32 | livenessProbe: 33 | failureThreshold: 3 34 | httpGet: 35 | path: /-/healthy 36 | port: 9090 37 | scheme: HTTP 38 | initialDelaySeconds: 15 39 | periodSeconds: 20 40 | successThreshold: 1 41 | timeoutSeconds: 1 42 | name: prometheus 43 | ports: 44 | - containerPort: 9090 45 | protocol: TCP 46 | readinessProbe: 47 | failureThreshold: 3 48 | httpGet: 49 | path: /-/ready 50 | port: 9090 51 | scheme: HTTP 52 | periodSeconds: 10 53 | successThreshold: 1 54 | timeoutSeconds: 1 55 | terminationMessagePath: /dev/termination-log 56 | terminationMessagePolicy: File 57 | volumeMounts: 58 | - mountPath: /etc/prometheus 59 | name: prometheusconf 60 | - mountPath: /prometheus 61 | name: prometheusdata 62 | - mountPath: /etc/prometheus/alert-rules.d 63 | name: alertmanagerrules 64 | dnsPolicy: ClusterFirst 65 | securityContext: 66 | fsGroup: 26 67 | # supplementalGroups: 68 | # - 65534 69 | restartPolicy: Always 70 | schedulerName: default-scheduler 71 | serviceAccount: prometheus-sa 72 | serviceAccountName: prometheus-sa 73 | terminationGracePeriodSeconds: 30 74 | volumes: 75 | - configMap: 76 | defaultMode: 420 77 | name: crunchy-prometheus 78 | name: prometheusconf 79 | - name: prometheusdata 80 | persistentVolumeClaim: 81 | claimName: prometheusdata 82 | - configMap: 83 | defaultMode: 420 84 | name: alertmanager-rules-config 85 | name: alertmanagerrules 86 | 87 | -------------------------------------------------------------------------------- /helm/install/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Create chart name and version as used by the chart label. 3 | */}} 4 | {{- define "install.chart" -}} 5 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Crunchy labels 10 | */}} 11 | {{- define "install.clusterLabels" -}} 12 | postgres-operator.crunchydata.com/control-plane: {{ .Chart.Name }} 13 | {{- end }} 14 | {{- define "install.upgradeLabels" -}} 15 | postgres-operator.crunchydata.com/control-plane: {{ .Chart.Name }}-upgrade 16 | {{- end }} 17 | 18 | {{/* 19 | Common labels 20 | */}} 21 | {{- define "install.labels" -}} 22 | helm.sh/chart: {{ include "install.chart" . }} 23 | app.kubernetes.io/name: {{ .Chart.Name }} 24 | app.kubernetes.io/instance: {{ .Release.Name }} 25 | {{- if .Chart.AppVersion }} 26 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 27 | {{- end }} 28 | app.kubernetes.io/managed-by: {{ .Release.Service }} 29 | {{- end }} 30 | 31 | {{/* 32 | Create the name of the service account to use 33 | */}} 34 | {{- define "install.serviceAccountName" -}} 35 | {{ .Chart.Name }} 36 | {{- end }} 37 | 38 | {{/* 39 | Create the name of the Role/ClusterRole to use 40 | */}} 41 | {{- define "install.roleName" -}} 42 | {{ .Chart.Name }} 43 | {{- end }} 44 | 45 | {{/* 46 | Create the name of the RoleBinding/ClusterRoleBinding to use 47 | */}} 48 | {{- define "install.roleBindingName" -}} 49 | {{ .Chart.Name }} 50 | {{- end }} 51 | 52 | {{/* 53 | Create the kind for rolebindings. Will be RoleBinding in single 54 | namespace mode or ClusterRoleBinding by default. 55 | */}} 56 | {{- define "install.roleBindingKind" -}} 57 | {{- if .Values.singleNamespace -}} 58 | RoleBinding 59 | {{- else -}} 60 | ClusterRoleBinding 61 | {{- end }} 62 | {{- end }} 63 | 64 | {{/* 65 | Create the kind for role. Will be Role in single 66 | namespace mode or ClusterRole by default. 67 | */}} 68 | {{- define "install.roleKind" -}} 69 | {{- if .Values.singleNamespace -}} 70 | Role 71 | {{- else -}} 72 | ClusterRole 73 | {{- end }} 74 | {{- end }} 75 | 76 | {{- define "install.imagePullSecrets" -}} 77 | {{/* Earlier versions required the full structure of PodSpec.ImagePullSecrets */}} 78 | {{- if .Values.imagePullSecrets }} 79 | imagePullSecrets: 80 | {{ toYaml .Values.imagePullSecrets }} 81 | {{- else if .Values.imagePullSecretNames }} 82 | imagePullSecrets: 83 | {{- range .Values.imagePullSecretNames }} 84 | - name: {{ . | quote }} 85 | {{- end }}{{/* range */}} 86 | {{- end }}{{/* if */}} 87 | {{- end }}{{/* define */}} 88 | 89 | {{- define "install.relatedImages" -}} 90 | {{- range $id, $object := .Values.relatedImages }} 91 | - name: RELATED_IMAGE_{{ $id | upper }} 92 | value: {{ $object.image | quote }} 93 | {{- end }} 94 | {{- end }} 95 | -------------------------------------------------------------------------------- /kustomize/monitoring/alertmanager-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | alertmanager.yml: | 4 | ### 5 | # 6 | # Copyright 2017-2022 Crunchy Data Solutions, Inc. All Rights Reserved. 7 | # 8 | ### 9 | 10 | # Based on upstream example file found here: https://github.com/prometheus/alertmanager/blob/master/doc/examples/simple.yml 11 | global: 12 | smtp_smarthost: 'localhost: 25' 13 | smtp_require_tls: false 14 | smtp_from: 'Alertmanager ' 15 | # smtp_smarthost: 'smtp.example.com:587' 16 | # smtp_from: 'Alertmanager ' 17 | # smtp_auth_username: '' 18 | # smtp_auth_password: '' 19 | 20 | # templates: 21 | # - '/etc/alertmanager/template/*.tmpl' 22 | 23 | inhibit_rules: 24 | # Apply inhibition of warning if the alertname for the same system and service is already critical 25 | - source_match: 26 | severity: 'critical' 27 | target_match: 28 | severity: 'warning' 29 | equal: ['alertname', 'job', 'service'] 30 | 31 | receivers: 32 | - name: 'default-receiver' 33 | email_configs: 34 | - to: 'example@yourcompany.com' 35 | send_resolved: true 36 | 37 | ## Examples of alternative alert receivers. See documentation for more info on how to configure these fully 38 | #- name: 'pagerduty-dba' 39 | # pagerduty_configs: 40 | # - service_key: 41 | 42 | #- name: 'pagerduty-sre' 43 | # pagerduty_configs: 44 | # - service_key: 45 | 46 | #- name: 'dba-team' 47 | # email_configs: 48 | # - to: 'example-dba-team@crunchydata.com' 49 | # send_resolved: true 50 | 51 | #- name: 'sre-team' 52 | # email_configs: 53 | # - to: 'example-sre-team@crunchydata.com' 54 | # send_resolved: true 55 | 56 | route: 57 | receiver: default-receiver 58 | group_by: [severity, service, job, alertname] 59 | group_wait: 30s 60 | group_interval: 5m 61 | repeat_interval: 24h 62 | 63 | ## Example routes to show how to route outgoing alerts based on the content of that alert 64 | # routes: 65 | # - match_re: 66 | # service: ^(postgresql|mysql|oracle)$ 67 | # receiver: dba-team 68 | # # sub route to send critical dba alerts to pagerduty 69 | # routes: 70 | # - match: 71 | # severity: critical 72 | # receiver: pagerduty-dba 73 | # 74 | # - match: 75 | # service: system 76 | # receiver: sre-team 77 | # # sub route to send critical sre alerts to pagerduty 78 | # routes: 79 | # - match: 80 | # severity: critical 81 | # receiver: pagerduty-sre 82 | kind: ConfigMap 83 | metadata: 84 | labels: 85 | app.kubernetes.io/name: postgres-operator-monitoring 86 | vendor: crunchydata 87 | name: alertmanager-config 88 | -------------------------------------------------------------------------------- /kustomize/monitoring/prometheus-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | prometheus.yml: |+ 4 | ### 5 | # 6 | # Copyright 2017-2022 Crunchy Data Solutions, Inc. All Rights Reserved. 7 | # 8 | ### 9 | 10 | --- 11 | global: 12 | scrape_interval: 15s 13 | scrape_timeout: 15s 14 | evaluation_interval: 5s 15 | 16 | scrape_configs: 17 | - job_name: 'crunchy-postgres-exporter' 18 | kubernetes_sd_configs: 19 | - role: pod 20 | 21 | relabel_configs: 22 | - source_labels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_crunchy_postgres_exporter,__meta_kubernetes_pod_label_crunchy_postgres_exporter] 23 | action: keep 24 | regex: true 25 | separator: "" 26 | - source_labels: [__meta_kubernetes_pod_container_port_number] 27 | action: drop 28 | regex: 5432 29 | - source_labels: [__meta_kubernetes_pod_container_port_number] 30 | action: drop 31 | regex: 10000 32 | - source_labels: [__meta_kubernetes_pod_container_port_number] 33 | action: drop 34 | regex: 8009 35 | - source_labels: [__meta_kubernetes_pod_container_port_number] 36 | action: drop 37 | regex: 2022 38 | - source_labels: [__meta_kubernetes_pod_container_port_number] 39 | action: drop 40 | regex: ^$ 41 | - source_labels: [__meta_kubernetes_namespace] 42 | action: replace 43 | target_label: kubernetes_namespace 44 | - source_labels: [__meta_kubernetes_pod_name] 45 | target_label: pod 46 | - source_labels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_cluster,__meta_kubernetes_pod_label_pg_cluster] 47 | target_label: cluster 48 | separator: "" 49 | replacement: '$1' 50 | - source_labels: [__meta_kubernetes_namespace,cluster] 51 | target_label: pg_cluster 52 | separator: ":" 53 | replacement: '$1$2' 54 | - source_labels: [__meta_kubernetes_pod_ip] 55 | target_label: ip 56 | replacement: '$1' 57 | - source_labels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_instance,__meta_kubernetes_pod_label_deployment_name] 58 | target_label: deployment 59 | replacement: '$1' 60 | separator: "" 61 | - source_labels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_role,__meta_kubernetes_pod_label_role] 62 | target_label: role 63 | replacement: '$1' 64 | separator: "" 65 | - source_labels: [dbname] 66 | target_label: dbname 67 | replacement: '$1' 68 | - source_labels: [relname] 69 | target_label: relname 70 | replacement: '$1' 71 | - source_labels: [schemaname] 72 | target_label: schemaname 73 | replacement: '$1' 74 | 75 | rule_files: 76 | - /etc/prometheus/alert-rules.d/*.yml 77 | alerting: 78 | alertmanagers: 79 | - scheme: http 80 | static_configs: 81 | - targets: 82 | - "crunchy-alertmanager:9093" 83 | 84 | kind: ConfigMap 85 | metadata: 86 | labels: 87 | app.kubernetes.io/name: postgres-operator-monitoring 88 | vendor: crunchydata 89 | name: crunchy-prometheus 90 | -------------------------------------------------------------------------------- /kustomize/certmanager/README.md: -------------------------------------------------------------------------------- 1 | # Using Cert-Manager with Postgres Operator 5.x 2 | 3 | ## Introduction 4 | Starting with version 5.0 of PGO, the Postgres Operator from Crunchy Data, TLS is on by default to secure all communication to/from the postgres cluster. By default, the Operator will generate the necessary certificates for the Postgres cluster and components. It is possible to provide custom certificates by storing the certificates in a Kubernetes Secret and pointing the Operator to those secrets in the Postgres manifest. 5 | 6 | Cert-Manager can be used to dynamically generate and manage certificates in Kubernetes. Cert-Manager can generate self-signed certificates or certificates from several certificate authorities. 7 | 8 | This example shows how to use custom self-signed certificates generated by Cert-Manager. 9 | 10 | ## Cert-Manager Installation 11 | The first step is to deploy Cert-Manager to the Kubernetes cluster. To do this, follow the instructions on the Cert-Manager website (https://cert-manager.io/docs/installation/). 12 | 13 | ## Setup Certificate Issuer 14 | After Cert-Manager has been deployed, the next step used in this example is to setup a Certificate Issuer. The Certificate Issuer can be configured to be local to a namespace or cluster wide. In the examples provided here, a cluster wide issuer is created. 15 | 16 | ### Configure Issuer 17 | 18 | ``` 19 | kubectl apply -k certman 20 | ``` 21 | 22 | This Kustomize deployment performs the following actions: 23 | 24 | * Creates a cluster wide (ClusterIssuer) self-signed certificate issuer. 25 | * Generates a common CA certificate. 26 | * Creates a cluster wide (ClusterIssuer) CA certificate issuer using the generated CA certificate. 27 | 28 | By default the issues are created in the cert-manager namespace which is the default namespace for Cert-Manager. 29 | 30 | The CA certificate issuer is important as the Postgres components require that the ca.crt be the same for the certificates generated to support Postgres. 31 | 32 | ## Deploy Postgres with Custom Certificates 33 | 34 | With the cluster wide certificate issuer in place, the next step is to generate certificates and then instruct the Operator to use these certicates. 35 | 36 | Two certificates will be generated by the Kustomize deployment. The first certificate secret is named -tls (hippo-tls in this example) and the second certificate -repl-tls (hippo-repl-tls). The critical different between the two certificates is the Common Name (CN). For the replication certificate (-repl-tls), the Common Name must be _crunchyrepl. If the Common Name is not set properly then the replicas will fail doing bootstrap process. 37 | 38 | In the Postgres manifest, two entries are added to point to the newly created Secrets. The customTLSSecret key references the -tls secret while the customReplicationTLSSecret references the -repl-tls secret. 39 | 40 | ### Deploy Postgres 41 | 42 | ```shell 43 | kubectl apply -k postgres 44 | ``` 45 | 46 | The following process takes place during the deployment: 47 | * Custom certificate is generated for Postgres using the CA ClusterIssuer created in the previous steps. 48 | * Custom certificate is generated for Postgres replication using the CA ClusterIssuer. 49 | * Postgres cluster deployed using the custom certificates. 50 | -------------------------------------------------------------------------------- /kustomize/monitoring/deploy-grafana.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | annotations: 5 | deployment.kubernetes.io/revision: "1" 6 | labels: 7 | app.kubernetes.io/name: postgres-operator-monitoring 8 | name: crunchy-grafana 9 | spec: 10 | progressDeadlineSeconds: 600 11 | replicas: 1 12 | revisionHistoryLimit: 10 13 | selector: 14 | matchLabels: 15 | app.kubernetes.io/name: postgres-operator-monitoring 16 | name: crunchy-grafana 17 | strategy: 18 | rollingUpdate: 19 | maxSurge: 25% 20 | maxUnavailable: 25% 21 | type: RollingUpdate 22 | template: 23 | metadata: 24 | labels: 25 | app.kubernetes.io/name: postgres-operator-monitoring 26 | name: crunchy-grafana 27 | spec: 28 | containers: 29 | - env: 30 | - name: GF_PATHS_DATA 31 | value: /data/grafana/data 32 | - name: GF_SECURITY_ADMIN_USER__FILE 33 | value: /conf/admin/username 34 | - name: GF_SECURITY_ADMIN_PASSWORD__FILE 35 | value: /conf/admin/password 36 | - name: PROM_HOST 37 | value: crunchy-prometheus 38 | - name: PROM_PORT 39 | value: "9090" 40 | image: grafana/grafana:7.4.5 41 | imagePullPolicy: IfNotPresent 42 | livenessProbe: 43 | failureThreshold: 3 44 | httpGet: 45 | path: /api/health 46 | port: 3000 47 | scheme: HTTP 48 | initialDelaySeconds: 25 49 | periodSeconds: 20 50 | successThreshold: 1 51 | timeoutSeconds: 1 52 | name: grafana 53 | ports: 54 | - containerPort: 3000 55 | protocol: TCP 56 | readinessProbe: 57 | failureThreshold: 3 58 | httpGet: 59 | path: /api/health 60 | port: 3000 61 | scheme: HTTP 62 | periodSeconds: 10 63 | successThreshold: 1 64 | timeoutSeconds: 1 65 | terminationMessagePath: /dev/termination-log 66 | terminationMessagePolicy: File 67 | volumeMounts: 68 | - mountPath: /data 69 | name: grafanadata 70 | - mountPath: /conf/admin 71 | name: grafana-secret 72 | - mountPath: /etc/grafana/provisioning/datasources 73 | name: grafana-datasources 74 | - mountPath: /etc/grafana/provisioning/dashboards 75 | name: grafana-dashboards 76 | dnsPolicy: ClusterFirst 77 | restartPolicy: Always 78 | securityContext: 79 | fsGroup: 26 80 | # supplementalGroups: 81 | # - 65534 82 | schedulerName: default-scheduler 83 | serviceAccount: grafana 84 | serviceAccountName: grafana 85 | terminationGracePeriodSeconds: 30 86 | volumes: 87 | - name: grafanadata 88 | persistentVolumeClaim: 89 | claimName: grafanadata 90 | - name: grafana-secret 91 | secret: 92 | defaultMode: 420 93 | secretName: grafana-secret 94 | - configMap: 95 | defaultMode: 420 96 | name: grafana-datasources 97 | name: grafana-datasources 98 | - configMap: 99 | defaultMode: 420 100 | name: grafana-dashboards 101 | name: grafana-dashboards 102 | 103 | -------------------------------------------------------------------------------- /kustomize/monitoring/dashboards/postgres_overview.json: -------------------------------------------------------------------------------- 1 | { 2 | "__inputs": [ 3 | { 4 | "name": "DS_PROMETHEUS", 5 | "label": "PROMETHEUS", 6 | "description": "", 7 | "type": "datasource", 8 | "pluginId": "prometheus", 9 | "pluginName": "Prometheus" 10 | } 11 | ], 12 | "__requires": [ 13 | { 14 | "type": "grafana", 15 | "id": "grafana", 16 | "name": "Grafana", 17 | "version": "7.4.5" 18 | }, 19 | { 20 | "type": "datasource", 21 | "id": "prometheus", 22 | "name": "Prometheus", 23 | "version": "1.0.0" 24 | }, 25 | { 26 | "type": "panel", 27 | "id": "stat", 28 | "name": "Stat", 29 | "version": "" 30 | } 31 | ], 32 | "annotations": { 33 | "list": [ 34 | { 35 | "builtIn": 1, 36 | "datasource": "-- Grafana --", 37 | "enable": true, 38 | "hide": true, 39 | "iconColor": "rgba(0, 211, 255, 1)", 40 | "name": "Annotations & Alerts", 41 | "type": "dashboard" 42 | } 43 | ] 44 | }, 45 | "editable": false, 46 | "gnetId": null, 47 | "graphTooltip": 0, 48 | "id": null, 49 | "iteration": 1624491413218, 50 | "links": [], 51 | "panels": [ 52 | { 53 | "cacheTimeout": null, 54 | "datasource": "PROMETHEUS", 55 | "fieldConfig": { 56 | "defaults": { 57 | "color": { 58 | "mode": "thresholds" 59 | }, 60 | "custom": {}, 61 | "links": [ 62 | { 63 | "targetBlank": true, 64 | "title": "Cluster Details", 65 | "url": "dashboard/db/postgresqldetails?$__all_variables" 66 | }, 67 | { 68 | "targetBlank": true, 69 | "title": "Backup Details", 70 | "url": "dashboard/db/pgbackrest?$__all_variables" 71 | }, 72 | { 73 | "targetBlank": true, 74 | "title": "POD Details", 75 | "url": "dashboard/db/pod-details?$__all_variables" 76 | }, 77 | { 78 | "targetBlank": true, 79 | "title": "Query Statistics", 80 | "url": "dashboard/db/query-statistics?$__all_variables" 81 | }, 82 | { 83 | "targetBlank": true, 84 | "title": "Service Health", 85 | "url": "dashboard/db/postgresql-service-health?$__all_variables" 86 | } 87 | ], 88 | "mappings": [ 89 | { 90 | "from": "0", 91 | "id": 0, 92 | "text": "DOWN", 93 | "to": "99", 94 | "type": 2 95 | }, 96 | { 97 | "from": "100", 98 | "id": 1, 99 | "text": "Standalone Cluster", 100 | "to": "199", 101 | "type": 2 102 | }, 103 | { 104 | "from": "200", 105 | "id": 2, 106 | "text": "HA CLUSTER", 107 | "to": "1000", 108 | "type": 2 109 | } 110 | ], 111 | "thresholds": { 112 | "mode": "absolute", 113 | "steps": [ 114 | { 115 | "color": "#bf1b00", 116 | "value": null 117 | }, 118 | { 119 | "color": "#eab839", 120 | "value": 10 121 | }, 122 | { 123 | "color": "#56A64B", 124 | "value": 100 125 | } 126 | ] 127 | }, 128 | "unit": "short" 129 | }, 130 | "overrides": [] 131 | }, 132 | "gridPos": { 133 | "h": 2, 134 | "w": 12, 135 | "x": 0, 136 | "y": 0 137 | }, 138 | "id": 1, 139 | "interval": null, 140 | "links": [], 141 | "maxDataPoints": 100, 142 | "maxPerRow": 2, 143 | "options": { 144 | "colorMode": "background", 145 | "graphMode": "none", 146 | "justifyMode": "auto", 147 | "orientation": "horizontal", 148 | "reduceOptions": { 149 | "calcs": [ 150 | "lastNotNull" 151 | ], 152 | "fields": "", 153 | "values": false 154 | }, 155 | "text": { 156 | "valueSize": 30 157 | }, 158 | "textMode": "auto" 159 | }, 160 | "pluginVersion": "7.4.5", 161 | "repeat": "cluster", 162 | "repeatDirection": "h", 163 | "targets": [ 164 | { 165 | "$hashKey": "object:243", 166 | "expr": "sum(pg_up{pg_cluster=~\"$cluster\"})*100+sum(ccp_is_in_recovery_status{pg_cluster=~\"$cluster\"})", 167 | "format": "time_series", 168 | "interval": "", 169 | "intervalFactor": 1, 170 | "legendFormat": "{{cluster}}", 171 | "metric": "up", 172 | "refId": "A", 173 | "step": 2 174 | } 175 | ], 176 | "title": "$cluster - Overview", 177 | "type": "stat" 178 | } 179 | ], 180 | "refresh": "5m", 181 | "schemaVersion": 27, 182 | "style": "dark", 183 | "tags": [], 184 | "templating": { 185 | "list": [ 186 | { 187 | "allFormat": "glob", 188 | "allValue": null, 189 | "current": {}, 190 | "datasource": "PROMETHEUS", 191 | "definition": "label_values(pg_cluster)", 192 | "description": null, 193 | "error": null, 194 | "hide": 1, 195 | "includeAll": true, 196 | "label": "cluster", 197 | "multi": true, 198 | "name": "cluster", 199 | "options": [], 200 | "query": { 201 | "query": "label_values(pg_cluster)", 202 | "refId": "PROMETHEUS-cluster-Variable-Query" 203 | }, 204 | "refresh": 1, 205 | "regex": "", 206 | "skipUrlSync": false, 207 | "sort": 0, 208 | "tagValuesQuery": "", 209 | "tags": [], 210 | "tagsQuery": "", 211 | "type": "query", 212 | "useTags": false 213 | } 214 | ] 215 | }, 216 | "time": { 217 | "from": "now-5m", 218 | "to": "now" 219 | }, 220 | "timepicker": { 221 | "time_options": [ 222 | "5m", 223 | "15m", 224 | "1h", 225 | "6h", 226 | "12h", 227 | "24h", 228 | "2d", 229 | "7d", 230 | "30d" 231 | ] 232 | }, 233 | "timezone": "browser", 234 | "title": "PostgreSQL Overview", 235 | "uid": "D2X39SlGk", 236 | "version": 1 237 | } 238 | -------------------------------------------------------------------------------- /helm/postgres/templates/postgres.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: postgres-operator.crunchydata.com/v1beta1 2 | kind: PostgresCluster 3 | metadata: 4 | name: {{ default .Release.Name .Values.name }} 5 | spec: 6 | postgresVersion: {{ required "You must set the version of Postgres to deploy." .Values.postgresVersion }} 7 | {{- if .Values.postGISVersion }} 8 | postGISVersion: {{ quote .Values.postGISVersion }} 9 | {{- end }} 10 | {{- if .Values.imagePostgres }} 11 | image: {{ .Values.imagePostgres | quote }} 12 | {{- end }} 13 | {{- if .Values.port }} 14 | port: {{ .Values.port }} 15 | {{- end }} 16 | {{- if .Values.instances }} 17 | instances: 18 | {{ toYaml .Values.instances | indent 4 }} 19 | {{- else }} 20 | instances: 21 | - name: {{ default "instance1" .Values.instanceName | quote }} 22 | replicas: {{ default 1 .Values.instanceReplicas }} 23 | dataVolumeClaimSpec: 24 | accessModes: 25 | - "ReadWriteOnce" 26 | resources: 27 | requests: 28 | storage: {{ default "1Gi" .Values.instanceSize | quote }} 29 | {{- if or .Values.instanceMemory .Values.instanceCPU }} 30 | resources: 31 | limits: 32 | cpu: {{ default "" .Values.instanceCPU | quote }} 33 | memory: {{ default "" .Values.instanceMemory | quote }} 34 | {{- end }} 35 | {{- end }} 36 | backups: 37 | pgbackrest: 38 | {{- if .Values.imagePgBackRest }} 39 | image: {{ .Values.imagePgBackRest | quote }} 40 | {{- end }} 41 | {{- if .Values.pgBackRestConfig }} 42 | {{ toYaml .Values.pgBackRestConfig | indent 6 }} 43 | {{- else if .Values.multiBackupRepos }} 44 | configuration: 45 | - secret: 46 | name: {{ default .Release.Name .Values.name }}-pgbackrest-secret 47 | global: 48 | {{- range $index, $repo := .Values.multiBackupRepos }} 49 | {{- if or $repo.s3 $repo.gcs $repo.azure }} 50 | repo{{ add $index 1 }}-path: /pgbackrest/{{ $.Release.Namespace }}/{{ default $.Release.Name $.Values.name }}/repo{{ add $index 1 }} 51 | {{- end }} 52 | {{- end }} 53 | repos: 54 | {{- range $index, $repo := .Values.multiBackupRepos }} 55 | - name: repo{{ add $index 1 }} 56 | {{- if $repo.volume }} 57 | volume: 58 | volumeClaimSpec: 59 | accessModes: 60 | - "ReadWriteOnce" 61 | resources: 62 | requests: 63 | storage: {{ default "1Gi" $repo.volume.backupsSize | quote }} 64 | {{- else if $repo.s3 }} 65 | s3: 66 | bucket: {{ $repo.s3.bucket | quote }} 67 | endpoint: {{ $repo.s3.endpoint | quote }} 68 | region: {{ $repo.s3.region | quote }} 69 | {{- else if $repo.gcs }} 70 | gcs: 71 | bucket: {{ $repo.gcs.bucket | quote }} 72 | {{- else if $repo.azure }} 73 | azure: 74 | container: {{ $repo.azure.container | quote }} 75 | {{- end }} 76 | {{- end }} 77 | {{- else if .Values.s3 }} 78 | configuration: 79 | - secret: 80 | name: {{ default .Release.Name .Values.name }}-pgbackrest-secret 81 | global: 82 | repo1-path: /pgbackrest/{{ .Release.Namespace }}/{{ default .Release.Name .Values.name }}/repo1 83 | {{- if .Values.s3.encryptionPassphrase }} 84 | repo1-cipher-type: aes-256-cbc 85 | {{- end }} 86 | repos: 87 | - name: repo1 88 | s3: 89 | bucket: {{ .Values.s3.bucket | quote }} 90 | endpoint: {{ .Values.s3.endpoint | quote }} 91 | region: {{ .Values.s3.region | quote }} 92 | {{- else if .Values.gcs }} 93 | configuration: 94 | - secret: 95 | name: {{ default .Release.Name .Values.name }}-pgbackrest-secret 96 | global: 97 | repo1-path: /pgbackrest/{{ .Release.Namespace }}/{{ default .Release.Name .Values.name }}/repo1 98 | repos: 99 | - name: repo1 100 | gcs: 101 | bucket: {{ .Values.gcs.bucket | quote }} 102 | {{- else if .Values.azure }} 103 | configuration: 104 | - secret: 105 | name: {{ default .Release.Name .Values.name }}-pgbackrest-secret 106 | global: 107 | repo1-path: /pgbackrest/{{ .Release.Namespace }}/{{ default .Release.Name .Values.name }}/repo1 108 | repos: 109 | - name: repo1 110 | azure: 111 | container: {{ .Values.azure.container | quote }} 112 | {{- else }} 113 | repos: 114 | - name: repo1 115 | volume: 116 | volumeClaimSpec: 117 | accessModes: 118 | - "ReadWriteOnce" 119 | resources: 120 | requests: 121 | storage: {{ default "1Gi" .Values.backupsSize | quote }} 122 | {{- end }} 123 | {{- if or .Values.pgBouncerReplicas .Values.pgBouncerConfig }} 124 | proxy: 125 | pgBouncer: 126 | {{- if .Values.imagePgBouncer }} 127 | image: {{ .Values.imagePgBouncer | quote }} 128 | {{- end }} 129 | {{- if .Values.pgBouncerConfig }} 130 | {{ toYaml .Values.pgBouncerConfig | indent 6 }} 131 | {{- else }} 132 | replicas: {{ .Values.pgBouncerReplicas }} 133 | {{- end }} 134 | {{- end }} 135 | {{- if .Values.patroni }} 136 | patroni: 137 | {{ toYaml .Values.patroni | indent 4 }} 138 | {{- end }} 139 | {{- if .Values.users }} 140 | users: 141 | {{ toYaml .Values.users | indent 4 }} 142 | {{- end }} 143 | {{- if .Values.service }} 144 | service: 145 | {{ toYaml .Values.service | indent 4 }} 146 | {{- end }} 147 | {{- if .Values.dataSource }} 148 | dataSource: 149 | {{ toYaml .Values.dataSource | indent 4 }} 150 | {{- end }} 151 | {{- if .Values.databaseInitSQL }} 152 | databaseInitSQL: 153 | name: {{ required "A ConfigMap name is required for running bootstrap SQL." .Values.databaseInitSQL.name | quote }} 154 | key: {{ required "A key in a ConfigMap containing any bootstrap SQL is required." .Values.databaseInitSQL.key | quote }} 155 | {{- end }} 156 | {{- if .Values.imagePullPolicy }} 157 | imagePullPolicy: {{ .Values.imagePullPolicy | quote }} 158 | {{- end }} 159 | {{- if .Values.imagePullSecrets }} 160 | imagePullSecrets: 161 | {{ toYaml .Values.imagePullSecrets | indent 4 }} 162 | {{- end }} 163 | {{- if .Values.disableDefaultPodScheduling }} 164 | disableDefaultPodScheduling: true 165 | {{- end }} 166 | {{- if .Values.metadata }} 167 | metadata: 168 | {{ toYaml .Values.metadata | indent 4 }} 169 | {{- end }} 170 | {{- if .Values.monitoring }} 171 | monitoring: 172 | pgmonitor: 173 | exporter: 174 | image: {{ default "" .Values.imageExporter | quote }} 175 | {{- if .Values.monitoringConfig }} 176 | {{ toYaml .Values.monitoringConfig | indent 8 }} 177 | {{- end }} 178 | {{- end }} 179 | {{- if .Values.shutdown }} 180 | shutdown: true 181 | {{- end }} 182 | {{- if .Values.standby }} 183 | standby: 184 | enabled: {{ .Values.standby.enabled }} 185 | repoName: {{ required "repoName must be set when enabling standby mode." .Values.standby.repoName }} 186 | {{- end }} 187 | {{- if .Values.supplementalGroups }} 188 | supplementalGroups: 189 | {{ toYaml .Values.supplementalGroups | indent 4 }} 190 | {{- end }} 191 | {{- if .Values.openshift }} 192 | openshift: true 193 | {{- else if eq .Values.openshift false }} 194 | openshift: false 195 | {{- end }} 196 | {{- if .Values.customTLSSecret }} 197 | customTLSSecret: 198 | {{ toYaml .Values.customTLSSecret | indent 4 }} 199 | {{- end }} 200 | {{- if .Values.customReplicationTLSSecret }} 201 | customReplicationTLSSecret: 202 | {{ toYaml .Values.customReplicationTLSSecret | indent 4 }} 203 | {{- end }} 204 | -------------------------------------------------------------------------------- /kustomize/monitoring/dashboards/crud_details.json: -------------------------------------------------------------------------------- 1 | { 2 | "__inputs": [ 3 | { 4 | "name": "DS_PROMETHEUS", 5 | "label": "PROMETHEUS", 6 | "description": "", 7 | "type": "datasource", 8 | "pluginId": "prometheus", 9 | "pluginName": "Prometheus" 10 | } 11 | ], 12 | "__requires": [ 13 | { 14 | "type": "grafana", 15 | "id": "grafana", 16 | "name": "Grafana", 17 | "version": "6.7.4" 18 | }, 19 | { 20 | "type": "panel", 21 | "id": "graph", 22 | "name": "Graph", 23 | "version": "" 24 | }, 25 | { 26 | "type": "datasource", 27 | "id": "prometheus", 28 | "name": "Prometheus", 29 | "version": "1.0.0" 30 | } 31 | ], 32 | "annotations": { 33 | "list": [ 34 | { 35 | "$$hashKey": "object:111", 36 | "builtIn": 1, 37 | "datasource": "-- Grafana --", 38 | "enable": true, 39 | "hide": true, 40 | "iconColor": "rgba(0, 211, 255, 1)", 41 | "name": "Annotations & Alerts", 42 | "type": "dashboard" 43 | } 44 | ] 45 | }, 46 | "editable": false, 47 | "gnetId": null, 48 | "graphTooltip": 0, 49 | "id": null, 50 | "iteration": 1596817489973, 51 | "links": [ 52 | { 53 | "icon": "external link", 54 | "includeVars": true, 55 | "keepTime": true, 56 | "tags": [], 57 | "type": "dashboards" 58 | } 59 | ], 60 | "panels": [ 61 | { 62 | "aliasColors": {}, 63 | "bars": false, 64 | "dashLength": 10, 65 | "dashes": false, 66 | "datasource": "PROMETHEUS", 67 | "fill": 1, 68 | "fillGradient": 0, 69 | "gridPos": { 70 | "h": 12, 71 | "w": 24, 72 | "x": 0, 73 | "y": 0 74 | }, 75 | "height": "480", 76 | "hiddenSeries": false, 77 | "id": 1, 78 | "legend": { 79 | "avg": false, 80 | "current": false, 81 | "max": false, 82 | "min": false, 83 | "show": true, 84 | "total": false, 85 | "values": false 86 | }, 87 | "lines": true, 88 | "linewidth": 1, 89 | "links": [], 90 | "maxPerRow": 2, 91 | "nullPointMode": "null", 92 | "options": { 93 | "dataLinks": [] 94 | }, 95 | "percentage": false, 96 | "pointradius": 5, 97 | "points": false, 98 | "renderer": "flot", 99 | "repeat": null, 100 | "seriesOverrides": [], 101 | "spaceLength": 10, 102 | "stack": false, 103 | "steppedLine": false, 104 | "targets": [ 105 | { 106 | "expr": "sum(rate(ccp_stat_user_tables_n_tup_ins{pg_cluster=\"[[cluster]]\", pod=~\"[[pod]]\", dbname=~\"[[dbname]]\", schemaname=~\"[[schemaname]]\", relname=~\"[[tablename]]\"}[60s]))", 107 | "format": "time_series", 108 | "intervalFactor": 2, 109 | "legendFormat": "inserts - [[dbname]].[[schemaname]].[[tablename]]", 110 | "refId": "A", 111 | "step": 60 112 | }, 113 | { 114 | "expr": "sum(rate(ccp_stat_user_tables_n_tup_upd{pg_cluster=\"[[cluster]]\", pod=~\"[[pod]]\", dbname=~\"[[dbname]]\", schemaname=~\"[[schemaname]]\", relname=~\"[[tablename]]\"}[60s]))", 115 | "format": "time_series", 116 | "intervalFactor": 2, 117 | "legendFormat": "Updates - [[dbname]].[[schemaname]].[[tablename]]", 118 | "refId": "B", 119 | "step": 60 120 | }, 121 | { 122 | "expr": "sum(rate(ccp_stat_user_tables_n_tup_del{pg_cluster=\"[[cluster]]\", pod=~\"[[pod]]\", dbname=~\"[[dbname]]\", schemaname=~\"[[schemaname]]\", relname=~\"[[tablename]]\"}[60s]))", 123 | "format": "time_series", 124 | "intervalFactor": 2, 125 | "legendFormat": "Deletes - [[dbname]].[[schemaname]].[[tablename]]", 126 | "refId": "C", 127 | "step": 60 128 | } 129 | ], 130 | "thresholds": [], 131 | "timeFrom": null, 132 | "timeRegions": [], 133 | "timeShift": null, 134 | "title": "CRUD", 135 | "tooltip": { 136 | "shared": true, 137 | "sort": 0, 138 | "value_type": "individual" 139 | }, 140 | "type": "graph", 141 | "xaxis": { 142 | "buckets": null, 143 | "mode": "time", 144 | "name": null, 145 | "show": true, 146 | "values": [] 147 | }, 148 | "yaxes": [ 149 | { 150 | "format": "short", 151 | "label": null, 152 | "logBase": 1, 153 | "max": null, 154 | "min": null, 155 | "show": true 156 | }, 157 | { 158 | "format": "short", 159 | "label": null, 160 | "logBase": 1, 161 | "max": null, 162 | "min": null, 163 | "show": true 164 | } 165 | ], 166 | "yaxis": { 167 | "align": false, 168 | "alignLevel": null 169 | } 170 | } 171 | ], 172 | "refresh": "30s", 173 | "schemaVersion": 22, 174 | "style": "dark", 175 | "tags": [], 176 | "templating": { 177 | "list": [ 178 | { 179 | "allValue": null, 180 | "current": {}, 181 | "datasource": "PROMETHEUS", 182 | "definition": "", 183 | "hide": 0, 184 | "includeAll": false, 185 | "index": -1, 186 | "label": null, 187 | "multi": false, 188 | "name": "cluster", 189 | "options": [], 190 | "query": "label_values(pg_cluster)", 191 | "refresh": 1, 192 | "regex": "", 193 | "skipUrlSync": false, 194 | "sort": 1, 195 | "tagValuesQuery": "", 196 | "tags": [], 197 | "tagsQuery": "", 198 | "type": "query", 199 | "useTags": false 200 | }, 201 | { 202 | "allValue": ".*", 203 | "current": {}, 204 | "datasource": "PROMETHEUS", 205 | "definition": "label_values({pg_cluster=\"[[cluster]]\"},pod)", 206 | "hide": 0, 207 | "includeAll": true, 208 | "index": -1, 209 | "label": "pod", 210 | "multi": true, 211 | "name": "pod", 212 | "options": [], 213 | "query": "label_values({pg_cluster=\"[[cluster]]\"},pod)", 214 | "refresh": 1, 215 | "regex": "", 216 | "skipUrlSync": false, 217 | "sort": 1, 218 | "tagValuesQuery": "", 219 | "tags": [], 220 | "tagsQuery": "", 221 | "type": "query", 222 | "useTags": false 223 | }, 224 | { 225 | "allValue": ".*", 226 | "current": {}, 227 | "datasource": "PROMETHEUS", 228 | "definition": "label_values(ccp_database_size_bytes{pg_cluster=\"[[cluster]]\"},dbname)", 229 | "hide": 0, 230 | "includeAll": true, 231 | "index": -1, 232 | "label": "dbname", 233 | "multi": true, 234 | "name": "dbname", 235 | "options": [], 236 | "query": "label_values(ccp_database_size_bytes{pg_cluster=\"[[cluster]]\"},dbname)", 237 | "refresh": 1, 238 | "regex": "", 239 | "skipUrlSync": false, 240 | "sort": 1, 241 | "tagValuesQuery": "", 242 | "tags": [], 243 | "tagsQuery": "", 244 | "type": "query", 245 | "useTags": false 246 | }, 247 | { 248 | "allValue": ".*", 249 | "current": {}, 250 | "datasource": "PROMETHEUS", 251 | "definition": "", 252 | "hide": 0, 253 | "includeAll": true, 254 | "index": -1, 255 | "label": "schemaname", 256 | "multi": true, 257 | "name": "schemaname", 258 | "options": [], 259 | "query": "label_values(ccp_stat_user_tables_n_tup_ins{pg_cluster=\"[[cluster]]\",dbname=~\"[[dbname]]\"},schemaname)", 260 | "refresh": 1, 261 | "regex": "", 262 | "skipUrlSync": false, 263 | "sort": 1, 264 | "tagValuesQuery": "", 265 | "tags": [], 266 | "tagsQuery": "", 267 | "type": "query", 268 | "useTags": false 269 | }, 270 | { 271 | "allValue": ".*", 272 | "current": {}, 273 | "datasource": "PROMETHEUS", 274 | "definition": "", 275 | "hide": 0, 276 | "includeAll": true, 277 | "index": -1, 278 | "label": null, 279 | "multi": true, 280 | "name": "tablename", 281 | "options": [], 282 | "query": "label_values(ccp_stat_user_tables_n_tup_ins{pg_cluster=\"[[cluster]]\",dbname=~\"[[dbname]]\",schemaname=~\"[[schemaname]]\"},relname)", 283 | "refresh": 1, 284 | "regex": "", 285 | "skipUrlSync": false, 286 | "sort": 1, 287 | "tagValuesQuery": "", 288 | "tags": [], 289 | "tagsQuery": "", 290 | "type": "query", 291 | "useTags": false 292 | } 293 | ] 294 | }, 295 | "time": { 296 | "from": "now-5m", 297 | "to": "now" 298 | }, 299 | "timepicker": { 300 | "refresh_intervals": [ 301 | "5s", 302 | "10s", 303 | "30s", 304 | "1m", 305 | "5m", 306 | "15m", 307 | "30m", 308 | "1h", 309 | "2h", 310 | "1d" 311 | ], 312 | "time_options": [ 313 | "5m", 314 | "15m", 315 | "1h", 316 | "6h", 317 | "12h", 318 | "24h", 319 | "2d", 320 | "7d", 321 | "30d" 322 | ] 323 | }, 324 | "timezone": "browser", 325 | "title": "CRUD_Details", 326 | "uid": "cruddetails", 327 | "variables": { 328 | "list": [] 329 | }, 330 | "version": 2 331 | } 332 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | Copyright 2017 - 2022 Crunchy Data Solutions, Inc. 179 | 180 | Licensed under the Apache License, Version 2.0 (the "License"); 181 | you may not use this file except in compliance with the License. 182 | You may obtain a copy of the License at 183 | 184 | http://www.apache.org/licenses/LICENSE-2.0 185 | 186 | Unless required by applicable law or agreed to in writing, software 187 | distributed under the License is distributed on an "AS IS" BASIS, 188 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 189 | See the License for the specific language governing permissions and 190 | limitations under the License. 191 | -------------------------------------------------------------------------------- /helm/postgres/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # For a full explanation of how to set up the custom resource, please refer to 3 | # the documentation: 4 | # https://access.crunchydata.com/documentation/postgres-operator/v5/ 5 | 6 | ########### 7 | # General # 8 | ########### 9 | 10 | # name is the name of the cluster. This defaults to the name of the Helm 11 | # release. 12 | # name: hippo 13 | 14 | # postgresVersion sets the version to deploy. This version number needs to be 15 | # available as one of the "RELATED_IMAGE_POSTGRES_..." images as part of the PGO 16 | # installation if you want to deploy the image without setting the "postgres" 17 | # image variable. This value is required. 18 | postgresVersion: 14 19 | 20 | # postGISVersion if sets and coupled with a PostGIS enabled container, enables 21 | # PostGIS. This version number needs to be available as one of the 22 | # "RELATED_IMAGE_POSTGRES_..." images as part of the PGO installation if you 23 | # want to deploy the image without setting the "postgres" image variable. 24 | # postGISVersion: 3.1 25 | 26 | # NOTE: pgBackRest is enabled by default. It must be set in 27 | # "RELATED_IMAGE_PGBACKREST" on the PGO deployment, otherwise you will need to 28 | # override the "pgBackRest" image. 29 | 30 | # pgBouncerReplicas sets the number of pgBouncer instances to deploy. The 31 | # default is 0. You need to set this to at least 1 to deploy pgBouncer or set 32 | # "pgBouncerConfig". Setting "pgBouncerConfig" will override the value of 33 | # pgBouncerReplicas. The "RELATED_IMAGE_PGBOUNCER" in the PGO deployment must be 34 | # set if you want to enable this without explicitly setting "pgBouncer". 35 | # pgBouncerReplicas: 1 36 | 37 | # monitoring enables the ability to monitor the Postgres cluster through a 38 | # metrics exporter than can be scraped by Prometheus. This defaults to the value 39 | # below. 40 | # monitoring: false 41 | 42 | ################### 43 | # Image Overrides # 44 | ################### 45 | 46 | # imagePostgres can be a Postgres or GIS-enabled Postgres image. This defaults to the 47 | # below value. "postgresVersion" needs to match the version of Postgres that is 48 | # used here. If using the GIS-enabled Postgres image, you need to ensure 49 | # "postGISVersion" matches the version of PostGIS used. 50 | # imagePostgres: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-13.8-1 51 | 52 | # imagePgBackRest is the pgBackRest backup utility image. This defaults to the 53 | # below value. 54 | # imagePgBackRest: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.40-1 55 | 56 | # imagePgBouncer is the image for the PgBouncer connection pooler. This defaults 57 | # to the below value. 58 | # imagePgBouncer: registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.17-1 59 | 60 | # imageExporter is the image name for the exporter used as a part of monitoring. 61 | # This defaults to the value below. 62 | # imageExporter: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.2.0-0 63 | 64 | ########################### 65 | # Basic Postgres Settings # 66 | ########################### 67 | 68 | # instanceName lets you set the name of your instances. This defaults to 69 | # the value below. Setting "instances" overrides this value. 70 | # instanceName: instance1 71 | 72 | # instanceSize sets the size of the volume that contains the data. This defaults 73 | # to the value below. Settings "instances" overrides this value. 74 | # instanceSize: 1Gi 75 | 76 | # instanceMemory sets the memory limit for the Postgres instances. This defaults 77 | # to no limit being set, but an example value is set below. Settings "instances" 78 | # overrides this value. 79 | # instanceMemory: 2Gi 80 | 81 | # instanceCPU sets the CPU limit for the Postgres instances. This defaults to 82 | # no limit being set, but an example value is set below. Setting "instances" 83 | # overrides this value. 84 | # instanceCPU: 1000m 85 | 86 | # instanceReplicas lets you set the total number of Postgres replicas. This 87 | # defaults to the value below. More than on replica enables high availability 88 | # (HA). Settings "instances" overrides this value. 89 | # instanceReplicas: 1 90 | 91 | ############################## 92 | # Advanced Postgres Settings # 93 | ############################## 94 | 95 | # instances allows you to define one or more Postgres instance sets. By default, 96 | # PGO will only deploy a single instance. Each instance set has similar 97 | # characteristics to the other instances in the set, e.g. storage size, resource 98 | # etc. You can have multiple replicas within an instance set. 99 | # 100 | # This allows you to fully customize the topology of your Postgres instances. 101 | # 102 | # For example, to set up an instance set with HA (due to the default pod 103 | # topology spread constraints) 104 | # 105 | # instances: 106 | # - name: pgha1 107 | # replicas: 2 108 | # dataVolumeClaimSpec: 109 | # accessModes: 110 | # - "ReadWriteOnce" 111 | # resources: 112 | # requests: 113 | # storage: 1Gi 114 | # instances: {} 115 | 116 | # port sets the port that Postgres listens on. Defaults to 5432. 117 | # port: 5432 118 | 119 | # patroni lets you set the Patroni configuration for the Postgres cluster. 120 | # for example, to set up synchronous replication: 121 | # patroni: 122 | # dynamicConfiguration: 123 | # synchronous_mode: true 124 | # postgresql: 125 | # parameters: 126 | # synchronous_commit: "on" 127 | # patroni: {} 128 | 129 | # users sets any custom Postgres users and databases that they have access to 130 | # as well as any permossions assoicated with the user account. 131 | # users: {} 132 | 133 | # dataSource specifies a data source for bootstrapping a Postgres cluster. 134 | # dataSource: {} 135 | 136 | # customTLSSecret references a Secret that contains the relevant information for 137 | # bringing external TLS artifacts to a PostgreSQL cluster. This provides the 138 | # TLS for the cluster itself. 139 | # customTLSSecret: {} 140 | 141 | # customReplicationTLSSecret references a Secret that contains the relevant 142 | # information for bringing external TLS artifacts to a PostgreSQL cluster. This 143 | # provides the information for the replication user. 144 | # customReplicationTLSSecret: {} 145 | 146 | # databaseInitSQL referencs a ConfigMap that contains a SQL file that should be 147 | # run a cluster bootstrap. 148 | # databaseInitSQL: 149 | # name: bootstrap-sql 150 | # key: bootstrap.sql 151 | 152 | # standby sets whether or not to run this as a standby cluster. Both of the 153 | # values below are required to enable a standby cluster. Setting "enabled" to 154 | # "true" eunables the standby cluster while "repoName" points to a pgBackRest 155 | # archive to replay WAL files from. 156 | # standby: 157 | # enabled: false 158 | # repoName: repo1 159 | 160 | # shutdown when set scales the entire workload to zero. By default this is not 161 | # set. 162 | # shutdown: true 163 | 164 | ################################# 165 | # Backups / pgBackRest Settings # 166 | ################################# 167 | 168 | # backupsSize sets the storage size of the backups to a volume in Kubernetes. 169 | # can be overridden by "pgBackRestConfig", if set. Defaults to the value below. 170 | # backupsSize: 1Gi 171 | 172 | # s3 allows for AWS S3 or an S3 compatible storage system to be used for 173 | # backups. This allows for a quick setup with S3; if you need more advanced 174 | # setup, use pgBackRestConfig. 175 | # s3: 176 | # # bucket specifies the S3 bucket to use, 177 | # bucket: "" 178 | # # endpoint specifies the S3 endpoint to use. 179 | # endpoint: "" 180 | # # region specifies the S3 region to use. If your S3 storage system does not 181 | # # use "region", fill this in with a random vaule. 182 | # region: "" 183 | # # key is the S3 key. This is stored in a Secret. 184 | # key: "" 185 | # # keySecret is the S3 key secret. This is tored in a Secret. 186 | # keySecret: "" 187 | # # encryptionPassphrase is an optional parameter to enable encrypted backups 188 | # # with pgBackRest. This is encrypted by pgBackRest and does not use S3's 189 | # # built-in encrpytion system. 190 | # encryptionPassphrase: "" 191 | 192 | # gcs allows for Google Cloud Storage (GCS) to be used for backups. This allows 193 | # for a quick setup with GCS; if you need a more advanced setup, use 194 | # "pgBackRestConfig". 195 | # gcs: 196 | # # bucket is the name of the GCS bucket that the backups will be stored in. 197 | # bucket: "" 198 | # # key is a multi-line string that contains the GCS key, which is a JSON 199 | # # structure. 200 | # key: | 201 | # {} 202 | 203 | # azure allows for Azure Blob Storage to be used for backups. This allows 204 | # for a quick setup with Azure Blob Storage; if you need a more advanced setup, 205 | # use "pgBackRestConfig". 206 | # azure: 207 | # # account is the name of the Azure account to be used. 208 | # account: "" 209 | # # key is the Secret key used associated with the Azure acount. 210 | # key: "" 211 | # # container is the Azure container that the backups will be stored in. 212 | # container: "" 213 | 214 | # multiBackupRepos allows for backing up to multiple repositories. This is 215 | # effectively uses the "quickstarts" for each of the backup types (volume, s3, 216 | # gcs, azure). You can have any permutation of these types. You can set up to 4. 217 | # can be overwritten by "pgBackRestConfig". 218 | # 219 | # You can't set "multiBackupRepos" and any of the individual quickstarts at the 220 | # same time. "multiBackupRepos" will take precedence. 221 | # 222 | # Below is an example that enables one of each backup type. Note all of the 223 | # available quickstart options are presented below; please see the backup types 224 | # if you want to see how each option works. 225 | # multiBackupRepos: 226 | # - volume: 227 | # backupsSize: 1Gi 228 | # - s3: 229 | # bucket: "" 230 | # endpoint: "" 231 | # region: "" 232 | # key: "" 233 | # keySecret: "" 234 | # - gcs: 235 | # bucket: "" 236 | # key: | 237 | # {} 238 | # - azure: 239 | # account: "" 240 | # key: "" 241 | # container: "" 242 | 243 | # pgBackRestConfig allows for the configuration of every pgBackRest option 244 | # except for "image", which is set by "pgBackRest". 245 | # pgBackRestConfig: {} 246 | 247 | ################################ 248 | # Pooling / pgBouncer Settings # 249 | ################################ 250 | 251 | # pgBouncerConfig sets all of the pgBouncer portion of the spec except for 252 | # image. To set image, you need to set the "pgBouncer" setting. 253 | # pgBouncerConfig: {} 254 | 255 | ####################### 256 | # Monitoring Settings # 257 | ####################### 258 | 259 | # monitoringConfig sets all of the monitoring portion of the spec except for the 260 | # image. To set the image, which also enables monitoring, you need to set the 261 | # "monitoring" setting. 262 | # monitoringConfig: {} 263 | 264 | ####################### 265 | # Kubernetes Settings # 266 | ####################### 267 | 268 | # metadata contains any metadata that should be applied to all PGO managed 269 | # objects in this Postgres cluster. This includes "annotations" and "labels" as 270 | # subkeys. 271 | # metadata: {} 272 | 273 | # service customizes the Service that exposes the Postgres primary. 274 | # service: {} 275 | 276 | # imagePullPolicy sets the pull policy for all the images. This defaults to 277 | # the Kubernetes heuristic: 278 | # https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting 279 | # imagePullPolicy: IfNotPresent 280 | 281 | # imagePullSecrets references Secrets that credentials for pulling image from 282 | # private repositories 283 | # imagePullSecrets: [] 284 | 285 | # supplementalGroups sets any group IDs that should be assigned to 286 | # Pods, particularly around file system contraints within a system 287 | # supplementalGroups: [] 288 | 289 | # disableDefaultPodScheduling if set to true, will disable any of the default 290 | # scheduling constraints for Pods, such as the default Pod Topology Spread 291 | # Constraints. If set to false or unset, the default scheduling constraints will 292 | # be used in addition to any customizations that are added in. 293 | # disableDefaultPodScheduling: false 294 | 295 | # openshift can set explicitly if this is an OpenShift cluster, or a cluster 296 | # that uses a SecurityContextConstraint. This usually does not need to be set, 297 | # but you may want to explicitly set it to "false" when using a SCC like 298 | # "anyuid" 299 | # openshift: false 300 | -------------------------------------------------------------------------------- /kustomize/monitoring/alertmanager-rules-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | crunchy-alert-rules-pg.yml: | 4 | ### 5 | # 6 | # Copyright 2017-2022 Crunchy Data Solutions, Inc. All Rights Reserved. 7 | # 8 | ### 9 | 10 | groups: 11 | - name: alert-rules 12 | rules: 13 | 14 | ########## EXPORTER RULES ########## 15 | - alert: PGExporterScrapeError 16 | expr: pg_exporter_last_scrape_error > 0 17 | for: 60s 18 | labels: 19 | service: postgresql 20 | severity: critical 21 | severity_num: 300 22 | annotations: 23 | summary: 'Postgres Exporter running on {{ $labels.job }} (instance: {{ $labels.instance }}) is encountering scrape errors processing queries. Error count: ( {{ $value }} )' 24 | 25 | 26 | ########## POSTGRESQL RULES ########## 27 | - alert: PGIsUp 28 | expr: pg_up < 1 29 | for: 60s 30 | labels: 31 | service: postgresql 32 | severity: critical 33 | severity_num: 300 34 | annotations: 35 | summary: 'postgres_exporter running on {{ $labels.job }} is unable to communicate with the configured database' 36 | 37 | 38 | # Example to check for current version of PostgreSQL. Metric returns the version that the exporter is running on, so you can set a rule to check for the minimum version you'd like all systems to be on. Number returned is the 6 digit integer representation contained in the setting "server_version_num". 39 | # 40 | # - alert: PGMinimumVersion 41 | # expr: ccp_postgresql_version_current < 110005 42 | # for: 60s 43 | # labels: 44 | # service: postgresql 45 | # severity: critical 46 | # severity_num: 300 47 | # annotations: 48 | # summary: '{{ $labels.job }} is not running at least version 11.5 of PostgreSQL' 49 | 50 | 51 | # Whether a system switches from primary to replica or vice versa must be configured per named job. 52 | # No way to tell what value a system is supposed to be without a rule expression for that specific system 53 | # 2 to 1 means it changed from primary to replica. 1 to 2 means it changed from replica to primary 54 | # Set this alert for each system that you want to monitor a recovery status change 55 | # Below is an example for a target job called "Replica" and watches for the value to change above 1 which means it's no longer a replica 56 | # 57 | # - alert: PGRecoveryStatusSwitch_Replica 58 | # expr: ccp_is_in_recovery_status{job="Replica"} > 1 59 | # for: 60s 60 | # labels: 61 | # service: postgresql 62 | # severity: critical 63 | # severity_num: 300 64 | # annotations: 65 | # summary: '{{ $labels.job }} has changed from replica to primary' 66 | 67 | 68 | # Absence alerts must be configured per named job, otherwise there's no way to know which job is down 69 | # Below is an example for a target job called "Prod" 70 | # - alert: PGConnectionAbsent_Prod 71 | # expr: absent(ccp_connection_stats_max_connections{job="Prod"}) 72 | # for: 10s 73 | # labels: 74 | # service: postgresql 75 | # severity: critical 76 | # severity_num: 300 77 | # annotations: 78 | # description: 'Connection metric is absent from target (Prod). Check that postgres_exporter can connect to PostgreSQL.' 79 | 80 | 81 | # Optional monitor for changes to pg_settings (postgresql.conf) system catalog. 82 | # A similar metric is available for monitoring pg_hba.conf. See ccp_hba_settings_checksum(). 83 | # If metric returns 0, then NO settings have changed for either pg_settings since last known valid state 84 | # If metric returns 1, then pg_settings have changed since last known valid state 85 | # To see what may have changed, check the monitor.pg_settings_checksum table for a history of config state. 86 | # - alert: PGSettingsChecksum 87 | # expr: ccp_pg_settings_checksum > 0 88 | # for 60s 89 | # labels: 90 | # service: postgresql 91 | # severity: critical 92 | # severity_num: 300 93 | # annotations: 94 | # description: 'Configuration settings on {{ $labels.job }} have changed from previously known valid state. To reset current config to a valid state after alert fires, run monitor.pg_settings_checksum_set_valid().' 95 | # summary: 'PGSQL Instance settings checksum' 96 | 97 | 98 | # Monitor for data block checksum failures. Only works in PG12+ 99 | # - alert: PGDataChecksum 100 | # expr: ccp_data_checksum_failure > 0 101 | # for 60s 102 | # labels: 103 | # service: postgresql 104 | # severity: critical 105 | # severity_num: 300 106 | # annotations: 107 | # description: '{{ $labels.job }} has at least one data checksum failure in database {{ $labels.dbname }}. See pg_stat_database system catalog for more information.' 108 | # summary: 'PGSQL Data Checksum failure' 109 | 110 | - alert: PGIdleTxn 111 | expr: ccp_connection_stats_max_idle_in_txn_time > 300 112 | for: 60s 113 | labels: 114 | service: postgresql 115 | severity: warning 116 | severity_num: 200 117 | annotations: 118 | description: '{{ $labels.job }} has at least one session idle in transaction for over 5 minutes.' 119 | summary: 'PGSQL Instance idle transactions' 120 | 121 | - alert: PGIdleTxn 122 | expr: ccp_connection_stats_max_idle_in_txn_time > 900 123 | for: 60s 124 | labels: 125 | service: postgresql 126 | severity: critical 127 | severity_num: 300 128 | annotations: 129 | description: '{{ $labels.job }} has at least one session idle in transaction for over 15 minutes.' 130 | summary: 'PGSQL Instance idle transactions' 131 | 132 | - alert: PGQueryTime 133 | expr: ccp_connection_stats_max_query_time > 43200 134 | for: 60s 135 | labels: 136 | service: postgresql 137 | severity: warning 138 | severity_num: 200 139 | annotations: 140 | description: '{{ $labels.job }} has at least one query running for over 12 hours.' 141 | summary: 'PGSQL Max Query Runtime' 142 | 143 | - alert: PGQueryTime 144 | expr: ccp_connection_stats_max_query_time > 86400 145 | for: 60s 146 | labels: 147 | service: postgresql 148 | severity: critical 149 | severity_num: 300 150 | annotations: 151 | description: '{{ $labels.job }} has at least one query running for over 1 day.' 152 | summary: 'PGSQL Max Query Runtime' 153 | 154 | - alert: PGConnPerc 155 | expr: 100 * (ccp_connection_stats_total / ccp_connection_stats_max_connections) > 75 156 | for: 60s 157 | labels: 158 | service: postgresql 159 | severity: warning 160 | severity_num: 200 161 | annotations: 162 | description: '{{ $labels.job }} is using 75% or more of available connections ({{ $value }}%)' 163 | summary: 'PGSQL Instance connections' 164 | 165 | - alert: PGConnPerc 166 | expr: 100 * (ccp_connection_stats_total / ccp_connection_stats_max_connections) > 90 167 | for: 60s 168 | labels: 169 | service: postgresql 170 | severity: critical 171 | severity_num: 300 172 | annotations: 173 | description: '{{ $labels.job }} is using 90% or more of available connections ({{ $value }}%)' 174 | summary: 'PGSQL Instance connections' 175 | 176 | - alert: PGDiskSize 177 | expr: 100 * ((ccp_nodemx_data_disk_total_bytes - ccp_nodemx_data_disk_available_bytes) / ccp_nodemx_data_disk_total_bytes) > 75 178 | for: 60s 179 | labels: 180 | service: postgresql 181 | severity: warning 182 | severity_num: 200 183 | annotations: 184 | description: 'PGSQL Instance {{ $labels.deployment }} over 75% disk usage at mount point "{{ $labels.mount_point }}": {{ $value }}%' 185 | summary: PGSQL Instance usage warning 186 | 187 | - alert: PGDiskSize 188 | expr: 100 * ((ccp_nodemx_data_disk_total_bytes - ccp_nodemx_data_disk_available_bytes) / ccp_nodemx_data_disk_total_bytes) > 90 189 | for: 60s 190 | labels: 191 | service: postgresql 192 | severity: critical 193 | severity_num: 300 194 | annotations: 195 | description: 'PGSQL Instance {{ $labels.deployment }} over 90% disk usage at mount point "{{ $labels.mount_point }}": {{ $value }}%' 196 | summary: 'PGSQL Instance size critical' 197 | 198 | - alert: PGReplicationByteLag 199 | expr: ccp_replication_status_byte_lag > 5.24288e+07 200 | for: 60s 201 | labels: 202 | service: postgresql 203 | severity: warning 204 | severity_num: 200 205 | annotations: 206 | description: 'PGSQL Instance {{ $labels.job }} has at least one replica lagging over 50MB behind.' 207 | summary: 'PGSQL Instance replica lag warning' 208 | 209 | - alert: PGReplicationByteLag 210 | expr: ccp_replication_status_byte_lag > 1.048576e+08 211 | for: 60s 212 | labels: 213 | service: postgresql 214 | severity: critical 215 | severity_num: 300 216 | annotations: 217 | description: 'PGSQL Instance {{ $labels.job }} has at least one replica lagging over 100MB behind.' 218 | summary: 'PGSQL Instance replica lag warning' 219 | 220 | - alert: PGReplicationSlotsInactive 221 | expr: ccp_replication_slots_active == 0 222 | for: 60s 223 | labels: 224 | service: postgresql 225 | severity: critical 226 | severity_num: 300 227 | annotations: 228 | description: 'PGSQL Instance {{ $labels.job }} has one or more inactive replication slots' 229 | summary: 'PGSQL Instance inactive replication slot' 230 | 231 | - alert: PGXIDWraparound 232 | expr: ccp_transaction_wraparound_percent_towards_wraparound > 50 233 | for: 60s 234 | labels: 235 | service: postgresql 236 | severity: warning 237 | severity_num: 200 238 | annotations: 239 | description: 'PGSQL Instance {{ $labels.job }} is over 50% towards transaction id wraparound.' 240 | summary: 'PGSQL Instance {{ $labels.job }} transaction id wraparound imminent' 241 | 242 | - alert: PGXIDWraparound 243 | expr: ccp_transaction_wraparound_percent_towards_wraparound > 75 244 | for: 60s 245 | labels: 246 | service: postgresql 247 | severity: critical 248 | severity_num: 300 249 | annotations: 250 | description: 'PGSQL Instance {{ $labels.job }} is over 75% towards transaction id wraparound.' 251 | summary: 'PGSQL Instance transaction id wraparound imminent' 252 | 253 | - alert: PGEmergencyVacuum 254 | expr: ccp_transaction_wraparound_percent_towards_emergency_autovac > 110 255 | for: 60s 256 | labels: 257 | service: postgresql 258 | severity: warning 259 | severity_num: 200 260 | annotations: 261 | description: 'PGSQL Instance {{ $labels.job }} is over 110% beyond autovacuum_freeze_max_age value. Autovacuum may need tuning to better keep up.' 262 | summary: 'PGSQL Instance emergency vacuum imminent' 263 | 264 | - alert: PGEmergencyVacuum 265 | expr: ccp_transaction_wraparound_percent_towards_emergency_autovac > 125 266 | for: 60s 267 | labels: 268 | service: postgresql 269 | severity: critical 270 | severity_num: 300 271 | annotations: 272 | description: 'PGSQL Instance {{ $labels.job }} is over 125% beyond autovacuum_freeze_max_age value. Autovacuum needs tuning to better keep up.' 273 | summary: 'PGSQL Instance emergency vacuum imminent' 274 | 275 | - alert: PGArchiveCommandStatus 276 | expr: ccp_archive_command_status_seconds_since_last_fail > 300 277 | for: 60s 278 | labels: 279 | service: postgresql 280 | severity: critical 281 | severity_num: 300 282 | annotations: 283 | description: 'PGSQL Instance {{ $labels.job }} has a recent failing archive command' 284 | summary: 'Seconds since the last recorded failure of the archive_command' 285 | 286 | - alert: PGSequenceExhaustion 287 | expr: ccp_sequence_exhaustion_count > 0 288 | for: 60s 289 | labels: 290 | service: postgresql 291 | severity: critical 292 | severity_num: 300 293 | annotations: 294 | description: 'Count of sequences on instance {{ $labels.job }} at over 75% usage: {{ $value }}. Run following query to see full sequence status: SELECT * FROM monitor.sequence_status() WHERE percent >= 75' 295 | 296 | - alert: PGSettingsPendingRestart 297 | expr: ccp_settings_pending_restart_count > 0 298 | for: 60s 299 | labels: 300 | service: postgresql 301 | severity: critical 302 | severity_num: 300 303 | annotations: 304 | description: 'One or more settings in the pg_settings system catalog on system {{ $labels.job }} are in a pending_restart state. Check the system catalog for which settings are pending and review postgresql.conf for changes.' 305 | 306 | ########## PGBACKREST RULES ########## 307 | # 308 | # Uncomment and customize one or more of these rules to monitor your pgbackrest backups. 309 | # Full backups are considered the equivalent of both differentials and incrementals since both are based on the last full 310 | # And differentials are considered incrementals since incrementals will be based off the last diff if one exists 311 | # This avoid false alerts, for example when you don't run diff/incr backups on the days that you run a full 312 | # Stanza should also be set if different intervals are expected for each stanza. 313 | # Otherwise rule will be applied to all stanzas returned on target system if not set. 314 | # 315 | # Relevant metric names are: 316 | # ccp_backrest_last_full_time_since_completion_seconds 317 | # ccp_backrest_last_incr_time_since_completion_seconds 318 | # ccp_backrest_last_diff_time_since_completion_seconds 319 | # 320 | # - alert: PGBackRestLastCompletedFull_main 321 | # expr: ccp_backrest_last_full_backup_time_since_completion_seconds{stanza="main"} > 604800 322 | # for: 60s 323 | # labels: 324 | # service: postgresql 325 | # severity: critical 326 | # severity_num: 300 327 | # annotations: 328 | # summary: 'Full backup for stanza [main] on system {{ $labels.job }} has not completed in the last week.' 329 | # 330 | # - alert: PGBackRestLastCompletedIncr_main 331 | # expr: ccp_backrest_last_incr_backup_time_since_completion_seconds{stanza="main"} > 86400 332 | # for: 60s 333 | # labels: 334 | # service: postgresql 335 | # severity: critical 336 | # severity_num: 300 337 | # annotations: 338 | # summary: 'Incremental backup for stanza [main] on system {{ $labels.job }} has not completed in the last 24 hours.' 339 | # 340 | # 341 | # Runtime monitoring is handled with a single metric: 342 | # 343 | # ccp_backrest_last_runtime_backup_runtime_seconds 344 | # 345 | # Runtime monitoring should have the "backup_type" label set. 346 | # Otherwise the rule will apply to the last run of all backup types returned (full, diff, incr) 347 | # Stanza should also be set if runtimes per stanza have different expected times 348 | # 349 | # - alert: PGBackRestLastRuntimeFull_main 350 | # expr: ccp_backrest_last_runtime_backup_runtime_seconds{backup_type="full", stanza="main"} > 14400 351 | # for: 60s 352 | # labels: 353 | # service: postgresql 354 | # severity: critical 355 | # severity_num: 300 356 | # annotations: 357 | # summary: 'Expected runtime of full backup for stanza [main] has exceeded 4 hours' 358 | # 359 | # - alert: PGBackRestLastRuntimeDiff_main 360 | # expr: ccp_backrest_last_runtime_backup_runtime_seconds{backup_type="diff", stanza="main"} > 3600 361 | # for: 60s 362 | # labels: 363 | # service: postgresql 364 | # severity: critical 365 | # severity_num: 300 366 | # annotations: 367 | # summary: 'Expected runtime of diff backup for stanza [main] has exceeded 1 hour' 368 | ## 369 | # 370 | ## If the pgbackrest command fails to run, the metric disappears from the exporter output and the alert never fires. 371 | ## An absence alert must be configured explicitly for each target (job) that backups are being monitored. 372 | ## Checking for absence of just the full backup type should be sufficient (no need for diff/incr). 373 | ## Note that while the backrest check command failing will likely also cause a scrape error alert, the addition of this 374 | ## check gives a clearer answer as to what is causing it and that something is wrong with the backups. 375 | # 376 | # - alert: PGBackrestAbsentFull_Prod 377 | # expr: absent(ccp_backrest_last_full_backup_time_since_completion_seconds{job="Prod"}) 378 | # for: 10s 379 | # labels: 380 | # service: postgresql 381 | # severity: critical 382 | # severity_num: 300 383 | # annotations: 384 | # description: 'Backup Full status missing for Prod. Check that pgbackrest info command is working on target system.' 385 | kind: ConfigMap 386 | metadata: 387 | labels: 388 | app.kubernetes.io/name: postgres-operator-monitoring 389 | vendor: crunchydata 390 | name: alertmanager-rules-config 391 | -------------------------------------------------------------------------------- /kustomize/monitoring/dashboards/postgresql_service_health.json: -------------------------------------------------------------------------------- 1 | { 2 | "__inputs": [ 3 | { 4 | "name": "DS_PROMETHEUS", 5 | "label": "PROMETHEUS", 6 | "description": "", 7 | "type": "datasource", 8 | "pluginId": "prometheus", 9 | "pluginName": "Prometheus" 10 | } 11 | ], 12 | "__requires": [ 13 | { 14 | "type": "grafana", 15 | "id": "grafana", 16 | "name": "Grafana", 17 | "version": "7.4.5" 18 | }, 19 | { 20 | "type": "panel", 21 | "id": "graph", 22 | "name": "Graph", 23 | "version": "" 24 | }, 25 | { 26 | "type": "datasource", 27 | "id": "prometheus", 28 | "name": "Prometheus", 29 | "version": "1.0.0" 30 | } 31 | ], 32 | "annotations": { 33 | "list": [ 34 | { 35 | "builtIn": 1, 36 | "datasource": "-- Grafana --", 37 | "enable": true, 38 | "hide": true, 39 | "iconColor": "rgba(0, 211, 255, 1)", 40 | "name": "Annotations & Alerts", 41 | "type": "dashboard" 42 | } 43 | ] 44 | }, 45 | "editable": true, 46 | "gnetId": null, 47 | "graphTooltip": 0, 48 | "id": null, 49 | "iteration": 1624491530019, 50 | "links": [ 51 | { 52 | "asDropdown": false, 53 | "icon": "external link", 54 | "includeVars": true, 55 | "keepTime": true, 56 | "tags": [ 57 | "vendor=crunchydata" 58 | ], 59 | "title": "", 60 | "type": "dashboards" 61 | } 62 | ], 63 | "panels": [ 64 | { 65 | "aliasColors": {}, 66 | "bars": false, 67 | "dashLength": 10, 68 | "dashes": false, 69 | "datasource": "PROMETHEUS", 70 | "fieldConfig": { 71 | "defaults": { 72 | "custom": {}, 73 | "links": [] 74 | }, 75 | "overrides": [] 76 | }, 77 | "fill": 1, 78 | "fillGradient": 5, 79 | "gridPos": { 80 | "h": 7, 81 | "w": 12, 82 | "x": 0, 83 | "y": 0 84 | }, 85 | "hiddenSeries": false, 86 | "id": 6, 87 | "legend": { 88 | "alignAsTable": true, 89 | "avg": false, 90 | "current": false, 91 | "max": false, 92 | "min": false, 93 | "rightSide": true, 94 | "show": true, 95 | "sideWidth": 150, 96 | "total": false, 97 | "values": false 98 | }, 99 | "lines": true, 100 | "linewidth": 1, 101 | "links": [], 102 | "nullPointMode": "null", 103 | "options": { 104 | "alertThreshold": true 105 | }, 106 | "percentage": false, 107 | "pluginVersion": "7.4.5", 108 | "pointradius": 5, 109 | "points": false, 110 | "renderer": "flot", 111 | "seriesOverrides": [], 112 | "spaceLength": 10, 113 | "stack": false, 114 | "steppedLine": false, 115 | "targets": [ 116 | { 117 | "expr": "sum(ccp_connection_stats_total{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without (pod,instance,ip) / sum(ccp_connection_stats_max_connections{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without (pod,instance,ip)", 118 | "format": "time_series", 119 | "instant": false, 120 | "interval": "", 121 | "intervalFactor": 1, 122 | "legendFormat": "Connections", 123 | "refId": "C" 124 | }, 125 | { 126 | "expr": "100 - 100 * avg(ccp_nodemx_data_disk_available_bytes{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without (pod,instance,ip) / avg(ccp_nodemx_data_disk_total_bytes{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without (pod,instance,ip)", 127 | "format": "time_series", 128 | "interval": "", 129 | "intervalFactor": 1, 130 | "legendFormat": "Mount:{{mount_point}}", 131 | "refId": "A" 132 | } 133 | ], 134 | "thresholds": [], 135 | "timeFrom": null, 136 | "timeRegions": [], 137 | "timeShift": null, 138 | "title": "Saturation (pct used)", 139 | "tooltip": { 140 | "shared": true, 141 | "sort": 0, 142 | "value_type": "individual" 143 | }, 144 | "type": "graph", 145 | "xaxis": { 146 | "buckets": null, 147 | "mode": "time", 148 | "name": null, 149 | "show": true, 150 | "values": [] 151 | }, 152 | "yaxes": [ 153 | { 154 | "decimals": null, 155 | "format": "percent", 156 | "label": null, 157 | "logBase": 1, 158 | "max": "100", 159 | "min": "0", 160 | "show": true 161 | }, 162 | { 163 | "format": "short", 164 | "label": null, 165 | "logBase": 1, 166 | "max": null, 167 | "min": null, 168 | "show": false 169 | } 170 | ], 171 | "yaxis": { 172 | "align": false, 173 | "alignLevel": null 174 | } 175 | }, 176 | { 177 | "aliasColors": {}, 178 | "bars": false, 179 | "cacheTimeout": null, 180 | "dashLength": 10, 181 | "dashes": false, 182 | "datasource": "PROMETHEUS", 183 | "fieldConfig": { 184 | "defaults": { 185 | "custom": {}, 186 | "links": [] 187 | }, 188 | "overrides": [] 189 | }, 190 | "fill": 1, 191 | "fillGradient": 5, 192 | "gridPos": { 193 | "h": 7, 194 | "w": 12, 195 | "x": 12, 196 | "y": 0 197 | }, 198 | "hiddenSeries": false, 199 | "id": 18, 200 | "legend": { 201 | "alignAsTable": true, 202 | "avg": false, 203 | "current": false, 204 | "max": false, 205 | "min": false, 206 | "rightSide": true, 207 | "show": true, 208 | "sideWidth": 150, 209 | "total": false, 210 | "values": false 211 | }, 212 | "lines": true, 213 | "linewidth": 1, 214 | "links": [], 215 | "nullPointMode": "null", 216 | "options": { 217 | "alertThreshold": true 218 | }, 219 | "percentage": false, 220 | "pluginVersion": "7.4.5", 221 | "pointradius": 2, 222 | "points": false, 223 | "renderer": "flot", 224 | "seriesOverrides": [], 225 | "spaceLength": 10, 226 | "stack": false, 227 | "steppedLine": false, 228 | "targets": [ 229 | { 230 | "exemplar": false, 231 | "expr": " sum(irate(ccp_stat_database_xact_commit{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}[1m])) \n+ sum(irate(ccp_stat_database_xact_rollback{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}[1m]))", 232 | "format": "time_series", 233 | "interval": "", 234 | "intervalFactor": 1, 235 | "legendFormat": "Transactions", 236 | "refId": "A" 237 | }, 238 | { 239 | "expr": "max(ccp_connection_stats_active{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without (pod,instance,ip,dbname)", 240 | "format": "time_series", 241 | "interval": "", 242 | "intervalFactor": 1, 243 | "legendFormat": "Active connections", 244 | "refId": "C" 245 | }, 246 | { 247 | "expr": "sum(irate(ccp_pg_stat_statements_total_calls_count{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}[1m]))", 248 | "format": "time_series", 249 | "hide": false, 250 | "interval": "", 251 | "intervalFactor": 1, 252 | "legendFormat": "Queries", 253 | "refId": "B" 254 | } 255 | ], 256 | "thresholds": [], 257 | "timeFrom": null, 258 | "timeRegions": [], 259 | "timeShift": null, 260 | "title": "Traffic", 261 | "tooltip": { 262 | "shared": true, 263 | "sort": 2, 264 | "value_type": "individual" 265 | }, 266 | "type": "graph", 267 | "xaxis": { 268 | "buckets": null, 269 | "mode": "time", 270 | "name": null, 271 | "show": true, 272 | "values": [] 273 | }, 274 | "yaxes": [ 275 | { 276 | "format": "short", 277 | "label": "", 278 | "logBase": 1, 279 | "max": null, 280 | "min": "0.001", 281 | "show": true 282 | }, 283 | { 284 | "format": "short", 285 | "label": null, 286 | "logBase": 1, 287 | "max": null, 288 | "min": null, 289 | "show": false 290 | } 291 | ], 292 | "yaxis": { 293 | "align": false, 294 | "alignLevel": null 295 | } 296 | }, 297 | { 298 | "aliasColors": {}, 299 | "bars": false, 300 | "dashLength": 10, 301 | "dashes": false, 302 | "datasource": "PROMETHEUS", 303 | "description": "Errors", 304 | "fieldConfig": { 305 | "defaults": { 306 | "custom": {}, 307 | "links": [] 308 | }, 309 | "overrides": [] 310 | }, 311 | "fill": 1, 312 | "fillGradient": 5, 313 | "gridPos": { 314 | "h": 7, 315 | "w": 12, 316 | "x": 0, 317 | "y": 7 318 | }, 319 | "hiddenSeries": false, 320 | "id": 4, 321 | "legend": { 322 | "alignAsTable": true, 323 | "avg": false, 324 | "current": false, 325 | "max": false, 326 | "min": false, 327 | "rightSide": true, 328 | "show": true, 329 | "sideWidth": 150, 330 | "total": false, 331 | "values": false 332 | }, 333 | "lines": true, 334 | "linewidth": 1, 335 | "links": [], 336 | "nullPointMode": "null", 337 | "options": { 338 | "alertThreshold": true 339 | }, 340 | "percentage": false, 341 | "pluginVersion": "7.4.5", 342 | "pointradius": 5, 343 | "points": false, 344 | "renderer": "flot", 345 | "seriesOverrides": [], 346 | "spaceLength": 10, 347 | "stack": false, 348 | "steppedLine": false, 349 | "targets": [ 350 | { 351 | "expr": "sum(irate(ccp_stat_database_xact_rollback{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}[1m]) without(pod,instance,ip))", 352 | "format": "time_series", 353 | "hide": true, 354 | "interval": "", 355 | "intervalFactor": 1, 356 | "legendFormat": "Rollbacks", 357 | "refId": "A" 358 | }, 359 | { 360 | "expr": "sum(irate(ccp_stat_database_deadlocks{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}[1m])) without(pod,instance,ip,dbname)", 361 | "format": "time_series", 362 | "hide": false, 363 | "interval": "", 364 | "intervalFactor": 1, 365 | "legendFormat": "Deadlock ", 366 | "refId": "D" 367 | }, 368 | { 369 | "expr": "sum(irate(ccp_stat_database_conflicts{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}[1m])) without(pod,instance,ip,dbname)", 370 | "format": "time_series", 371 | "hide": false, 372 | "interval": "", 373 | "intervalFactor": 1, 374 | "legendFormat": "Conflicts", 375 | "refId": "B" 376 | }, 377 | { 378 | "expr": "max(pg_exporter_last_scrape_error{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without(pod,instance,ip,dbname)", 379 | "format": "time_series", 380 | "hide": false, 381 | "interval": "", 382 | "intervalFactor": 1, 383 | "legendFormat": "scrape error", 384 | "refId": "C" 385 | }, 386 | { 387 | "expr": "max(clamp_max(ccp_archive_command_status_seconds_since_last_fail{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"},1)) without (instance,pod,ip)", 388 | "format": "time_series", 389 | "hide": false, 390 | "interval": "", 391 | "intervalFactor": 1, 392 | "legendFormat": "archive error", 393 | "refId": "E" 394 | } 395 | ], 396 | "thresholds": [], 397 | "timeFrom": null, 398 | "timeRegions": [], 399 | "timeShift": null, 400 | "title": "Errors", 401 | "tooltip": { 402 | "shared": true, 403 | "sort": 0, 404 | "value_type": "individual" 405 | }, 406 | "type": "graph", 407 | "xaxis": { 408 | "buckets": null, 409 | "mode": "time", 410 | "name": null, 411 | "show": true, 412 | "values": [] 413 | }, 414 | "yaxes": [ 415 | { 416 | "decimals": null, 417 | "format": "short", 418 | "label": "", 419 | "logBase": 2, 420 | "max": null, 421 | "min": null, 422 | "show": true 423 | }, 424 | { 425 | "format": "short", 426 | "label": null, 427 | "logBase": 1, 428 | "max": null, 429 | "min": null, 430 | "show": false 431 | } 432 | ], 433 | "yaxis": { 434 | "align": false, 435 | "alignLevel": null 436 | } 437 | }, 438 | { 439 | "aliasColors": {}, 440 | "bars": false, 441 | "dashLength": 10, 442 | "dashes": false, 443 | "datasource": "PROMETHEUS", 444 | "fieldConfig": { 445 | "defaults": { 446 | "custom": {}, 447 | "links": [] 448 | }, 449 | "overrides": [] 450 | }, 451 | "fill": 1, 452 | "fillGradient": 1, 453 | "gridPos": { 454 | "h": 7, 455 | "w": 12, 456 | "x": 12, 457 | "y": 7 458 | }, 459 | "hiddenSeries": false, 460 | "id": 10, 461 | "legend": { 462 | "alignAsTable": true, 463 | "avg": false, 464 | "current": false, 465 | "max": false, 466 | "min": false, 467 | "rightSide": true, 468 | "show": true, 469 | "sideWidth": 150, 470 | "total": false, 471 | "values": false 472 | }, 473 | "lines": true, 474 | "linewidth": 1, 475 | "links": [], 476 | "nullPointMode": "null", 477 | "options": { 478 | "alertThreshold": true 479 | }, 480 | "percentage": false, 481 | "pluginVersion": "7.4.5", 482 | "pointradius": 5, 483 | "points": false, 484 | "renderer": "flot", 485 | "seriesOverrides": [ 486 | { 487 | "alias": "/Max:/", 488 | "color": "#E02F44", 489 | "nullPointMode": "null as zero" 490 | }, 491 | { 492 | "alias": "/Avg:/", 493 | "color": "#8AB8FF" 494 | } 495 | ], 496 | "spaceLength": 10, 497 | "stack": false, 498 | "steppedLine": false, 499 | "targets": [ 500 | { 501 | "expr": "max(ccp_pg_stat_statements_total_mean_exec_time_ms{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without (pod,instance,ip)", 502 | "format": "time_series", 503 | "hide": false, 504 | "instant": false, 505 | "interval": "", 506 | "intervalFactor": 1, 507 | "legendFormat": "Avg: {{exported_role}}({{dbname}})", 508 | "refId": "A" 509 | }, 510 | { 511 | "expr": "max(ccp_pg_stat_statements_top_max_exec_time_ms{pg_cluster=\"[[cluster]]\",role=\"[[role]]\"}) without (pod,instance,ip,query,queryid)", 512 | "format": "time_series", 513 | "hide": false, 514 | "instant": false, 515 | "interval": "", 516 | "intervalFactor": 1, 517 | "legendFormat": "Max: {{exported_role}}({{dbname}})", 518 | "refId": "B" 519 | } 520 | ], 521 | "thresholds": [], 522 | "timeFrom": null, 523 | "timeRegions": [], 524 | "timeShift": null, 525 | "title": "Query Duration", 526 | "tooltip": { 527 | "shared": true, 528 | "sort": 0, 529 | "value_type": "individual" 530 | }, 531 | "type": "graph", 532 | "xaxis": { 533 | "buckets": null, 534 | "mode": "time", 535 | "name": null, 536 | "show": true, 537 | "values": [] 538 | }, 539 | "yaxes": [ 540 | { 541 | "decimals": null, 542 | "format": "ms", 543 | "label": null, 544 | "logBase": 2, 545 | "max": null, 546 | "min": "0", 547 | "show": true 548 | }, 549 | { 550 | "format": "short", 551 | "label": null, 552 | "logBase": 1, 553 | "max": null, 554 | "min": null, 555 | "show": false 556 | } 557 | ], 558 | "yaxis": { 559 | "align": false, 560 | "alignLevel": null 561 | } 562 | } 563 | ], 564 | "refresh": "5m", 565 | "schemaVersion": 27, 566 | "style": "dark", 567 | "tags": [ 568 | "vendor=crunchydata" 569 | ], 570 | "templating": { 571 | "list": [ 572 | { 573 | "allValue": null, 574 | "current": {}, 575 | "datasource": "PROMETHEUS", 576 | "definition": "label_values(pg_cluster)", 577 | "description": null, 578 | "error": null, 579 | "hide": 0, 580 | "includeAll": false, 581 | "label": null, 582 | "multi": false, 583 | "name": "cluster", 584 | "options": [], 585 | "query": { 586 | "query": "label_values(pg_cluster)", 587 | "refId": "PROMETHEUS-cluster-Variable-Query" 588 | }, 589 | "refresh": 1, 590 | "regex": "", 591 | "skipUrlSync": false, 592 | "sort": 0, 593 | "tagValuesQuery": "", 594 | "tags": [], 595 | "tagsQuery": "", 596 | "type": "query", 597 | "useTags": false 598 | }, 599 | { 600 | "allValue": null, 601 | "current": {}, 602 | "datasource": "PROMETHEUS", 603 | "definition": "label_values({pg_cluster=\"[[cluster]]\"},role)", 604 | "description": null, 605 | "error": null, 606 | "hide": 0, 607 | "includeAll": false, 608 | "label": null, 609 | "multi": false, 610 | "name": "role", 611 | "options": [], 612 | "query": { 613 | "query": "label_values({pg_cluster=\"[[cluster]]\"},role)", 614 | "refId": "PROMETHEUS-role-Variable-Query" 615 | }, 616 | "refresh": 1, 617 | "regex": "", 618 | "skipUrlSync": false, 619 | "sort": 0, 620 | "tagValuesQuery": "", 621 | "tags": [], 622 | "tagsQuery": "", 623 | "type": "query", 624 | "useTags": false 625 | } 626 | ] 627 | }, 628 | "time": { 629 | "from": "now-30m", 630 | "to": "now" 631 | }, 632 | "timepicker": { 633 | "time_options": [ 634 | "5m", 635 | "15m", 636 | "1h", 637 | "6h", 638 | "12h", 639 | "24h", 640 | "2d", 641 | "7d", 642 | "30d" 643 | ] 644 | }, 645 | "timezone": "browser", 646 | "title": "PostgreSQL Service Health", 647 | "uid": "dhG1wgsMz", 648 | "version": 1 649 | } 650 | -------------------------------------------------------------------------------- /kustomize/monitoring/dashboards/pgbackrest.json: -------------------------------------------------------------------------------- 1 | { 2 | "__inputs": [ 3 | { 4 | "name": "DS_PROMETHEUS", 5 | "label": "PROMETHEUS", 6 | "description": "", 7 | "type": "datasource", 8 | "pluginId": "prometheus", 9 | "pluginName": "Prometheus" 10 | } 11 | ], 12 | "__requires": [ 13 | { 14 | "type": "grafana", 15 | "id": "grafana", 16 | "name": "Grafana", 17 | "version": "7.4.5" 18 | }, 19 | { 20 | "type": "panel", 21 | "id": "graph", 22 | "name": "Graph", 23 | "version": "" 24 | }, 25 | { 26 | "type": "datasource", 27 | "id": "prometheus", 28 | "name": "Prometheus", 29 | "version": "1.0.0" 30 | }, 31 | { 32 | "type": "panel", 33 | "id": "stat", 34 | "name": "Stat", 35 | "version": "" 36 | } 37 | ], 38 | "annotations": { 39 | "list": [ 40 | { 41 | "builtIn": 1, 42 | "datasource": "-- Grafana --", 43 | "enable": true, 44 | "hide": true, 45 | "iconColor": "rgba(0, 211, 255, 1)", 46 | "name": "Annotations & Alerts", 47 | "type": "dashboard" 48 | } 49 | ] 50 | }, 51 | "editable": false, 52 | "gnetId": null, 53 | "graphTooltip": 0, 54 | "id": null, 55 | "iteration": 1624546649377, 56 | "links": [ 57 | { 58 | "asDropdown": false, 59 | "icon": "external link", 60 | "includeVars": true, 61 | "keepTime": true, 62 | "tags": [ 63 | "vendor=crunchydata" 64 | ], 65 | "title": "", 66 | "type": "dashboards" 67 | } 68 | ], 69 | "panels": [ 70 | { 71 | "datasource": "PROMETHEUS", 72 | "fieldConfig": { 73 | "defaults": { 74 | "color": { 75 | "mode": "thresholds" 76 | }, 77 | "custom": {}, 78 | "mappings": [], 79 | "thresholds": { 80 | "mode": "absolute", 81 | "steps": [ 82 | { 83 | "color": "semi-dark-blue", 84 | "value": null 85 | } 86 | ] 87 | }, 88 | "unit": "dtdhms" 89 | }, 90 | "overrides": [] 91 | }, 92 | "gridPos": { 93 | "h": 3, 94 | "w": 24, 95 | "x": 0, 96 | "y": 0 97 | }, 98 | "id": 8, 99 | "options": { 100 | "colorMode": "background", 101 | "graphMode": "area", 102 | "justifyMode": "auto", 103 | "orientation": "auto", 104 | "reduceOptions": { 105 | "calcs": [ 106 | "last" 107 | ], 108 | "fields": "/^Value$/", 109 | "values": false 110 | }, 111 | "text": { 112 | "valueSize": 45 113 | }, 114 | "textMode": "auto" 115 | }, 116 | "pluginVersion": "7.4.5", 117 | "targets": [ 118 | { 119 | "expr": "time()-ccp_backrest_oldest_full_backup_time_seconds{pg_cluster=\"[[cluster]]\", role=\"master\"}", 120 | "format": "table", 121 | "instant": true, 122 | "interval": "", 123 | "legendFormat": "Recovery window", 124 | "refId": "A" 125 | } 126 | ], 127 | "title": "Recovery Window", 128 | "type": "stat" 129 | }, 130 | { 131 | "aliasColors": { 132 | "Differential": "dark-blue", 133 | "Differential Backup": "dark-blue", 134 | "Full": "dark-green", 135 | "Full Backup": "dark-green", 136 | "Incremental": "light-blue", 137 | "Incremental Backup": "light-blue" 138 | }, 139 | "bars": false, 140 | "dashLength": 10, 141 | "dashes": false, 142 | "datasource": "PROMETHEUS", 143 | "fieldConfig": { 144 | "defaults": { 145 | "custom": {}, 146 | "links": [] 147 | }, 148 | "overrides": [] 149 | }, 150 | "fill": 1, 151 | "fillGradient": 0, 152 | "gridPos": { 153 | "h": 7, 154 | "w": 12, 155 | "x": 0, 156 | "y": 3 157 | }, 158 | "hiddenSeries": false, 159 | "id": 2, 160 | "legend": { 161 | "alignAsTable": true, 162 | "avg": false, 163 | "current": false, 164 | "max": false, 165 | "min": false, 166 | "rightSide": true, 167 | "show": true, 168 | "sideWidth": 150, 169 | "total": false, 170 | "values": false 171 | }, 172 | "lines": true, 173 | "linewidth": 1, 174 | "links": [], 175 | "nullPointMode": "null", 176 | "options": { 177 | "alertThreshold": false 178 | }, 179 | "percentage": false, 180 | "pluginVersion": "7.4.5", 181 | "pointradius": 5, 182 | "points": false, 183 | "renderer": "flot", 184 | "seriesOverrides": [], 185 | "spaceLength": 10, 186 | "stack": false, 187 | "steppedLine": false, 188 | "targets": [ 189 | { 190 | "expr": "min(ccp_backrest_last_incr_backup_time_since_completion_seconds{pg_cluster=\"[[cluster]]\", role=\"master\"}) without(deployment,instance,ip,pod)", 191 | "format": "time_series", 192 | "instant": false, 193 | "interval": "", 194 | "intervalFactor": 1, 195 | "legendFormat": "Incremental Backup", 196 | "refId": "A" 197 | }, 198 | { 199 | "expr": "min(ccp_backrest_last_diff_backup_time_since_completion_seconds{pg_cluster=\"[[cluster]]\", role=\"master\"}) without(deployment, instance,ip,pod)", 200 | "hide": false, 201 | "interval": "", 202 | "legendFormat": "Differential Backup", 203 | "refId": "B" 204 | }, 205 | { 206 | "expr": "min(ccp_backrest_last_full_backup_time_since_completion_seconds{pg_cluster=\"[[cluster]]\", role=\"master\"}) without(deployment, instance,ip,pod)", 207 | "hide": false, 208 | "interval": "", 209 | "legendFormat": "Full Backup", 210 | "refId": "C" 211 | }, 212 | { 213 | "expr": "min(ccp_archive_command_status_seconds_since_last_archive{pg_cluster=\"[[cluster]]\", role=\"master\"}) without(deployment, instance,ip,pod)", 214 | "hide": false, 215 | "interval": "", 216 | "legendFormat": "WAL Archive", 217 | "refId": "D" 218 | } 219 | ], 220 | "thresholds": [], 221 | "timeFrom": null, 222 | "timeRegions": [], 223 | "timeShift": null, 224 | "title": "Time Since", 225 | "tooltip": { 226 | "shared": true, 227 | "sort": 0, 228 | "value_type": "individual" 229 | }, 230 | "type": "graph", 231 | "xaxis": { 232 | "buckets": null, 233 | "mode": "time", 234 | "name": null, 235 | "show": true, 236 | "values": [] 237 | }, 238 | "yaxes": [ 239 | { 240 | "format": "s", 241 | "label": null, 242 | "logBase": 1, 243 | "max": null, 244 | "min": null, 245 | "show": true 246 | }, 247 | { 248 | "format": "short", 249 | "label": null, 250 | "logBase": 1, 251 | "max": null, 252 | "min": null, 253 | "show": false 254 | } 255 | ], 256 | "yaxis": { 257 | "align": false, 258 | "alignLevel": null 259 | } 260 | }, 261 | { 262 | "aliasColors": { 263 | "Differential": "dark-blue", 264 | "Full": "dark-green", 265 | "Incremental": "light-blue" 266 | }, 267 | "bars": false, 268 | "dashLength": 10, 269 | "dashes": false, 270 | "datasource": "PROMETHEUS", 271 | "fieldConfig": { 272 | "defaults": { 273 | "custom": {}, 274 | "links": [] 275 | }, 276 | "overrides": [] 277 | }, 278 | "fill": 1, 279 | "fillGradient": 0, 280 | "gridPos": { 281 | "h": 7, 282 | "w": 12, 283 | "x": 12, 284 | "y": 3 285 | }, 286 | "hiddenSeries": false, 287 | "id": 4, 288 | "legend": { 289 | "alignAsTable": true, 290 | "avg": false, 291 | "current": false, 292 | "hideEmpty": false, 293 | "hideZero": false, 294 | "max": false, 295 | "min": false, 296 | "rightSide": true, 297 | "show": true, 298 | "sideWidth": 150, 299 | "total": false, 300 | "values": false 301 | }, 302 | "lines": true, 303 | "linewidth": 1, 304 | "links": [], 305 | "nullPointMode": "null", 306 | "options": { 307 | "alertThreshold": true 308 | }, 309 | "percentage": false, 310 | "pluginVersion": "7.4.5", 311 | "pointradius": 5, 312 | "points": false, 313 | "renderer": "flot", 314 | "seriesOverrides": [], 315 | "spaceLength": 10, 316 | "stack": false, 317 | "steppedLine": false, 318 | "targets": [ 319 | { 320 | "expr": "min(ccp_backrest_last_info_backup_runtime_seconds{pg_cluster=\"[[cluster]]\", role=\"master\", backup_type=\"incr\"}) without (deployment,instance,pod,ip)", 321 | "format": "time_series", 322 | "instant": false, 323 | "interval": "", 324 | "intervalFactor": 1, 325 | "legendFormat": "Incremental", 326 | "refId": "A" 327 | }, 328 | { 329 | "expr": "min(ccp_backrest_last_info_backup_runtime_seconds{pg_cluster=\"[[cluster]]\", role=\"master\", backup_type=\"diff\"}) without (deployment,instance,pod,ip)", 330 | "hide": false, 331 | "interval": "", 332 | "legendFormat": "Differential", 333 | "refId": "B" 334 | }, 335 | { 336 | "expr": "min(ccp_backrest_last_info_backup_runtime_seconds{pg_cluster=\"[[cluster]]\", role=\"master\", backup_type=\"full\"}) without (deployment,instance,pod,ip)", 337 | "hide": false, 338 | "interval": "", 339 | "legendFormat": "Full", 340 | "refId": "C" 341 | } 342 | ], 343 | "thresholds": [], 344 | "timeFrom": null, 345 | "timeRegions": [], 346 | "timeShift": null, 347 | "title": "Backup Runtimes", 348 | "tooltip": { 349 | "shared": true, 350 | "sort": 0, 351 | "value_type": "individual" 352 | }, 353 | "type": "graph", 354 | "xaxis": { 355 | "buckets": null, 356 | "mode": "time", 357 | "name": null, 358 | "show": true, 359 | "values": [] 360 | }, 361 | "yaxes": [ 362 | { 363 | "format": "s", 364 | "label": null, 365 | "logBase": 1, 366 | "max": null, 367 | "min": null, 368 | "show": true 369 | }, 370 | { 371 | "format": "short", 372 | "label": null, 373 | "logBase": 2, 374 | "max": null, 375 | "min": null, 376 | "show": false 377 | } 378 | ], 379 | "yaxis": { 380 | "align": false, 381 | "alignLevel": null 382 | } 383 | }, 384 | { 385 | "aliasColors": { 386 | "Differential": "dark-blue", 387 | "Full": "dark-green", 388 | "Incremental": "light-blue" 389 | }, 390 | "bars": false, 391 | "dashLength": 10, 392 | "dashes": false, 393 | "datasource": "PROMETHEUS", 394 | "description": "", 395 | "fieldConfig": { 396 | "defaults": { 397 | "custom": {}, 398 | "links": [] 399 | }, 400 | "overrides": [] 401 | }, 402 | "fill": 1, 403 | "fillGradient": 0, 404 | "gridPos": { 405 | "h": 7, 406 | "w": 12, 407 | "x": 0, 408 | "y": 10 409 | }, 410 | "hiddenSeries": false, 411 | "id": 5, 412 | "legend": { 413 | "alignAsTable": true, 414 | "avg": false, 415 | "current": false, 416 | "hideEmpty": false, 417 | "hideZero": false, 418 | "max": false, 419 | "min": false, 420 | "rightSide": true, 421 | "show": true, 422 | "sideWidth": 150, 423 | "total": false, 424 | "values": false 425 | }, 426 | "lines": true, 427 | "linewidth": 1, 428 | "links": [], 429 | "nullPointMode": "null", 430 | "options": { 431 | "alertThreshold": true 432 | }, 433 | "percentage": false, 434 | "pluginVersion": "7.4.5", 435 | "pointradius": 5, 436 | "points": false, 437 | "renderer": "flot", 438 | "seriesOverrides": [], 439 | "spaceLength": 10, 440 | "stack": false, 441 | "steppedLine": false, 442 | "targets": [ 443 | { 444 | "expr": "min(ccp_backrest_last_info_repo_backup_size_bytes{pg_cluster=\"[[cluster]]\", role=\"master\", backup_type=\"incr\"}) without (deployment, instance,pod,ip)", 445 | "format": "time_series", 446 | "instant": false, 447 | "interval": "", 448 | "intervalFactor": 1, 449 | "legendFormat": "Incremental", 450 | "refId": "A" 451 | }, 452 | { 453 | "expr": "min(ccp_backrest_last_info_repo_backup_size_bytes{pg_cluster=\"[[cluster]]\", role=\"master\", backup_type=\"diff\"}) without (deployment,instance,pod,ip)", 454 | "hide": false, 455 | "interval": "", 456 | "legendFormat": "Differential", 457 | "refId": "B" 458 | }, 459 | { 460 | "expr": "min(ccp_backrest_last_info_repo_backup_size_bytes{pg_cluster=\"[[cluster]]\", role=\"master\", backup_type=\"full\"}) without (deployment,instance,pod,ip)", 461 | "hide": false, 462 | "interval": "", 463 | "legendFormat": "Full", 464 | "refId": "C" 465 | } 466 | ], 467 | "thresholds": [], 468 | "timeFrom": null, 469 | "timeRegions": [], 470 | "timeShift": null, 471 | "title": "Backup Size", 472 | "tooltip": { 473 | "shared": true, 474 | "sort": 0, 475 | "value_type": "individual" 476 | }, 477 | "type": "graph", 478 | "xaxis": { 479 | "buckets": null, 480 | "mode": "time", 481 | "name": null, 482 | "show": true, 483 | "values": [] 484 | }, 485 | "yaxes": [ 486 | { 487 | "format": "bytes", 488 | "label": null, 489 | "logBase": 1, 490 | "max": null, 491 | "min": null, 492 | "show": true 493 | }, 494 | { 495 | "format": "short", 496 | "label": null, 497 | "logBase": 2, 498 | "max": null, 499 | "min": null, 500 | "show": false 501 | } 502 | ], 503 | "yaxis": { 504 | "align": false, 505 | "alignLevel": null 506 | } 507 | }, 508 | { 509 | "aliasColors": { 510 | "Archive age": "blue", 511 | "Archive count": "green", 512 | "Differential": "dark-blue", 513 | "Failed count": "red", 514 | "Full": "dark-green", 515 | "Incremental": "light-blue" 516 | }, 517 | "bars": false, 518 | "dashLength": 10, 519 | "dashes": false, 520 | "datasource": "PROMETHEUS", 521 | "description": "", 522 | "fieldConfig": { 523 | "defaults": { 524 | "custom": {}, 525 | "links": [] 526 | }, 527 | "overrides": [] 528 | }, 529 | "fill": 3, 530 | "fillGradient": 0, 531 | "gridPos": { 532 | "h": 7, 533 | "w": 12, 534 | "x": 12, 535 | "y": 10 536 | }, 537 | "hiddenSeries": false, 538 | "id": 6, 539 | "legend": { 540 | "alignAsTable": true, 541 | "avg": false, 542 | "current": false, 543 | "hideEmpty": false, 544 | "hideZero": false, 545 | "max": false, 546 | "min": false, 547 | "rightSide": true, 548 | "show": true, 549 | "sideWidth": 150, 550 | "total": false, 551 | "values": false 552 | }, 553 | "lines": true, 554 | "linewidth": 1, 555 | "links": [], 556 | "nullPointMode": "null", 557 | "options": { 558 | "alertThreshold": true 559 | }, 560 | "percentage": false, 561 | "pluginVersion": "7.4.5", 562 | "pointradius": 5, 563 | "points": false, 564 | "renderer": "flot", 565 | "seriesOverrides": [], 566 | "spaceLength": 10, 567 | "stack": false, 568 | "steppedLine": false, 569 | "targets": [ 570 | { 571 | "expr": "avg(idelta(ccp_archive_command_status_failed_count{pg_cluster=\"[[cluster]]\", role=\"master\"}[1m])) without (instance,ip)", 572 | "format": "time_series", 573 | "instant": false, 574 | "interval": "", 575 | "intervalFactor": 1, 576 | "legendFormat": "Failed count", 577 | "refId": "A" 578 | }, 579 | { 580 | "expr": "avg(idelta(ccp_archive_command_status_archived_count{pg_cluster=\"[[cluster]]\", role=\"master\"}[1m])) without (instance,pod, ip)", 581 | "hide": false, 582 | "interval": "", 583 | "legendFormat": "Archive count", 584 | "refId": "B" 585 | } 586 | ], 587 | "thresholds": [], 588 | "timeFrom": null, 589 | "timeRegions": [], 590 | "timeShift": null, 591 | "title": "WAL Stats", 592 | "tooltip": { 593 | "shared": true, 594 | "sort": 0, 595 | "value_type": "individual" 596 | }, 597 | "type": "graph", 598 | "xaxis": { 599 | "buckets": null, 600 | "mode": "time", 601 | "name": null, 602 | "show": true, 603 | "values": [] 604 | }, 605 | "yaxes": [ 606 | { 607 | "format": "short", 608 | "label": "", 609 | "logBase": 1, 610 | "max": null, 611 | "min": "0", 612 | "show": true 613 | }, 614 | { 615 | "format": "short", 616 | "label": null, 617 | "logBase": 1, 618 | "max": null, 619 | "min": "0", 620 | "show": false 621 | } 622 | ], 623 | "yaxis": { 624 | "align": false, 625 | "alignLevel": null 626 | } 627 | } 628 | ], 629 | "refresh": "5m", 630 | "schemaVersion": 27, 631 | "style": "dark", 632 | "tags": [ 633 | "vendor=crunchydata" 634 | ], 635 | "templating": { 636 | "list": [ 637 | { 638 | "allValue": null, 639 | "current": {}, 640 | "datasource": "PROMETHEUS", 641 | "definition": "label_values(pg_cluster)", 642 | "description": null, 643 | "error": null, 644 | "hide": 0, 645 | "includeAll": false, 646 | "label": "cluster", 647 | "multi": false, 648 | "name": "cluster", 649 | "options": [], 650 | "query": { 651 | "query": "label_values(pg_cluster)", 652 | "refId": "PROMETHEUS-cluster-Variable-Query" 653 | }, 654 | "refresh": 1, 655 | "regex": "", 656 | "skipUrlSync": false, 657 | "sort": 1, 658 | "tagValuesQuery": "", 659 | "tags": [], 660 | "tagsQuery": "", 661 | "type": "query", 662 | "useTags": false 663 | } 664 | ] 665 | }, 666 | "time": { 667 | "from": "now-30m", 668 | "to": "now" 669 | }, 670 | "timepicker": { 671 | "time_options": [ 672 | "5m", 673 | "15m", 674 | "1h", 675 | "6h", 676 | "12h", 677 | "24h", 678 | "2d", 679 | "7d", 680 | "30d" 681 | ] 682 | }, 683 | "timezone": "browser", 684 | "title": "pgBackRest", 685 | "uid": "2fcFZ6PGk", 686 | "version": 1 687 | } 688 | -------------------------------------------------------------------------------- /kustomize/monitoring/dashboards/prometheus_alerts.json: -------------------------------------------------------------------------------- 1 | { 2 | "__inputs": [ 3 | { 4 | "name": "DS_PROMETHEUS", 5 | "label": "PROMETHEUS", 6 | "description": "", 7 | "type": "datasource", 8 | "pluginId": "prometheus", 9 | "pluginName": "Prometheus" 10 | } 11 | ], 12 | "__requires": [ 13 | { 14 | "type": "grafana", 15 | "id": "grafana", 16 | "name": "Grafana", 17 | "version": "7.4.5" 18 | }, 19 | { 20 | "type": "datasource", 21 | "id": "prometheus", 22 | "name": "Prometheus", 23 | "version": "1.0.0" 24 | }, 25 | { 26 | "type": "panel", 27 | "id": "stat", 28 | "name": "Stat", 29 | "version": "" 30 | }, 31 | { 32 | "type": "panel", 33 | "id": "table", 34 | "name": "Table", 35 | "version": "" 36 | } 37 | ], 38 | "annotations": { 39 | "list": [ 40 | { 41 | "builtIn": 1, 42 | "datasource": "-- Grafana --", 43 | "enable": true, 44 | "hide": true, 45 | "iconColor": "rgba(0, 211, 255, 1)", 46 | "name": "Annotations & Alerts", 47 | "type": "dashboard" 48 | } 49 | ] 50 | }, 51 | "description": "Show current firing and pending alerts, and severity alert counts.", 52 | "editable": false, 53 | "gnetId": 4181, 54 | "graphTooltip": 0, 55 | "id": null, 56 | "links": [ 57 | { 58 | "icon": "external link", 59 | "tags": [ 60 | "vendor=crunchydata" 61 | ], 62 | "type": "dashboards" 63 | } 64 | ], 65 | "panels": [ 66 | { 67 | "collapsed": false, 68 | "datasource": "PROMETHEUS", 69 | "gridPos": { 70 | "h": 1, 71 | "w": 24, 72 | "x": 0, 73 | "y": 0 74 | }, 75 | "id": 10, 76 | "panels": [], 77 | "repeat": null, 78 | "title": "Environment Summary", 79 | "type": "row" 80 | }, 81 | { 82 | "cacheTimeout": null, 83 | "datasource": "PROMETHEUS", 84 | "description": "", 85 | "fieldConfig": { 86 | "defaults": { 87 | "color": { 88 | "mode": "thresholds" 89 | }, 90 | "custom": {}, 91 | "mappings": [ 92 | { 93 | "id": 0, 94 | "op": "=", 95 | "text": "N/A", 96 | "type": 1, 97 | "value": "null" 98 | } 99 | ], 100 | "thresholds": { 101 | "mode": "absolute", 102 | "steps": [ 103 | { 104 | "color": "semi-dark-blue", 105 | "value": null 106 | } 107 | ] 108 | }, 109 | "unit": "none" 110 | }, 111 | "overrides": [] 112 | }, 113 | "gridPos": { 114 | "h": 2, 115 | "w": 4, 116 | "x": 0, 117 | "y": 1 118 | }, 119 | "id": 6, 120 | "interval": null, 121 | "links": [], 122 | "maxDataPoints": 100, 123 | "options": { 124 | "colorMode": "background", 125 | "graphMode": "none", 126 | "justifyMode": "auto", 127 | "orientation": "horizontal", 128 | "reduceOptions": { 129 | "calcs": [], 130 | "fields": "", 131 | "values": false 132 | }, 133 | "text": {}, 134 | "textMode": "auto" 135 | }, 136 | "pluginVersion": "7.4.5", 137 | "targets": [ 138 | { 139 | "expr": "count(count by (kubernetes_namespace) (pg_up))", 140 | "format": "time_series", 141 | "instant": true, 142 | "interval": "", 143 | "intervalFactor": 2, 144 | "legendFormat": "Namespaces", 145 | "refId": "A" 146 | } 147 | ], 148 | "title": "Namespaces", 149 | "type": "stat" 150 | }, 151 | { 152 | "cacheTimeout": null, 153 | "datasource": "PROMETHEUS", 154 | "description": "", 155 | "fieldConfig": { 156 | "defaults": { 157 | "color": { 158 | "mode": "thresholds" 159 | }, 160 | "custom": {}, 161 | "mappings": [ 162 | { 163 | "id": 0, 164 | "op": "=", 165 | "text": "N/A", 166 | "type": 1, 167 | "value": "null" 168 | } 169 | ], 170 | "thresholds": { 171 | "mode": "absolute", 172 | "steps": [ 173 | { 174 | "color": "semi-dark-blue", 175 | "value": null 176 | } 177 | ] 178 | }, 179 | "unit": "none" 180 | }, 181 | "overrides": [] 182 | }, 183 | "gridPos": { 184 | "h": 2, 185 | "w": 4, 186 | "x": 4, 187 | "y": 1 188 | }, 189 | "id": 13, 190 | "interval": null, 191 | "links": [], 192 | "maxDataPoints": 100, 193 | "options": { 194 | "colorMode": "background", 195 | "graphMode": "none", 196 | "justifyMode": "auto", 197 | "orientation": "horizontal", 198 | "reduceOptions": { 199 | "calcs": [ 200 | "mean" 201 | ], 202 | "fields": "", 203 | "values": false 204 | }, 205 | "text": {}, 206 | "textMode": "auto" 207 | }, 208 | "pluginVersion": "7.4.5", 209 | "targets": [ 210 | { 211 | "expr": "count(count by (pg_cluster) (pg_up))", 212 | "format": "time_series", 213 | "instant": true, 214 | "interval": "", 215 | "intervalFactor": 2, 216 | "legendFormat": "PostgreSQL Clusters", 217 | "refId": "A" 218 | } 219 | ], 220 | "title": "PG Clusters", 221 | "type": "stat" 222 | }, 223 | { 224 | "cacheTimeout": null, 225 | "datasource": "PROMETHEUS", 226 | "description": "", 227 | "fieldConfig": { 228 | "defaults": { 229 | "color": { 230 | "mode": "thresholds" 231 | }, 232 | "custom": {}, 233 | "mappings": [ 234 | { 235 | "id": 0, 236 | "op": "=", 237 | "text": "N/A", 238 | "type": 1, 239 | "value": "null" 240 | } 241 | ], 242 | "thresholds": { 243 | "mode": "absolute", 244 | "steps": [ 245 | { 246 | "color": "semi-dark-blue", 247 | "value": null 248 | } 249 | ] 250 | }, 251 | "unit": "none" 252 | }, 253 | "overrides": [] 254 | }, 255 | "gridPos": { 256 | "h": 2, 257 | "w": 4, 258 | "x": 8, 259 | "y": 1 260 | }, 261 | "id": 14, 262 | "interval": null, 263 | "links": [], 264 | "maxDataPoints": 100, 265 | "options": { 266 | "colorMode": "background", 267 | "graphMode": "none", 268 | "justifyMode": "auto", 269 | "orientation": "horizontal", 270 | "reduceOptions": { 271 | "calcs": [ 272 | "mean" 273 | ], 274 | "fields": "", 275 | "values": false 276 | }, 277 | "text": {}, 278 | "textMode": "auto" 279 | }, 280 | "pluginVersion": "7.4.5", 281 | "targets": [ 282 | { 283 | "expr": "count(pg_up)", 284 | "format": "time_series", 285 | "instant": true, 286 | "interval": "", 287 | "intervalFactor": 2, 288 | "legendFormat": "PostgreSQL Clusters", 289 | "refId": "A" 290 | } 291 | ], 292 | "title": "PG Instances", 293 | "type": "stat" 294 | }, 295 | { 296 | "collapsed": false, 297 | "datasource": "PROMETHEUS", 298 | "gridPos": { 299 | "h": 1, 300 | "w": 24, 301 | "x": 0, 302 | "y": 3 303 | }, 304 | "id": 11, 305 | "panels": [], 306 | "repeat": null, 307 | "title": "Alert Summary", 308 | "type": "row" 309 | }, 310 | { 311 | "cacheTimeout": null, 312 | "datasource": "PROMETHEUS", 313 | "fieldConfig": { 314 | "defaults": { 315 | "color": { 316 | "mode": "thresholds" 317 | }, 318 | "custom": {}, 319 | "mappings": [ 320 | { 321 | "id": 0, 322 | "op": "=", 323 | "text": "N/A", 324 | "type": 1, 325 | "value": "null" 326 | } 327 | ], 328 | "thresholds": { 329 | "mode": "absolute", 330 | "steps": [ 331 | { 332 | "color": "semi-dark-red", 333 | "value": null 334 | }, 335 | { 336 | "color": "#F2495C", 337 | "value": 1 338 | }, 339 | { 340 | "color": "#F2495C" 341 | } 342 | ] 343 | }, 344 | "unit": "none" 345 | }, 346 | "overrides": [] 347 | }, 348 | "gridPos": { 349 | "h": 2, 350 | "w": 4, 351 | "x": 0, 352 | "y": 4 353 | }, 354 | "id": 2, 355 | "interval": null, 356 | "links": [], 357 | "maxDataPoints": 100, 358 | "options": { 359 | "colorMode": "background", 360 | "graphMode": "none", 361 | "justifyMode": "auto", 362 | "orientation": "horizontal", 363 | "reduceOptions": { 364 | "calcs": [ 365 | "mean" 366 | ], 367 | "fields": "", 368 | "values": false 369 | }, 370 | "text": {}, 371 | "textMode": "auto" 372 | }, 373 | "pluginVersion": "7.4.5", 374 | "targets": [ 375 | { 376 | "bucketAggs": [ 377 | { 378 | "id": "2", 379 | "settings": { 380 | "interval": "auto", 381 | "min_doc_count": 0, 382 | "trimEdges": 0 383 | }, 384 | "type": "date_histogram" 385 | } 386 | ], 387 | "dsType": "elasticsearch", 388 | "expr": "sum(ALERTS{alertstate=\"firing\",severity=\"critical\"} > 0) OR on() vector(0)", 389 | "format": "time_series", 390 | "instant": true, 391 | "interval": "", 392 | "intervalFactor": 1, 393 | "legendFormat": "Critical", 394 | "metrics": [ 395 | { 396 | "field": "select field", 397 | "id": "1", 398 | "type": "count" 399 | } 400 | ], 401 | "refId": "A" 402 | } 403 | ], 404 | "title": "Critical", 405 | "type": "stat" 406 | }, 407 | { 408 | "cacheTimeout": null, 409 | "datasource": "PROMETHEUS", 410 | "fieldConfig": { 411 | "defaults": { 412 | "color": { 413 | "mode": "thresholds" 414 | }, 415 | "custom": {}, 416 | "mappings": [ 417 | { 418 | "id": 0, 419 | "op": "=", 420 | "text": "N/A", 421 | "type": 1, 422 | "value": "null" 423 | } 424 | ], 425 | "thresholds": { 426 | "mode": "absolute", 427 | "steps": [ 428 | { 429 | "color": "semi-dark-orange", 430 | "value": null 431 | } 432 | ] 433 | }, 434 | "unit": "none" 435 | }, 436 | "overrides": [] 437 | }, 438 | "gridPos": { 439 | "h": 2, 440 | "w": 4, 441 | "x": 4, 442 | "y": 4 443 | }, 444 | "id": 5, 445 | "interval": null, 446 | "links": [], 447 | "maxDataPoints": 100, 448 | "options": { 449 | "colorMode": "background", 450 | "graphMode": "none", 451 | "justifyMode": "auto", 452 | "orientation": "horizontal", 453 | "reduceOptions": { 454 | "calcs": [], 455 | "fields": "", 456 | "values": false 457 | }, 458 | "text": {}, 459 | "textMode": "auto" 460 | }, 461 | "pluginVersion": "7.4.5", 462 | "targets": [ 463 | { 464 | "expr": "sum(ALERTS{alertstate=\"firing\",severity=\"warning\"} > 0) OR on() vector(0)", 465 | "format": "time_series", 466 | "instant": true, 467 | "interval": "", 468 | "intervalFactor": 2, 469 | "legendFormat": "", 470 | "refId": "A" 471 | } 472 | ], 473 | "title": "Warning", 474 | "type": "stat" 475 | }, 476 | { 477 | "cacheTimeout": null, 478 | "datasource": "PROMETHEUS", 479 | "fieldConfig": { 480 | "defaults": { 481 | "color": { 482 | "mode": "thresholds" 483 | }, 484 | "custom": {}, 485 | "mappings": [ 486 | { 487 | "id": 0, 488 | "op": "=", 489 | "text": "N/A", 490 | "type": 1, 491 | "value": "null" 492 | } 493 | ], 494 | "thresholds": { 495 | "mode": "absolute", 496 | "steps": [ 497 | { 498 | "color": "#299c46", 499 | "value": null 500 | } 501 | ] 502 | }, 503 | "unit": "none" 504 | }, 505 | "overrides": [] 506 | }, 507 | "gridPos": { 508 | "h": 2, 509 | "w": 4, 510 | "x": 8, 511 | "y": 4 512 | }, 513 | "id": 9, 514 | "interval": null, 515 | "links": [], 516 | "maxDataPoints": 100, 517 | "options": { 518 | "colorMode": "background", 519 | "graphMode": "none", 520 | "justifyMode": "auto", 521 | "orientation": "horizontal", 522 | "reduceOptions": { 523 | "calcs": [ 524 | "mean" 525 | ], 526 | "fields": "", 527 | "values": false 528 | }, 529 | "text": {}, 530 | "textMode": "auto" 531 | }, 532 | "pluginVersion": "7.4.5", 533 | "targets": [ 534 | { 535 | "expr": "sum(ALERTS{alertstate=\"firing\",severity=\"info\"} > 0) OR on() vector(0)", 536 | "format": "time_series", 537 | "interval": "", 538 | "intervalFactor": 2, 539 | "legendFormat": "", 540 | "refId": "A" 541 | } 542 | ], 543 | "title": "Info", 544 | "type": "stat" 545 | }, 546 | { 547 | "collapsed": false, 548 | "datasource": "PROMETHEUS", 549 | "gridPos": { 550 | "h": 1, 551 | "w": 24, 552 | "x": 0, 553 | "y": 6 554 | }, 555 | "id": 12, 556 | "panels": [], 557 | "repeat": null, 558 | "title": "Alerts", 559 | "type": "row" 560 | }, 561 | { 562 | "datasource": "PROMETHEUS", 563 | "fieldConfig": { 564 | "defaults": { 565 | "color": { 566 | "mode": "thresholds" 567 | }, 568 | "custom": { 569 | "align": null, 570 | "displayMode": "auto", 571 | "filterable": true 572 | }, 573 | "decimals": 2, 574 | "displayName": "", 575 | "mappings": [ 576 | { 577 | "from": "", 578 | "id": 1, 579 | "text": "", 580 | "to": "", 581 | "type": 1, 582 | "value": "" 583 | } 584 | ], 585 | "thresholds": { 586 | "mode": "absolute", 587 | "steps": [ 588 | { 589 | "color": "green", 590 | "value": null 591 | }, 592 | { 593 | "color": "blue", 594 | "value": 100 595 | }, 596 | { 597 | "color": "#EAB839", 598 | "value": 200 599 | }, 600 | { 601 | "color": "red", 602 | "value": 300 603 | } 604 | ] 605 | }, 606 | "unit": "short" 607 | }, 608 | "overrides": [ 609 | { 610 | "matcher": { 611 | "id": "byName", 612 | "options": "severity_num" 613 | }, 614 | "properties": [ 615 | { 616 | "id": "custom.displayMode", 617 | "value": "color-background" 618 | }, 619 | { 620 | "id": "custom.width", 621 | "value": 124 622 | } 623 | ] 624 | }, 625 | { 626 | "matcher": { 627 | "id": "byName", 628 | "options": "Time" 629 | }, 630 | "properties": [ 631 | { 632 | "id": "custom.width", 633 | "value": 170 634 | } 635 | ] 636 | }, 637 | { 638 | "matcher": { 639 | "id": "byName", 640 | "options": "severity" 641 | }, 642 | "properties": [ 643 | { 644 | "id": "custom.width", 645 | "value": 119 646 | } 647 | ] 648 | }, 649 | { 650 | "matcher": { 651 | "id": "byName", 652 | "options": "alertname" 653 | }, 654 | "properties": [ 655 | { 656 | "id": "custom.width", 657 | "value": 206 658 | } 659 | ] 660 | }, 661 | { 662 | "matcher": { 663 | "id": "byName", 664 | "options": "alertstate" 665 | }, 666 | "properties": [ 667 | { 668 | "id": "custom.width", 669 | "value": 128 670 | } 671 | ] 672 | } 673 | ] 674 | }, 675 | "gridPos": { 676 | "h": 5, 677 | "w": 24, 678 | "x": 0, 679 | "y": 7 680 | }, 681 | "id": 1, 682 | "links": [], 683 | "options": { 684 | "showHeader": true, 685 | "sortBy": [] 686 | }, 687 | "pluginVersion": "7.4.5", 688 | "targets": [ 689 | { 690 | "expr": "ALERTS{alertstate='firing'} > 0", 691 | "format": "table", 692 | "instant": true, 693 | "interval": "2s", 694 | "intervalFactor": 1, 695 | "legendFormat": "", 696 | "refId": "A" 697 | } 698 | ], 699 | "title": "Firing", 700 | "transformations": [ 701 | { 702 | "id": "merge", 703 | "options": { 704 | "reducers": [] 705 | } 706 | }, 707 | { 708 | "id": "organize", 709 | "options": { 710 | "excludeByName": { 711 | "Value": true, 712 | "__name__": true, 713 | "alertstate": false, 714 | "deployment": false, 715 | "exp_type": true, 716 | "fs_type": true, 717 | "instance": true, 718 | "job": true, 719 | "kubernetes_namespace": true, 720 | "mount_point": true, 721 | "server": true, 722 | "service": true, 723 | "severity_num": false 724 | }, 725 | "indexByName": { 726 | "Time": 0, 727 | "Value": 16, 728 | "__name__": 3, 729 | "alertname": 4, 730 | "alertstate": 5, 731 | "deployment": 7, 732 | "exp_type": 9, 733 | "instance": 10, 734 | "ip": 11, 735 | "job": 12, 736 | "kubernetes_namespace": 13, 737 | "pg_cluster": 6, 738 | "pod": 8, 739 | "role": 14, 740 | "service": 15, 741 | "severity": 2, 742 | "severity_num": 1 743 | }, 744 | "renameByName": { 745 | "Time": "", 746 | "__name__": "", 747 | "severity": "", 748 | "severity_num": "" 749 | } 750 | } 751 | } 752 | ], 753 | "type": "table" 754 | }, 755 | { 756 | "datasource": "PROMETHEUS", 757 | "fieldConfig": { 758 | "defaults": { 759 | "color": { 760 | "mode": "thresholds" 761 | }, 762 | "custom": { 763 | "align": null, 764 | "filterable": true 765 | }, 766 | "decimals": 2, 767 | "displayName": "", 768 | "mappings": [], 769 | "thresholds": { 770 | "mode": "absolute", 771 | "steps": [ 772 | { 773 | "color": "green", 774 | "value": null 775 | }, 776 | { 777 | "color": "red", 778 | "value": 80 779 | } 780 | ] 781 | }, 782 | "unit": "short" 783 | }, 784 | "overrides": [ 785 | { 786 | "matcher": { 787 | "id": "byRegexp", 788 | "options": "/(instance|__name__|Time|alertstate|job|type|Value)/" 789 | }, 790 | "properties": [ 791 | { 792 | "id": "unit", 793 | "value": "short" 794 | }, 795 | { 796 | "id": "decimals", 797 | "value": 2 798 | }, 799 | { 800 | "id": "custom.align", 801 | "value": null 802 | } 803 | ] 804 | }, 805 | { 806 | "matcher": { 807 | "id": "byName", 808 | "options": "Time" 809 | }, 810 | "properties": [ 811 | { 812 | "id": "custom.width", 813 | "value": null 814 | } 815 | ] 816 | }, 817 | { 818 | "matcher": { 819 | "id": "byName", 820 | "options": "severity_num" 821 | }, 822 | "properties": [ 823 | { 824 | "id": "custom.width", 825 | "value": 126 826 | } 827 | ] 828 | }, 829 | { 830 | "matcher": { 831 | "id": "byName", 832 | "options": "severity" 833 | }, 834 | "properties": [ 835 | { 836 | "id": "custom.width", 837 | "value": 115 838 | } 839 | ] 840 | }, 841 | { 842 | "matcher": { 843 | "id": "byName", 844 | "options": "alertname" 845 | }, 846 | "properties": [ 847 | { 848 | "id": "custom.width", 849 | "value": 207 850 | } 851 | ] 852 | }, 853 | { 854 | "matcher": { 855 | "id": "byName", 856 | "options": "alertstate" 857 | }, 858 | "properties": [ 859 | { 860 | "id": "custom.width", 861 | "value": 131 862 | } 863 | ] 864 | } 865 | ] 866 | }, 867 | "gridPos": { 868 | "h": 7, 869 | "w": 24, 870 | "x": 0, 871 | "y": 12 872 | }, 873 | "id": 3, 874 | "links": [], 875 | "options": { 876 | "showHeader": true, 877 | "sortBy": [] 878 | }, 879 | "pluginVersion": "7.4.5", 880 | "targets": [ 881 | { 882 | "expr": "ALERTS{alertstate=\"pending\"}", 883 | "format": "table", 884 | "instant": false, 885 | "interval": "", 886 | "intervalFactor": 1, 887 | "legendFormat": "", 888 | "refId": "A" 889 | } 890 | ], 891 | "title": "Alerts (1 week)", 892 | "transformations": [ 893 | { 894 | "id": "organize", 895 | "options": { 896 | "excludeByName": { 897 | "Value": true, 898 | "__name__": true, 899 | "exp_type": true, 900 | "instance": true, 901 | "job": true, 902 | "kubernetes_namespace": true, 903 | "service": true 904 | }, 905 | "indexByName": { 906 | "Time": 0, 907 | "Value": 16, 908 | "__name__": 3, 909 | "alertname": 4, 910 | "alertstate": 5, 911 | "deployment": 7, 912 | "exp_type": 8, 913 | "instance": 9, 914 | "ip": 11, 915 | "job": 12, 916 | "kubernetes_namespace": 13, 917 | "pg_cluster": 6, 918 | "pod": 10, 919 | "role": 14, 920 | "service": 15, 921 | "severity": 2, 922 | "severity_num": 1 923 | }, 924 | "renameByName": {} 925 | } 926 | } 927 | ], 928 | "type": "table" 929 | } 930 | ], 931 | "refresh": "15m", 932 | "schemaVersion": 27, 933 | "style": "dark", 934 | "tags": [ 935 | "vendor=crunchydata" 936 | ], 937 | "templating": { 938 | "list": [] 939 | }, 940 | "time": { 941 | "from": "now-30m", 942 | "to": "now" 943 | }, 944 | "timepicker": { 945 | "time_options": [ 946 | "5m", 947 | "15m", 948 | "1h", 949 | "6h", 950 | "12h", 951 | "24h", 952 | "2d", 953 | "7d", 954 | "30d" 955 | ] 956 | }, 957 | "timezone": "browser", 958 | "title": "Prometheus Alerts", 959 | "uid": "lwxXsZsMk", 960 | "version": 1 961 | } 962 | --------------------------------------------------------------------------------