├── .devcontainer ├── Dockerfile └── devcontainer.json ├── .dockerignore ├── .github ├── ISSUE_TEMPLATE │ ├── bug-report.md │ └── feature_request.md └── workflows │ ├── lint.yaml │ └── test.yaml ├── .gitignore ├── .gitmodules ├── .golangci.yaml ├── .vscode └── launch.json ├── LICENSE.md ├── Makefile ├── README.md ├── README_zh.md ├── bin ├── .gitignore ├── check-deps.sh ├── common │ ├── nss_wrapper.sh │ ├── nss_wrapper_env.sh │ └── uid_daemon.sh ├── get-deps.sh ├── get-pgmonitor.sh ├── license_aggregator.sh ├── pgo-event │ ├── .gitignore │ └── pgo-event.sh ├── pgo-rmdata │ ├── .gitignore │ └── start.sh ├── pgo-scheduler │ ├── .gitignore │ └── start.sh ├── pgo-sqlrunner │ └── start.sh ├── pre-pull-radondb-containers.sh ├── pull-ccp-from-gcr.sh ├── pull-from-gcr.sh ├── push-ccp-to-gcr.sh ├── push-to-dockerhub.sh ├── radondb-postgres-exporter │ ├── .gitignore │ ├── common_lib.sh │ └── start.sh └── upgrade-secret.sh ├── build ├── pgo-apiserver │ └── Dockerfile ├── pgo-base │ └── Dockerfile ├── pgo-client │ └── Dockerfile ├── pgo-deployer │ └── Dockerfile ├── pgo-develop │ └── Dockerfile ├── pgo-event │ └── Dockerfile ├── pgo-rmdata │ └── Dockerfile ├── pgo-scheduler │ └── Dockerfile ├── postgres-operator │ └── Dockerfile └── radondb-postgres-exporter │ └── Dockerfile ├── cmd ├── apiserver │ └── main.go ├── pgo-rmdata │ ├── main.go │ ├── process.go │ └── types.go ├── pgo-scheduler │ ├── main.go │ └── scheduler │ │ ├── configmapcontroller.go │ │ ├── controllermanager.go │ │ ├── pgbackrest.go │ │ ├── policy.go │ │ ├── scheduler.go │ │ ├── tasks.go │ │ ├── types.go │ │ ├── validate.go │ │ └── validate_test.go ├── pgo │ ├── api │ │ ├── backrest.go │ │ ├── cat.go │ │ ├── cluster.go │ │ ├── common.go │ │ ├── config.go │ │ ├── df.go │ │ ├── failover.go │ │ ├── label.go │ │ ├── namespace.go │ │ ├── pgadmin.go │ │ ├── pgbouncer.go │ │ ├── pgdump.go │ │ ├── pgorole.go │ │ ├── pgouser.go │ │ ├── policy.go │ │ ├── pvc.go │ │ ├── reload.go │ │ ├── restart.go │ │ ├── restore.go │ │ ├── restoreDump.go │ │ ├── scale.go │ │ ├── scaledown.go │ │ ├── schedule.go │ │ ├── status.go │ │ ├── test.go │ │ ├── upgrade.go │ │ ├── user.go │ │ ├── version.go │ │ └── workflow.go │ ├── cmd │ │ ├── auth.go │ │ ├── backrest.go │ │ ├── backup.go │ │ ├── cat.go │ │ ├── cluster.go │ │ ├── common.go │ │ ├── config.go │ │ ├── create.go │ │ ├── delete.go │ │ ├── df.go │ │ ├── failover.go │ │ ├── flags.go │ │ ├── label.go │ │ ├── namespace.go │ │ ├── pgadmin.go │ │ ├── pgbouncer.go │ │ ├── pgdump.go │ │ ├── pgorole.go │ │ ├── pgouser.go │ │ ├── policy.go │ │ ├── pvc.go │ │ ├── reload.go │ │ ├── restart.go │ │ ├── restore.go │ │ ├── root.go │ │ ├── scale.go │ │ ├── scaledown.go │ │ ├── schedule.go │ │ ├── show.go │ │ ├── status.go │ │ ├── test.go │ │ ├── update.go │ │ ├── upgrade.go │ │ ├── user.go │ │ ├── version.go │ │ ├── watch.go │ │ └── workflow.go │ ├── generatedocs.go │ ├── main.go │ └── util │ │ ├── confirmation.go │ │ ├── pad.go │ │ └── validation.go └── postgres-operator │ ├── main.go │ └── open_telemetry.go ├── conf ├── .env12 ├── .gitignore ├── pgo-backrest-repo │ ├── .gitignore │ └── aws-s3-credentials.yaml ├── pgo-load │ └── passwd.template ├── pip.conf ├── postgres-operator │ ├── .gitignore │ └── pgo.yaml ├── radondbpg12.repo └── radondbpg13.repo ├── deploy ├── .gitignore ├── add-targeted-namespace-reconcile-rbac.sh ├── add-targeted-namespace.sh ├── cleannamespaces.sh ├── cleanup-rbac.sh ├── cleanup.sh ├── cluster-role-bindings.yaml ├── cluster-roles-readonly.yaml ├── cluster-roles.yaml ├── deploy.sh ├── deployment.json ├── gen-api-keys.sh ├── ingress.yml ├── install-bootstrap-creds.sh ├── install-rbac.sh ├── local-namespace-rbac.yaml ├── pgorole.yaml ├── pgouser.yaml ├── remove-crd.sh ├── role-bindings.yaml ├── roles.yaml ├── service-accounts.yaml ├── service.json ├── setupnamespaces.sh ├── show-crd.sh ├── target-namespace.yaml ├── upgrade-creds.sh └── upgrade-pgo.sh ├── devenv ├── docs ├── Qickstart.md ├── deploy_radondb_postgresql_operator_on_kubernetes.md ├── environment.md ├── images │ ├── logo_radondb.png │ ├── operator.png │ ├── postgresql-green.svg │ ├── wpsD203.tmp.jpg │ ├── wpsD204.tmp.jpg │ ├── wpsD215.tmp.jpg │ ├── wpsD226.tmp.jpg │ ├── wpsD227.tmp.jpg │ └── wpsD228.tmp.jpg └── monitor_prometheus.md ├── examples ├── create-by-resource │ ├── fromcrd.json │ ├── postgres-secret.yaml │ ├── run.sh │ └── testuser-secret.yaml ├── custom-config │ ├── create.sh │ ├── postgres-ha.yaml │ └── setup.sql ├── envs.sh ├── helm │ ├── README.md │ └── postgres │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── pgcluster.yaml │ │ └── user-secret.yaml │ │ └── values.yaml ├── kustomize │ └── createcluster │ │ ├── base │ │ ├── kustomization.yaml │ │ └── pgcluster.yaml │ │ └── overlay │ │ ├── dev │ │ ├── bouncer.json │ │ ├── devhippo.json │ │ └── kustomization.yaml │ │ ├── prod │ │ ├── kustomization.yaml │ │ └── prodhippo.json │ │ └── staging │ │ ├── annotations.json │ │ ├── hippo-rpl1-pgreplica.yaml │ │ ├── kustomization.yaml │ │ └── staginghippo.json ├── pgo-scc.yaml ├── policy │ ├── badpolicy.sql │ ├── gitpolicy.sql │ ├── jsonload.sql │ ├── policy1-insert.sql │ ├── policy1.sql │ ├── rlspolicy.sql │ └── xrayapp.sql └── sample-ingest-config.json ├── go.mod ├── go.sum ├── hack ├── boilerplate.go.txt ├── config_sync.sh └── update-codegen.sh ├── installers ├── ansible │ ├── ansible.cfg │ ├── inventory.yaml │ ├── main.yml │ ├── roles │ │ ├── pgo-operator │ │ │ ├── defaults │ │ │ │ └── main.yml │ │ │ ├── files │ │ │ │ ├── crds │ │ │ │ │ ├── pgclusters-crd.yaml │ │ │ │ │ ├── pgpolicies-crd.yaml │ │ │ │ │ ├── pgreplicas-crd.yaml │ │ │ │ │ └── pgtasks-crd.yaml │ │ │ │ ├── pgo-backrest-repo │ │ │ │ │ ├── aws-s3-ca.crt │ │ │ │ │ ├── config │ │ │ │ │ └── sshd_config │ │ │ │ └── pgo-configs │ │ │ │ │ ├── README.txt │ │ │ │ │ ├── backrest-job.json │ │ │ │ │ ├── cluster-bootstrap-job.json │ │ │ │ │ ├── cluster-deployment.json │ │ │ │ │ ├── cluster-service.json │ │ │ │ │ ├── container-resources.json │ │ │ │ │ ├── exporter.json │ │ │ │ │ ├── pgadmin-service-template.json │ │ │ │ │ ├── pgadmin-template.json │ │ │ │ │ ├── pgbackrest-env-vars.json │ │ │ │ │ ├── pgbackrest-gcs-env-vars.json │ │ │ │ │ ├── pgbackrest-s3-env-vars.json │ │ │ │ │ ├── pgbadger.json │ │ │ │ │ ├── pgbouncer-template.json │ │ │ │ │ ├── pgbouncer.ini │ │ │ │ │ ├── pgbouncer_hba.conf │ │ │ │ │ ├── pgdump-job.json │ │ │ │ │ ├── pgmonitor-env-vars.json │ │ │ │ │ ├── pgo-backrest-repo-service-template.json │ │ │ │ │ ├── pgo-backrest-repo-template.json │ │ │ │ │ ├── pgo-backrest-role-binding.json │ │ │ │ │ ├── pgo-backrest-role.json │ │ │ │ │ ├── pgo-backrest-sa.json │ │ │ │ │ ├── pgo-client.json │ │ │ │ │ ├── pgo-default-sa.json │ │ │ │ │ ├── pgo-pg-role-binding.json │ │ │ │ │ ├── pgo-pg-role.json │ │ │ │ │ ├── pgo-pg-sa.json │ │ │ │ │ ├── pgo-target-role-binding.json │ │ │ │ │ ├── pgo-target-role.json │ │ │ │ │ ├── pgo-target-sa.json │ │ │ │ │ ├── pgo.sqlrunner-template.json │ │ │ │ │ ├── pgrestore-job.json │ │ │ │ │ ├── pod-anti-affinity.json │ │ │ │ │ ├── pvc-matchlabels.json │ │ │ │ │ ├── pvc-storageclass.json │ │ │ │ │ ├── pvc.json │ │ │ │ │ ├── rmdata-job.json │ │ │ │ │ └── users.txt │ │ │ ├── tasks │ │ │ │ ├── cleanup.yml │ │ │ │ ├── crds.yml │ │ │ │ ├── kubernetes.yml │ │ │ │ ├── kubernetes_auth.yml │ │ │ │ ├── kubernetes_cleanup.yml │ │ │ │ ├── main.yml │ │ │ │ ├── namespace.yml │ │ │ │ ├── openshift.yml │ │ │ │ ├── openshift_auth.yml │ │ │ │ └── openshift_cleanup.yml │ │ │ ├── templates │ │ │ │ ├── add-targeted-namespace.sh.j2 │ │ │ │ ├── aws-s3-credentials.yaml.j2 │ │ │ │ ├── cluster-rbac-readonly.yaml.j2 │ │ │ │ ├── cluster-rbac.yaml.j2 │ │ │ │ ├── deployment.json.j2 │ │ │ │ ├── local-namespace-rbac.yaml.j2 │ │ │ │ ├── pgo-client.json.j2 │ │ │ │ ├── pgo-role-rbac.yaml.j2 │ │ │ │ ├── pgo-service-account.yaml.j2 │ │ │ │ ├── pgo.yaml.j2 │ │ │ │ ├── pgorole-pgoadmin.yaml.j2 │ │ │ │ ├── pgouser-admin.yaml.j2 │ │ │ │ ├── pgouser.local.j2 │ │ │ │ └── service.json.j2 │ │ │ └── vars │ │ │ │ ├── main.yml │ │ │ │ └── openshift.yml │ │ └── pgo-preflight │ │ │ └── tasks │ │ │ ├── check_kubernetes.yml │ │ │ ├── check_openshift.yml │ │ │ ├── check_vars.yml │ │ │ ├── main.yml │ │ │ └── vars.yml │ └── values.yaml ├── helm │ ├── .helmignore │ ├── Chart.yaml │ ├── helm_template.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _deployer_job_spec.yaml │ │ ├── _helpers.tpl │ │ ├── postgres-operator-install.yaml │ │ ├── postgres-operator-uninstall.yaml │ │ ├── postgres-operator-upgrade.yaml │ │ ├── rbac.yaml │ │ ├── servicemonitor.yaml │ │ └── values_configmap.yaml │ ├── values.yaml │ └── values_dmp.yaml ├── image │ ├── bin │ │ └── pgo-deploy.sh │ └── conf │ │ └── kubernetes.repo ├── kubectl │ ├── client-setup.sh │ ├── hippo-pgcluster.yaml │ ├── postgres-operator-for-dmp.yml │ ├── postgres-operator-ocp311.yml │ └── postgres-operator.yml ├── metrics │ ├── ansible │ │ ├── ansible.cfg │ │ ├── inventory.yaml │ │ ├── main.yml │ │ ├── roles │ │ │ ├── pgo-metrics-preflight │ │ │ │ └── tasks │ │ │ │ │ ├── check_kubernetes.yml │ │ │ │ │ ├── check_openshift.yml │ │ │ │ │ ├── check_vars.yml │ │ │ │ │ ├── main.yml │ │ │ │ │ ├── preflight-alertmanager.yml │ │ │ │ │ ├── preflight-grafana.yml │ │ │ │ │ ├── preflight-prometheus.yml │ │ │ │ │ └── vars.yml │ │ │ └── pgo-metrics │ │ │ │ ├── defaults │ │ │ │ └── main.yml │ │ │ │ ├── tasks │ │ │ │ ├── alertmanager.yml │ │ │ │ ├── cleanup.yml │ │ │ │ ├── grafana.yml │ │ │ │ ├── kubernetes.yml │ │ │ │ ├── kubernetes_auth.yml │ │ │ │ ├── kubernetes_cleanup.yml │ │ │ │ ├── main.yml │ │ │ │ ├── openshift.yml │ │ │ │ ├── openshift_auth.yml │ │ │ │ ├── openshift_cleanup.yml │ │ │ │ └── prometheus.yml │ │ │ │ ├── templates │ │ │ │ ├── alertmanager-deployment.json.j2 │ │ │ │ ├── alertmanager-pvc.json.j2 │ │ │ │ ├── alertmanager-rbac.json.j2 │ │ │ │ ├── alertmanager-service.json.j2 │ │ │ │ ├── grafana-deployment.json.j2 │ │ │ │ ├── grafana-pvc.json.j2 │ │ │ │ ├── grafana-rbac.json.j2 │ │ │ │ ├── grafana-secret.json.j2 │ │ │ │ ├── grafana-service.json.j2 │ │ │ │ ├── prometheus-deployment.json.j2 │ │ │ │ ├── prometheus-pvc.json.j2 │ │ │ │ ├── prometheus-rbac.json.j2 │ │ │ │ └── prometheus-service.json.j2 │ │ │ │ └── vars │ │ │ │ └── openshift.yml │ │ └── values.yaml │ ├── helm │ │ ├── Chart.yaml │ │ ├── helm_template.yaml │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _deployer_job_spec.yaml │ │ │ ├── _helpers.tpl │ │ │ ├── postgres-operator-metrics-install.yaml │ │ │ ├── postgres-operator-metrics-uninstall.yaml │ │ │ ├── postgres-operator-metrics-upgrade.yaml │ │ │ ├── rbac.yaml │ │ │ └── values_configmap.yaml │ │ └── values.yaml │ └── kubectl │ │ ├── postgres-operator-metrics-ocp311.yml │ │ └── postgres-operator-metrics.yml └── olm │ ├── .gitignore │ ├── Dockerfile │ ├── Makefile │ ├── generate.sh │ ├── install.sh │ ├── postgresoperator.crd.descriptions.yaml │ ├── postgresoperator.crd.examples.yaml │ ├── postgresoperator.crd.yaml │ ├── postgresoperator.csv.images.yaml │ ├── postgresoperator.csv.yaml │ ├── postgresql.package.yaml │ └── verify.sh ├── internal ├── apiserver │ ├── backrestservice │ │ ├── backrestimpl.go │ │ └── backrestservice.go │ ├── backupoptions │ │ ├── backupoptionsutil.go │ │ ├── backupoptionsutil_test.go │ │ ├── pgbackrestoptions.go │ │ └── pgdumpoptions.go │ ├── catservice │ │ ├── catimpl.go │ │ └── catservice.go │ ├── clusterservice │ │ ├── clusterimpl.go │ │ ├── clusterimpl_test.go │ │ ├── clusterservice.go │ │ ├── scaleimpl.go │ │ └── scaleservice.go │ ├── common.go │ ├── common_test.go │ ├── configservice │ │ ├── configimpl.go │ │ └── configservice.go │ ├── dfservice │ │ ├── dfimpl.go │ │ └── dfservice.go │ ├── failoverservice │ │ ├── failoverimpl.go │ │ └── failoverservice.go │ ├── labelservice │ │ ├── labelimpl.go │ │ └── labelservice.go │ ├── middleware.go │ ├── namespaceservice │ │ ├── namespaceimpl.go │ │ └── namespaceservice.go │ ├── perms.go │ ├── pgadminservice │ │ ├── pgadminimpl.go │ │ └── pgadminservice.go │ ├── pgbouncerservice │ │ ├── pgbouncerimpl.go │ │ └── pgbouncerservice.go │ ├── pgdumpservice │ │ ├── pgdumpimpl.go │ │ └── pgdumpservice.go │ ├── pgoroleservice │ │ ├── pgoroleimpl.go │ │ ├── pgoroleimpl_test.go │ │ └── pgoroleservice.go │ ├── pgouserservice │ │ ├── pgouserimpl.go │ │ └── pgouserservice.go │ ├── policyservice │ │ ├── policyimpl.go │ │ └── policyservice.go │ ├── pvcservice │ │ ├── pvcimpl.go │ │ └── pvcservice.go │ ├── reloadservice │ │ ├── reloadimpl.go │ │ └── reloadservice.go │ ├── restartservice │ │ ├── restartimpl.go │ │ └── restartservice.go │ ├── root.go │ ├── routing │ │ ├── doc.go │ │ ├── kubectl │ │ └── routes.go │ ├── scheduleservice │ │ ├── scheduleimpl.go │ │ └── scheduleservice.go │ ├── statusservice │ │ ├── statusimpl.go │ │ └── statusservice.go │ ├── upgradeservice │ │ ├── upgradeimpl.go │ │ └── upgradeservice.go │ ├── userservice │ │ ├── userimpl.go │ │ ├── userimpl_test.go │ │ └── userservice.go │ ├── versionservice │ │ ├── versionimpl.go │ │ └── versionservice.go │ └── workflowservice │ │ ├── workflowimpl.go │ │ └── workflowservice.go ├── config │ ├── annotations.go │ ├── defaults.go │ ├── images.go │ ├── labels.go │ ├── pgoconfig.go │ ├── secrets.go │ └── volumes.go ├── controller │ ├── configmap │ │ ├── configmapcontroller.go │ │ └── synchandler.go │ ├── controllerutil.go │ ├── job │ │ ├── backresthandler.go │ │ ├── bootstraphandler.go │ │ ├── jobcontroller.go │ │ ├── jobevents.go │ │ ├── jobutil.go │ │ ├── pgdumphandler.go │ │ └── rmdatahandler.go │ ├── manager │ │ ├── controllermanager.go │ │ └── rbac.go │ ├── namespace │ │ └── namespacecontroller.go │ ├── pgcluster │ │ └── pgclustercontroller.go │ ├── pgpolicy │ │ └── pgpolicycontroller.go │ ├── pgreplica │ │ └── pgreplicacontroller.go │ ├── pgtask │ │ ├── backresthandler.go │ │ └── pgtaskcontroller.go │ └── pod │ │ ├── inithandler.go │ │ ├── podcontroller.go │ │ ├── podevents.go │ │ └── promotionhandler.go ├── kubeapi │ ├── client_config.go │ ├── endpoints.go │ ├── errors.go │ ├── exec.go │ ├── fake │ │ ├── clientset.go │ │ └── fakeclients.go │ ├── patch.go │ ├── patch_test.go │ ├── volumes.go │ └── volumes_test.go ├── logging │ └── loglib.go ├── ns │ └── nslogic.go ├── operator │ ├── backrest │ │ ├── backup.go │ │ ├── repo.go │ │ ├── repo_test.go │ │ ├── restore.go │ │ └── stanza.go │ ├── cluster │ │ ├── cluster.go │ │ ├── clusterlogic.go │ │ ├── common.go │ │ ├── common_test.go │ │ ├── exporter.go │ │ ├── pgadmin.go │ │ ├── pgbadger.go │ │ ├── pgbouncer.go │ │ ├── pgbouncer_test.go │ │ ├── rolling.go │ │ ├── service.go │ │ ├── standby.go │ │ └── upgrade.go │ ├── clusterutilities.go │ ├── clusterutilities_test.go │ ├── common.go │ ├── common_test.go │ ├── config │ │ ├── configutil.go │ │ ├── dcs.go │ │ └── localdb.go │ ├── failover.go │ ├── failover_test.go │ ├── operatorupgrade │ │ └── version-check.go │ ├── pgbackrest.go │ ├── pgbackrest_test.go │ ├── pgdump │ │ ├── dump.go │ │ └── restore.go │ ├── pvc │ │ └── pvc.go │ ├── storage.go │ ├── storage_test.go │ ├── switchover.go │ ├── switchover_test.go │ ├── task │ │ ├── applypolicies.go │ │ ├── rmdata.go │ │ └── workflow.go │ └── wal.go ├── patroni │ ├── doc.go │ └── patroni.go ├── pgadmin │ ├── backoff.go │ ├── backoff_test.go │ ├── crypto.go │ ├── crypto_test.go │ ├── doc.go │ ├── hash.go │ ├── logic.go │ ├── runner.go │ └── server.go ├── postgres │ ├── doc.go │ └── password │ │ ├── doc.go │ │ ├── md5.go │ │ ├── md5_test.go │ │ ├── password.go │ │ ├── password_test.go │ │ ├── scram.go │ │ └── scram_test.go ├── tlsutil │ ├── primitives.go │ └── primitives_test.go └── util │ ├── backrest.go │ ├── cluster.go │ ├── cluster_test.go │ ├── exporter.go │ ├── exporter_test.go │ ├── failover.go │ ├── pgbouncer.go │ ├── policy.go │ ├── secrets.go │ ├── secrets_test.go │ ├── ssh.go │ ├── util.go │ └── util_test.go ├── licenses └── LICENSE.txt ├── pkg ├── apis │ └── radondb.com │ │ └── v1 │ │ ├── cluster.go │ │ ├── cluster_test.go │ │ ├── common.go │ │ ├── common_test.go │ │ ├── doc.go │ │ ├── errors.go │ │ ├── policy.go │ │ ├── register.go │ │ ├── replica.go │ │ ├── task.go │ │ └── zz_generated.deepcopy.go ├── apiservermsgs │ ├── backrestmsgs.go │ ├── catmsgs.go │ ├── clustermsgs.go │ ├── common.go │ ├── configmsgs.go │ ├── dfmsgs.go │ ├── failovermsgs.go │ ├── labelmsgs.go │ ├── namespacemsgs.go │ ├── pgadminmsgs.go │ ├── pgbouncermsgs.go │ ├── pgdumpmsgs.go │ ├── pgorolemsgs.go │ ├── pgousermsgs.go │ ├── policymsgs.go │ ├── pvcmsgs.go │ ├── reloadmsgs.go │ ├── restartmsgs.go │ ├── schedulemsgs.go │ ├── statusmsgs.go │ ├── upgrademsgs.go │ ├── usermsgs.go │ ├── versionmsgs.go │ ├── watchmsgs.go │ └── workflowmsgs.go ├── events │ ├── eventing.go │ ├── eventtype.go │ └── pgoeventtype.go └── generated │ ├── clientset │ └── versioned │ │ ├── clientset.go │ │ ├── doc.go │ │ ├── fake │ │ ├── clientset_generated.go │ │ ├── doc.go │ │ └── register.go │ │ ├── scheme │ │ ├── doc.go │ │ └── register.go │ │ └── typed │ │ └── radondb.com │ │ └── v1 │ │ ├── doc.go │ │ ├── fake │ │ ├── doc.go │ │ ├── fake_pgcluster.go │ │ ├── fake_pgpolicy.go │ │ ├── fake_pgreplica.go │ │ ├── fake_pgtask.go │ │ └── fake_radondb.com_client.go │ │ ├── generated_expansion.go │ │ ├── pgcluster.go │ │ ├── pgpolicy.go │ │ ├── pgreplica.go │ │ ├── pgtask.go │ │ └── radondb.com_client.go │ ├── informers │ └── externalversions │ │ ├── factory.go │ │ ├── generic.go │ │ ├── internalinterfaces │ │ └── factory_interfaces.go │ │ └── radondb.com │ │ ├── interface.go │ │ └── v1 │ │ ├── interface.go │ │ ├── pgcluster.go │ │ ├── pgpolicy.go │ │ ├── pgreplica.go │ │ └── pgtask.go │ └── listers │ └── radondb.com │ └── v1 │ ├── expansion_generated.go │ ├── pgcluster.go │ ├── pgpolicy.go │ ├── pgreplica.go │ └── pgtask.go ├── pv ├── create-pv-nfs-label.sh ├── create-pv-nfs-legacy.sh ├── create-pv-nfs.sh ├── create-pv.sh ├── delete-pv.sh ├── radondb-pv-nfs-label.json ├── radondb-pv-nfs.json └── radondb-pv.json ├── redhat └── atomic │ └── help.1 └── testing ├── go.mod ├── go.sum ├── kubeapi ├── deployment.go ├── exec.go ├── kubeapi.go ├── meta.go ├── meta_test.go ├── namespace.go ├── pod.go ├── proxy.go └── pvc.go ├── pgo_cli ├── cluster_annotation_test.go ├── cluster_backup_test.go ├── cluster_cat_test.go ├── cluster_create_test.go ├── cluster_delete_test.go ├── cluster_df_test.go ├── cluster_failover_test.go ├── cluster_label_test.go ├── cluster_pgbouncer_test.go ├── cluster_policy_test.go ├── cluster_pvc_test.go ├── cluster_reload_test.go ├── cluster_restart_test.go ├── cluster_scale_test.go ├── cluster_scaledown_test.go ├── cluster_test_test.go ├── cluster_user_test.go ├── operator_namespace_test.go ├── operator_rbac_test.go ├── operator_test.go ├── suite_helpers_test.go ├── suite_pgo_cmd_test.go └── suite_test.go └── testdata ├── policy1.sql ├── policy2-insert.sql └── policy2-setup.sql /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | # See here for image contents: https://github.com/microsoft/vscode-dev-containers/tree/v0.183.0/containers/go/.devcontainer/base.Dockerfile 2 | 3 | # [Choice] Go version: 1, 1.16, 1.15 4 | ARG VARIANT="1.16" 5 | FROM mcr.microsoft.com/vscode/devcontainers/go:0-${VARIANT} 6 | 7 | # [Option] Install Node.js 8 | ARG INSTALL_NODE="true" 9 | ARG NODE_VERSION="lts/*" 10 | RUN if [ "${INSTALL_NODE}" = "true" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi 11 | 12 | # [Optional] Uncomment this section to install additional OS packages. 13 | # RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ 14 | # && apt-get -y install --no-install-recommends 15 | 16 | # [Optional] Uncomment the next line to use go get to install anything else you need 17 | # RUN go get -x 18 | 19 | # [Optional] Uncomment this line to install global node packages. 20 | # RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g " 2>&1 -------------------------------------------------------------------------------- /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- 1 | // For format details, see https://aka.ms/devcontainer.json. For config options, see the README at: 2 | // https://github.com/microsoft/vscode-dev-containers/tree/v0.183.0/containers/go 3 | { 4 | "name": "Go", 5 | "build": { 6 | "dockerfile": "Dockerfile", 7 | "args": { 8 | // Update the VARIANT arg to pick a version of Go: 1, 1.16, 1.15 9 | "VARIANT": "1.16", 10 | // Options 11 | "INSTALL_NODE": "true", 12 | "NODE_VERSION": "lts/*" 13 | } 14 | }, 15 | "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined","--cap-add=NET_ADMIN" ], 16 | 17 | // Set *default* container specific settings.json values on container create. 18 | "settings": { 19 | "go.toolsManagement.checkForUpdates": "local", 20 | "go.useLanguageServer": true, 21 | "go.gopath": "/go", 22 | "go.goroot": "/usr/local/go" 23 | }, 24 | 25 | // Add the IDs of extensions you want installed when the container is created. 26 | "extensions": [ 27 | "golang.Go" 28 | ], 29 | 30 | // Use 'forwardPorts' to make a list of ports inside the container available locally. 31 | // "forwardPorts": [], 32 | 33 | // Use 'postCreateCommand' to run commands after the container is created. 34 | // "postCreateCommand": "go version", 35 | 36 | // Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root. 37 | "remoteUser": "vscode" 38 | } 39 | -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | /hack/tools 2 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug-report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug Report 3 | about: Report unexpected behavior to help us improve. 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Describe the problem** 11 | 12 | 13 | 14 | 15 | 16 | **To Reproduce** 17 | 18 | 19 | 20 | 21 | 22 | 1. 23 | 24 | **Expected behavior** 25 | 26 | 27 | 28 | **Environment:** 29 | 30 | 35 | 36 | - RadonDB PostgreSQL version: 37 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /.github/workflows/lint.yaml: -------------------------------------------------------------------------------- 1 | on: 2 | pull_request: 3 | branches: 4 | - master 5 | 6 | jobs: 7 | golangci-lint: 8 | runs-on: ubuntu-latest 9 | steps: 10 | - uses: actions/checkout@v2 11 | - uses: golangci/golangci-lint-action@v2 12 | with: 13 | version: v1.32 14 | args: --timeout=5m 15 | -------------------------------------------------------------------------------- /.github/workflows/test.yaml: -------------------------------------------------------------------------------- 1 | on: 2 | pull_request: 3 | branches: 4 | - master 5 | push: 6 | branches: 7 | - master 8 | 9 | jobs: 10 | go-test: 11 | runs-on: ubuntu-latest 12 | steps: 13 | - uses: actions/checkout@v2 14 | - uses: actions/setup-go@v2 15 | with: 16 | go-version: 1.x 17 | - run: PGOROOT=$(pwd) go test ./... 18 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | /vendor/ 3 | tools 4 | licenses/* 5 | !licenses/LICENSE.txt 6 | .devcontainer 7 | .vscode/ 8 | .devcontainer/ 9 | *.tgz 10 | cmd/postgres-operator/__debug_bin 11 | cmd/apiserver/__debug_bin 12 | cmd/pgo-scheduler/__debug_bin 13 | installers/image/conf/kubernetes.repo -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "hugo/themes/radondb-hugo-theme"] 2 | path = docs/themes/radondb-hugo-theme 3 | url = https://github.com/radondb/radondb-hugo-theme 4 | -------------------------------------------------------------------------------- /.golangci.yaml: -------------------------------------------------------------------------------- 1 | # https://golangci-lint.run/usage/configuration/ 2 | 3 | linters: 4 | disable: 5 | - gofumpt 6 | - scopelint 7 | enable: 8 | - gosimple 9 | - misspell 10 | presets: 11 | - bugs 12 | - format 13 | - unused 14 | 15 | linters-settings: 16 | exhaustive: 17 | default-signifies-exhaustive: true 18 | 19 | run: 20 | skip-dirs: 21 | - hack 22 | - pkg/generated 23 | -------------------------------------------------------------------------------- /bin/.gitignore: -------------------------------------------------------------------------------- 1 | /apiserver 2 | /pgo 3 | /pgo-mac 4 | /pgo.exe 5 | /postgres-operator 6 | -------------------------------------------------------------------------------- /bin/check-deps.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -ex 3 | 4 | # Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | echo "Ensuring project dependencies..." 18 | 19 | if ! command -v go &> /dev/null; then 20 | echo 'Cannot find `go`. Perhaps:' 21 | echo ' sudo apt install golang' 22 | exit 1 23 | fi 24 | if ! sort -VC <<< $'go1.13\n'"$( read -ra array <<< "$(go version)"; echo "${array[2]-}" )"; then 25 | echo 'Old version of `go`: «' "$(go version)" '» Perhaps:' 26 | echo ' sudo apt update golang' 27 | exit 1 28 | fi 29 | 30 | -------------------------------------------------------------------------------- /bin/common/nss_wrapper_env.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # define nss_wrapper directory and passwd & group files that will be utilized by nss_wrapper 17 | NSS_WRAPPER_DIR="/tmp/nss_wrapper/${NSS_WRAPPER_SUBDIR}" 18 | NSS_WRAPPER_PASSWD="${NSS_WRAPPER_DIR}/passwd" 19 | NSS_WRAPPER_GROUP="${NSS_WRAPPER_DIR}/group" 20 | 21 | export LD_PRELOAD=/usr/lib64/libnss_wrapper.so 22 | export NSS_WRAPPER_PASSWD="${NSS_WRAPPER_PASSWD}" 23 | export NSS_WRAPPER_GROUP="${NSS_WRAPPER_GROUP}" 24 | -------------------------------------------------------------------------------- /bin/common/uid_daemon.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | RADONDB_DIR=${RADONDB_DIR:-'/opt/cpm'} 17 | 18 | export RADONDB_NSS_USERNAME="${USER_NAME:-daemon}" 19 | export RADONDB_NSS_USER_DESC="${USER_NAME:-daemon} user" 20 | 21 | source "${RADONDB_DIR}/bin/nss_wrapper.sh" 22 | 23 | exec "$@" 24 | -------------------------------------------------------------------------------- /bin/get-deps.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -ex 3 | 4 | # Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | echo "Getting project dependencies..." 18 | BINDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 19 | EVTDIR="$BINDIR/pgo-event" 20 | POSTGRES_EXPORTER_VERSION=0.8.0 21 | 22 | 23 | if ! [ -f $EVTDIR/nsqd -a -f $EVTDIR/nsqadmin ]; then 24 | echo "=== Installing NSQ binaries ===" 25 | NSQ=nsq-1.1.0.linux-amd64.go1.10.3 26 | curl -S https://s3.amazonaws.com/bitly-downloads/nsq/$NSQ.tar.gz | \ 27 | tar xz --strip=2 -C $EVTDIR/ '*/bin/*' 28 | fi 29 | 30 | # Download Postgres Exporter, only required to build the RadonDB Postgres Exporter container 31 | curl -fL -o $PGOROOT/postgres_exporter.tar.gz https://github.com/wrouesnel/postgres_exporter/releases/download/v${POSTGRES_EXPORTER_VERSION?}/postgres_exporter_v${POSTGRES_EXPORTER_VERSION?}_linux-amd64.tar.gz 32 | 33 | # pgMonitor Setup 34 | source $BINDIR/get-pgmonitor.sh 35 | -------------------------------------------------------------------------------- /bin/get-pgmonitor.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -ex 3 | 4 | # Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | echo "Getting pgMonitor..." 18 | # PGMONITOR_COMMIT='v4.5-RC3' 19 | 20 | # pgMonitor Setup 21 | if [[ -d ${PGOROOT?}/tools/pgmonitor ]] 22 | then 23 | rm -rf ${PGOROOT?}/tools/pgmonitor 24 | fi 25 | 26 | git clone https://github.com/zhl003/pgmonitor.git ${PGOROOT?}/tools/pgmonitor 27 | # cd ${PGOROOT?}/tools/pgmonitor 28 | # git checkout ${PGMONITOR_COMMIT?} 29 | -------------------------------------------------------------------------------- /bin/license_aggregator.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # Inputs / outputs 17 | SCAN_DIR=${GOPATH:-~/go}/pkg/mod 18 | OUT_DIR=licenses 19 | 20 | # Fail on error 21 | set -e 22 | 23 | # Clean up before we start our work 24 | rm -rf $OUT_DIR/*/ 25 | 26 | # Get any file in the vendor directory with the word "license" in it. Note that we'll also keep its path 27 | myLicenses=$(find $SCAN_DIR -type f | grep -i license) 28 | for licensefile in $myLicenses 29 | do 30 | # make a new license directory matching the same vendor structure 31 | licensedir=$(dirname $licensefile) 32 | newlicensedir=$(echo $licensedir | sed "s:$SCAN_DIR:$OUT_DIR:" | sed 's:@[0-9a-zA-Z.\\-]*/:/:' | sed 's:@[0-9a-zA-Z.\\-]*::') 33 | mkdir -p $newlicensedir 34 | # And, copy over the license 35 | cp -f $licensefile $newlicensedir 36 | done 37 | 38 | sudo chmod -R 755 licenses 39 | sudo chmod 0644 licenses/LICENSE.txt 40 | -------------------------------------------------------------------------------- /bin/pgo-event/.gitignore: -------------------------------------------------------------------------------- 1 | *nsq* 2 | -------------------------------------------------------------------------------- /bin/pgo-event/pgo-event.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -ex 3 | 4 | # Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | function trap_sigterm() { 18 | echo "Signal trap triggered, beginning shutdown.." 19 | kill -9 $(pidof nsqd) 20 | kill -9 $(pidof nsqadmin) 21 | } 22 | 23 | echo "pgo-event starting" 24 | 25 | trap 'trap_sigterm' SIGINT SIGTERM 26 | 27 | echo "pgo-event starting nsqadmin" 28 | 29 | /usr/local/bin/nsqadmin --http-address=0.0.0.0:4171 --nsqd-http-address=0.0.0.0:4151 & 30 | 31 | sleep 3 32 | 33 | echo "pgo-event starting nsqd" 34 | 35 | /usr/local/bin/nsqd --data-path=/tmp --http-address=0.0.0.0:4151 --tcp-address=0.0.0.0:4150 --log-level=warn & 36 | 37 | echo "pgo-event waiting till sigterm" 38 | 39 | wait 40 | 41 | echo "end of pgo-event" 42 | -------------------------------------------------------------------------------- /bin/pgo-rmdata/.gitignore: -------------------------------------------------------------------------------- 1 | pgo-rmdata 2 | -------------------------------------------------------------------------------- /bin/pgo-rmdata/start.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -ex 3 | 4 | # Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | /usr/local/bin/pgo-rmdata -pg-cluster=$PG_CLUSTER \ 18 | -replica-name=$REPLICA_NAME \ 19 | -namespace=$NAMESPACE \ 20 | -remove-data=$REMOVE_DATA \ 21 | -remove-backup=$REMOVE_BACKUP \ 22 | -is-backup=$IS_BACKUP \ 23 | -is-replica=$IS_REPLICA \ 24 | -pgha-scope=$PGHA_SCOPE 25 | -------------------------------------------------------------------------------- /bin/pgo-scheduler/.gitignore: -------------------------------------------------------------------------------- 1 | pgo-scheduler 2 | -------------------------------------------------------------------------------- /bin/pgo-scheduler/start.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | function trap_sigterm() { 17 | echo "Signal trap triggered, beginning shutdown.." 18 | 19 | if ! pgrep pgo-scheduler > /dev/null 20 | then 21 | kill -9 $(pidof pgo-scheduler) 22 | fi 23 | } 24 | 25 | trap 'trap_sigterm' SIGINT SIGTERM 26 | 27 | /opt/cpm/bin/pgo-scheduler & 28 | 29 | wait 30 | -------------------------------------------------------------------------------- /bin/pgo-sqlrunner/start.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | set -e -u 17 | 18 | export PGPASSFILE=/tmp/pgpass 19 | 20 | cat >> "${PGPASSFILE?}" <<-EOF 21 | ${PG_HOST?}:${PG_PORT?}:${PG_DATABASE?}:${PG_USER?}:${PG_PASSWORD?} 22 | EOF 23 | chmod 0600 ${PGPASSFILE?} 24 | 25 | for sql in /pgconf/*.sql 26 | do 27 | psql -d ${PG_DATABASE?} -U ${PG_USER?} \ 28 | -p ${PG_PORT?} -h ${PG_HOST?} \ 29 | -f ${sql?} 30 | done 31 | 32 | exit 0 33 | -------------------------------------------------------------------------------- /bin/pre-pull-radondb-containers.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | for CNAME in radondb-postgres radondb-pgbadger radondb-pgbouncer 17 | do 18 | docker pull radondb/$CNAME:$CCP_IMAGE_TAG 19 | done 20 | -------------------------------------------------------------------------------- /bin/pull-ccp-from-gcr.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e -u 4 | 5 | REGISTRY='us.gcr.io/container-suite' 6 | VERSION=$CCP_IMAGE_TAG 7 | IMAGES=( 8 | radondb-postgres-ha 9 | radondb-pgbadger 10 | radondb-pgbouncer 11 | ) 12 | 13 | function echo_green() { 14 | echo -e "\033[0;32m" 15 | echo "$1" 16 | echo -e "\033[0m" 17 | } 18 | 19 | gcloud auth login 20 | gcloud config set project container-suite 21 | gcloud auth configure-docker 22 | 23 | for image in "${IMAGES[@]}" 24 | do 25 | echo_green "=> Pulling ${REGISTRY?}/${image?}:${VERSION?}.." 26 | docker pull ${REGISTRY?}/${image?}:${VERSION?} 27 | docker tag ${REGISTRY?}/${image?}:${VERSION?} radondb/${image?}:${VERSION?} 28 | done 29 | 30 | echo_green "=> Done!" 31 | 32 | exit 0 33 | -------------------------------------------------------------------------------- /bin/pull-from-gcr.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | set -e -u 17 | 18 | REGISTRY='us.gcr.io/container-suite' 19 | VERSION=$PGO_IMAGE_TAG 20 | IMAGES=( 21 | pgo-event 22 | pgo-scheduler 23 | postgres-operator 24 | pgo-apiserver 25 | pgo-rmdata 26 | pgo-client 27 | pgo-deployer 28 | radondb-postgres-exporter 29 | ) 30 | 31 | function echo_green() { 32 | echo -e "\033[0;32m" 33 | echo "$1" 34 | echo -e "\033[0m" 35 | } 36 | 37 | gcloud auth login 38 | gcloud config set project container-suite 39 | gcloud auth configure-docker 40 | 41 | for image in "${IMAGES[@]}" 42 | do 43 | echo_green "=> Pulling ${REGISTRY?}/${image?}:${VERSION?}.." 44 | docker pull ${REGISTRY?}/${image?}:${VERSION?} 45 | docker tag ${REGISTRY?}/${image?}:${VERSION?} radondb/${image?}:${VERSION?} 46 | done 47 | 48 | echo_green "=> Done!" 49 | 50 | exit 0 51 | -------------------------------------------------------------------------------- /bin/push-ccp-to-gcr.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | GCR_IMAGE_PREFIX=gcr.io/radondb-dev-test 17 | 18 | CCP_IMAGE_PREFIX=radondb 19 | CCP_IMAGE_TAG=debian-14.2-2.1.1 20 | 21 | IMAGES=( 22 | radondb-prometheus 23 | radondb-grafana 24 | radondb-pgbadger 25 | radondb-backup 26 | radondb-postgres 27 | radondb-pgbouncer 28 | ) 29 | 30 | for image in "${IMAGES[@]}" 31 | do 32 | docker tag $CCP_IMAGE_PREFIX/$image:$CCP_IMAGE_TAG \ 33 | $GCR_IMAGE_PREFIX/$image:$CCP_IMAGE_TAG 34 | gcloud docker -- push $GCR_IMAGE_PREFIX/$image:$CCP_IMAGE_TAG 35 | done 36 | -------------------------------------------------------------------------------- /bin/push-to-dockerhub.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | GCR_IMAGE_PREFIX=docker.io/radondb 17 | PGO_IMAGE_TAG=debian-2.1.1 18 | IMAGES=( 19 | pgo-event 20 | pgo-scheduler 21 | postgres-operator 22 | pgo-apiserver 23 | pgo-rmdata 24 | pgo-client 25 | pgo-deployer 26 | radondb-postgres-exporter 27 | ) 28 | 29 | for image in "${IMAGES[@]}" 30 | do 31 | docker tag $PGO_IMAGE_PREFIX/$image:$PGO_IMAGE_TAG \ 32 | $GCR_IMAGE_PREFIX/$image:$PGO_IMAGE_TAG 33 | docker push $GCR_IMAGE_PREFIX/$image:$PGO_IMAGE_TAG 34 | done 35 | -------------------------------------------------------------------------------- /bin/radondb-postgres-exporter/.gitignore: -------------------------------------------------------------------------------- 1 | collectserver 2 | -------------------------------------------------------------------------------- /bin/radondb-postgres-exporter/common_lib.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | RED="\033[0;31m" 17 | GREEN="\033[0;32m" 18 | YELLOW="\033[0;33m" 19 | RESET="\033[0m" 20 | 21 | function enable_debugging() { 22 | if [[ ${RADONDB_DEBUG:-false} == "true" ]] 23 | then 24 | echo_info "Turning debugging on.." 25 | export PS4='+(${BASH_SOURCE}:${LINENO})> ${FUNCNAME[0]:+${FUNCNAME[0]}(): }' 26 | set -x 27 | fi 28 | } 29 | 30 | function env_check_err() { 31 | if [[ -z ${!1} ]] 32 | then 33 | echo_err "$1 environment variable is not set, aborting." 34 | exit 1 35 | fi 36 | } 37 | 38 | function echo_err() { 39 | echo -e "${RED?}$(date) ERROR: ${1?}${RESET?}" 40 | } 41 | 42 | function echo_info() { 43 | echo -e "${GREEN?}$(date) INFO: ${1?}${RESET?}" 44 | } 45 | 46 | function echo_warn() { 47 | echo -e "${YELLOW?}$(date) WARN: ${1?}${RESET?}" 48 | } 49 | -------------------------------------------------------------------------------- /build/pgo-apiserver/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | ARG PGVERSION 5 | ARG BACKREST_VERSION 6 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 7 | 8 | ARG BASEOS 9 | ARG PACKAGER 10 | 11 | LABEL name="pgo-apiserver" \ 12 | summary="RadonDB PostgreSQL Operator - Apiserver" \ 13 | description="RadonDB PostgreSQL Operator - Apiserver" 14 | 15 | RUN apt-get -y update && \ 16 | apt-get -y install -y --no-install-recommends \ 17 | "postgresql-${PGVERSION}" \ 18 | ; \ 19 | ln -s /usr/lib/postgresql/$PG_MAJOR /usr/pgsql-$PG_MAJOR ;\ 20 | \ 21 | rm -rf /var/lib/apt/lists/*; 22 | ADD bin/apiserver /usr/local/bin 23 | ADD installers/ansible/roles/pgo-operator/files/pgo-configs /default-pgo-config 24 | ADD conf/postgres-operator/pgo.yaml /default-pgo-config/pgo.yaml 25 | 26 | USER 2 27 | 28 | ENTRYPOINT ["/usr/local/bin/apiserver"] 29 | -------------------------------------------------------------------------------- /build/pgo-client/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 5 | 6 | ARG PGVERSION 7 | ARG BACKREST_VERSION 8 | ARG PACKAGER 9 | ARG DFSET 10 | 11 | LABEL name="pgo-client" \ 12 | summary="RadonDB PostgreSQL Operator - pgo client" \ 13 | description="RadonDB PostgreSQL Operator - pgo client" 14 | 15 | ADD bin/pgo /usr/local/bin 16 | 17 | ENV PGO_APISERVER_URL=${PGO_APISERVER_URL} 18 | ENV PGOUSERNAME=${PGOUSERNAME} 19 | ENV PGOUSERPASS=${PGOUSERPASS} 20 | ENV PGO_CA_CERT=${PGO_CA_CERT} 21 | ENV PGO_CLIENT_CERT=${PGO_CLIENT_CERT} 22 | ENV PGO_CLIENT_KEY=${PGO_CLIENT_KEY} 23 | 24 | RUN chmod +x /usr/local/bin/pgo 25 | 26 | USER 2 27 | 28 | CMD tail -f /dev/null 29 | -------------------------------------------------------------------------------- /build/pgo-deployer/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 5 | 6 | ARG BASEOS 7 | ARG ANSIBLE_VERSION 8 | ARG PACKAGER 9 | ARG DFSET 10 | 11 | LABEL name="pgo-deployer" \ 12 | summary="RadonDB PostgreSQL Operator - Installer" \ 13 | description="RadonDB PostgreSQL Operator - Installer" 14 | 15 | 16 | RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 8B57C5C2836F4BEB FEEA9169307EA071 ;\ 17 | gpg --export --armor 8B57C5C2836F4BEB FEEA9169307EA071 | apt-key add - ;\ 18 | echo deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main >>/etc/apt/sources.list; \ 19 | apt-get -y update && \ 20 | apt-get -y install -y --no-install-recommends \ 21 | kubectl \ 22 | python3-jmespath \ 23 | ansible; \ 24 | rm -rf /var/lib/apt/lists/*; \ 25 | mkdir -p /opt/cpm/bin 26 | 27 | COPY installers/ansible /ansible/postgres-operator 28 | COPY installers/metrics/ansible /ansible/metrics 29 | ADD tools/pgmonitor /opt/radondb/pgmonitor 30 | COPY installers/image/bin/pgo-deploy.sh /pgo-deploy.sh 31 | ADD bin/common /opt/cpm/bin 32 | 33 | ENV ANSIBLE_CONFIG="/ansible/postgres-operator/ansible.cfg" 34 | ENV HOME="/tmp" 35 | 36 | # Defines a unique directory name that will be utilized by the nss_wrapper in the UID script 37 | ENV NSS_WRAPPER_SUBDIR="deployer" 38 | 39 | ENTRYPOINT ["/opt/cpm/bin/uid_daemon.sh"] 40 | 41 | USER 2 42 | 43 | CMD ["/pgo-deploy.sh"] 44 | -------------------------------------------------------------------------------- /build/pgo-develop/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 5 | 6 | ARG BASEOS 7 | ARG ANSIBLE_VERSION 8 | ARG PACKAGER 9 | ARG DFSET 10 | 11 | LABEL name="pgo-deployer" \ 12 | summary="RadonDB PostgreSQL Operator - developer" \ 13 | description="RadonDB PostgreSQL Operator - developer" 14 | 15 | 16 | 17 | RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 8B57C5C2836F4BEB FEEA9169307EA071 ;\ 18 | gpg --export --armor 8B57C5C2836F4BEB FEEA9169307EA071 | apt-key add - ;\ 19 | echo deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main >>/etc/apt/sources.list; \ 20 | apt-get -y update && \ 21 | apt-get -y install -y --no-install-recommends \ 22 | kubectl \ 23 | python3-jmespath \ 24 | ansible; \ 25 | rm -rf /var/lib/apt/lists/*; 26 | 27 | RUN mkdir -p /opt/cpm/bin 28 | 29 | COPY installers/ansible /ansible/postgres-operator 30 | COPY installers/metrics/ansible /ansible/metrics 31 | ADD tools/pgmonitor /opt/radondb/pgmonitor 32 | COPY installers/image/bin/pgo-deploy.sh /pgo-deploy.sh 33 | ADD bin/common /opt/cpm/bin 34 | 35 | ENV ANSIBLE_CONFIG="/ansible/postgres-operator/ansible.cfg" 36 | ENV HOME="/tmp" 37 | 38 | # Defines a unique directory name that will be utilized by the nss_wrapper in the UID script 39 | ENV NSS_WRAPPER_SUBDIR="deployer" 40 | 41 | ENTRYPOINT ["/opt/cpm/bin/uid_daemon.sh"] 42 | 43 | USER 2 44 | 45 | CMD ["/pgo-deploy.sh"] 46 | -------------------------------------------------------------------------------- /build/pgo-event/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 5 | 6 | ARG PGVERSION 7 | ARG BACKREST_VERSION 8 | ARG PACKAGER 9 | ARG DFSET 10 | 11 | LABEL name="pgo-event" \ 12 | summary="RadonDB PostgreSQL Operator - pgo-event" \ 13 | description="RadonDB PostgreSQL Operator - pgo-event" 14 | 15 | ADD bin/pgo-event /usr/local/bin 16 | 17 | USER 2 18 | 19 | ENTRYPOINT ["/usr/local/bin/pgo-event.sh"] 20 | -------------------------------------------------------------------------------- /build/pgo-rmdata/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 5 | 6 | ARG PGVERSION 7 | ARG BACKREST_VERSION 8 | ARG PACKAGER 9 | ARG DFSET 10 | 11 | LABEL name="pgo-rmdata" \ 12 | summary="RadonDB PostgreSQL Operator - Remove Data" \ 13 | description="RadonDB PostgreSQL Operator - Remove Data" 14 | 15 | ADD bin/pgo-rmdata/ /usr/local/bin 16 | 17 | USER 2 18 | 19 | CMD ["/usr/local/bin/start.sh"] 20 | -------------------------------------------------------------------------------- /build/pgo-scheduler/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 5 | 6 | ARG BASEOS 7 | ARG PGVERSION 8 | ARG BACKREST_VERSION 9 | ARG PACKAGER 10 | ARG DFSET 11 | 12 | LABEL name="pgo-scheduler" \ 13 | summary="RadonDB PostgreSQL Operator - Scheduler" \ 14 | description="RadonDB PostgreSQL Operator - Scheduler" 15 | 16 | # RUN if [ "$DFSET" = "centos" ] ; then \ 17 | # mkdir -p /opt/cpm/bin /opt/cpm/conf /configs \ 18 | # && chown -R 2:2 /opt/cpm /configs \ 19 | # && ${PACKAGER} -y install epel-release \ 20 | # && ${PACKAGER} -y install \ 21 | # --setopt=skip_missing_names_on_install=False \ 22 | # gettext \ 23 | # hostname \ 24 | # nss_wrapper \ 25 | # procps-ng \ 26 | # && ${PACKAGER} -y clean all ; \ 27 | # fi 28 | RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 8B57C5C2836F4BEB FEEA9169307EA071 ;\ 29 | gpg --export --armor 8B57C5C2836F4BEB FEEA9169307EA071 | apt-key add - ;\ 30 | echo deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main >>/etc/apt/sources.list; \ 31 | apt-get -y update && \ 32 | apt-get -y install -y --no-install-recommends \ 33 | procps ;\ 34 | rm -rf /var/lib/apt/lists/*; \ 35 | mkdir -p /opt/cpm/bin /opt/cpm/conf /configs \ 36 | && chown -R 2:2 /opt/cpm /configs 37 | 38 | ADD bin/pgo-scheduler /opt/cpm/bin 39 | ADD installers/ansible/roles/pgo-operator/files/pgo-configs /default-pgo-config 40 | ADD conf/postgres-operator/pgo.yaml /default-pgo-config/pgo.yaml 41 | 42 | USER 2 43 | 44 | CMD ["/opt/cpm/bin/start.sh"] 45 | -------------------------------------------------------------------------------- /build/postgres-operator/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASEOS 2 | ARG BASEVER 3 | ARG PREFIX 4 | FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} 5 | 6 | ARG PGVERSION 7 | ARG BACKREST_VERSION 8 | ARG PACKAGER 9 | ARG DFSET 10 | ARG BASEOS 11 | 12 | LABEL name="postgres-operator" \ 13 | summary="RadonDB PostgreSQL Operator" \ 14 | description="RadonDB PostgreSQL Operator" 15 | 16 | RUN apt-get -y update && \ 17 | apt-get -y install -y --no-install-recommends \ 18 | postgresql-${PGVERSION};\ 19 | rm -rf /var/lib/apt/lists/*; \ 20 | ln -s /usr/lib/postgresql/$PGVERSION /usr/pgsql-$PGVERSION ; 21 | 22 | 23 | ADD bin/postgres-operator /usr/local/bin 24 | ADD installers/ansible/roles/pgo-operator/files/pgo-backrest-repo /default-pgo-backrest-repo 25 | ADD installers/ansible/roles/pgo-operator/files/pgo-configs /default-pgo-config 26 | ADD conf/postgres-operator/pgo.yaml /default-pgo-config/pgo.yaml 27 | 28 | USER 2 29 | 30 | ENTRYPOINT ["postgres-operator"] 31 | -------------------------------------------------------------------------------- /cmd/pgo-rmdata/types.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | /* 4 | Copyright 2019 - 2021 Crunchy Data 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "fmt" 20 | 21 | "github.com/radondb/radondb-postgresql-operator/internal/kubeapi" 22 | ) 23 | 24 | type Request struct { 25 | Clientset kubeapi.Interface 26 | RemoveData bool 27 | RemoveBackup bool 28 | IsBackup bool 29 | IsReplica bool 30 | ClusterName string 31 | ClusterPGHAScope string 32 | ReplicaName string 33 | Namespace string 34 | } 35 | 36 | func (x Request) String() string { 37 | msg := fmt.Sprintf("Request: Cluster [%s] ClusterPGHAScope [%s] Namespace [%s] ReplicaName [%s] RemoveData [%t] RemoveBackup [%t] IsReplica [%t] IsBackup [%t]", 38 | x.ClusterName, x.ClusterPGHAScope, x.Namespace, x.ReplicaName, x.RemoveData, x.RemoveBackup, x.IsReplica, x.IsBackup) 39 | return msg 40 | } 41 | -------------------------------------------------------------------------------- /cmd/pgo/api/common.go: -------------------------------------------------------------------------------- 1 | package api 2 | 3 | /* 4 | Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "fmt" 20 | "net/http" 21 | 22 | log "github.com/sirupsen/logrus" 23 | ) 24 | 25 | // StatusCheck ... 26 | func StatusCheck(resp *http.Response) error { 27 | log.Debugf("http status code is %d", resp.StatusCode) 28 | if resp.StatusCode == 401 { 29 | return fmt.Errorf("Authentication Failed: %d\n", resp.StatusCode) 30 | } else if resp.StatusCode == 405 { 31 | return fmt.Errorf("Method %s for URL %s is not allowed in the current Operator "+ 32 | "install: %d", resp.Request.Method, resp.Request.URL.Path, resp.StatusCode) 33 | } else if resp.StatusCode != 200 { 34 | return fmt.Errorf("Invalid Status Code: %d\n", resp.StatusCode) 35 | } 36 | return nil 37 | } 38 | -------------------------------------------------------------------------------- /cmd/pgo/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | /* 4 | Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "fmt" 20 | "os" 21 | 22 | "github.com/radondb/radondb-postgresql-operator/cmd/pgo/cmd" 23 | ) 24 | 25 | func main() { 26 | err := cmd.RootCmd.Execute() 27 | if err != nil { 28 | fmt.Println(err) 29 | os.Exit(1) 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /cmd/pgo/util/pad.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | /* 4 | Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "fmt" 20 | ) 21 | 22 | func Lpad(value, wid string) string { 23 | return fmt.Sprintf("%"+wid+"s", value) 24 | } 25 | 26 | func Rpad(value, pad string, plen int) string { 27 | for i := len(value); i < plen; i++ { 28 | value = value + pad 29 | } 30 | return value 31 | } 32 | -------------------------------------------------------------------------------- /conf/.env12: -------------------------------------------------------------------------------- 1 | export GOPATH=$HOME/cdev # set path to your new Go workspace 2 | export IMGBUILDER=docker 3 | export GOBIN=$GOPATH/bin # set bin path 4 | export PATH=$PATH:$GOBIN # add Go bin path to your overall path 5 | export PGO_BASEOS=centos8 # centos8 for CentOS, ubi8 for Red Hat Universal Base Image 6 | export PGO_PG_VERSION=12 # The PostgreSQL major version 7 | export PGO_PG_FULLVERSION=12.7 8 | export PGO_BACKREST_VERSION=2.33 9 | export PGO_VERSION=4.7.1 10 | export PGO_IMAGE_PREFIX=radondb # Prefix to put before all the container image names 11 | export PGO_IMAGE_TAG=${PGO_BASEOS}-${PGO_VERSION} # Used to tag the images 12 | export PGOROOT=$GOPATH/src/github.com/radondb/radondb-postgresql-operator 13 | export http_proxy="socks5://zhl:195364@103.61.37.212:37067" 14 | export all_proxy=$http_proxy 15 | -------------------------------------------------------------------------------- /conf/.gitignore: -------------------------------------------------------------------------------- 1 | *.public 2 | *.private 3 | RPM-GPG-KEY-* 4 | .env* 5 | -------------------------------------------------------------------------------- /conf/pgo-backrest-repo/.gitignore: -------------------------------------------------------------------------------- 1 | authorized_keys 2 | id_rsa 3 | id_rsa.pub 4 | ssh_host_ecdsa_key 5 | ssh_host_ecdsa_key.pub 6 | ssh_host_ed25519_key 7 | ssh_host_ed25519_key.pub 8 | ssh_host_rsa_key 9 | ssh_host_rsa_key.pub 10 | -------------------------------------------------------------------------------- /conf/pgo-backrest-repo/aws-s3-credentials.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | aws-s3-key: 3 | aws-s3-key-secret: 4 | gcs-secret: 5 | -------------------------------------------------------------------------------- /conf/pgo-load/passwd.template: -------------------------------------------------------------------------------- 1 | root:x:0:0:root:/root:/bin/bash 2 | bin:x:1:1:bin:/bin:/sbin/nologin 3 | daemon:x:2:2:daemon:/sbin:/sbin/nologin 4 | adm:x:3:4:adm:/var/adm:/sbin/nologin 5 | lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin 6 | sync:x:5:0:sync:/sbin:/bin/sync 7 | shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown 8 | halt:x:7:0:halt:/sbin:/sbin/halt 9 | mail:x:8:12:mail:/var/spool/mail:/sbin/nologin 10 | operator:x:11:0:operator:/root:/sbin/nologin 11 | games:x:12:100:games:/usr/games:/sbin/nologin 12 | ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin 13 | nobody:x:99:99:Nobody:/:/sbin/nologin 14 | postgres:x:${USER_ID}:${GROUP_ID}:PostgreSQL Server:${HOME}:/bin/bash 15 | -------------------------------------------------------------------------------- /conf/pip.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | index-url=https://mirrors.aliyun.com/pypi/simple/ 3 | trusted-host = mirrors.aliyun.com -------------------------------------------------------------------------------- /conf/postgres-operator/.gitignore: -------------------------------------------------------------------------------- 1 | server.crt 2 | server.key 3 | -------------------------------------------------------------------------------- /conf/radondbpg12.repo: -------------------------------------------------------------------------------- 1 | [radondbpg12] 2 | #Config Version 1.0 3 | name=radondb Data Development PostgreSQL 12 $releasever - $basearch 4 | baseurl=http://139.198.30.182/postgresql12/centos/EL$releasever/$basearch/ 5 | enabled=1 6 | gpgcheck=0 7 | 8 | 9 | [radondbpg12-source] 10 | #Config Version 1.0 11 | name=radondb Data Development PostgreSQL 12 $releasever - Source 12 | baseurl=http://139.198.30.182/postgresql12/centos/EL$releasever/SRPMS/ 13 | enabled=1 14 | gpgcheck=0 15 | 16 | 17 | [radondbpg12-debuginfo] 18 | #Config Version 1.0 19 | name=radondb Data Development PostgreSQL 12 $releasever - Debug 20 | baseurl=http://139.198.30.182/postgresql12/centos/EL$releasever/debug/ 21 | enabled=1 -------------------------------------------------------------------------------- /conf/radondbpg13.repo: -------------------------------------------------------------------------------- 1 | [radondbpg13] 2 | #Config Version 1.0 3 | name=radondb Data Development PostgreSQL 13 $releasever - $basearch 4 | baseurl=http://139.198.30.182/postgresql13/centos/EL$releasever/$basearch/ 5 | enabled=1 6 | gpgcheck=0 7 | 8 | 9 | [radondbpg13-source] 10 | #Config Version 1.0 11 | name=radondb Data Development PostgreSQL 13 $releasever - Source 12 | baseurl=http://139.198.30.182/postgresql13/centos/EL$releasever/SRPMS/ 13 | enabled=0 14 | gpgcheck=0 15 | 16 | 17 | [radondbpg13-debuginfo] 18 | #Config Version 1.0 19 | name=radondb Data Development PostgreSQL 13 $releasever - Debug 20 | baseurl=http://139.198.30.182/postgresql13/centos/EL$releasever/debug/ 21 | enabled=0 -------------------------------------------------------------------------------- /deploy/.gitignore: -------------------------------------------------------------------------------- 1 | username.txt 2 | password.txt 3 | -------------------------------------------------------------------------------- /deploy/cleannamespaces.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 17 | 18 | if [ -z $PGO_OPERATOR_NAMESPACE ]; 19 | then 20 | echo "error: \$PGO_OPERATOR_NAMESPACE must be set" 21 | exit 1 22 | fi 23 | 24 | if [ -z $PGO_INSTALLATION_NAME ]; 25 | then 26 | echo "error: \$PGO_INSTALLATION_NAME must be set" 27 | exit 1 28 | fi 29 | 30 | echo "deleting the namespaces the operator is deployed into ($PGO_OPERATOR_NAMESPACE)..." 31 | $PGO_CMD delete namespace $PGO_OPERATOR_NAMESPACE > /dev/null 2> /dev/null 32 | echo "namespace $PGO_OPERATOR_NAMESPACE deleted" 33 | 34 | echo "" 35 | echo "deleting the watched namespaces..." 36 | $PGO_CMD delete namespace --selector="vendor=radondb,pgo-installation-name=$PGO_INSTALLATION_NAME" 37 | -------------------------------------------------------------------------------- /deploy/cluster-role-bindings.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: pgo-cluster-role 6 | labels: 7 | vendor: radondb 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: ClusterRole 11 | name: pgo-cluster-role 12 | subjects: 13 | - kind: ServiceAccount 14 | name: postgres-operator 15 | namespace: "$PGO_OPERATOR_NAMESPACE" 16 | -------------------------------------------------------------------------------- /deploy/cluster-roles-readonly.yaml: -------------------------------------------------------------------------------- 1 | kind: ClusterRole 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | metadata: 4 | name: pgo-cluster-role 5 | labels: 6 | vendor: radondb 7 | rules: 8 | - apiGroups: 9 | - '' 10 | resources: 11 | - namespaces 12 | verbs: 13 | - get 14 | - list 15 | - watch 16 | -------------------------------------------------------------------------------- /deploy/gen-api-keys.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # generate self signed cert for apiserver REST service 17 | openssl req \ 18 | -x509 \ 19 | -nodes \ 20 | -newkey ec \ 21 | -pkeyopt ec_paramgen_curve:prime256v1 \ 22 | -pkeyopt ec_param_enc:named_curve \ 23 | -sha384 \ 24 | -keyout $PGOROOT/conf/postgres-operator/server.key \ 25 | -out $PGOROOT/conf/postgres-operator/server.crt \ 26 | -days 3650 \ 27 | -subj "/CN=*" 28 | -------------------------------------------------------------------------------- /deploy/ingress.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: postgres-operator 6 | namespace: demo 7 | annotations: 8 | ingress.kubernetes.io/ssl-passthrough: "true" 9 | nginx.ingress.kubernetes.io/secure-backends: "true" 10 | spec: 11 | backend: 12 | serviceName: postgres-operator 13 | servicePort: 8443 14 | -------------------------------------------------------------------------------- /deploy/local-namespace-rbac.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Role 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: pgo-local-ns 6 | labels: 7 | vendor: radondb 8 | rules: 9 | - apiGroups: 10 | - '' 11 | resources: 12 | - serviceaccounts 13 | verbs: 14 | - get 15 | - create 16 | - update 17 | - delete 18 | - apiGroups: 19 | - rbac.authorization.k8s.io 20 | resources: 21 | - roles 22 | - rolebindings 23 | verbs: 24 | - get 25 | - create 26 | - update 27 | - delete 28 | --- 29 | apiVersion: rbac.authorization.k8s.io/v1 30 | kind: RoleBinding 31 | metadata: 32 | name: pgo-local-ns 33 | labels: 34 | vendor: radondb 35 | roleRef: 36 | apiGroup: rbac.authorization.k8s.io 37 | kind: Role 38 | name: pgo-local-ns 39 | subjects: 40 | - kind: ServiceAccount 41 | name: postgres-operator 42 | namespace: $PGO_OPERATOR_NAMESPACE 43 | --- 44 | apiVersion: rbac.authorization.k8s.io/v1 45 | kind: RoleBinding 46 | metadata: 47 | name: pgo-target-role-binding 48 | labels: 49 | vendor: radondb 50 | roleRef: 51 | apiGroup: rbac.authorization.k8s.io 52 | kind: Role 53 | name: pgo-target-role 54 | subjects: 55 | - kind: ServiceAccount 56 | name: postgres-operator 57 | namespace: $PGO_OPERATOR_NAMESPACE 58 | -------------------------------------------------------------------------------- /deploy/pgorole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | stringData: 3 | permissions: $PGO_PERMS 4 | rolename: $PGO_ROLENAME 5 | kind: Secret 6 | metadata: 7 | labels: 8 | pgo-created-by: upgrade 9 | pgo-pgorole: "true" 10 | rolename: $PGO_ROLENAME 11 | vendor: radondb 12 | name: pgorole-$PGO_ROLENAME 13 | namespace: $PGO_OPERATOR_NAMESPACE 14 | type: Opaque 15 | 16 | -------------------------------------------------------------------------------- /deploy/pgouser.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | stringData: 3 | password: $PGO_PASSWORD 4 | username: $PGO_USERNAME 5 | roles: $PGO_ROLENAME 6 | kind: Secret 7 | metadata: 8 | labels: 9 | pgo-created-by: upgrade 10 | pgo-pgouser: "true" 11 | username: $PGO_USERNAME 12 | vendor: radondb 13 | name: pgouser-$PGO_USERNAME 14 | namespace: $PGO_OPERATOR_NAMESPACE 15 | type: Opaque 16 | 17 | -------------------------------------------------------------------------------- /deploy/remove-crd.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 16 | 17 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete pgreplicas --all 18 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete pgclusters --all 19 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete pgpolicies --all 20 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete pgtasks --all 21 | 22 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete crd \ 23 | pgreplicas.radondb.com \ 24 | pgclusters.radondb.com \ 25 | pgpolicies.radondb.com \ 26 | pgtasks.radondb.com 27 | 28 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete jobs --selector=pgrmdata=true 29 | -------------------------------------------------------------------------------- /deploy/role-bindings.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: pgo-role 6 | namespace: "$PGO_OPERATOR_NAMESPACE" 7 | labels: 8 | vendor: radondb 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: Role 12 | name: pgo-role 13 | subjects: 14 | - kind: ServiceAccount 15 | name: postgres-operator 16 | namespace: "$PGO_OPERATOR_NAMESPACE" 17 | -------------------------------------------------------------------------------- /deploy/roles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Role 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: pgo-role 6 | namespace: "$PGO_OPERATOR_NAMESPACE" 7 | labels: 8 | vendor: radondb 9 | rules: 10 | - apiGroups: 11 | - '' 12 | resources: 13 | - serviceaccounts 14 | verbs: 15 | - get 16 | - apiGroups: 17 | - '' 18 | resources: 19 | - configmaps 20 | - secrets 21 | verbs: 22 | - get 23 | - list 24 | - create 25 | - update 26 | - delete 27 | -------------------------------------------------------------------------------- /deploy/service-accounts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: postgres-operator 6 | namespace: $PGO_OPERATOR_NAMESPACE 7 | labels: 8 | vendor: radondb 9 | -------------------------------------------------------------------------------- /deploy/service.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "postgres-operator", 6 | "labels": { 7 | "name": "postgres-operator", 8 | "vendor": "radondb" 9 | } 10 | }, 11 | "spec": { 12 | "ports": [ 13 | { 14 | "name": "apiserver", 15 | "protocol": "TCP", 16 | "port": $PGO_APISERVER_PORT, 17 | "targetPort": $PGO_APISERVER_PORT 18 | }, 19 | { 20 | "name": "nsqadmin", 21 | "protocol": "TCP", 22 | "port": 4171, 23 | "targetPort": 4171 24 | }, 25 | { 26 | "name": "nsqd", 27 | "protocol": "TCP", 28 | "port": 4150, 29 | "targetPort": 4150 30 | } 31 | ], 32 | "selector": { 33 | "name": "postgres-operator" 34 | }, 35 | "type": "ClusterIP", 36 | "sessionAffinity": "None" 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /deploy/show-crd.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 16 | 17 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE get pgclusters 18 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE get pgreplicas 19 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE get pgpolicies 20 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE get pgpolicylogs 21 | -------------------------------------------------------------------------------- /deploy/target-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | pgo-created-by: add-script 6 | pgo-installation-name: $PGO_INSTALLATION_NAME 7 | vendor: radondb 8 | name: $TARGET_NAMESPACE 9 | -------------------------------------------------------------------------------- /devenv: -------------------------------------------------------------------------------- 1 | export PGOROOT=/workspaces/postgres-operator 2 | export PGO_CONF_DIR=$PGOROOT/installers/ansible/roles/pgo-operator/files 3 | 4 | cat <> ~/.bashrc 5 | export PGOUSERNAME="admin" 6 | export PGOUSERPASS="examplepassword" 7 | export DISABLE_TLS=true 8 | # export PGO_CA_CERT="${HOME?}/.pgo/pgo/client.crt" 9 | # export PGO_CLIENT_CERT="${HOME?}/.pgo/pgo/client.crt" 10 | # export PGO_CLIENT_KEY="${HOME?}/.pgo/pgo/client.key" 11 | export PGO_APISERVER_URL='http://127.0.0.1:8443' 12 | export PGO_NAMESPACE=pgo 13 | EOF 14 | source ~/.bashrc -------------------------------------------------------------------------------- /docs/Qickstart.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | # 快速开始 5 | 6 | [TOC] 7 | 8 | ## 部署准备 9 | 10 | 已创建可用 Kubernetes 集群,目前支持如下平台创建的 Kubernetes 集群。 11 | 12 | - Kubernetes 1.17+ 13 | 14 | ## 部署步骤 15 | 16 | ### 步骤 1: 部署 `PostgreSQL Operator` 17 | 18 | 在设置了默认的`storageclass`的Kubernetes环境中运行以下命令用于部署`PostgreSQL Operator` 19 | 20 | ```shell 21 | git clone https://github.com/radondb/radondb-postgresql-operator 22 | cd radondb-postgresql-operator/installers/helm 23 | helm install demo . -n pgo --set pgo_client_container_install=true 24 | ``` 25 | 26 | 上面的命令将启动`pgo-deployer`容器来运行Ansible剧本将`PostgreSQL Operator`部署至`pgo`的命名空间下,需要1~5分钟时间,取决与您的网络环境。 27 | 28 | ### 步骤 2: 部署`PostgreSQL`集群 29 | 30 | Postgres Operator 安装完成后,查找集群管理客户端所在的容器 31 | 32 | ```shell 33 | kubectl get po -n pgo -l name=pgo-client 34 | ``` 35 | 36 | 进入容器部署一个三节点的流复制集群 37 | 38 | ```shell 39 | kubectl exec -it pgo-client-8b77cbcbf-pvtl2 -n pgo bash 40 | pgo create cluster demo --replica-count=2 --password="RadonDB@123" --password-superuser="AmSuperUser" --username="demouser" --database="demo" -n pgo 41 | ``` 42 | 43 | 以上命令将花费1~2分钟完成部署,在客户端容器中,您可以通过如下命令查看集群状态: 44 | 45 | `pgo show cluster -n pgo --all` 46 | 47 | 输出内容将显示集群的`primary`以及`replica`节点的状态,如果为`Running` 则代表集群部署完成 48 | 49 | ## 连接 RadonDB PostgreSQL 数据库 50 | 51 | 以下示例将运行一个带有`psql`客户端的容器连接到创建好的PostgreSQL数据库: 52 | 53 | ```shell 54 | kubectl run -it psql -n pgo --image=governmentpaas/psql --restart=Never 55 | ``` 56 | 57 | ```shell 58 | export PGPASSWORD="RadonDB@123" 59 | psql -Udemouser -hdemo demo 60 | ``` 61 | 62 | 或者您也可以通过`postgres`超级用户连接数据库: 63 | 64 | ```shell 65 | export PGPASSWORD="AmSuperUser" 66 | psql -Upostgres -hdemo 67 | ``` -------------------------------------------------------------------------------- /docs/images/logo_radondb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/logo_radondb.png -------------------------------------------------------------------------------- /docs/images/operator.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/operator.png -------------------------------------------------------------------------------- /docs/images/postgresql-green.svg: -------------------------------------------------------------------------------- 1 | 3 | 4 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /docs/images/wpsD203.tmp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/wpsD203.tmp.jpg -------------------------------------------------------------------------------- /docs/images/wpsD204.tmp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/wpsD204.tmp.jpg -------------------------------------------------------------------------------- /docs/images/wpsD215.tmp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/wpsD215.tmp.jpg -------------------------------------------------------------------------------- /docs/images/wpsD226.tmp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/wpsD226.tmp.jpg -------------------------------------------------------------------------------- /docs/images/wpsD227.tmp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/wpsD227.tmp.jpg -------------------------------------------------------------------------------- /docs/images/wpsD228.tmp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/docs/images/wpsD228.tmp.jpg -------------------------------------------------------------------------------- /docs/monitor_prometheus.md: -------------------------------------------------------------------------------- 1 | Contents 2 | ================= 3 | 4 | * [Prometheus Server 监控管理](#prometheus-server-监控管理) 5 | * [简介](#简介) 6 | * [操作准备](#操作准备) 7 | * [部署 Prometheus Server](#部署-prometheus-server) 8 | * [查看监控信息](#查看监控信息) 9 | 10 | 11 | # Prometheus Server 监控管理 12 | 13 | ## 简介 14 | 15 | [Prometheus](https://prometheus.io/) 通过数学算法实现强大的监控需求,并且支持监控容器化服务的动态变化。结合 Grafana 绘制可视化监控图形,并可联动 alertmanager 、Grafana 实现监控告警。 16 | 17 | [RadonDB PostgreSQL Operator](https://github.com/radondb/radondb-postgresql-operator) 支持通过部署 Prometheus Server 实现数据库服务和资源监控。 18 | 19 | ## 操作准备 20 | 21 | - 已启用适用于 Prometheus 的指标收集器。 22 | 23 | ## 部署 Prometheus Server 24 | 25 | 1. 执行如下命令,部署 Prometheus 服务端。 26 | 27 | ```shell 28 | cd radondb-postgresql-operator/installers/metrics/helm 29 | helm install demo-monitor . 30 | ``` 31 | 32 | 2. 查看 Prometheus 服务状态。 33 | 34 | ```shell 35 | kubectl get svc -n pgo radondb-grafana 36 | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 37 | radondb-grafana ClusterIP 10.96.222.20 3000/TCP 4m4s 38 | ``` 39 | 40 | 3. 创建端口转发并连接 Prometheus 服务。 41 | 42 | ```shell 43 | kubectl port-forward --namespace pgo svc/radondb-grafana --address 0.0.0.0 3000:3000 44 | ``` 45 | 46 | ## 查看监控信息 47 | 48 | 1. 在浏览器打开[http://localhost:3000](http://localhost:3000/) 监控页面。 49 | 2. 使用监控初始用户账号和密码,登录监控平台。 50 | 51 | 初始用户账号 `admin`,初始密码 `admin`。 52 | 53 | 3. 您可以根据需要,分别查看数据库集群资源和服务状态。 54 | 55 | 更多 Prometheus 监控管理使用说明,请参见 [Prometheus Docs](https://prometheus.io/docs/introduction/overview/)。 56 | -------------------------------------------------------------------------------- /examples/create-by-resource/postgres-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | password: M3pBeXpmMThxQg== 4 | username: cG9zdGdyZXM= 5 | kind: Secret 6 | metadata: 7 | labels: 8 | pg-cluster: fromcrd 9 | name: fromcrd-postgres-secret 10 | namespace: pgouser1 11 | type: Opaque 12 | -------------------------------------------------------------------------------- /examples/create-by-resource/testuser-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | password: UE5xOEVFVTBxTQ== 4 | username: dGVzdHVzZXI= 5 | kind: Secret 6 | metadata: 7 | labels: 8 | pg-cluster: fromcrd 9 | name: fromcrd-testuser-secret 10 | namespace: pgouser1 11 | resourceVersion: "143163" 12 | type: Opaque 13 | -------------------------------------------------------------------------------- /examples/custom-config/postgres-ha.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | bootstrap: 3 | dcs: 4 | postgresql: 5 | parameters: 6 | logging_collector: on 7 | log_directory: pglogs 8 | log_min_duration_statement: 0 9 | log_statement: none 10 | max_wal_senders: 6 11 | shared_preload_libraries: pgaudit.so 12 | shared_buffers: 256MB 13 | temp_buffers: 10MB 14 | work_mem: 5MB 15 | postgresql: 16 | pg_hba: 17 | - local all postgres peer 18 | - host replication primaryuser 0.0.0.0/0 md5 19 | - host all primaryuser 0.0.0.0/0 reject 20 | - host all postgres 0.0.0.0/0 md5 21 | - host all testuser1 0.0.0.0/0 md5 22 | - host all testuser2 0.0.0.0/0 md5 23 | -------------------------------------------------------------------------------- /examples/helm/README.md: -------------------------------------------------------------------------------- 1 | README -------------------------------------------------------------------------------- /examples/helm/postgres/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /examples/helm/postgres/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: radondbcrdcluster 3 | description: Helm chart for deploying a PostgreSQL cluster with the RadonDB PostgreSQL Operator 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.2.1 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 2.1.1 24 | -------------------------------------------------------------------------------- /examples/helm/postgres/templates/user-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | type: Opaque 4 | metadata: 5 | labels: 6 | pg-cluster: {{ .Values.name | quote }} 7 | vendor: radondb 8 | name: {{ .Values.name }}-{{- if .Values.username }}{{ .Values.username }}{{- else }}{{ .Values.name }}{{- end }}-secret 9 | namespace: {{ .Values.namespace | quote }} 10 | data: 11 | password: {{ .Values.password | b64enc | quote }} 12 | username: {{ if .Values.username }}{{ .Values.username | b64enc | quote }}{{- else }}{{ .Values.name | b64enc | quote }}{{- end }} 13 | -------------------------------------------------------------------------------- /examples/helm/postgres/values.yaml: -------------------------------------------------------------------------------- 1 | # The values is for the namespace and the postgresql cluster name 2 | name: hippo 3 | namespace: pgo 4 | password: W4tch0ut4hippo$ 5 | 6 | # Optional parameters 7 | # cpu: 0.25 8 | # diskSize: 5Gi 9 | # monitoring: true 10 | # ha: true 11 | # imagePrefix: docker.io/radondb 12 | # image: radondb-postgres-ha 13 | # imageTag: debian-14.2-2.1.1 14 | # memory: 1Gi 15 | -------------------------------------------------------------------------------- /examples/kustomize/createcluster/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: pgo 4 | commonLabels: 5 | vendor: radondb 6 | secretGenerator: 7 | - name: hippo-hippo-secret 8 | options: 9 | disableNameSuffixHash: true 10 | literals: 11 | - username=hippo 12 | - password=Moresecurepassword* 13 | - name: hippo-postgres-secret 14 | options: 15 | disableNameSuffixHash: true 16 | literals: 17 | - username=postgres 18 | - password=Supersecurepassword* 19 | resources: 20 | - pgcluster.yaml 21 | -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/dev/bouncer.json: -------------------------------------------------------------------------------- 1 | [ 2 | { "op": "add", "path": "/spec/pgBouncer/resources/memory", "value": "24Mi"}, 3 | { "op": "add", "path": "/spec/pgBouncer/replicas", "value": 1 } 4 | ] -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/dev/devhippo.json: -------------------------------------------------------------------------------- 1 | [ 2 | { "op": "replace", "path": "/metadata/annotations/current-primary", "value": "dev-hippo" }, 3 | { "op": "replace", "path": "/metadata/labels/radondb-pgha-scope", "value": "dev-hippo" }, 4 | { "op": "replace", "path": "/metadata/labels/deployment-name", "value": "dev-hippo" }, 5 | { "op": "replace", "path": "/metadata/labels/name", "value": "dev-hippo" }, 6 | { "op": "replace", "path": "/metadata/labels/pg-cluster", "value": "dev-hippo" }, 7 | { "op": "replace", "path": "/metadata/name", "value": "dev-hippo" }, 8 | 9 | { "op": "replace", "path": "/spec/PrimaryStorage/name", "value": "dev-hippo" }, 10 | { "op": "replace", "path": "/spec/clustername", "value": "dev-hippo" }, 11 | { "op": "replace", "path": "/spec/PrimaryStorage/name", "value": "dev-hippo" }, 12 | { "op": "replace", "path": "/spec/clustername", "value": "dev-hippo" }, 13 | { "op": "replace", "path": "/spec/database", "value": "dev-hippo" }, 14 | { "op": "replace", "path": "/spec/name", "value": "dev-hippo" } 15 | ] 16 | -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/dev/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../../base 3 | namePrefix: dev- 4 | namespace: pgo 5 | commonLabels: 6 | environment: development 7 | 8 | patchesJson6902: 9 | - target: 10 | group: radondb.com 11 | version: v1 12 | namespace: pgo 13 | kind: Pgcluster 14 | name: dev-hippo 15 | path: devhippo.json 16 | - target: 17 | group: radondb.com 18 | version: v1 19 | namespace: pgo 20 | kind: Pgcluster 21 | name: dev-hippo 22 | path: bouncer.json -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../../base 3 | namePrefix: prod- 4 | namespace: pgo 5 | commonLabels: 6 | environment: production 7 | 8 | patchesJson6902: 9 | - target: 10 | group: radondb.com 11 | version: v1 12 | namespace: pgo 13 | kind: Pgcluster 14 | name: prod-hippo 15 | path: prodhippo.json -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/prod/prodhippo.json: -------------------------------------------------------------------------------- 1 | [ 2 | { "op": "replace", "path": "/metadata/annotations/current-primary", "value": "prod-hippo" }, 3 | { "op": "replace", "path": "/metadata/labels/radondb-pgha-scope", "value": "prod-hippo" }, 4 | { "op": "replace", "path": "/metadata/labels/deployment-name", "value": "prod-hippo" }, 5 | { "op": "replace", "path": "/metadata/labels/name", "value": "prod-hippo" }, 6 | { "op": "replace", "path": "/metadata/labels/pg-cluster", "value": "prod-hippo" }, 7 | { "op": "replace", "path": "/metadata/name", "value": "prod-hippo" }, 8 | 9 | { "op": "replace", "path": "/spec/PrimaryStorage/name", "value": "prod-hippo" }, 10 | { "op": "replace", "path": "/spec/clustername", "value": "prod-hippo" }, 11 | { "op": "replace", "path": "/spec/PrimaryStorage/name", "value": "prod-hippo" }, 12 | { "op": "replace", "path": "/spec/clustername", "value": "prod-hippo" }, 13 | { "op": "replace", "path": "/spec/database", "value": "prod-hippo" }, 14 | { "op": "replace", "path": "/spec/name", "value": "prod-hippo" }, 15 | { "op": "replace", "path": "/spec/replicas", "value": "1"} 16 | ] 17 | -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/staging/annotations.json: -------------------------------------------------------------------------------- 1 | [ 2 | { "op": "add", "path": "/spec/annotations/global/favorite", "value": "hippo"}, 3 | { "op": "add", "path": "/spec/annotations/backrest/chair", "value": "comfy"}, 4 | { "op": "add", "path": "/spec/annotations/pgBouncer/pool", "value": "swimming"}, 5 | { "op": "add", "path": "/spec/annotations/postgres/elephant", "value": "cool"} 6 | ] -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/staging/hippo-rpl1-pgreplica.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: radondb.com/v1 2 | kind: Pgreplica 3 | metadata: 4 | labels: 5 | name: staging-hippo-rpl1 6 | pg-cluster: staging-hippo 7 | pgouser: admin 8 | name: hippo-rpl1 9 | namespace: pgo 10 | spec: 11 | clustername: staging-hippo 12 | name: staging-hippo-rpl1 13 | namespace: pgo 14 | replicastorage: 15 | accessmode: ReadWriteOnce 16 | matchLabels: "" 17 | name: staging-hippo-rpl1 18 | size: 2G 19 | storageclass: "" 20 | storagetype: dynamic 21 | supplementalgroups: "" 22 | userlabels: 23 | pgo-version: 2.1.1 24 | -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/staging/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../../base 3 | - hippo-rpl1-pgreplica.yaml 4 | namePrefix: staging- 5 | namespace: pgo 6 | commonLabels: 7 | environment: staging 8 | 9 | patchesJson6902: 10 | - target: 11 | group: radondb.com 12 | version: v1 13 | namespace: pgo 14 | kind: Pgcluster 15 | name: staging-hippo 16 | path: staginghippo.json 17 | - target: 18 | group: radondb.com 19 | version: v1 20 | namespace: pgo 21 | kind: Pgcluster 22 | name: staging-hippo 23 | path: annotations.json -------------------------------------------------------------------------------- /examples/kustomize/createcluster/overlay/staging/staginghippo.json: -------------------------------------------------------------------------------- 1 | [ 2 | { "op": "replace", "path": "/metadata/annotations/current-primary", "value": "staging-hippo" }, 3 | { "op": "replace", "path": "/metadata/labels/radondb-pgha-scope", "value": "staging-hippo" }, 4 | { "op": "replace", "path": "/metadata/labels/deployment-name", "value": "staging-hippo" }, 5 | { "op": "replace", "path": "/metadata/labels/name", "value": "staging-hippo" }, 6 | { "op": "replace", "path": "/metadata/labels/pg-cluster", "value": "staging-hippo" }, 7 | { "op": "replace", "path": "/metadata/name", "value": "staging-hippo" }, 8 | 9 | { "op": "replace", "path": "/spec/PrimaryStorage/name", "value": "staging-hippo" }, 10 | { "op": "replace", "path": "/spec/clustername", "value": "staging-hippo" }, 11 | { "op": "replace", "path": "/spec/PrimaryStorage/name", "value": "staging-hippo" }, 12 | { "op": "replace", "path": "/spec/clustername", "value": "staging-hippo" }, 13 | { "op": "replace", "path": "/spec/database", "value": "staging-hippo" }, 14 | { "op": "replace", "path": "/spec/name", "value": "staging-hippo" }, 15 | { "op": "replace", "path": "/spec/replicas", "value": "1"} 16 | ] 17 | -------------------------------------------------------------------------------- /examples/pgo-scc.yaml: -------------------------------------------------------------------------------- 1 | allowHostDirVolumePlugin: false 2 | allowHostIPC: false 3 | allowHostNetwork: false 4 | allowHostPID: false 5 | allowHostPorts: false 6 | allowPrivilegeEscalation: true 7 | allowPrivilegedContainer: false 8 | allowedCapabilities: null 9 | apiVersion: security.openshift.io/v1 10 | defaultAddCapabilities: null 11 | fsGroup: 12 | type: MustRunAs 13 | ranges: 14 | - max: 26 15 | min: 26 16 | - max: 2 17 | min: 2 18 | groups: 19 | - system:authenticated 20 | kind: SecurityContextConstraints 21 | metadata: 22 | annotations: 23 | kubernetes.io/description: scc for postgres 24 | name: pgo 25 | priority: null 26 | readOnlyRootFilesystem: false 27 | requiredDropCapabilities: 28 | - KILL 29 | - MKNOD 30 | - SETUID 31 | - SETGID 32 | runAsUser: 33 | type: MustRunAsRange 34 | seLinuxContext: 35 | type: RunAsAny 36 | supplementalGroups: 37 | type: RunAsAny 38 | users: [] 39 | volumes: 40 | - configMap 41 | - downwardAPI 42 | - emptyDir 43 | - persistentVolumeClaim 44 | - projected 45 | - secret 46 | -------------------------------------------------------------------------------- /examples/policy/badpolicy.sql: -------------------------------------------------------------------------------- 1 | \c userdb; 2 | CREATE adfad tablesadhhdhhht1 (a int); 3 | -------------------------------------------------------------------------------- /examples/policy/gitpolicy.sql: -------------------------------------------------------------------------------- 1 | create table gitpolicy (id int); 2 | -------------------------------------------------------------------------------- /examples/policy/jsonload.sql: -------------------------------------------------------------------------------- 1 | \c userdb; 2 | create table json_collection 3 | ( 4 | json_imported jsonb 5 | ) 6 | WITH (OIDS=FALSE); 7 | 8 | grant all on json_collection to testuser; 9 | -------------------------------------------------------------------------------- /examples/policy/policy1-insert.sql: -------------------------------------------------------------------------------- 1 | insert into policy1 (select now()); 2 | -------------------------------------------------------------------------------- /examples/policy/policy1.sql: -------------------------------------------------------------------------------- 1 | \c userdb; 2 | create table policy1 (id text); 3 | grant all on policy1 to primaryuser; 4 | -------------------------------------------------------------------------------- /examples/policy/rlspolicy.sql: -------------------------------------------------------------------------------- 1 | \c userdb; 2 | CREATE table t1 (a int); 3 | CREATE table t2 (a int); 4 | CREATE POLICY p1 ON t1 FOR ALL TO PUBLIC USING (a % 2 = 0); -- be even number 5 | CREATE POLICY p2 ON t2 FOR ALL TO PUBLIC USING (a % 2 = 1); -- be odd number 6 | -------------------------------------------------------------------------------- /examples/policy/xrayapp.sql: -------------------------------------------------------------------------------- 1 | \c userdb; 2 | create table xrayapp (id int, key varchar(40), value varchar(40)); 3 | create table a (id int); 4 | create table xraycsvtable (name varchar(40), state varchar(40), zip varchar(40)); 5 | 6 | -------------------------------------------------------------------------------- /examples/sample-ingest-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "WatchDir": "/", 3 | "DBHost": "cluster7", 4 | "DBPort": "5432", 5 | "DBName": "userdb", 6 | "DBSecret": "cluster7-postgres-secret", 7 | "DBTable": "json_collection", 8 | "DBColumn": "json_imported", 9 | "MaxJobs": 2, 10 | "PVCName": "pgo-ingest-watch-pvc", 11 | "SecurityContext": "" 12 | } 13 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/radondb/radondb-postgresql-operator 2 | 3 | go 1.15 4 | 5 | require ( 6 | github.com/fatih/color v1.9.0 7 | github.com/gorilla/mux v1.7.4 8 | github.com/iancoleman/orderedmap v0.2.0 9 | github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect 10 | github.com/mattn/go-colorable v0.1.6 // indirect 11 | github.com/nsqio/go-nsq v1.0.8 12 | github.com/robfig/cron/v3 v3.0.1 13 | github.com/sirupsen/logrus v1.5.0 14 | github.com/spf13/cobra v0.0.5 15 | github.com/spf13/pflag v1.0.5 16 | github.com/xdg/stringprep v1.0.0 17 | go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.13.0 18 | go.opentelemetry.io/otel v0.13.0 19 | go.opentelemetry.io/otel/exporters/stdout v0.13.0 20 | go.opentelemetry.io/otel/exporters/trace/jaeger v0.13.0 21 | golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 22 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 23 | gopkg.in/ini.v1 v1.66.4 24 | gopkg.in/yaml.v2 v2.4.0 25 | k8s.io/api v0.21.0 26 | k8s.io/apimachinery v0.21.0 27 | k8s.io/client-go v0.21.0 28 | sigs.k8s.io/controller-runtime v0.6.4 29 | sigs.k8s.io/yaml v1.2.0 30 | ) 31 | -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | -------------------------------------------------------------------------------- /installers/ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | retry_files_enabled = False 3 | remote_tmp=/tmp 4 | 5 | [ssh_connection] 6 | ssh_args = -o ControlMaster=no 7 | -------------------------------------------------------------------------------- /installers/ansible/inventory.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | all: 3 | hosts: 4 | localhost: 5 | vars: 6 | ansible_connection: local 7 | config_path: "{{ playbook_dir }}/values.yaml" 8 | # ================== 9 | # Installation Methods 10 | # One of the following blocks must be updated: 11 | # - Deploy into Kubernetes 12 | # - Deploy into Openshift 13 | 14 | # Deploy into Kubernetes 15 | # ================== 16 | # Note: Context name can be found using: 17 | # kubectl config current-context 18 | # ================== 19 | # kubernetes_context: '' 20 | 21 | # Deploy into Openshift 22 | # ================== 23 | # Note: openshift_host can use the format https://URL:PORT 24 | # Note: openshift_token can be used for token authentication 25 | # ================== 26 | # openshift_host: '' 27 | # openshift_skip_tls_verify: true 28 | # openshift_user: '' 29 | # openshift_password: '' 30 | # openshift_token: '' 31 | -------------------------------------------------------------------------------- /installers/ansible/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Deploy RadonDB PostgreSQL Operator 3 | hosts: all 4 | vars: 5 | max_storage_configs: 50 # the max num of storage configs that can be defined in the inventory 6 | max_resource_configs: 50 # the max num of resource configs that can be defined in the inventory 7 | gather_facts: true 8 | roles: 9 | - pgo-preflight 10 | - pgo-operator 11 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | kubernetes_context: "" 3 | kubernetes_in_cluster: "false" 4 | openshift_host: "" 5 | 6 | backrest_aws_s3_key: "" 7 | backrest_aws_s3_secret: "" 8 | backrest_aws_s3_bucket: "" 9 | backrest_aws_s3_endpoint: "" 10 | backrest_aws_s3_region: "" 11 | backrest_aws_s3_uri_style: "" 12 | backrest_aws_s3_verify_tls: "true" 13 | backrest_gcs_bucket: "" 14 | backrest_gcs_endpoint: "" 15 | backrest_gcs_key: "" 16 | backrest_gcs_key_type: "" 17 | backrest_port: "2022" 18 | service_type: "ClusterIP" 19 | 20 | cleanup: "false" 21 | common_name: "radondb" 22 | radondb_debug: "false" 23 | disable_replica_start_fail_reinit: "false" 24 | 25 | default_instance_memory: "" 26 | default_pgbackrest_memory: "" 27 | default_pgbouncer_memory: "" 28 | default_exporter_memory: "" 29 | 30 | pgo_client_install: "true" 31 | pgo_client_container_install: "true" 32 | pgo_cluster_admin: "false" 33 | pgo_disable_tls: "false" 34 | pgo_tls_no_verify: "false" 35 | pgo_disable_eventing: "false" 36 | pgo_apiserver_port: 8443 37 | pgo_tls_ca_store: "" 38 | pgo_add_os_ca_store: "false" 39 | pgo_noauth_routes: "" 40 | pgo_apiserver_url: "https://postgres-operator" 41 | pgo_client_cert_secret: "pgo.tls" 42 | pgo_image_pull_secret: "" 43 | pgo_image_pull_secret_manifest: "" 44 | pod_anti_affinity: "preferred" 45 | pod_anti_affinity_pgbackrest: "" 46 | pod_anti_affinity_pgbouncer: "" 47 | 48 | namespace: "" 49 | namespace_mode: "dynamic" 50 | reconcile_rbac: "true" 51 | 52 | delete_operator_namespace: "false" 53 | delete_watched_namespaces: "false" 54 | preserve_pg_clusters: "false" 55 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/crds/pgpolicies-crd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: pgpolicies.radondb.com 6 | labels: 7 | vendor: radondb 8 | spec: 9 | group: radondb.com 10 | names: 11 | kind: Pgpolicy 12 | listKind: PgpolicyList 13 | plural: pgpolicies 14 | singular: pgpolicy 15 | scope: Namespaced 16 | versions: 17 | - name: v1 18 | served: true 19 | storage: true 20 | schema: 21 | validation: 22 | openAPIV3Schema: 23 | type: object 24 | properties: 25 | spec: 26 | type: object 27 | properties: 28 | name: { type: string } 29 | sql: { type: string } 30 | status: { type: string } 31 | status: 32 | type: object 33 | properties: 34 | state: { type: string } 35 | message: { type: string } 36 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/crds/pgtasks-crd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: pgtasks.radondb.com 6 | labels: 7 | vendor: radondb 8 | spec: 9 | group: radondb.com 10 | names: 11 | kind: Pgtask 12 | listKind: PgtaskList 13 | plural: pgtasks 14 | singular: pgtask 15 | scope: Namespaced 16 | versions: 17 | - name: v1 18 | served: true 19 | storage: true 20 | schema: 21 | openAPIV3Schema: 22 | type: object 23 | properties: 24 | spec: 25 | type: object 26 | properties: 27 | name: { type: string } 28 | storagespec: 29 | type: object 30 | properties: 31 | name: { type: string } 32 | storageclass: { type: string } 33 | accessmode: { type: string } 34 | size: { type: string } 35 | supplementalgroups: { type: string } 36 | matchLabels: { type: string } 37 | storagetype: { type: string } 38 | tasktype: { type: string } 39 | status: { type: string } 40 | parameters: 41 | type: object 42 | additionalProperties: {type: string} 43 | status: 44 | type: object 45 | properties: 46 | state: { type: string } 47 | message: { type: string } 48 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ 3 | RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD 4 | VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX 5 | DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y 6 | ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy 7 | VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr 8 | mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr 9 | IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK 10 | mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu 11 | XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy 12 | dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye 13 | jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 14 | BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 15 | DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 16 | 9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx 17 | jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 18 | Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz 19 | ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS 20 | R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/config: -------------------------------------------------------------------------------- 1 | Host * 2 | StrictHostKeyChecking no 3 | IdentityFile /tmp/id_ed25519 4 | Port 2022 5 | User pgbackrest 6 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/README.txt: -------------------------------------------------------------------------------- 1 | JSON templates are stored in this directory, the postgres-operator 2 | will read these templates and use them for creating various Kube kinds 3 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/container-resources.json: -------------------------------------------------------------------------------- 1 | {{ if or .RequestsMemory .RequestsCPU .LimitsMemory .LimitsCPU }} 2 | "resources": { 3 | {{ if or .LimitsMemory .LimitsCPU }} 4 | "limits": { 5 | {{ if .LimitsCPU }} 6 | "cpu": "{{.LimitsCPU}}"{{ if .LimitsMemory }},{{ end }} 7 | {{ end }} 8 | {{ if .LimitsMemory }} 9 | "memory": "{{.LimitsMemory}}" 10 | {{ end }} 11 | }{{ if or .RequestsMemory .RequestsCPU }},{{ end }} 12 | {{ end }} 13 | {{ if or .RequestsMemory .RequestsCPU }} 14 | "requests": { 15 | {{ if .RequestsCPU }} 16 | "cpu": "{{.RequestsCPU}}"{{ if .RequestsMemory }},{{ end }} 17 | {{ end }} 18 | {{ if .RequestsMemory }} 19 | "memory": "{{.RequestsMemory}}" 20 | {{ end }} 21 | } 22 | {{ end }} 23 | }, 24 | {{ end }} 25 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgadmin-service-template.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "{{.Name}}", 6 | "labels": { 7 | {{ if .CustomLabels }} 8 | {{ .CustomLabels }} 9 | {{ end }} 10 | "vendor": "radondb", 11 | "name": "{{.Name}}", 12 | "pgadmin": "true", 13 | "pg-cluster": "{{.ClusterName}}" 14 | } 15 | }, 16 | "spec": { 17 | "ports": [{ 18 | "protocol": "TCP", 19 | "port": {{.Port}}, 20 | "targetPort": {{.Port}}, 21 | "nodePort": 0 22 | }], 23 | "selector": { 24 | "name": "{{.Name}}" 25 | }, 26 | "type": "ClusterIP", 27 | "sessionAffinity": "None" 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgbackrest-env-vars.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "PGBACKREST_STANZA", 3 | "value": "{{.PgbackrestStanza}}" 4 | }, 5 | { 6 | "name": "PGBACKREST_REPO1_HOST", 7 | "value": "{{.PgbackrestRepo1Host}}" 8 | }, 9 | { 10 | "name": "BACKREST_SKIP_CREATE_STANZA", 11 | "value": "true" 12 | }, 13 | { 14 | "name": "PGHA_PGBACKREST", 15 | "value": "true" 16 | }, 17 | { 18 | "name": "PGBACKREST_REPO1_PATH", 19 | "value": "{{.PgbackrestRepo1Path}}" 20 | }, 21 | { 22 | "name": "PGBACKREST_DB_PATH", 23 | "value": "{{.PgbackrestDBPath}}" 24 | }, 25 | { 26 | "name": "ENABLE_SSHD", 27 | "value": "true" 28 | }, 29 | { 30 | "name": "PGBACKREST_LOG_PATH", 31 | "value": "/tmp" 32 | }, 33 | { 34 | "name": "PGBACKREST_PG1_SOCKET_PATH", 35 | "value": "/tmp" 36 | }, 37 | { 38 | "name": "PGBACKREST_PG1_PORT", 39 | "value": "{{.PgbackrestPGPort}}" 40 | }, 41 | { 42 | "name": "PGBACKREST_REPO1_TYPE", 43 | "value": "{{.PgbackrestRepo1Type}}" 44 | }, 45 | { 46 | "name": "PGHA_PGBACKREST_LOCAL_S3_STORAGE", 47 | "value": "{{.PgbackrestLocalAndS3Storage}}" 48 | }, 49 | { 50 | "name": "PGHA_PGBACKREST_LOCAL_GCS_STORAGE", 51 | "value": "{{.PgbackrestLocalAndGCSStorage}}" 52 | }, 53 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgbackrest-gcs-env-vars.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "PGBACKREST_REPO1_GCS_BUCKET", 3 | "value": "{{.PgbackrestGCSBucket}}" 4 | }, 5 | {{ if .PgbackrestGCSEndpoint }} 6 | { 7 | "name": "PGBACKREST_REPO1_GCS_ENDPOINT", 8 | "value": "{{.PgbackrestGCSEndpoint}}" 9 | }, 10 | {{ end }} 11 | {{ if .PgbackrestGCSKeyType }} 12 | { 13 | "name": "PGBACKREST_REPO1_GCS_KEY_TYPE", 14 | "value": "{{.PgbackrestGCSKeyType}}" 15 | }, 16 | {{ end }} 17 | { 18 | "name": "PGBACKREST_REPO1_GCS_KEY", 19 | "value": "/sshd/gcs-key" 20 | }, 21 | { 22 | "name": "PGBACKREST_REPO1_HOST_CMD", 23 | "value": "/usr/local/bin/archive-push-gcs.sh" 24 | }, 25 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgbackrest-s3-env-vars.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "PGBACKREST_REPO1_S3_BUCKET", 3 | "value": "{{.PgbackrestS3Bucket}}" 4 | }, 5 | { 6 | "name": "PGBACKREST_REPO1_S3_ENDPOINT", 7 | "value": "{{.PgbackrestS3Endpoint}}" 8 | }, 9 | { 10 | "name": "PGBACKREST_REPO1_S3_REGION", 11 | "value": "{{.PgbackrestS3Region}}" 12 | }, 13 | { 14 | "name": "PGBACKREST_REPO1_S3_KEY", 15 | "valueFrom": { 16 | "secretKeyRef": { 17 | "name": "{{.PgbackrestS3SecretName}}", 18 | "key": "{{.PgbackrestS3Key}}" 19 | } 20 | } 21 | }, 22 | { 23 | "name": "PGBACKREST_REPO1_S3_KEY_SECRET", 24 | "valueFrom": { 25 | "secretKeyRef": { 26 | "name": "{{.PgbackrestS3SecretName}}", 27 | "key": "{{.PgbackrestS3KeySecret}}" 28 | } 29 | } 30 | }, 31 | { 32 | "name": "PGBACKREST_REPO1_S3_CA_FILE", 33 | "value": "/sshd/aws-s3-ca.crt" 34 | }, 35 | { 36 | "name": "PGBACKREST_REPO1_HOST_CMD", 37 | "value": "/usr/local/bin/archive-push-s3.sh" 38 | }, 39 | { 40 | "name": "PGBACKREST_REPO1_S3_URI_STYLE", 41 | "value": "{{.PgbackrestS3URIStyle}}" 42 | },{ 43 | "name": "PGHA_PGBACKREST_S3_VERIFY_TLS", 44 | "value": "{{.PgbackrestS3VerifyTLS}}" 45 | }, 46 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgbadger.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "pgbadger", 3 | "image": "{{.CCPImagePrefix}}/radondb-pgbadger:{{.CCPImageTag}}", 4 | "securityContext": { 5 | "allowPrivilegeEscalation": false, 6 | "privileged": false, 7 | "readOnlyRootFilesystem": true 8 | }, 9 | "ports": [ { 10 | "containerPort": {{.PGBadgerPort}}, 11 | "protocol": "TCP", 12 | "name": "pgbadger" 13 | } 14 | ], 15 | "readinessProbe": { 16 | "tcpSocket": { 17 | "port": {{.PGBadgerPort}} 18 | }, 19 | "initialDelaySeconds": 20, 20 | "periodSeconds": 10 21 | }, 22 | "env": [ { 23 | "name": "BADGER_TARGET", 24 | "value": "{{.BadgerTarget}}" 25 | }, { 26 | "name": "PGBADGER_SERVICE_PORT", 27 | "value": "{{.PGBadgerPort}}" 28 | } ], 29 | "resources": { 30 | "limits": { 31 | "cpu": "500m", 32 | "memory": "64Mi" 33 | } 34 | }, 35 | "volumeMounts": [ 36 | { 37 | "mountPath": "/tmp", 38 | "name": "tmp" 39 | }, 40 | { 41 | "mountPath": "/pgdata", 42 | "name": "pgdata", 43 | "readOnly": true 44 | }, 45 | { 46 | "mountPath": "/report", 47 | "name": "report", 48 | "readOnly": false 49 | } 50 | ] 51 | } 52 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgbouncer.ini: -------------------------------------------------------------------------------- 1 | [databases] 2 | * = host={{.PG_PRIMARY_SERVICE_NAME}} port={{.PG_PORT}} auth_user=pgbouncer 3 | 4 | [pgbouncer] 5 | listen_port = 5432 6 | listen_addr = * 7 | auth_type = md5 8 | auth_file = /pgconf/users.txt 9 | auth_query = SELECT username, password from pgbouncer.get_auth($1) 10 | pidfile = /tmp/pgbouncer.pid 11 | logfile = /dev/stdout 12 | admin_users = pgbouncer 13 | stats_users = pgbouncer 14 | default_pool_size = 20 15 | max_client_conn = 100 16 | max_db_connections = 0 17 | min_pool_size = 0 18 | pool_mode = session 19 | reserve_pool_size = 0 20 | reserve_pool_timeout = 5 21 | query_timeout = 0 22 | ignore_startup_parameters = extra_float_digits 23 | {{ if .TLSEnabled }} 24 | client_tls_sslmode = require 25 | client_tls_key_file = /pgconf/tls/pgbouncer/tls.key 26 | client_tls_cert_file = /pgconf/tls/pgbouncer/tls.crt 27 | client_tls_ca_file = /pgconf/tls/pgbouncer/ca.crt 28 | server_tls_sslmode = verify-ca 29 | server_tls_ca_file = /pgconf/tls/pgbouncer/ca.crt 30 | {{ end }} 31 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgbouncer_hba.conf: -------------------------------------------------------------------------------- 1 | {{ if .TLSEnabled }} 2 | hostssl all all 0.0.0.0/0 md5 3 | {{ else }} 4 | host all all 0.0.0.0/0 md5 5 | {{ end }} 6 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgmonitor-env-vars.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "PGMONITOR_PASSWORD", 3 | "valueFrom": { 4 | "secretKeyRef": { 5 | "name": "{{.ExporterSecret}}", 6 | "key": "password" 7 | } 8 | } 9 | }, 10 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-repo-service-template.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "{{.Name}}", 6 | "labels": { 7 | {{ if .CustomLabels }} 8 | {{ .CustomLabels }} 9 | {{ end }} 10 | "vendor": "radondb", 11 | "name": "{{.Name}}", 12 | "pgo-backrest-repo": "true", 13 | "pg-cluster": "{{.ClusterName}}" 14 | } 15 | }, 16 | "spec": { 17 | "ports": [{ 18 | "protocol": "TCP", 19 | "port": {{.Port}}, 20 | "targetPort": {{.Port}}, 21 | "nodePort": 0 22 | }], 23 | "selector": { 24 | "name": "{{.Name}}" 25 | }, 26 | "type": "ClusterIP", 27 | "sessionAffinity": "None" 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role-binding.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "rbac.authorization.k8s.io/v1", 3 | "kind": "RoleBinding", 4 | "metadata": { 5 | "name": "pgo-backrest-role-binding", 6 | "namespace": "{{.TargetNamespace}}", 7 | "labels": { 8 | "vendor": "radondb" 9 | } 10 | }, 11 | "roleRef": { 12 | "apiGroup": "rbac.authorization.k8s.io", 13 | "kind": "Role", 14 | "name": "pgo-backrest-role" 15 | }, 16 | "subjects": [ 17 | { 18 | "kind": "ServiceAccount", 19 | "name": "pgo-backrest", 20 | "namespace": "{{.TargetNamespace}}" 21 | } 22 | ] 23 | } 24 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "rbac.authorization.k8s.io/v1", 3 | "kind": "Role", 4 | "metadata": { 5 | "name": "pgo-backrest-role", 6 | "namespace": "{{.TargetNamespace}}", 7 | "labels": { 8 | "vendor": "radondb" 9 | } 10 | }, 11 | "rules": [ 12 | { 13 | "apiGroups": [ 14 | "" 15 | ], 16 | "resources": [ 17 | "pods" 18 | ], 19 | "verbs": [ 20 | "get", 21 | "list" 22 | ] 23 | }, 24 | { 25 | "apiGroups": [ 26 | "" 27 | ], 28 | "resources": [ 29 | "pods/exec" 30 | ], 31 | "verbs": [ 32 | "create" 33 | ] 34 | } 35 | ] 36 | } 37 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-sa.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "ServiceAccount", 4 | "metadata": { 5 | "name": "pgo-backrest", 6 | "namespace": "{{.TargetNamespace}}", 7 | "labels": { 8 | "vendor": "radondb" 9 | } 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-client.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-client.json -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-default-sa.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "ServiceAccount", 4 | "metadata": { 5 | "name": "pgo-default", 6 | "namespace": "{{.TargetNamespace}}", 7 | "labels": { 8 | "vendor": "radondb" 9 | } 10 | }, 11 | "automountServiceAccountToken": false 12 | } 13 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-pg-role-binding.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion":"rbac.authorization.k8s.io/v1", 3 | "kind":"RoleBinding", 4 | "metadata":{ 5 | "name":"pgo-pg-role-binding", 6 | "namespace":"{{.TargetNamespace}}", 7 | "labels":{ 8 | "vendor":"radondb" 9 | } 10 | }, 11 | "roleRef":{ 12 | "apiGroup":"rbac.authorization.k8s.io", 13 | "kind":"Role", 14 | "name":"pgo-pg-role" 15 | }, 16 | "subjects":[ 17 | { 18 | "kind":"ServiceAccount", 19 | "name":"pgo-pg" 20 | } 21 | ] 22 | } -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-pg-role.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion":"rbac.authorization.k8s.io/v1", 3 | "kind":"Role", 4 | "metadata":{ 5 | "name":"pgo-pg-role", 6 | "namespace":"{{.TargetNamespace}}", 7 | "labels":{ 8 | "vendor":"radondb" 9 | } 10 | }, 11 | "rules":[ 12 | { 13 | "apiGroups":[ 14 | "" 15 | ], 16 | "resources":[ 17 | "configmaps" 18 | ], 19 | "verbs":[ 20 | "create", 21 | "get", 22 | "list", 23 | "patch", 24 | "update", 25 | "watch", 26 | "delete", 27 | "deletecollection" 28 | ] 29 | }, 30 | { 31 | "apiGroups":[ 32 | "" 33 | ], 34 | "resources":[ 35 | "pods" 36 | ], 37 | "verbs":[ 38 | "get", 39 | "list", 40 | "patch", 41 | "update", 42 | "watch" 43 | ] 44 | } 45 | ] 46 | } -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-pg-sa.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion":"v1", 3 | "kind":"ServiceAccount", 4 | "metadata":{ 5 | "name":"pgo-pg", 6 | "namespace":"{{.TargetNamespace}}", 7 | "labels":{ 8 | "vendor":"radondb" 9 | } 10 | } 11 | } -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role-binding.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "rbac.authorization.k8s.io/v1", 3 | "kind": "RoleBinding", 4 | "metadata": { 5 | "name": "pgo-target-role-binding", 6 | "namespace": "{{.TargetNamespace}}", 7 | "labels": { 8 | "vendor": "radondb" 9 | } 10 | }, 11 | "roleRef": { 12 | "apiGroup": "rbac.authorization.k8s.io", 13 | "kind": "Role", 14 | "name": "pgo-target-role" 15 | }, 16 | "subjects": [ 17 | { 18 | "kind": "ServiceAccount", 19 | "name": "postgres-operator", 20 | "namespace": "{{.OperatorNamespace}}" 21 | }, 22 | { 23 | "kind": "ServiceAccount", 24 | "name": "pgo-target", 25 | "namespace": "{{.TargetNamespace}}" 26 | } 27 | ] 28 | } 29 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-sa.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "ServiceAccount", 4 | "metadata": { 5 | "name": "pgo-target", 6 | "namespace": "{{.TargetNamespace}}", 7 | "labels": { 8 | "vendor": "radondb" 9 | } 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pvc-matchlabels.json: -------------------------------------------------------------------------------- 1 | "selector": { "matchLabels": { "{{.Key}}": "{{.Value}}" } }, 2 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pvc-storageclass.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "PersistentVolumeClaim", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "{{.Name}}", 6 | "labels": { 7 | {{ if .CustomLabels }} 8 | {{ .CustomLabels }} 9 | {{ end }} 10 | "vendor": "radondb", 11 | "pg-cluster": "{{.ClusterName}}" 12 | } 13 | }, 14 | "spec": { 15 | "accessModes": [ 16 | "{{.AccessMode}}" 17 | ], 18 | {{ if .StorageClass }}"storageClassName": "{{.StorageClass}}",{{ end }} 19 | "resources": { 20 | "requests": { 21 | "storage": "{{.Size}}" 22 | } 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/pvc.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "PersistentVolumeClaim", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "{{.Name}}", 6 | "labels": { 7 | {{ if .CustomLabels }} 8 | {{ .CustomLabels }} 9 | {{ end }} 10 | "vendor": "radondb", 11 | "pg-cluster": "{{.ClusterName}}" 12 | } 13 | }, 14 | "spec": { 15 | 16 | {{.MatchLabels}} 17 | 18 | "accessModes": [ 19 | "{{.AccessMode}}" 20 | ], 21 | "resources": { 22 | "requests": { 23 | "storage": "{{.Size}}" 24 | } 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/files/pgo-configs/users.txt: -------------------------------------------------------------------------------- 1 | {{range $key, $value := .}}"{{.Username}}" "{{.Password}}" 2 | {{end}} 3 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/tasks/kubernetes.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Get Namespace Details 3 | shell: "kubectl get namespace {{ pgo_operator_namespace }}" 4 | register: namespace_details 5 | ignore_errors: yes 6 | tags: 7 | - install 8 | - update 9 | 10 | - name: Create PGO Namespace 11 | shell: "kubectl create namespace {{ pgo_operator_namespace }}" 12 | when: namespace_details.rc != 0 13 | tags: 14 | - install 15 | - update 16 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/tasks/kubernetes_auth.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Set the Kubernetes Context 3 | shell: "kubectl config use-context {{ kubernetes_context }}" 4 | when: not (kubernetes_in_cluster | bool) 5 | tags: always 6 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/tasks/kubernetes_cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Delete Watched Namespaces (Kubernetes) 3 | shell: | 4 | kubectl delete namespace {{ item }} 5 | when: delete_watched_namespaces|bool 6 | ignore_errors: yes 7 | with_items: 8 | - "{{ watched_namespaces }}" 9 | no_log: false 10 | tags: 11 | - uninstall 12 | 13 | - name: Delete Operator Namespace (Kubernetes) 14 | shell: | 15 | kubectl delete namespace {{ pgo_operator_namespace }} 16 | when: delete_operator_namespace|bool 17 | ignore_errors: yes 18 | no_log: false 19 | tags: 20 | - uninstall 21 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/tasks/openshift.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Get Project Details 3 | shell: "{{ openshift_oc_bin}} get project {{ pgo_operator_namespace }}" 4 | register: namespace_details 5 | ignore_errors: yes 6 | tags: 7 | - install 8 | - update 9 | 10 | - name: Create PGO Namespace 11 | shell: "{{ openshift_oc_bin}} new-project {{ pgo_operator_namespace }}" 12 | when: namespace_details.rc != 0 13 | tags: 14 | - install 15 | - update 16 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/tasks/openshift_auth.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - include_vars: openshift.yml 3 | tags: always 4 | 5 | - name: Authenticate with OpenShift via user and password 6 | shell: | 7 | {{ openshift_oc_bin }} login {{ openshift_host }} \ 8 | -u {{ openshift_user }} \ 9 | -p {{ openshift_password }} \ 10 | --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }} 11 | when: 12 | - openshift_user is defined and openshift_user != '' 13 | - openshift_password is defined and openshift_password != '' 14 | - openshift_token is not defined 15 | no_log: false 16 | tags: always 17 | 18 | - name: Authenticate with OpenShift via token 19 | shell: | 20 | {{ openshift_oc_bin }} login {{ openshift_host }} \ 21 | --token {{ openshift_token }} \ 22 | --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }} 23 | when: openshift_token is defined and openshift_token != '' 24 | no_log: true 25 | tags: always 26 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/tasks/openshift_cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Delete Watched Namespaces (Openshift) 3 | shell: | 4 | {{ openshift_oc_bin}} delete project {{ item }} 5 | when: delete_watched_namespaces|bool 6 | ignore_errors: yes 7 | with_items: 8 | - "{{ watched_namespaces }}" 9 | no_log: false 10 | tags: 11 | - uninstall 12 | 13 | - name: Delete Operator Namespace (Openshift) 14 | shell: | 15 | {{ openshift_oc_bin}} delete project {{ pgo_operator_namespace }} 16 | when: delete_operator_namespace|bool 17 | ignore_errors: yes 18 | no_log: false 19 | tags: 20 | - uninstall 21 | 22 | - name: Delete Operator SCC (Openshift) 23 | shell: | 24 | {{ openshift_oc_bin}} delete scc pgo 25 | ignore_errors: yes 26 | no_log: false 27 | tags: 28 | - uninstall 29 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/aws-s3-credentials.yaml.j2: -------------------------------------------------------------------------------- 1 | --- 2 | aws-s3-key: {{ backrest_aws_s3_key }} 3 | aws-s3-key-secret: {{ backrest_aws_s3_secret }} 4 | gcs-key: {{ backrest_gcs_key }} 5 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/cluster-rbac-readonly.yaml.j2: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ClusterRole 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: pgo-cluster-role 6 | labels: 7 | vendor: radondb 8 | rules: 9 | - apiGroups: 10 | - '' 11 | resources: 12 | - namespaces 13 | verbs: 14 | - get 15 | - list 16 | - watch 17 | --- 18 | apiVersion: rbac.authorization.k8s.io/v1 19 | kind: ClusterRoleBinding 20 | metadata: 21 | name: pgo-cluster-role 22 | labels: 23 | vendor: radondb 24 | roleRef: 25 | apiGroup: rbac.authorization.k8s.io 26 | kind: ClusterRole 27 | name: pgo-cluster-role 28 | subjects: 29 | - kind: ServiceAccount 30 | name: postgres-operator 31 | namespace: {{ pgo_operator_namespace }} 32 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/local-namespace-rbac.yaml.j2: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Role 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: pgo-local-ns 6 | labels: 7 | vendor: radondb 8 | rules: 9 | - apiGroups: 10 | - '' 11 | resources: 12 | - serviceaccounts 13 | verbs: 14 | - get 15 | - create 16 | - update 17 | - delete 18 | - apiGroups: 19 | - rbac.authorization.k8s.io 20 | resources: 21 | - roles 22 | - rolebindings 23 | verbs: 24 | - get 25 | - create 26 | - update 27 | - delete 28 | --- 29 | apiVersion: rbac.authorization.k8s.io/v1 30 | kind: RoleBinding 31 | metadata: 32 | name: pgo-local-ns 33 | labels: 34 | vendor: radondb 35 | roleRef: 36 | apiGroup: rbac.authorization.k8s.io 37 | kind: Role 38 | name: pgo-local-ns 39 | subjects: 40 | - kind: ServiceAccount 41 | name: postgres-operator 42 | namespace: {{ pgo_operator_namespace }} 43 | --- 44 | apiVersion: rbac.authorization.k8s.io/v1 45 | kind: RoleBinding 46 | metadata: 47 | name: pgo-target-role-binding 48 | labels: 49 | vendor: radondb 50 | roleRef: 51 | apiGroup: rbac.authorization.k8s.io 52 | kind: Role 53 | name: pgo-target-role 54 | subjects: 55 | - kind: ServiceAccount 56 | name: postgres-operator 57 | namespace: {{ pgo_operator_namespace }} 58 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/pgo-role-rbac.yaml.j2: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Role 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: pgo-role 6 | namespace: {{ pgo_operator_namespace }} 7 | labels: 8 | vendor: radondb 9 | rules: 10 | - apiGroups: 11 | - '' 12 | resources: 13 | - serviceaccounts 14 | verbs: 15 | - get 16 | - apiGroups: 17 | - '' 18 | resources: 19 | - configmaps 20 | - secrets 21 | verbs: 22 | - get 23 | - list 24 | - create 25 | - update 26 | - delete 27 | --- 28 | apiVersion: rbac.authorization.k8s.io/v1 29 | kind: RoleBinding 30 | metadata: 31 | name: pgo-role 32 | namespace: {{ pgo_operator_namespace }} 33 | labels: 34 | vendor: radondb 35 | roleRef: 36 | apiGroup: rbac.authorization.k8s.io 37 | kind: Role 38 | name: pgo-role 39 | subjects: 40 | - kind: ServiceAccount 41 | name: postgres-operator 42 | namespace: {{ pgo_operator_namespace }} 43 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/pgo-service-account.yaml.j2: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: postgres-operator 6 | namespace: {{ pgo_operator_namespace }} 7 | labels: 8 | vendor: radondb 9 | imagePullSecrets: 10 | {% if ccp_image_pull_secret %} 11 | - name: {{ ccp_image_pull_secret }} 12 | {% endif %} 13 | {% if pgo_image_pull_secret and ccp_image_pull_secret != pgo_image_pull_secret %} 14 | - name: {{ pgo_image_pull_secret }} 15 | {% endif %} 16 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/pgorole-pgoadmin.yaml.j2: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | labels: 5 | pgo-created-by: bootstrap 6 | pgo-pgorole: "true" 7 | rolename: {{ pgo_admin_role_name }} 8 | vendor: radondb 9 | name: pgorole-{{ pgo_admin_role_name }} 10 | namespace: {{ pgo_operator_namespace }} 11 | type: Opaque 12 | data: 13 | permissions: "{{ pgo_admin_perms | b64encode }}" 14 | rolename: {{ pgo_admin_role_name | b64encode }} 15 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/pgouser-admin.yaml.j2: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | labels: 5 | pgo-created-by: bootstrap 6 | pgo-pgouser: "true" 7 | username: {{ pgo_admin_username }} 8 | vendor: radondb 9 | name: pgouser-{{ pgo_admin_username }} 10 | namespace: {{ pgo_operator_namespace }} 11 | type: Opaque 12 | data: 13 | password: '{{ pgo_admin_password | b64encode }}' 14 | username: '{{ pgo_admin_username | b64encode }}' 15 | roles: '{{ pgo_admin_role_name | b64encode }}' 16 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/pgouser.local.j2: -------------------------------------------------------------------------------- 1 | {{ pgo_admin_username }}:{{ pgo_admin_password }} 2 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/templates/service.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "postgres-operator", 6 | "labels": { 7 | "name": "postgres-operator", 8 | "vendor": "radondb" 9 | } 10 | }, 11 | "spec": { 12 | "ports": [ 13 | { 14 | "name": "apiserver", 15 | "protocol": "TCP", 16 | "port": {{ pgo_apiserver_port }}, 17 | "targetPort": {{ pgo_apiserver_port }} 18 | }, 19 | { 20 | "name": "nsqadmin", 21 | "protocol": "TCP", 22 | "port": 4171, 23 | "targetPort": 4171 24 | }, 25 | { 26 | "name": "nsqd", 27 | "protocol": "TCP", 28 | "port": 4150, 29 | "targetPort": 4150 30 | } 31 | ], 32 | "selector": { 33 | "name": "postgres-operator" 34 | }, 35 | "type": "ClusterIP", 36 | "sessionAffinity": "None" 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | pgo_client_url: "https://github.com/radondb/radondb-postgresql-operator/releases/download/v{{ pgo_client_version }}" 3 | pgo_keys_dir: "{{ ansible_env.HOME }}/.pgo/{{ pgo_operator_namespace }}" 4 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-operator/vars/openshift.yml: -------------------------------------------------------------------------------- 1 | --- 2 | openshift_oc_bin: "oc" 3 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-preflight/tasks/check_kubernetes.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if the kubectl command is installed 3 | shell: which kubectl 4 | register: kubectl_result 5 | ignore_errors: yes 6 | tags: always 7 | 8 | - name: Ensure kubectl is installed 9 | assert: 10 | that: 11 | - kubectl_result.rc == 0 12 | msg: "Install kubectl: https://kubernetes.io/docs/tasks/tools/install-kubectl/" 13 | tags: always 14 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-preflight/tasks/check_openshift.yml: -------------------------------------------------------------------------------- 1 | # check_openshift.yml 2 | --- 3 | - name: openshift_token should be defined 4 | assert: 5 | that: 6 | - openshift_token != '' 7 | msg: "Set the value of 'openshift_token' in the inventory file." 8 | when: 9 | - openshift_token is defined 10 | tags: always 11 | 12 | - name: openshift_user should be defined 13 | assert: 14 | that: 15 | - openshift_user is defined and openshift_user != '' 16 | msg: "Set the value of 'openshift_user' in the inventory file." 17 | when: openshift_token is not defined 18 | tags: always 19 | 20 | - name: openshift_password should be defined 21 | assert: 22 | that: 23 | - openshift_password is defined and openshift_password != '' 24 | msg: "Set the value of 'openshift_password' in the inventory file." 25 | when: openshift_token is not defined 26 | tags: always 27 | 28 | - name: Check if the oc command is installed 29 | shell: which oc 30 | register: oc_result 31 | ignore_errors: yes 32 | tags: always 33 | 34 | - name: Ensure OpenShift CLI is installed 35 | assert: 36 | that: 37 | - oc_result.rc == 0 38 | msg: "Install the OpenShift CLI (oc)" 39 | tags: always 40 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-preflight/tasks/check_vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if mandatory variables are defined 3 | fail: 4 | msg: Please specify a value for variable {{ item }} in your values.yaml 5 | tags: always 6 | when: "lookup('vars', item, default='') == ''" 7 | with_items: 8 | - pgo_operator_namespace 9 | - pgo_installation_name 10 | - pgo_admin_username 11 | - pgo_admin_role_name 12 | - pgo_admin_perms 13 | - ccp_image_prefix 14 | - ccp_image_tag 15 | - pgo_image_prefix 16 | - pgo_image_tag 17 | - disable_auto_failover 18 | - badger 19 | - metrics 20 | - archive_mode 21 | - archive_timeout 22 | - db_password_length 23 | - create_rbac 24 | - db_port 25 | - db_replicas 26 | - db_user 27 | - backrest_storage 28 | - backup_storage 29 | - primary_storage 30 | - replica_storage 31 | - pgo_client_version 32 | - pgbadgerport 33 | - exporterport 34 | - scheduler_timeout 35 | - namespace_mode 36 | - reconcile_rbac 37 | -------------------------------------------------------------------------------- /installers/ansible/roles/pgo-preflight/tasks/vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Include values.yml 3 | tags: always 4 | block: 5 | - name: Check for "{{ config_path }}" 6 | stat: 7 | path: "{{ config_path }}" 8 | register: conf_path_result 9 | 10 | - fail: 11 | msg: "Please provide a valid path to your values.yaml file. Expected path: {{ config_path }}" 12 | when: 13 | - not conf_path_result.stat.exists 14 | 15 | - include_vars: "{{ config_path }}" 16 | -------------------------------------------------------------------------------- /installers/helm/.helmignore: -------------------------------------------------------------------------------- 1 | helm_template.yaml 2 | -------------------------------------------------------------------------------- /installers/helm/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: postgres-operator 3 | description: 'PGO: The Postgres Operator from RadonDB Helm Chart for Kubernetes' 4 | type: application 5 | version: 0.2.1 6 | appVersion: 2.1.1 7 | home: https://github.com/radondb/radondb-postgresql-operator 8 | icon: https://github.com/radondb/radondb-postgresql-operator/raw/master/docs/static/logos/pgo.svg 9 | keywords: 10 | - PostgreSQL 11 | - Operator 12 | - Database 13 | - Postgres 14 | - SQL 15 | - NoSQL 16 | - RDBMS 17 | -------------------------------------------------------------------------------- /installers/helm/helm_template.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # ====================== 3 | # Installer Controls 4 | # ====================== 5 | fullnameOverride: "" 6 | 7 | # rbac: settings for deployer RBAC creation 8 | rbac: 9 | # rbac.create: if false RBAC resources should be in place 10 | create: true 11 | # rbac.useClusterAdmin: creates a ClusterRoleBinding giving cluster-admin to serviceAccount.name 12 | useClusterAdmin: false 13 | 14 | # serviceAccount: settings for Service Account used by the deployer 15 | serviceAccount: 16 | # serviceAccount.create: Whether to create a Service Account or not 17 | create: true 18 | # serviceAccount.name: The name of the Service Account to create or use 19 | name: "" 20 | 21 | -------------------------------------------------------------------------------- /installers/helm/templates/_deployer_job_spec.yaml: -------------------------------------------------------------------------------- 1 | {{- define "deployerJob.spec" }} 2 | spec: 3 | backoffLimit: 0 4 | template: 5 | metadata: 6 | name: pgo-deploy 7 | labels: 8 | {{ include "postgres-operator.labels" . | indent 8 }} 9 | spec: 10 | serviceAccountName: {{ include "postgres-operator.serviceAccountName" . }} 11 | restartPolicy: Never 12 | containers: 13 | - name: pgo-deploy 14 | image: {{ .Values.pgo_image_prefix }}/pgo-deployer:{{ .Values.pgo_image_tag }} 15 | imagePullPolicy: IfNotPresent 16 | env: 17 | - name: DEPLOY_ACTION 18 | value: "{{ .deployAction }}" 19 | volumeMounts: 20 | - name: deployer-conf 21 | mountPath: "/conf" 22 | volumes: 23 | - name: deployer-conf 24 | configMap: 25 | name: {{ template "postgres-operator.fullname" . }}-cm 26 | {{- end }} -------------------------------------------------------------------------------- /installers/helm/templates/postgres-operator-install.yaml: -------------------------------------------------------------------------------- 1 | {{ $_ := set . "deployAction" "install" }} 2 | --- 3 | apiVersion: batch/v1 4 | kind: Job 5 | metadata: 6 | name: pgo-deploy-install 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{ include "postgres-operator.labels" . | indent 4 }} 10 | annotations: 11 | helm.sh/hook: post-install 12 | helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation 13 | {{ template "deployerJob.spec" . }} 14 | -------------------------------------------------------------------------------- /installers/helm/templates/postgres-operator-uninstall.yaml: -------------------------------------------------------------------------------- 1 | {{ $_ := set . "deployAction" "uninstall" }} 2 | --- 3 | apiVersion: batch/v1 4 | kind: Job 5 | metadata: 6 | name: pgo-deploy-uninstall 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{ include "postgres-operator.labels" . | indent 4 }} 10 | annotations: 11 | helm.sh/hook: pre-delete 12 | helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation 13 | {{ template "deployerJob.spec" . }} 14 | -------------------------------------------------------------------------------- /installers/helm/templates/postgres-operator-upgrade.yaml: -------------------------------------------------------------------------------- 1 | {{ $_ := set . "deployAction" "update" }} 2 | --- 3 | apiVersion: batch/v1 4 | kind: Job 5 | metadata: 6 | name: pgo-deploy-upgrade 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{ include "postgres-operator.labels" . | indent 4 }} 10 | annotations: 11 | helm.sh/hook: post-upgrade 12 | helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation 13 | {{ template "deployerJob.spec" . }} 14 | -------------------------------------------------------------------------------- /installers/helm/templates/values_configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "postgres-operator.fullname" . }}-cm 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | {{ include "postgres-operator.labels" . | indent 4 }} 8 | data: 9 | {{ include "postgres-operator.values" . | indent 2}} 10 | -------------------------------------------------------------------------------- /installers/image/bin/pgo-deploy.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, 10 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | # See the License for the specific language governing permissions and 12 | # limitations under the License. 13 | 14 | export DEPLOY_ACTION=${DEPLOY_ACTION:-install} 15 | 16 | /usr/bin/env ansible-playbook \ 17 | -i "/ansible/${PLAYBOOK:-postgres-operator}/inventory.yaml" \ 18 | --extra-vars "kubernetes_in_cluster=true" \ 19 | --extra-vars "config_path=/conf/values.yaml" \ 20 | --tags=$DEPLOY_ACTION \ 21 | "/ansible/${PLAYBOOK:-postgres-operator}/main.yml" 22 | -------------------------------------------------------------------------------- /installers/image/conf/kubernetes.repo: -------------------------------------------------------------------------------- 1 | [kubernetes] 2 | name=Kubernetes 3 | baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ 4 | enabled=1 5 | gpgcheck=1 6 | repo_gpgcheck=1 7 | gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg -------------------------------------------------------------------------------- /installers/metrics/ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | retry_files_enabled = False 3 | remote_tmp=/tmp 4 | 5 | [ssh_connection] 6 | ssh_args = -o ControlMaster=no 7 | -------------------------------------------------------------------------------- /installers/metrics/ansible/inventory.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | all: 3 | hosts: 4 | localhost: 5 | vars: 6 | ansible_connection: local 7 | config_path: "{{ playbook_dir }}/values.yaml" 8 | # ================== 9 | # Installation Methods 10 | # One of the following blocks must be updated: 11 | # - Deploy into Kubernetes 12 | # - Deploy into Openshift 13 | 14 | # Deploy into Kubernetes 15 | # ================== 16 | # Note: Context name can be found using: 17 | # kubectl config current-context 18 | # ================== 19 | # kubernetes_context: '' 20 | 21 | # Deploy into Openshift 22 | # ================== 23 | # Note: openshift_host can use the format https://URL:PORT 24 | # Note: openshift_token can be used for token authentication 25 | # ================== 26 | # openshift_host: '' 27 | # openshift_skip_tls_verify: true 28 | # openshift_user: '' 29 | # openshift_password: '' 30 | # openshift_token: '' 31 | -------------------------------------------------------------------------------- /installers/metrics/ansible/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Deploy RadonDB PostgreSQL Operator Monitoring 3 | hosts: all 4 | gather_facts: true 5 | roles: 6 | - pgo-metrics-preflight 7 | - pgo-metrics 8 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics-preflight/tasks/check_kubernetes.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if the kubectl command is installed 3 | shell: which kubectl 4 | register: kubectl_result 5 | ignore_errors: yes 6 | tags: always 7 | 8 | - name: Ensure kubectl is installed 9 | assert: 10 | that: 11 | - kubectl_result.rc == 0 12 | msg: "Install kubectl: https://kubernetes.io/docs/tasks/tools/install-kubectl/" 13 | tags: always 14 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics-preflight/tasks/check_openshift.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: openshift_token should be defined 3 | assert: 4 | that: 5 | - openshift_token != '' 6 | msg: "Set the value of 'openshift_token' in the inventory file." 7 | when: 8 | - openshift_token is defined 9 | tags: always 10 | 11 | - name: openshift_user should be defined 12 | assert: 13 | that: 14 | - openshift_user is defined and openshift_user != '' 15 | msg: "Set the value of 'openshift_user' in the inventory file." 16 | when: openshift_token is not defined 17 | tags: always 18 | 19 | - name: openshift_password should be defined 20 | assert: 21 | that: 22 | - openshift_password is defined and openshift_password != '' 23 | msg: "Set the value of 'openshift_password' in the inventory file." 24 | when: openshift_token is not defined 25 | tags: always 26 | 27 | - name: Check if the oc command is installed 28 | shell: which oc 29 | register: oc_result 30 | ignore_errors: yes 31 | tags: always 32 | 33 | - name: Ensure OpenShift CLI is installed 34 | assert: 35 | that: 36 | - oc_result.rc == 0 37 | msg: "Install the OpenShift CLI (oc)" 38 | tags: always 39 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics-preflight/tasks/check_vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if mandatory metrics variables are defined 3 | fail: 4 | msg: Please specify a value for variable {{ item }} in your values.yaml 5 | tags: always 6 | when: "lookup('vars', item, default='') == ''" 7 | loop: 8 | - metrics_namespace 9 | - pgmonitor_version -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics-preflight/tasks/preflight-alertmanager.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if inventory file variables are defined for Alertmanager 3 | tags: always 4 | fail: 5 | msg: "Please specify the value of {{item}} in your inventory file" 6 | when: lookup('vars', item, default='') == '' 7 | loop: 8 | - alertmanager_configmap 9 | - alertmanager_rules_configmap 10 | - alertmanager_image_name 11 | - alertmanager_image_prefix 12 | - alertmanager_image_tag 13 | - alertmanager_log_level 14 | - alertmanager_port 15 | - alertmanager_service_name 16 | - alertmanager_service_type 17 | - alertmanager_storage_access_mode 18 | - alertmanager_volume_size 19 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics-preflight/tasks/preflight-grafana.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if inventory file variables are defined for Grafana 3 | tags: always 4 | fail: 5 | msg: "Please specify the value of {{item}} in your inventory file" 6 | when: lookup('vars', item, default='') == '' 7 | loop: 8 | - grafana_admin_username 9 | - grafana_admin_password 10 | - grafana_dashboards_configmap 11 | - grafana_datasources_configmap 12 | - grafana_image_name 13 | - grafana_image_prefix 14 | - grafana_image_tag 15 | - grafana_port 16 | - grafana_service_name 17 | - grafana_service_type 18 | - grafana_storage_access_mode 19 | - grafana_volume_size 20 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics-preflight/tasks/preflight-prometheus.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if inventory file variables are defined for Prometheus 3 | fail: msg="Please specify the value of {{item}} in your inventory file" 4 | tags: always 5 | when: lookup('vars', item, default='') == '' 6 | loop: 7 | - db_port 8 | - pgbadgerport 9 | - prometheus_configmap 10 | - prometheus_image_name 11 | - prometheus_image_prefix 12 | - prometheus_image_tag 13 | - prometheus_port 14 | - prometheus_service_name 15 | - prometheus_service_type 16 | - prometheus_storage_access_mode 17 | - prometheus_volume_size 18 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics-preflight/tasks/vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Include values.yml 3 | tags: always 4 | block: 5 | - name: Check for "{{ config_path }}" 6 | stat: 7 | path: "{{ config_path }}" 8 | register: conf_path_result 9 | 10 | - fail: 11 | msg: "Please provide a valid path to your values.yaml file. Expected path: {{ config_path }}" 12 | when: 13 | - not conf_path_result.stat.exists 14 | 15 | - include_vars: "{{ config_path }}" 16 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/tasks/kubernetes.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create Namespace {{ metrics_namespace }} 3 | command: "kubectl create namespace {{ metrics_namespace }}" 4 | register: create_metrics_namespace_result 5 | failed_when: 6 | - create_metrics_namespace_result.rc != 0 7 | - "'AlreadyExists' not in create_metrics_namespace_result.stderr" 8 | tags: install-metrics 9 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/tasks/kubernetes_auth.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Set the Kubernetes Context 3 | shell: "kubectl config use-context {{ kubernetes_context }}" 4 | when: not (kubernetes_in_cluster | bool) 5 | tags: always 6 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/tasks/kubernetes_cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Delete Metrics Namespace (Kubernetes) 3 | command: "kubectl delete namespace {{ metrics_namespace }}" 4 | when: delete_metrics_namespace | bool 5 | ignore_errors: yes 6 | tags: uninstall-metrics 7 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/tasks/openshift.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create Project {{ metrics_namespace }} 3 | command: "{{ openshift_oc_bin}} new-project {{ metrics_namespace }}" 4 | register: create_metrics_project_result 5 | failed_when: 6 | - create_metrics_project_result.rc != 0 7 | - "'AlreadyExists' not in create_metrics_project_result.stderr" 8 | tags: install-metrics 9 | 10 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/tasks/openshift_auth.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - include_vars: openshift.yml 3 | tags: always 4 | 5 | - name: Authenticate with OpenShift via user and password 6 | command: | 7 | {{ openshift_oc_bin }} login {{ openshift_host }} \ 8 | -u {{ openshift_user }} \ 9 | -p {{ openshift_password }} \ 10 | --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }} 11 | when: 12 | - openshift_user is defined and openshift_user != '' 13 | - openshift_password is defined and openshift_password != '' 14 | - openshift_token is not defined 15 | no_log: true 16 | tags: always 17 | 18 | - name: Authenticate with OpenShift via token 19 | command: | 20 | {{ openshift_oc_bin }} login {{ openshift_host }} \ 21 | --token {{ openshift_token }} \ 22 | --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }} 23 | when: openshift_token is defined and openshift_token != '' 24 | no_log: true 25 | tags: always 26 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/tasks/openshift_cleanup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Delete Metrics Namespace (Openshift) 3 | command: "{{ openshift_oc_bin}} delete project {{ metrics_namespace }}" 4 | when: delete_metrics_namespace | bool 5 | ignore_errors: yes 6 | tags: uninstall-metrics 7 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/alertmanager-pvc.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "PersistentVolumeClaim", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "alertmanagerdata", 6 | "labels": { 7 | "app.kubernetes.io/name": "{{ app_name }}" 8 | } 9 | }, 10 | "spec": { 11 | "accessModes": [ 12 | "{{ alertmanager_storage_access_mode }}" 13 | ], 14 | {% if alertmanager_storage_class_name is defined and alertmanager_storage_class_name != '' %} 15 | "storageClassName": "{{ alertmanager_storage_class_name }}", 16 | {% endif %} 17 | "resources": { 18 | "requests": { 19 | "storage": "{{ alertmanager_volume_size }}" 20 | } 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/alertmanager-rbac.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "ServiceAccount", 4 | "metadata": { 5 | "name": "alertmanager", 6 | "labels": { 7 | "app.kubernetes.io/name": "{{ app_name }}" 8 | } 9 | }, 10 | "automountServiceAccountToken": false, 11 | "imagePullSecrets": [ 12 | {% if metrics_image_pull_secret %} 13 | { "name": "{{ metrics_image_pull_secret }}" } 14 | {% endif %} 15 | ] 16 | } 17 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/alertmanager-service.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "{{ alertmanager_service_name }}", 6 | "labels": { 7 | "name": "{{ alertmanager_service_name }}", 8 | "app.kubernetes.io/name": "{{ app_name }}" 9 | } 10 | }, 11 | "spec": { 12 | "ports": [ 13 | { 14 | "name": "alertmanager", 15 | "protocol": "TCP", 16 | "port": {{ alertmanager_port }}, 17 | "targetPort": {{ alertmanager_port }} 18 | } 19 | ], 20 | "selector": { 21 | "name": "{{ alertmanager_service_name }}" 22 | }, 23 | "type": "{{ alertmanager_service_type }}", 24 | "sessionAffinity": "None" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/grafana-pvc.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "PersistentVolumeClaim", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "grafanadata", 6 | "labels": { 7 | "app.kubernetes.io/name": "{{ app_name }}" 8 | } 9 | }, 10 | "spec": { 11 | "accessModes": [ 12 | "{{ grafana_storage_access_mode }}" 13 | ], 14 | {% if grafana_storage_class_name is defined and grafana_storage_class_name != '' %} 15 | "storageClassName": "{{ grafana_storage_class_name }}", 16 | {% endif %} 17 | "resources": { 18 | "requests": { 19 | "storage": "{{ grafana_volume_size }}" 20 | } 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/grafana-rbac.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "ServiceAccount", 4 | "metadata": { 5 | "name": "grafana", 6 | "labels": { 7 | "app.kubernetes.io/name": "{{ app_name }}" 8 | } 9 | }, 10 | "automountServiceAccountToken": false, 11 | "imagePullSecrets": [ 12 | {% if metrics_image_pull_secret %} 13 | { "name": "{{ metrics_image_pull_secret }}" } 14 | {% endif %} 15 | ] 16 | } 17 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/grafana-secret.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "Secret", 4 | "metadata": { 5 | "name": "grafana-secret", 6 | "labels": { 7 | "app.kubernetes.io/name": "{{ app_name }}" 8 | } 9 | }, 10 | "type": "Opaque", 11 | "stringData": { 12 | "username": "{{ grafana_admin_username }}", 13 | "password": "{{ grafana_admin_password }}" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/grafana-service.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "{{ grafana_service_name }}", 6 | "labels": { 7 | "name": "{{ grafana_service_name }}", 8 | "app.kubernetes.io/name": "{{ app_name }}" 9 | } 10 | }, 11 | "spec": { 12 | "ports": [ 13 | { 14 | "name": "grafana", 15 | "protocol": "TCP", 16 | "port": {{ grafana_port }}, 17 | "targetPort": {{ grafana_port }} 18 | } 19 | ], 20 | "selector": { 21 | "name": "{{ grafana_service_name }}" 22 | }, 23 | "type": "{{ grafana_service_type }}", 24 | "sessionAffinity": "None" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/prometheus-pvc.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "PersistentVolumeClaim", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "prometheusdata", 6 | "labels": { 7 | "app.kubernetes.io/name": "{{ app_name }}" 8 | } 9 | }, 10 | "spec": { 11 | "accessModes": [ 12 | "{{ prometheus_storage_access_mode }}" 13 | ], 14 | {% if prometheus_storage_class_name is defined and prometheus_storage_class_name != '' %} 15 | "storageClassName": "{{ prometheus_storage_class_name }}", 16 | {% endif %} 17 | "resources": { 18 | "requests": { 19 | "storage": "{{ prometheus_volume_size }}" 20 | } 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/templates/prometheus-service.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "{{ prometheus_service_name }}", 6 | "labels": { 7 | "name": "{{ prometheus_service_name }}", 8 | "app.kubernetes.io/name": "{{ app_name }}" 9 | } 10 | }, 11 | "spec": { 12 | "ports": [ 13 | { 14 | "name": "prometheus", 15 | "protocol": "TCP", 16 | "port": {{ prometheus_port }}, 17 | "targetPort": {{ prometheus_port }} 18 | } 19 | ], 20 | "selector": { 21 | "name": "{{ prometheus_service_name }}" 22 | }, 23 | "type": "{{ prometheus_service_type }}", 24 | "sessionAffinity": "None" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /installers/metrics/ansible/roles/pgo-metrics/vars/openshift.yml: -------------------------------------------------------------------------------- 1 | --- 2 | openshift_oc_bin: "oc" 3 | -------------------------------------------------------------------------------- /installers/metrics/helm/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: postgres-operator-monitoring 3 | description: Install for RadonDB PostgreSQL Operator Monitoring 4 | type: application 5 | version: 0.2.0 6 | appVersion: 2.1.1 7 | home: https://github.com/radondb/radondb-postgresql-operator 8 | icon: https://github.com/radondb/radondb-postgresql-operator/raw/master/docs/static/logos/pgo.svg 9 | -------------------------------------------------------------------------------- /installers/metrics/helm/helm_template.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # ====================== 3 | # Installer Controls 4 | # ====================== 5 | fullnameOverride: "" 6 | 7 | # rbac: settings for deployer RBAC creation 8 | rbac: 9 | # rbac.create: if false RBAC resources should be in place 10 | create: true 11 | # rbac.useClusterAdmin: creates a ClusterRoleBinding giving cluster-admin to serviceAccount.name 12 | useClusterAdmin: false 13 | 14 | # serviceAccount: settings for Service Account used by the deployer 15 | serviceAccount: 16 | # serviceAccount.create: Whether to create a Service Account or not 17 | create: true 18 | # serviceAccount.name: The name of the Service Account to create or use 19 | name: "" 20 | 21 | # the image prefix and tag to use for the 'pgo-deployer' container 22 | pgo_image_prefix: "docker.io/radondb" 23 | pgo_image_tag: "debian-2.1.1" 24 | 25 | -------------------------------------------------------------------------------- /installers/metrics/helm/templates/_deployer_job_spec.yaml: -------------------------------------------------------------------------------- 1 | {{- define "deployerJob.spec" }} 2 | spec: 3 | backoffLimit: 0 4 | template: 5 | metadata: 6 | name: pgo-metrics-deploy 7 | labels: 8 | {{ include "postgres-operator.labels" . | indent 8 }} 9 | spec: 10 | serviceAccountName: {{ include "postgres-operator.serviceAccountName" . }} 11 | restartPolicy: Never 12 | containers: 13 | - name: pgo-metrics-deploy 14 | image: {{ .Values.pgo_image_prefix }}/pgo-deployer:{{ .Values.pgo_image_tag }} 15 | imagePullPolicy: IfNotPresent 16 | env: 17 | - name: DEPLOY_ACTION 18 | value: "{{ .deployAction }}" 19 | - name: PLAYBOOK 20 | value: metrics 21 | volumeMounts: 22 | - name: deployer-conf 23 | mountPath: "/conf" 24 | volumes: 25 | - name: deployer-conf 26 | configMap: 27 | name: {{ template "postgres-operator.fullname" . }}-cm 28 | {{- end }} -------------------------------------------------------------------------------- /installers/metrics/helm/templates/postgres-operator-metrics-install.yaml: -------------------------------------------------------------------------------- 1 | {{ $_ := set . "deployAction" "install-metrics" }} 2 | --- 3 | apiVersion: batch/v1 4 | kind: Job 5 | metadata: 6 | name: pgo-metrics-deploy 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{ include "postgres-operator.labels" . | indent 4 }} 10 | annotations: 11 | helm.sh/hook: post-install 12 | helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation 13 | {{ template "deployerJob.spec" . }} 14 | -------------------------------------------------------------------------------- /installers/metrics/helm/templates/postgres-operator-metrics-uninstall.yaml: -------------------------------------------------------------------------------- 1 | {{ $_ := set . "deployAction" "uninstall-metrics" }} 2 | --- 3 | apiVersion: batch/v1 4 | kind: Job 5 | metadata: 6 | name: pgo-metrics-deploy 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{ include "postgres-operator.labels" . | indent 4 }} 10 | annotations: 11 | helm.sh/hook: pre-delete 12 | helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation 13 | {{ template "deployerJob.spec" . }} 14 | -------------------------------------------------------------------------------- /installers/metrics/helm/templates/postgres-operator-metrics-upgrade.yaml: -------------------------------------------------------------------------------- 1 | {{ $_ := set . "deployAction" "update-metrics" }} 2 | --- 3 | apiVersion: batch/v1 4 | kind: Job 5 | metadata: 6 | name: pgo-metrics-deploy 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{ include "postgres-operator.labels" . | indent 4 }} 10 | annotations: 11 | helm.sh/hook: post-upgrade 12 | helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation 13 | {{ template "deployerJob.spec" . }} 14 | -------------------------------------------------------------------------------- /installers/metrics/helm/templates/values_configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "postgres-operator.fullname" . }}-cm 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | {{ include "postgres-operator.labels" . | indent 4 }} 8 | data: 9 | {{ include "postgres-operator.values" . | indent 2}} 10 | -------------------------------------------------------------------------------- /installers/olm/.gitignore: -------------------------------------------------------------------------------- 1 | /package/ 2 | -------------------------------------------------------------------------------- /installers/olm/postgresql.package.yaml: -------------------------------------------------------------------------------- 1 | packageName: '${PACKAGE_NAME}' 2 | defaultChannel: stable 3 | channels: 4 | - name: stable 5 | currentCSV: 'postgresoperator.v${PGO_VERSION}' 6 | -------------------------------------------------------------------------------- /internal/apiserver/backupoptions/backupoptionsutil_test.go: -------------------------------------------------------------------------------- 1 | package backupoptions 2 | 3 | /* 4 | Copyright 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import "testing" 19 | 20 | func TestIsValidCompressType(t *testing.T) { 21 | tests := []struct { 22 | compressType string 23 | expected bool 24 | }{ 25 | {compressType: "bz2", expected: true}, 26 | {compressType: "gz", expected: true}, 27 | {compressType: "none", expected: true}, 28 | {compressType: "lz4", expected: true}, 29 | {compressType: "zst", expected: false}, 30 | {compressType: "bogus", expected: false}, 31 | } 32 | 33 | for _, test := range tests { 34 | t.Run(test.compressType, func(t *testing.T) { 35 | if isValidCompressType(test.compressType) != test.expected { 36 | t.Fatalf("expected %q to be %t", test.compressType, test.expected) 37 | } 38 | }) 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /internal/apiserver/configservice/configimpl.go: -------------------------------------------------------------------------------- 1 | package configservice 2 | 3 | /* 4 | Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "github.com/radondb/radondb-postgresql-operator/internal/apiserver" 20 | msgs "github.com/radondb/radondb-postgresql-operator/pkg/apiservermsgs" 21 | log "github.com/sirupsen/logrus" 22 | ) 23 | 24 | func ShowConfig() msgs.ShowConfigResponse { 25 | log.Debug("ShowConfig called") 26 | response := msgs.ShowConfigResponse{} 27 | response.Status = msgs.Status{Code: msgs.Ok, Msg: ""} 28 | 29 | response.Result = apiserver.Pgo 30 | 31 | return response 32 | } 33 | -------------------------------------------------------------------------------- /internal/apiserver/routing/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | /* Package routing temporarily breaks circular dependencies within the 17 | structure of the apiserver package 18 | 19 | The apiserver package contains a mix of package content (used by external 20 | code) and refactored functionality from the *service folders. The 21 | refactored functionality of the *service folders causes import dependencies 22 | on the apiserver package. 23 | 24 | Strictly speaking, the *service folders are an organizational element and 25 | their dependencies could be resolved via dot-import. Idiomatic Go 26 | guidelines point out that using a dot-import outside of testing scenarios is 27 | a sign that package structure needs to be reconsidered and should not be 28 | used outside of the *_test.go scenarios. 29 | 30 | Creating this package is preferable to pushing all service-common code into 31 | a 'junk-drawer' package to resolve the circular dependency. 32 | 33 | */ 34 | package routing 35 | -------------------------------------------------------------------------------- /internal/apiserver/routing/kubectl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/radondb/radondb-postgresql-operator/5755ae011d1b3e81d89feee53b42203672dbdf67/internal/apiserver/routing/kubectl -------------------------------------------------------------------------------- /internal/apiserver/versionservice/versionimpl.go: -------------------------------------------------------------------------------- 1 | package versionservice 2 | 3 | /* 4 | Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | msgs "github.com/radondb/radondb-postgresql-operator/pkg/apiservermsgs" 20 | ) 21 | 22 | // Version ... 23 | // pgo version 24 | func Version() msgs.VersionResponse { 25 | resp := msgs.VersionResponse{} 26 | resp.Status.Code = msgs.Ok 27 | resp.Status.Msg = "apiserver version" 28 | resp.Version = msgs.PGO_VERSION 29 | 30 | return resp 31 | } 32 | 33 | func Health() msgs.VersionResponse { 34 | resp := msgs.VersionResponse{} 35 | resp.Status.Code = msgs.Ok 36 | resp.Status.Msg = "healthy" 37 | resp.Version = "healthy" 38 | 39 | return resp 40 | } 41 | -------------------------------------------------------------------------------- /internal/config/secrets.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // #nosec: G101 19 | const SecretOperatorBackrestRepoConfig = "pgo-backrest-repo-config" 20 | -------------------------------------------------------------------------------- /internal/kubeapi/errors.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import "k8s.io/apimachinery/pkg/api/errors" 19 | 20 | // IsAlreadyExists returns true if the err indicates that a resource already exists. 21 | func IsAlreadyExists(err error) bool { return errors.IsAlreadyExists(err) } 22 | 23 | // IsNotFound returns true if err indicates that a resource was not found. 24 | func IsNotFound(err error) bool { return errors.IsNotFound(err) } 25 | -------------------------------------------------------------------------------- /internal/kubeapi/fake/clientset.go: -------------------------------------------------------------------------------- 1 | package fake 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | fakekubernetes "k8s.io/client-go/kubernetes/fake" 20 | 21 | "github.com/radondb/radondb-postgresql-operator/internal/kubeapi" 22 | fakeradondb "github.com/radondb/radondb-postgresql-operator/pkg/generated/clientset/versioned/fake" 23 | radondbv1 "github.com/radondb/radondb-postgresql-operator/pkg/generated/clientset/versioned/typed/radondb.com/v1" 24 | ) 25 | 26 | type Clientset struct { 27 | *fakekubernetes.Clientset 28 | PGOClientset *fakeradondb.Clientset 29 | } 30 | 31 | var _ kubeapi.Interface = &Clientset{} 32 | 33 | // RadondbV1 retrieves the RadondbV1Client 34 | func (c *Clientset) RadondbV1() radondbv1.RadondbV1Interface { 35 | return c.PGOClientset.RadondbV1() 36 | } 37 | -------------------------------------------------------------------------------- /internal/operator/cluster/common_test.go: -------------------------------------------------------------------------------- 1 | package cluster 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "testing" 20 | 21 | pgpassword "github.com/radondb/radondb-postgresql-operator/internal/postgres/password" 22 | ) 23 | 24 | func TestMakePostgresPassword(t *testing.T) { 25 | t.Run("md5", func(t *testing.T) { 26 | t.Run("valid", func(t *testing.T) { 27 | passwordType := pgpassword.MD5 28 | username := "pgbouncer" 29 | password := "datalake" 30 | expected := "md56294153764d389dc6830b6ce4f923cdb" 31 | 32 | actual := makePostgreSQLPassword(passwordType, username, password) 33 | 34 | if actual != expected { 35 | t.Errorf("expected: %q actual: %q", expected, actual) 36 | } 37 | }) 38 | }) 39 | } 40 | -------------------------------------------------------------------------------- /internal/operator/failover_test.go: -------------------------------------------------------------------------------- 1 | package operator 2 | 3 | /* 4 | Copyright 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "reflect" 20 | "testing" 21 | ) 22 | 23 | func TestGeneratePostgresFailoverCommand(t *testing.T) { 24 | clusterName := "hippo" 25 | candidate := "" 26 | 27 | t.Run("no candidate", func(t *testing.T) { 28 | expected := []string{"patronictl", "failover", "--force", clusterName} 29 | actual := generatePostgresFailoverCommand(clusterName, candidate) 30 | 31 | if !reflect.DeepEqual(expected, actual) { 32 | t.Fatalf("expected: %v actual: %v", expected, actual) 33 | } 34 | }) 35 | 36 | t.Run("candidate", func(t *testing.T) { 37 | candidate = "hippo-abc-123" 38 | expected := []string{"patronictl", "failover", "--force", clusterName, "--candidate", candidate} 39 | actual := generatePostgresFailoverCommand(clusterName, candidate) 40 | 41 | if !reflect.DeepEqual(expected, actual) { 42 | t.Fatalf("expected: %v actual: %v", expected, actual) 43 | } 44 | }) 45 | } 46 | -------------------------------------------------------------------------------- /internal/operator/storage_test.go: -------------------------------------------------------------------------------- 1 | package operator 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "encoding/json" 20 | "testing" 21 | 22 | v1 "k8s.io/api/core/v1" 23 | ) 24 | 25 | func TestStorageResultInlineVolumeSource(t *testing.T) { 26 | if b, _ := json.Marshal(v1.VolumeSource{}); string(b) != "{}" { 27 | t.Logf("expected VolumeSource to always marshal with brackets, got %q", b) 28 | } 29 | 30 | for _, tt := range []struct { 31 | value StorageResult 32 | expected string 33 | }{ 34 | {StorageResult{}, `"emptyDir":{}`}, 35 | { 36 | StorageResult{PersistentVolumeClaimName: "<\x00"}, 37 | `"persistentVolumeClaim":{"claimName":"<\u0000"}`, 38 | }, 39 | { 40 | StorageResult{PersistentVolumeClaimName: "some-name"}, 41 | `"persistentVolumeClaim":{"claimName":"some-name"}`, 42 | }, 43 | } { 44 | if actual := tt.value.InlineVolumeSource(); actual != tt.expected { 45 | t.Errorf("expected %q for %v, got %q", tt.expected, tt.value, actual) 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /internal/operator/switchover_test.go: -------------------------------------------------------------------------------- 1 | package operator 2 | 3 | /* 4 | Copyright 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "reflect" 20 | "testing" 21 | ) 22 | 23 | func TestGeneratePostgresSwitchoverCommand(t *testing.T) { 24 | clusterName := "hippo" 25 | candidate := "" 26 | 27 | t.Run("no candidate", func(t *testing.T) { 28 | expected := []string{"patronictl", "switchover", "--force", clusterName} 29 | actual := generatePostgresSwitchoverCommand(clusterName, candidate) 30 | 31 | if !reflect.DeepEqual(expected, actual) { 32 | t.Fatalf("expected: %v actual: %v", expected, actual) 33 | } 34 | }) 35 | 36 | t.Run("candidate", func(t *testing.T) { 37 | candidate = "hippo-abc-123" 38 | expected := []string{"patronictl", "switchover", "--force", clusterName, "--candidate", candidate} 39 | actual := generatePostgresSwitchoverCommand(clusterName, candidate) 40 | 41 | if !reflect.DeepEqual(expected, actual) { 42 | t.Fatalf("expected: %v actual: %v", expected, actual) 43 | } 44 | }) 45 | } 46 | -------------------------------------------------------------------------------- /internal/patroni/doc.go: -------------------------------------------------------------------------------- 1 | // package patroni provides clients, utilities and resources for interacting with Patroni inside 2 | // of a PostgreSQL cluster 3 | 4 | package patroni 5 | 6 | /* 7 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 8 | Licensed under the Apache License, Version 2.0 (the "License"); 9 | you may not use this file except in compliance with the License. 10 | You may obtain a copy of the License at 11 | 12 | http://www.apache.org/licenses/LICENSE-2.0 13 | 14 | Unless required by applicable law or agreed to in writing, software 15 | distributed under the License is distributed on an "AS IS" BASIS, 16 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 17 | See the License for the specific language governing permissions and 18 | limitations under the License. 19 | */ 20 | -------------------------------------------------------------------------------- /internal/pgadmin/doc.go: -------------------------------------------------------------------------------- 1 | /* package pgadmin provides a set of tools for interacting with the sqlite 2 | database which powers pgadmin */ 3 | 4 | package pgadmin 5 | 6 | /* 7 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 8 | Licensed under the Apache License, Version 2.0 (the "License"); 9 | you may not use this file except in compliance with the License. 10 | You may obtain a copy of the License at 11 | 12 | http://www.apache.org/licenses/LICENSE-2.0 13 | 14 | Unless required by applicable law or agreed to in writing, software 15 | distributed under the License is distributed on an "AS IS" BASIS, 16 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 17 | See the License for the specific language governing permissions and 18 | limitations under the License. 19 | */ 20 | -------------------------------------------------------------------------------- /internal/postgres/doc.go: -------------------------------------------------------------------------------- 1 | // package postgres is a collection of resources that interact with PostgreSQL 2 | // or provide functionality that makes it easier for other resources to interact 3 | // with PostgreSQL 4 | 5 | package postgres 6 | 7 | /* 8 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 9 | Licensed under the Apache License, Version 2.0 (the "License"); 10 | you may not use this file except in compliance with the License. 11 | You may obtain a copy of the License at 12 | 13 | http://www.apache.org/licenses/LICENSE-2.0 14 | 15 | Unless required by applicable law or agreed to in writing, software 16 | distributed under the License is distributed on an "AS IS" BASIS, 17 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 18 | See the License for the specific language governing permissions and 19 | limitations under the License. 20 | */ 21 | -------------------------------------------------------------------------------- /internal/postgres/password/doc.go: -------------------------------------------------------------------------------- 1 | // package password lets one create the appropriate password hashes and 2 | // verifiers that are used for adding the information into PostgreSQL 3 | 4 | package password 5 | 6 | /* 7 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 8 | Licensed under the Apache License, Version 2.0 (the "License"); 9 | you may not use this file except in compliance with the License. 10 | You may obtain a copy of the License at 11 | 12 | http://www.apache.org/licenses/LICENSE-2.0 13 | 14 | Unless required by applicable law or agreed to in writing, software 15 | distributed under the License is distributed on an "AS IS" BASIS, 16 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 17 | See the License for the specific language governing permissions and 18 | limitations under the License. 19 | */ 20 | -------------------------------------------------------------------------------- /internal/util/backrest.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | /* 4 | Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | const ( 19 | BackrestRepoDeploymentName = "%s-backrest-shared-repo" 20 | BackrestRepoServiceName = "%s-backrest-shared-repo" 21 | BackrestRepoPVCName = "%s-pgbr-repo" 22 | // #nosec: G101 23 | BackrestRepoSecretName = "%s-backrest-repo-config" 24 | ) 25 | -------------------------------------------------------------------------------- /internal/util/exporter.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import "fmt" 19 | 20 | // exporterSecretFormat is the format of the name of the exporter secret, i.e. 21 | // "-exporter-secret" 22 | // #nosec G101 23 | const exporterSecretFormat = "%s-exporter-secret" 24 | 25 | // GenerateExporterSecretName returns the name of the secret that contains 26 | // information around a monitoring user 27 | func GenerateExporterSecretName(clusterName string) string { 28 | return fmt.Sprintf(exporterSecretFormat, clusterName) 29 | } 30 | -------------------------------------------------------------------------------- /internal/util/exporter_test.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "testing" 20 | ) 21 | 22 | func TestGenerateExporterSecretName(t *testing.T) { 23 | t.Run("success", func(t *testing.T) { 24 | clusterName := "hippo" 25 | expected := clusterName + "-exporter-secret" 26 | actual := GenerateExporterSecretName(clusterName) 27 | 28 | if expected != actual { 29 | t.Fatalf("expected %q actual %q", expected, actual) 30 | } 31 | }) 32 | } 33 | -------------------------------------------------------------------------------- /pkg/apis/radondb.com/v1/errors.go: -------------------------------------------------------------------------------- 1 | package v1 2 | 3 | import "errors" 4 | 5 | /* 6 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 7 | Licensed under the Apache License, Version 2.0 (the "License"); 8 | you may not use this file except in compliance with the License. 9 | You may obtain a copy of the License at 10 | 11 | http://www.apache.org/licenses/LICENSE-2.0 12 | 13 | Unless required by applicable law or agreed to in writing, software 14 | distributed under the License is distributed on an "AS IS" BASIS, 15 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | See the License for the specific language governing permissions and 17 | limitations under the License. 18 | */ 19 | 20 | var ( 21 | ErrStorageTypesEmpty = errors.New("no storage types detected") 22 | ErrInvalidStorageType = errors.New("invalid storage type") 23 | ) 24 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/catmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // CatResponse ... 19 | // swagger:model 20 | type CatResponse struct { 21 | Results []string 22 | Status 23 | } 24 | 25 | // CatRequest ... 26 | // swagger:model 27 | type CatRequest struct { 28 | Namespace string 29 | Args []string 30 | } 31 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/configmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // ShowConfigResponse ... 19 | // swagger:model 20 | type ShowConfigResponse struct { 21 | Result interface{} 22 | Status 23 | } 24 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/labelmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // LabelRequest ... 19 | // swagger:model 20 | type LabelRequest struct { 21 | Selector string 22 | Namespace string 23 | Args []string 24 | Labels map[string]string 25 | DryRun bool 26 | DeleteLabel bool 27 | ClientVersion string 28 | } 29 | 30 | // DeleteLabelRequest ... 31 | // swagger:model 32 | type DeleteLabelRequest struct { 33 | Selector string 34 | Namespace string 35 | Args []string 36 | Labels map[string]string 37 | ClientVersion string 38 | } 39 | 40 | // LabelResponse ... 41 | // swagger:model 42 | type LabelResponse struct { 43 | Results []string 44 | Status 45 | } 46 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/pvcmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // ShowPVCRequest ... 19 | // swagger:model 20 | type ShowPVCRequest struct { 21 | ClusterName string 22 | Selector string 23 | ClientVersion string 24 | Namespace string 25 | AllFlag bool 26 | } 27 | 28 | // ShowPVCResponse ... 29 | // swagger:model 30 | type ShowPVCResponse struct { 31 | Results []ShowPVCResponseResult 32 | Status 33 | } 34 | 35 | // ShowPVCResponseResult contains a semi structured result of information 36 | // about a PVC in a cluster 37 | type ShowPVCResponseResult struct { 38 | ClusterName string 39 | PVCName string 40 | } 41 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/reloadmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // ReloadResponse ... 19 | // swagger:model 20 | type ReloadResponse struct { 21 | Results []string 22 | Status 23 | } 24 | 25 | // ReloadRequest ... 26 | // swagger:model 27 | type ReloadRequest struct { 28 | Namespace string 29 | Args []string 30 | Selector string 31 | } 32 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/statusmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // NodeInfo ... 19 | // swagger:model 20 | type NodeInfo struct { 21 | Name string 22 | Status string 23 | Labels map[string]string 24 | } 25 | 26 | // KeyValue ... 27 | // swagger:model 28 | type KeyValue struct { 29 | Key string 30 | Value int 31 | } 32 | 33 | // StatusDetail ... 34 | // this aggregated status comes from the pgo-status container 35 | // by means of a volume mounted json blob it generates 36 | // swagger:model 37 | type StatusDetail struct { 38 | NumDatabases int 39 | NumClaims int 40 | VolumeCap string 41 | DbTags map[string]int 42 | NotReady []string 43 | Nodes []NodeInfo 44 | Labels []KeyValue 45 | } 46 | 47 | // ShowClusterResponse ... 48 | // swagger:model 49 | type StatusResponse struct { 50 | Result StatusDetail 51 | Status 52 | } 53 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/upgrademsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // CreateUpgradeRequest ... 19 | // swagger:model 20 | type CreateUpgradeRequest struct { 21 | Args []string 22 | Selector string 23 | Namespace string 24 | ClientVersion string 25 | IgnoreValidation bool 26 | UpgradeCCPImageTag string 27 | } 28 | 29 | // CreateUpgradeResponse ... 30 | // swagger:model 31 | type CreateUpgradeResponse struct { 32 | Results []string 33 | Status 34 | WorkflowID string 35 | } 36 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/versionmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // VersionResponse ... 19 | // swagger:model 20 | type VersionResponse struct { 21 | Version string 22 | Status 23 | } 24 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/watchmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2019 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // WatchRequest ... 19 | // swagger:model 20 | type WatchRequest struct { 21 | Topics []string 22 | ClientVersion string 23 | Namespace string 24 | } 25 | 26 | // WatchResponse ... 27 | // swagger:model 28 | type WatchResponse struct { 29 | Results []string 30 | Status 31 | } 32 | -------------------------------------------------------------------------------- /pkg/apiservermsgs/workflowmsgs.go: -------------------------------------------------------------------------------- 1 | package apiservermsgs 2 | 3 | /* 4 | Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | // ShowWorkflowDetail ... 19 | // swagger:model 20 | type ShowWorkflowDetail struct { 21 | ClusterName string 22 | Parameters map[string]string 23 | } 24 | 25 | // ShowWorkflowResponse ... 26 | // swagger:model 27 | type ShowWorkflowResponse struct { 28 | Results ShowWorkflowDetail 29 | Status 30 | } 31 | -------------------------------------------------------------------------------- /pkg/generated/clientset/versioned/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated clientset. 19 | package versioned 20 | -------------------------------------------------------------------------------- /pkg/generated/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated fake clientset. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/generated/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package contains the scheme of the automatically generated clientset. 19 | package scheme 20 | -------------------------------------------------------------------------------- /pkg/generated/clientset/versioned/typed/radondb.com/v1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated typed clients. 19 | package v1 20 | -------------------------------------------------------------------------------- /pkg/generated/clientset/versioned/typed/radondb.com/v1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // Package fake has the automatically generated clients. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/generated/clientset/versioned/typed/radondb.com/v1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ 15 | 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package v1 19 | 20 | type PgclusterExpansion interface{} 21 | 22 | type PgpolicyExpansion interface{} 23 | 24 | type PgreplicaExpansion interface{} 25 | 26 | type PgtaskExpansion interface{} 27 | -------------------------------------------------------------------------------- /pv/create-pv-nfs-label.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2018 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | 17 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 18 | 19 | echo "create the test PV and PVC using the NFS dir" 20 | for i in {1..180} 21 | do 22 | echo "creating PV radondb-pv$i" 23 | export COUNTER=$i 24 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete pv radondb-pv$i 25 | cat $DIR/radondb-pv-nfs-label.json | envsubst | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create -f - 26 | done 27 | -------------------------------------------------------------------------------- /pv/create-pv-nfs-legacy.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | 17 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 18 | 19 | echo "create the test PV and PVC using the NFS dir" 20 | for i in {1..160} 21 | do 22 | echo "creating PV radondb-pv$i" 23 | export COUNTER=$i 24 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete pv radondb-pv$i 25 | cat $DIR/radondb-pv-nfs.json | envsubst | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create -f - 26 | done 27 | -------------------------------------------------------------------------------- /pv/create-pv.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | 16 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 17 | 18 | echo "create the test PV and PVC using the HostPath dir" 19 | for i in {1..2} 20 | do 21 | echo "creating PV radondb-pv$i" 22 | export COUNTER=$i 23 | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE delete pv radondb-pv$i 24 | cat $DIR/radondb-pv.json | envsubst | $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create -f - 25 | done 26 | -------------------------------------------------------------------------------- /pv/delete-pv.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2017 - 2021 Crunchy Data Solutions, Inc. 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | 16 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 17 | 18 | for i in {1..100} 19 | do 20 | echo "deleting PV radondb-pv$i" 21 | $PGO_CMD delete pv radondb-pv$i 22 | done 23 | -------------------------------------------------------------------------------- /pv/radondb-pv-nfs-label.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "PersistentVolume", 4 | "metadata": { 5 | "name": "radondb-pv$COUNTER", 6 | "labels": { 7 | "radondbzone": "red" 8 | } 9 | }, 10 | "spec": { 11 | "capacity": { 12 | "storage": "1Gi" 13 | }, 14 | "accessModes": [ "ReadWriteOnce", "ReadWriteMany", "ReadOnlyMany" ], 15 | "nfs": { 16 | "path": "/nfsfileshare", 17 | "server": "$PGO_NFS_IP" 18 | }, 19 | "persistentVolumeReclaimPolicy": "Retain" 20 | } 21 | } 22 | 23 | -------------------------------------------------------------------------------- /pv/radondb-pv-nfs.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "PersistentVolume", 4 | "metadata": { 5 | "name": "radondb-pv$COUNTER" 6 | }, 7 | "spec": { 8 | "capacity": { 9 | "storage": "1Gi" 10 | }, 11 | "accessModes": [ "ReadWriteOnce", "ReadWriteMany", "ReadOnlyMany" ], 12 | "nfs": { 13 | "path": "/nfsfileshare", 14 | "server": "$PGO_NFS_IP" 15 | }, 16 | "persistentVolumeReclaimPolicy": "Retain" 17 | } 18 | } 19 | 20 | -------------------------------------------------------------------------------- /pv/radondb-pv.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "PersistentVolume", 4 | "metadata": { 5 | "name": "radondb-pv$COUNTER" 6 | }, 7 | "spec": { 8 | "capacity": { 9 | "storage": "500Gi" 10 | }, 11 | "accessModes": [ "ReadWriteOnce" ], 12 | "hostPath": { 13 | "path": "/data" 14 | }, 15 | "persistentVolumeReclaimPolicy": "Retain" 16 | } 17 | } 18 | 19 | -------------------------------------------------------------------------------- /redhat/atomic/help.1: -------------------------------------------------------------------------------- 1 | .TH "postgres-operator " "1" " Container Image Pages" "RadonDB" "December 23, 2019" 2 | .nh 3 | .ad l 4 | 5 | 6 | .SH NAME 7 | .PP 8 | postgres-operator \- Trusted open-source PostgreSQL-as-a-Service 9 | 10 | 11 | .SH DESCRIPTION 12 | .PP 13 | The RadonDB PostgreSQL Operator automates and simplifies deploying and managing open source PostgreSQL clusters on Kubernetes and other Kubernetes-enabled platforms by providing the essential features you need to keep your PostgreSQL clusters up and running, including: 14 | \- PostgreSQL Cluster Provisioning 15 | \- High-Availability 16 | \- Disaster Recovery 17 | \- Monitoring 18 | \- PostgreSQL User Management 19 | \- Upgrade Management 20 | \- Advanced Replication Support 21 | \- Clone 22 | \- Connection Pooling 23 | \- Node Affinity 24 | \- Scheduled Backups 25 | \- Multi-Namespace Support 26 | 27 | .PP 28 | and more. 29 | 30 | 31 | .SH USAGE 32 | 33 | 34 | .SH LABELS 35 | .PP 36 | The starter container includes the following LABEL settings: 37 | 38 | .PP 39 | That atomic command runs the Docker command set in this label: 40 | 41 | .PP 42 | \fB\fCName=\fR 43 | 44 | .PP 45 | The registry location and name of the image. For example, Name="docker.io/radondb/radondb-postgresql-operator". 46 | 47 | .PP 48 | \fB\fCVersion=\fR 49 | 50 | .PP 51 | The Red Hat Enterprise Linux version from which the container was built. For example, Version="7.7" 52 | 53 | .PP 54 | \fB\fCRelease=\fR 55 | 56 | .PP 57 | The specific release number of the container. For example, Release="2.1.1" 58 | -------------------------------------------------------------------------------- /testing/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/radondb/radondb-postgresql-operator/testing 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/jackc/pgx/v4 v4.4.1 7 | github.com/stretchr/testify v1.5.0 8 | k8s.io/api v0.17.4 9 | k8s.io/apimachinery v0.17.4 10 | k8s.io/apiserver v0.17.4 11 | k8s.io/client-go v0.17.4 12 | sigs.k8s.io/yaml v1.1.0 13 | ) 14 | -------------------------------------------------------------------------------- /testing/kubeapi/deployment.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import ( 4 | apps_v1 "k8s.io/api/apps/v1" 5 | meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 6 | "k8s.io/apimachinery/pkg/fields" 7 | ) 8 | 9 | // ListDeployments returns deployments matching labels, if any. 10 | func (k *KubeAPI) ListDeployments(namespace string, labels map[string]string) ([]apps_v1.Deployment, error) { 11 | var options meta_v1.ListOptions 12 | 13 | if labels != nil { 14 | options.LabelSelector = fields.Set(labels).String() 15 | } 16 | 17 | list, err := k.Client.AppsV1().Deployments(namespace).List(options) 18 | 19 | if list == nil && err != nil { 20 | list = &apps_v1.DeploymentList{} 21 | } 22 | 23 | return list.Items, err 24 | } 25 | 26 | // GetDeployment returns deployment by name, if exists. 27 | func (k *KubeAPI) GetDeployment(namespace, name string) *apps_v1.Deployment { 28 | deployment, err := k.Client.AppsV1().Deployments(namespace).Get(name, meta_v1.GetOptions{}) 29 | if deployment == nil && err != nil { 30 | deployment = &apps_v1.Deployment{} 31 | } 32 | 33 | return deployment 34 | } 35 | -------------------------------------------------------------------------------- /testing/kubeapi/exec.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import ( 4 | "bytes" 5 | "io" 6 | 7 | core_v1 "k8s.io/api/core/v1" 8 | "k8s.io/client-go/kubernetes/scheme" 9 | "k8s.io/client-go/tools/remotecommand" 10 | ) 11 | 12 | // Exec returns the stdout and stderr from running a command inside an existing 13 | // container. 14 | func (k *KubeAPI) Exec(namespace, pod, container string, stdin io.Reader, command ...string) (string, string, error) { 15 | var stdout, stderr bytes.Buffer 16 | 17 | request := k.Client.CoreV1().RESTClient().Post(). 18 | Resource("pods").SubResource("exec"). 19 | Namespace(namespace).Name(pod). 20 | VersionedParams(&core_v1.PodExecOptions{ 21 | Container: container, 22 | Command: command, 23 | Stdin: stdin != nil, 24 | Stdout: true, 25 | Stderr: true, 26 | }, scheme.ParameterCodec) 27 | 28 | exec, err := remotecommand.NewSPDYExecutor(k.Config, "POST", request.URL()) 29 | 30 | if err == nil { 31 | err = exec.Stream(remotecommand.StreamOptions{ 32 | Stdin: stdin, 33 | Stdout: &stdout, 34 | Stderr: &stderr, 35 | }) 36 | } 37 | 38 | return stdout.String(), stderr.String(), err 39 | } 40 | 41 | // PodExec returns the stdout and stderr from running a command inside the first 42 | // container of an existing pod. 43 | func (k *KubeAPI) PodExec(namespace, name string, stdin io.Reader, command ...string) (string, string, error) { 44 | pod, err := k.GetPod(namespace, name) 45 | 46 | if err != nil { 47 | return "", "", err 48 | } 49 | 50 | return k.Exec(pod.Namespace, pod.Name, pod.Spec.Containers[0].Name, stdin, command...) 51 | } 52 | -------------------------------------------------------------------------------- /testing/kubeapi/kubeapi.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import ( 4 | "k8s.io/client-go/kubernetes" 5 | "k8s.io/client-go/rest" 6 | "k8s.io/client-go/tools/clientcmd" 7 | 8 | // Google Kubernetes Engine / Google Cloud Platform authentication provider 9 | _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" 10 | ) 11 | 12 | type KubeAPI struct { 13 | Client *kubernetes.Clientset 14 | Config *rest.Config 15 | } 16 | 17 | func NewConfig() (*rest.Config, error) { 18 | // The default loading rules try to read from the files specified in the 19 | // environment or from the home directory. 20 | loader := clientcmd.NewDefaultClientConfigLoadingRules() 21 | 22 | // The deferred loader tries an in-cluster config if the default loading 23 | // rules produce no results. 24 | return clientcmd.NewNonInteractiveDeferredLoadingClientConfig( 25 | loader, &clientcmd.ConfigOverrides{}).ClientConfig() 26 | } 27 | 28 | func NewForConfig(config *rest.Config) (*KubeAPI, error) { 29 | var api KubeAPI 30 | var err error 31 | 32 | api.Config = config 33 | api.Client, err = kubernetes.NewForConfig(api.Config) 34 | 35 | return &api, err 36 | } 37 | -------------------------------------------------------------------------------- /testing/kubeapi/meta.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import "strings" 4 | 5 | // SanitizeLabelValue returns a copy of value that is safe to use as a 6 | // meta/v1.ObjectMeta label value. Invalid characters are removed or replaced 7 | // with dashes. 8 | func SanitizeLabelValue(value string) string { 9 | // "must be no more than 63 characters" 10 | if len(value) > 63 { 11 | value = value[:63] 12 | } 13 | 14 | // "a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.'" 15 | return strings.Map(func(r rune) rune { 16 | if r == '-' || r == '_' || r == '.' || 17 | ('A' <= r && r <= 'Z') || 18 | ('a' <= r && r <= 'z') || 19 | ('0' <= r && r <= '9') { 20 | return r 21 | } 22 | return '-' 23 | }, value) 24 | } 25 | -------------------------------------------------------------------------------- /testing/kubeapi/meta_test.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import ( 4 | "strings" 5 | "testing" 6 | 7 | "k8s.io/apimachinery/pkg/util/validation" 8 | ) 9 | 10 | func TestSanitizeLabelValue(t *testing.T) { 11 | for _, tt := range []struct{ input, expected string }{ 12 | {"", ""}, 13 | {"a-very-fine-label", "a-very-fine-label"}, 14 | {"TestSomething/With_Underscore/#01", "TestSomething-With_Underscore--01"}, 15 | {strings.Repeat("abc456ghi0", 8), "abc456ghi0abc456ghi0abc456ghi0abc456ghi0abc456ghi0abc456ghi0abc"}, 16 | } { 17 | if errors := validation.IsValidLabelValue(tt.expected); len(errors) != 0 { 18 | t.Fatalf("bug in test: %q is invalid: %v", tt.expected, errors) 19 | } 20 | if actual := SanitizeLabelValue(tt.input); tt.expected != actual { 21 | t.Errorf("expected %q to be %q, got %q", tt.input, tt.expected, actual) 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /testing/kubeapi/namespace.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import ( 4 | core_v1 "k8s.io/api/core/v1" 5 | meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 6 | ) 7 | 8 | // DeleteNamespace deletes an existing namespace. 9 | func (k *KubeAPI) DeleteNamespace(name string) error { 10 | return k.Client.CoreV1().Namespaces().Delete(name, nil) 11 | } 12 | 13 | // GenerateNamespace creates a new namespace with a random name that begins with prefix. 14 | func (k *KubeAPI) GenerateNamespace(prefix string, labels map[string]string) (*core_v1.Namespace, error) { 15 | return k.Client.CoreV1().Namespaces().Create(&core_v1.Namespace{ 16 | ObjectMeta: meta_v1.ObjectMeta{GenerateName: prefix, Labels: labels}, 17 | }) 18 | } 19 | -------------------------------------------------------------------------------- /testing/kubeapi/pod.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import ( 4 | core_v1 "k8s.io/api/core/v1" 5 | meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 6 | "k8s.io/apimachinery/pkg/fields" 7 | ) 8 | 9 | // IsPodReady returns true if all containers of pod are ready. 10 | func IsPodReady(pod core_v1.Pod) bool { 11 | for _, status := range pod.Status.ContainerStatuses { 12 | if !status.Ready { 13 | return false 14 | } 15 | } 16 | return true 17 | } 18 | 19 | // GetPod returns a pod from the specified namespace. 20 | func (k *KubeAPI) GetPod(namespace, name string) (*core_v1.Pod, error) { 21 | return k.Client.CoreV1().Pods(namespace).Get(name, meta_v1.GetOptions{}) 22 | } 23 | 24 | // ListPods returns pods matching labels, if any. 25 | func (k *KubeAPI) ListPods(namespace string, labels map[string]string) ([]core_v1.Pod, error) { 26 | var options meta_v1.ListOptions 27 | 28 | if labels != nil { 29 | options.LabelSelector = fields.Set(labels).String() 30 | } 31 | 32 | list, err := k.Client.CoreV1().Pods(namespace).List(options) 33 | 34 | if list == nil && err != nil { 35 | list = &core_v1.PodList{} 36 | } 37 | 38 | return list.Items, err 39 | } 40 | -------------------------------------------------------------------------------- /testing/kubeapi/pvc.go: -------------------------------------------------------------------------------- 1 | package kubeapi 2 | 3 | import ( 4 | core_v1 "k8s.io/api/core/v1" 5 | meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 6 | "k8s.io/apimachinery/pkg/fields" 7 | ) 8 | 9 | // IsPVCBound returns true if pvc is bound. 10 | func IsPVCBound(pvc core_v1.PersistentVolumeClaim) bool { 11 | return pvc.Status.Phase == core_v1.ClaimBound 12 | } 13 | 14 | // ListPVCs returns persistent volume claims matching labels, if any. 15 | func (k *KubeAPI) ListPVCs(namespace string, labels map[string]string) ([]core_v1.PersistentVolumeClaim, error) { 16 | var options meta_v1.ListOptions 17 | 18 | if labels != nil { 19 | options.LabelSelector = fields.Set(labels).String() 20 | } 21 | 22 | list, err := k.Client.CoreV1().PersistentVolumeClaims(namespace).List(options) 23 | 24 | if list == nil && err != nil { 25 | list = &core_v1.PersistentVolumeClaimList{} 26 | } 27 | 28 | return list.Items, err 29 | } 30 | -------------------------------------------------------------------------------- /testing/pgo_cli/cluster_cat_test.go: -------------------------------------------------------------------------------- 1 | package pgo_cli_test 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "testing" 20 | "time" 21 | 22 | "github.com/stretchr/testify/require" 23 | ) 24 | 25 | func TestClusterCat(t *testing.T) { 26 | t.Parallel() 27 | 28 | withNamespace(t, func(namespace func() string) { 29 | withCluster(t, namespace, func(cluster func() string) { 30 | t.Run("cat", func(t *testing.T) { 31 | t.Run("shows something", func(t *testing.T) { 32 | requireClusterReady(t, namespace(), cluster(), time.Minute) 33 | 34 | output, err := pgo("cat", cluster(), "-n", namespace(), 35 | "/pgdata/"+cluster()+"/postgresql.conf", 36 | ).Exec(t) 37 | require.NoError(t, err) 38 | require.NotEmpty(t, output) 39 | }) 40 | }) 41 | }) 42 | }) 43 | } 44 | -------------------------------------------------------------------------------- /testing/pgo_cli/cluster_df_test.go: -------------------------------------------------------------------------------- 1 | package pgo_cli_test 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "testing" 20 | "time" 21 | 22 | "github.com/stretchr/testify/require" 23 | ) 24 | 25 | // TC44 ✓ 26 | func TestClusterDF(t *testing.T) { 27 | t.Parallel() 28 | 29 | withNamespace(t, func(namespace func() string) { 30 | withCluster(t, namespace, func(cluster func() string) { 31 | t.Run("df", func(t *testing.T) { 32 | t.Run("shows something", func(t *testing.T) { 33 | requireClusterReady(t, namespace(), cluster(), time.Minute) 34 | 35 | output, err := pgo("df", cluster(), "-n", namespace()).Exec(t) 36 | require.NoError(t, err) 37 | require.NotEmpty(t, output) 38 | }) 39 | }) 40 | }) 41 | }) 42 | } 43 | -------------------------------------------------------------------------------- /testing/pgo_cli/cluster_pvc_test.go: -------------------------------------------------------------------------------- 1 | package pgo_cli_test 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "testing" 20 | "time" 21 | 22 | "github.com/stretchr/testify/require" 23 | ) 24 | 25 | func TestClusterPVC(t *testing.T) { 26 | t.Parallel() 27 | 28 | withNamespace(t, func(namespace func() string) { 29 | withCluster(t, namespace, func(cluster func() string) { 30 | t.Run("show pvc", func(t *testing.T) { 31 | t.Run("shows something", func(t *testing.T) { 32 | requireClusterReady(t, namespace(), cluster(), time.Minute) 33 | 34 | output, err := pgo("show", "pvc", cluster(), "-n", namespace()).Exec(t) 35 | require.NoError(t, err) 36 | require.Contains(t, output, cluster()) 37 | }) 38 | }) 39 | }) 40 | }) 41 | } 42 | -------------------------------------------------------------------------------- /testing/pgo_cli/cluster_scale_test.go: -------------------------------------------------------------------------------- 1 | package pgo_cli_test 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "testing" 20 | "time" 21 | 22 | "github.com/stretchr/testify/require" 23 | ) 24 | 25 | // TC47 ✓ 26 | // TC49 ✓ 27 | func TestClusterScale(t *testing.T) { 28 | t.Parallel() 29 | 30 | withNamespace(t, func(namespace func() string) { 31 | withCluster(t, namespace, func(cluster func() string) { 32 | t.Run("scale", func(t *testing.T) { 33 | t.Run("creates replica", func(t *testing.T) { 34 | requireClusterReady(t, namespace(), cluster(), time.Minute) 35 | 36 | output, err := pgo("scale", cluster(), "--no-prompt", "-n", namespace()).Exec(t) 37 | require.NoError(t, err) 38 | require.NotEmpty(t, output) 39 | 40 | requireReplicasReady(t, namespace(), cluster(), 2*time.Minute) 41 | }) 42 | }) 43 | }) 44 | }) 45 | } 46 | -------------------------------------------------------------------------------- /testing/pgo_cli/operator_namespace_test.go: -------------------------------------------------------------------------------- 1 | package pgo_cli_test 2 | 3 | /* 4 | Copyright 2020 - 2021 Crunchy Data Solutions, Inc. 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. 16 | */ 17 | 18 | import ( 19 | "testing" 20 | 21 | "github.com/stretchr/testify/require" 22 | ) 23 | 24 | func TestOperatorNamespace(t *testing.T) { 25 | t.Parallel() 26 | 27 | withNamespace(t, func(namespace func() string) { 28 | t.Run("show namespace", func(t *testing.T) { 29 | t.Run("shows something", func(t *testing.T) { 30 | output, err := pgo("show", "namespace", namespace()).Exec(t) 31 | require.NoError(t, err) 32 | require.Contains(t, output, namespace()) 33 | }) 34 | }) 35 | }) 36 | } 37 | -------------------------------------------------------------------------------- /testing/testdata/policy1.sql: -------------------------------------------------------------------------------- 1 | \c userdb; 2 | create table policy1 (id text); 3 | grant all on policy1 to primaryuser; 4 | -------------------------------------------------------------------------------- /testing/testdata/policy2-insert.sql: -------------------------------------------------------------------------------- 1 | insert into policy2 (select now()); 2 | -------------------------------------------------------------------------------- /testing/testdata/policy2-setup.sql: -------------------------------------------------------------------------------- 1 | \c userdb; 2 | create table policy2 (id text); 3 | grant all on policy2 to primaryuser; 4 | --------------------------------------------------------------------------------