install cnpg#286
Merged
Merged
Conversation
Argo CD Diff PreviewSummary: Added (1):
+ sandbox-oci-cnpg (+20127)sandbox-oci-cnpg (applications/appset-ops-tools.yaml)MutatingWebhookConfiguration: cnpg-mutating-webhook-configuration+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-mutating-webhook-configuration
+webhooks:
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /mutate-postgresql-cnpg-io-v1-backup
+ port: 443
+ failurePolicy: Fail
+ name: mbackup.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - backups
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /mutate-postgresql-cnpg-io-v1-cluster
+ port: 443
+ failurePolicy: Fail
+ name: mcluster.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - clusters
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /mutate-postgresql-cnpg-io-v1-database
+ port: 443
+ failurePolicy: Fail
+ name: mdatabase.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - databases
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /mutate-postgresql-cnpg-io-v1-scheduledbackup
+ port: 443
+ failurePolicy: Fail
+ name: mscheduledbackup.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - scheduledbackups
+ sideEffects: NoneValidatingWebhookConfiguration: cnpg-validating-webhook-configuration+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-validating-webhook-configuration
+webhooks:
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /validate-postgresql-cnpg-io-v1-backup
+ port: 443
+ failurePolicy: Fail
+ name: vbackup.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - backups
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /validate-postgresql-cnpg-io-v1-cluster
+ port: 443
+ failurePolicy: Fail
+ name: vcluster.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - clusters
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /validate-postgresql-cnpg-io-v1-scheduledbackup
+ port: 443
+ failurePolicy: Fail
+ name: vscheduledbackup.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - scheduledbackups
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /validate-postgresql-cnpg-io-v1-database
+ port: 443
+ failurePolicy: Fail
+ name: vdatabase.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - databases
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+ path: /validate-postgresql-cnpg-io-v1-pooler
+ port: 443
+ failurePolicy: Fail
+ name: vpooler.cnpg.io
+ rules:
+ - apiGroups:
+ - postgresql.cnpg.io
+ apiVersions:
+ - v1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - poolers
+ sideEffects: NoneDeployment: cnpg-system/cnpg-cloudnative-pg+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-cloudnative-pg
+ namespace: cnpg-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/name: cloudnative-pg
+ template:
+ metadata:
+ annotations:
+ checksum/config: 17825b981b313287880caefe46b2302ee0839cb64efabd491e31cf053be33e4e
+ checksum/monitoring-config: f0ec10532c889feeeccf204bc274f39c36f167298be587ce996b73ddca7dd759
+ checksum/rbac: 6fee8b76d34f269b64d947cae0d965e524aeea028db83316355ab37c392d80c2
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/name: cloudnative-pg
+ spec:
+ containers:
+ - args:
+ - controller
+ - --leader-elect
+ - --max-concurrent-reconciles=10
+ - --config-map-name=cnpg-controller-manager-config
+ - --webhook-port=9443
+ command:
+ - /manager
+ env:
+ - name: OPERATOR_IMAGE_NAME
+ value: ghcr.io/cloudnative-pg/cloudnative-pg:1.29.1
+ - name: OPERATOR_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: MONITORING_QUERIES_CONFIGMAP
+ value: cnpg-default-monitoring
+ image: ghcr.io/cloudnative-pg/cloudnative-pg:1.29.1
+ imagePullPolicy: IfNotPresent
+ livenessProbe:
+ httpGet:
+ path: /readyz
+ port: webhook-server
+ scheme: HTTPS
+ initialDelaySeconds: 3
+ name: manager
+ ports:
+ - containerPort: 8080
+ name: metrics
+ protocol: TCP
+ - containerPort: 9443
+ name: webhook-server
+ protocol: TCP
+ readinessProbe:
+ httpGet:
+ path: /readyz
+ port: webhook-server
+ scheme: HTTPS
+ initialDelaySeconds: 3
+ resources:
+ limits:
+ cpu: 100m
+ memory: 200Mi
+ requests:
+ cpu: 100m
+ memory: 100Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsGroup: 10001
+ runAsUser: 10001
+ seccompProfile:
+ type: RuntimeDefault
+ startupProbe:
+ failureThreshold: 6
+ httpGet:
+ path: /readyz
+ port: webhook-server
+ scheme: HTTPS
+ periodSeconds: 5
+ volumeMounts:
+ - mountPath: /controller
+ name: scratch-data
+ - mountPath: /run/secrets/cnpg.io/webhook
+ name: webhook-certificates
+ securityContext:
+ runAsNonRoot: true
+ seccompProfile:
+ type: RuntimeDefault
+ serviceAccountName: cnpg-cloudnative-pg
+ terminationGracePeriodSeconds: 10
+ volumes:
+ - emptyDir: {}
+ name: scratch-data
+ - name: webhook-certificates
+ secret:
+ defaultMode: 420
+ optional: true
+ secretName: cnpg-webhook-certPodMonitor: cnpg-cloudnative-pg+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-cloudnative-pg
+spec:
+ podMetricsEndpoints:
+ - port: metrics
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/name: cloudnative-pgClusterRole: cnpg-cloudnative-pg+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-cloudnative-pg
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ - validatingwebhookconfigurations
+ verbs:
+ - get
+ - patch
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - clusterimagecatalogs
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - secrets
+ - services
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - configmaps/status
+ - secrets/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+- apiGroups:
+ - ""
+ resources:
+ - persistentvolumeclaims
+ - pods
+ - pods/exec
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - pods/status
+ verbs:
+ - get
+- apiGroups:
+ - ""
+ resources:
+ - serviceaccounts
+ verbs:
+ - create
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - apps
+ resources:
+ - deployments
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - batch
+ resources:
+ - jobs
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - watch
+- apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - create
+ - get
+ - update
+- apiGroups:
+ - monitoring.coreos.com
+ resources:
+ - podmonitors
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - watch
+- apiGroups:
+ - policy
+ resources:
+ - poddisruptionbudgets
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - backups
+ - clusters
+ - databases
+ - poolers
+ - publications
+ - scheduledbackups
+ - subscriptions
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - failoverquorums
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - watch
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - backups/status
+ - databases/status
+ - publications/status
+ - scheduledbackups/status
+ - subscriptions/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - imagecatalogs
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - clusters/finalizers
+ - poolers/finalizers
+ verbs:
+ - update
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - clusters/status
+ - poolers/status
+ - failoverquorums/status
+ verbs:
+ - get
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - rbac.authorization.k8s.io
+ resources:
+ - rolebindings
+ - roles
+ verbs:
+ - create
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - snapshot.storage.k8s.io
+ resources:
+ - volumesnapshots
+ verbs:
+ - create
+ - get
+ - list
+ - patch
+ - watchClusterRole: cnpg-cloudnative-pg-edit+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-cloudnative-pg-edit
+rules:
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - backups
+ - clusters
+ - clusters/status
+ - databases
+ - failoverquorums
+ - poolers
+ - publications
+ - scheduledbackups
+ - imagecatalogs
+ - clusterimagecatalogs
+ - subscriptions
+ verbs:
+ - create
+ - delete
+ - deletecollection
+ - patch
+ - updateClusterRole: cnpg-cloudnative-pg-view+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-cloudnative-pg-view
+rules:
+- apiGroups:
+ - postgresql.cnpg.io
+ resources:
+ - backups
+ - clusters
+ - clusters/status
+ - databases
+ - failoverquorums
+ - poolers
+ - publications
+ - scheduledbackups
+ - imagecatalogs
+ - clusterimagecatalogs
+ - subscriptions
+ verbs:
+ - get
+ - list
+ - watchClusterRoleBinding: cnpg-cloudnative-pg+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-cloudnative-pg
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cnpg-cloudnative-pg
+subjects:
+- kind: ServiceAccount
+ name: cnpg-cloudnative-pg
+ namespace: cnpg-systemConfigMap: cnpg-system/cnpg-controller-manager-config+apiVersion: v1
+data: {}
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-controller-manager-config
+ namespace: cnpg-systemConfigMap: cnpg-system/cnpg-default-monitoring+apiVersion: v1
+data:
+ queries: |
+ backends:
+ query: |
+ SELECT sa.datname
+ , sa.usename
+ , sa.application_name
+ , states.state
+ , COALESCE(sa.count, 0) AS total
+ , COALESCE(sa.max_tx_secs, 0) AS max_tx_duration_seconds
+ FROM ( VALUES ('active')
+ , ('idle')
+ , ('idle in transaction')
+ , ('idle in transaction (aborted)')
+ , ('fastpath function call')
+ , ('disabled')
+ ) AS states(state)
+ LEFT JOIN (
+ SELECT datname
+ , state
+ , usename
+ , COALESCE(application_name, '') AS application_name
+ , pg_catalog.count(*)
+ , COALESCE(EXTRACT (EPOCH FROM (pg_catalog.max(pg_catalog.now() OPERATOR(pg_catalog.-) xact_start))), 0) AS max_tx_secs
+ FROM pg_catalog.pg_stat_activity
+ GROUP BY datname, state, usename, application_name
+ ) sa ON states.state OPERATOR(pg_catalog.=) sa.state
+ WHERE sa.usename IS NOT NULL
+ metrics:
+ - datname:
+ usage: "LABEL"
+ description: "Name of the database"
+ - usename:
+ usage: "LABEL"
+ description: "Name of the user"
+ - application_name:
+ usage: "LABEL"
+ description: "Name of the application"
+ - state:
+ usage: "LABEL"
+ description: "State of the backend"
+ - total:
+ usage: "GAUGE"
+ description: "Number of backends"
+ - max_tx_duration_seconds:
+ usage: "GAUGE"
+ description: "Maximum duration of a transaction in seconds"
+
+ backends_waiting:
+ query: |
+ SELECT pg_catalog.count(*) AS total
+ FROM pg_catalog.pg_locks blocked_locks
+ JOIN pg_catalog.pg_locks blocking_locks
+ ON blocking_locks.locktype OPERATOR(pg_catalog.=) blocked_locks.locktype
+ AND blocking_locks.database IS NOT DISTINCT FROM blocked_locks.database
+ AND blocking_locks.relation IS NOT DISTINCT FROM blocked_locks.relation
+ AND blocking_locks.page IS NOT DISTINCT FROM blocked_locks.page
+ AND blocking_locks.tuple IS NOT DISTINCT FROM blocked_locks.tuple
+ AND blocking_locks.virtualxid IS NOT DISTINCT FROM blocked_locks.virtualxid
+ AND blocking_locks.transactionid IS NOT DISTINCT FROM blocked_locks.transactionid
+ AND blocking_locks.classid IS NOT DISTINCT FROM blocked_locks.classid
+ AND blocking_locks.objid IS NOT DISTINCT FROM blocked_locks.objid
+ AND blocking_locks.objsubid IS NOT DISTINCT FROM blocked_locks.objsubid
+ AND blocking_locks.pid OPERATOR(pg_catalog.<>) blocked_locks.pid
+ JOIN pg_catalog.pg_stat_activity blocking_activity ON blocking_activity.pid OPERATOR(pg_catalog.=) blocking_locks.pid
+ WHERE NOT blocked_locks.granted
+ metrics:
+ - total:
+ usage: "GAUGE"
+ description: "Total number of backends that are currently waiting on other queries"
+
+ pg_database:
+ query: |
+ SELECT datname
+ , pg_catalog.pg_database_size(datname) AS size_bytes
+ , pg_catalog.age(datfrozenxid) AS xid_age
+ , pg_catalog.mxid_age(datminmxid) AS mxid_age
+ FROM pg_catalog.pg_database
+ WHERE datallowconn
+ metrics:
+ - datname:
+ usage: "LABEL"
+ description: "Name of the database"
+ - size_bytes:
+ usage: "GAUGE"
+ description: "Disk space used by the database"
+ - xid_age:
+ usage: "GAUGE"
+ description: "Number of transactions from the frozen XID to the current one"
+ - mxid_age:
+ usage: "GAUGE"
+ description: "Number of multiple transactions (Multixact) from the frozen XID to the current one"
+
+ pg_postmaster:
+ query: |
+ SELECT EXTRACT(EPOCH FROM pg_postmaster_start_time) AS start_time
+ FROM pg_catalog.pg_postmaster_start_time()
+ metrics:
+ - start_time:
+ usage: "GAUGE"
+ description: "Time at which postgres started (based on epoch)"
+
+ pg_replication:
+ query: |
+ SELECT CASE WHEN (
+ NOT pg_catalog.pg_is_in_recovery()
+ OR pg_catalog.pg_last_wal_receive_lsn() OPERATOR(pg_catalog.=) pg_catalog.pg_last_wal_replay_lsn())
+ THEN 0
+ ELSE GREATEST (0,
+ EXTRACT(EPOCH FROM (pg_catalog.now() OPERATOR(pg_catalog.-) pg_catalog.pg_last_xact_replay_timestamp())))
+ END AS lag,
+ pg_catalog.pg_is_in_recovery() AS in_recovery,
+ EXISTS (TABLE pg_catalog.pg_stat_wal_receiver) AS is_wal_receiver_up,
+ (SELECT pg_catalog.count(*) FROM pg_catalog.pg_stat_replication) AS streaming_replicas
+ metrics:
+ - lag:
+ usage: "GAUGE"
+ description: "Replication lag behind primary in seconds"
+ - in_recovery:
+ usage: "GAUGE"
+ description: "Whether the instance is in recovery"
+ - is_wal_receiver_up:
+ usage: "GAUGE"
+ description: "Whether the instance wal_receiver is up"
+ - streaming_replicas:
+ usage: "GAUGE"
+ description: "Number of streaming replicas connected to the instance"
+
+ pg_replication_slots:
+ query: |
+ SELECT slot_name,
+ slot_type,
+ database,
+ active,
+ (CASE pg_catalog.pg_is_in_recovery()
+ WHEN TRUE THEN pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_last_wal_receive_lsn(), restart_lsn)
+ ELSE pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), restart_lsn)
+ END) as pg_wal_lsn_diff
+ FROM pg_catalog.pg_replication_slots
+ WHERE NOT temporary
+ metrics:
+ - slot_name:
+ usage: "LABEL"
+ description: "Name of the replication slot"
+ - slot_type:
+ usage: "LABEL"
+ description: "Type of the replication slot"
+ - database:
+ usage: "LABEL"
+ description: "Name of the database"
+ - active:
+ usage: "GAUGE"
+ description: "Flag indicating whether the slot is active"
+ - pg_wal_lsn_diff:
+ usage: "GAUGE"
+ description: "Replication lag in bytes"
+
+ pg_stat_archiver:
+ query: |
+ SELECT archived_count
+ , failed_count
+ , COALESCE(EXTRACT(EPOCH FROM (pg_catalog.now() OPERATOR(pg_catalog.-) last_archived_time)), -1) AS seconds_since_last_archival
+ , COALESCE(EXTRACT(EPOCH FROM (pg_catalog.now() OPERATOR(pg_catalog.-) last_failed_time)), -1) AS seconds_since_last_failure
+ , COALESCE(EXTRACT(EPOCH FROM last_archived_time), -1) AS last_archived_time
+ , COALESCE(EXTRACT(EPOCH FROM last_failed_time), -1) AS last_failed_time
+ , COALESCE(CAST(CAST('x' OPERATOR(pg_catalog.||) pg_catalog.right(pg_catalog.split_part(last_archived_wal, '.', 1), 16) AS pg_catalog.bit(64)) AS pg_catalog.int8), -1) AS last_archived_wal_start_lsn
+ , COALESCE(CAST(CAST('x' OPERATOR(pg_catalog.||) pg_catalog.right(pg_catalog.split_part(last_failed_wal, '.', 1), 16) AS pg_catalog.bit(64)) AS pg_catalog.int8), -1) AS last_failed_wal_start_lsn
+ , EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
+ FROM pg_catalog.pg_stat_archiver
+ predicate_query: |
+ SELECT NOT pg_catalog.pg_is_in_recovery()
+ OR pg_catalog.current_setting('archive_mode') OPERATOR(pg_catalog.=) 'always'
+ metrics:
+ - archived_count:
+ usage: "COUNTER"
+ description: "Number of WAL files that have been successfully archived"
+ - failed_count:
+ usage: "COUNTER"
+ description: "Number of failed attempts for archiving WAL files"
+ - seconds_since_last_archival:
+ usage: "GAUGE"
+ description: "Seconds since the last successful archival operation"
+ - seconds_since_last_failure:
+ usage: "GAUGE"
+ description: "Seconds since the last failed archival operation"
+ - last_archived_time:
+ usage: "GAUGE"
+ description: "Epoch of the last time WAL archiving succeeded"
+ - last_failed_time:
+ usage: "GAUGE"
+ description: "Epoch of the last time WAL archiving failed"
+ - last_archived_wal_start_lsn:
+ usage: "GAUGE"
+ description: "Archived WAL start LSN"
+ - last_failed_wal_start_lsn:
+ usage: "GAUGE"
+ description: "Last failed WAL LSN"
+ - stats_reset_time:
+ usage: "GAUGE"
+ description: "Time at which these statistics were last reset"
+
+ pg_stat_bgwriter:
+ runonserver: "<17.0.0"
+ query: |
+ SELECT checkpoints_timed
+ , checkpoints_req
+ , checkpoint_write_time
+ , checkpoint_sync_time
+ , buffers_checkpoint
+ , buffers_clean
+ , maxwritten_clean
+ , buffers_backend
+ , buffers_backend_fsync
+ , buffers_alloc
+ FROM pg_catalog.pg_stat_bgwriter
+ metrics:
+ - checkpoints_timed:
+ usage: "COUNTER"
+ description: "Number of scheduled checkpoints that have been performed"
+ - checkpoints_req:
+ usage: "COUNTER"
+ description: "Number of requested checkpoints that have been performed"
+ - checkpoint_write_time:
+ usage: "COUNTER"
+ description: "Total amount of time that has been spent in the portion of checkpoint processing where files are written to disk, in milliseconds"
+ - checkpoint_sync_time:
+ usage: "COUNTER"
+ description: "Total amount of time that has been spent in the portion of checkpoint processing where files are synchronized to disk, in milliseconds"
+ - buffers_checkpoint:
+ usage: "COUNTER"
+ description: "Number of buffers written during checkpoints"
+ - buffers_clean:
+ usage: "COUNTER"
+ description: "Number of buffers written by the background writer"
+ - maxwritten_clean:
+ usage: "COUNTER"
+ description: "Number of times the background writer stopped a cleaning scan because it had written too many buffers"
+ - buffers_backend:
+ usage: "COUNTER"
+ description: "Number of buffers written directly by a backend"
+ - buffers_backend_fsync:
+ usage: "COUNTER"
+ description: "Number of times a backend had to execute its own fsync call (normally the background writer handles those even when the backend does its own write)"
+ - buffers_alloc:
+ usage: "COUNTER"
+ description: "Number of buffers allocated"
+
+ pg_stat_bgwriter_17:
+ runonserver: ">=17.0.0"
+ name: pg_stat_bgwriter
+ query: |
+ SELECT buffers_clean
+ , maxwritten_clean
+ , buffers_alloc
+ , EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
+ FROM pg_catalog.pg_stat_bgwriter
+ metrics:
+ - buffers_clean:
+ usage: "COUNTER"
+ description: "Number of buffers written by the background writer"
+ - maxwritten_clean:
+ usage: "COUNTER"
+ description: "Number of times the background writer stopped a cleaning scan because it had written too many buffers"
+ - buffers_alloc:
+ usage: "COUNTER"
+ description: "Number of buffers allocated"
+ - stats_reset_time:
+ usage: "GAUGE"
+ description: "Time at which these statistics were last reset"
+
+ pg_stat_checkpointer:
+ runonserver: ">=17.0.0"
+ query: |
+ SELECT num_timed AS checkpoints_timed
+ , num_requested AS checkpoints_req
+ , restartpoints_timed
+ , restartpoints_req
+ , restartpoints_done
+ , write_time
+ , sync_time
+ , buffers_written
+ , EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
+ FROM pg_catalog.pg_stat_checkpointer
+ metrics:
+ - checkpoints_timed:
+ usage: "COUNTER"
+ description: "Number of scheduled checkpoints that have been performed"
+ - checkpoints_req:
+ usage: "COUNTER"
+ description: "Number of requested checkpoints that have been performed"
+ - restartpoints_timed:
+ usage: "COUNTER"
+ description: "Number of scheduled restartpoints due to timeout or after a failed attempt to perform it"
+ - restartpoints_req:
+ usage: "COUNTER"
+ description: "Number of requested restartpoints that have been performed"
+ - restartpoints_done:
+ usage: "COUNTER"
+ description: "Number of restartpoints that have been performed"
+ - write_time:
+ usage: "COUNTER"
+ description: "Total amount of time that has been spent in the portion of processing checkpoints and restartpoints where files are written to disk, in milliseconds"
+ - sync_time:
+ usage: "COUNTER"
+ description: "Total amount of time that has been spent in the portion of processing checkpoints and restartpoints where files are synchronized to disk, in milliseconds"
+ - buffers_written:
+ usage: "COUNTER"
+ description: "Number of buffers written during checkpoints and restartpoints"
+ - stats_reset_time:
+ usage: "GAUGE"
+ description: "Time at which these statistics were last reset"
+
+ pg_stat_database:
+ query: |
+ SELECT datname
+ , xact_commit
+ , xact_rollback
+ , blks_read
+ , blks_hit
+ , tup_returned
+ , tup_fetched
+ , tup_inserted
+ , tup_updated
+ , tup_deleted
+ , conflicts
+ , temp_files
+ , temp_bytes
+ , deadlocks
+ , blk_read_time
+ , blk_write_time
+ FROM pg_catalog.pg_stat_database
+ metrics:
+ - datname:
+ usage: "LABEL"
+ description: "Name of this database"
+ - xact_commit:
+ usage: "COUNTER"
+ description: "Number of transactions in this database that have been committed"
+ - xact_rollback:
+ usage: "COUNTER"
+ description: "Number of transactions in this database that have been rolled back"
+ - blks_read:
+ usage: "COUNTER"
+ description: "Number of disk blocks read in this database"
+ - blks_hit:
+ usage: "COUNTER"
+ description: "Number of times disk blocks were found already in the buffer cache, so that a read was not necessary (this only includes hits in the PostgreSQL buffer cache, not the operating system's file system cache)"
+ - tup_returned:
+ usage: "COUNTER"
+ description: "Number of rows returned by queries in this database"
+ - tup_fetched:
+ usage: "COUNTER"
+ description: "Number of rows fetched by queries in this database"
+ - tup_inserted:
+ usage: "COUNTER"
+ description: "Number of rows inserted by queries in this database"
+ - tup_updated:
+ usage: "COUNTER"
+ description: "Number of rows updated by queries in this database"
+ - tup_deleted:
+ usage: "COUNTER"
+ description: "Number of rows deleted by queries in this database"
+ - conflicts:
+ usage: "COUNTER"
+ description: "Number of queries canceled due to conflicts with recovery in this database"
+ - temp_files:
+ usage: "COUNTER"
+ description: "Number of temporary files created by queries in this database"
+ - temp_bytes:
+ usage: "COUNTER"
+ description: "Total amount of data written to temporary files by queries in this database"
+ - deadlocks:
+ usage: "COUNTER"
+ description: "Number of deadlocks detected in this database"
+ - blk_read_time:
+ usage: "COUNTER"
+ description: "Time spent reading data file blocks by backends in this database, in milliseconds"
+ - blk_write_time:
+ usage: "COUNTER"
+ description: "Time spent writing data file blocks by backends in this database, in milliseconds"
+
+ pg_stat_replication:
+ primary: true
+ query: |
+ SELECT usename
+ , COALESCE(application_name, '') AS application_name
+ , COALESCE(client_addr::text, '') AS client_addr
+ , COALESCE(client_port::text, '') AS client_port
+ , EXTRACT(EPOCH FROM backend_start) AS backend_start
+ , COALESCE(pg_catalog.age(backend_xmin), 0) AS backend_xmin_age
+ , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), sent_lsn) AS sent_diff_bytes
+ , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), write_lsn) AS write_diff_bytes
+ , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), flush_lsn) AS flush_diff_bytes
+ , COALESCE(pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), replay_lsn),0) AS replay_diff_bytes
+ , COALESCE((EXTRACT(EPOCH FROM write_lag)),0)::float AS write_lag_seconds
+ , COALESCE((EXTRACT(EPOCH FROM flush_lag)),0)::float AS flush_lag_seconds
+ , COALESCE((EXTRACT(EPOCH FROM replay_lag)),0)::float AS replay_lag_seconds
+ FROM pg_catalog.pg_stat_replication
+ metrics:
+ - usename:
+ usage: "LABEL"
+ description: "Name of the replication user"
+ - application_name:
+ usage: "LABEL"
+ description: "Name of the application"
+ - client_addr:
+ usage: "LABEL"
+ description: "Client IP address"
+ - client_port:
+ usage: "LABEL"
+ description: "Client TCP port"
+ - backend_start:
+ usage: "COUNTER"
+ description: "Time when this process was started"
+ - backend_xmin_age:
+ usage: "COUNTER"
+ description: "The age of this standby's xmin horizon"
+ - sent_diff_bytes:
+ usage: "GAUGE"
+ description: "Difference in bytes from the last write-ahead log location sent on this connection"
+ - write_diff_bytes:
+ usage: "GAUGE"
+ description: "Difference in bytes from the last write-ahead log location written to disk by this standby server"
+ - flush_diff_bytes:
+ usage: "GAUGE"
+ description: "Difference in bytes from the last write-ahead log location flushed to disk by this standby server"
+ - replay_diff_bytes:
+ usage: "GAUGE"
+ description: "Difference in bytes from the last write-ahead log location replayed into the database on this standby server"
+ - write_lag_seconds:
+ usage: "GAUGE"
+ description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written it"
+ - flush_lag_seconds:
+ usage: "GAUGE"
+ description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written and flushed it"
+ - replay_lag_seconds:
+ usage: "GAUGE"
+ description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written, flushed and applied it"
+
+ pg_settings:
+ query: |
+ SELECT name,
+ CASE setting WHEN 'on' THEN '1' WHEN 'off' THEN '0' ELSE setting END AS setting
+ FROM pg_catalog.pg_settings
+ WHERE vartype IN ('integer', 'real', 'bool')
+ ORDER BY 1
+ metrics:
+ - name:
+ usage: "LABEL"
+ description: "Name of the setting"
+ - setting:
+ usage: "GAUGE"
+ description: "Setting value"
+
+ pg_extensions:
+ query: |
+ SELECT
+ pg_catalog.current_database() as datname,
+ name as extname,
+ default_version,
+ installed_version,
+ CASE
+ WHEN default_version OPERATOR(pg_catalog.=) installed_version THEN 0
+ ELSE 1
+ END AS update_available
+ FROM pg_catalog.pg_available_extensions
+ WHERE installed_version IS NOT NULL
+ metrics:
+ - datname:
+ usage: "LABEL"
+ description: "Name of the database"
+ - extname:
+ usage: "LABEL"
+ description: "Extension name"
+ - default_version:
+ usage: "LABEL"
+ description: "Default version"
+ - installed_version:
+ usage: "LABEL"
+ description: "Installed version"
+ - update_available:
+ usage: "GAUGE"
+ description: "An update is available"
+ target_databases:
+ - '*'
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ cnpg.io/reload: ""
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-default-monitoring
+ namespace: cnpg-systemService: cnpg-system/cnpg-webhook-service+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-webhook-service
+ namespace: cnpg-system
+spec:
+ ports:
+ - name: webhook-server
+ port: 443
+ targetPort: webhook-server
+ selector:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/name: cloudnative-pg
+ type: ClusterIPServiceAccount: cnpg-system/cnpg-cloudnative-pg+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app.kubernetes.io/instance: cnpg
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: cloudnative-pg
+ app.kubernetes.io/version: 1.29.1
+ helm.sh/chart: cloudnative-pg-0.28.2
+ name: cnpg-cloudnative-pg
+ namespace: cnpg-systemCustomResourceDefinition: backups.postgresql.cnpg.io+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ helm.sh/resource-policy: keep
+ name: backups.postgresql.cnpg.io
+spec:
+ group: postgresql.cnpg.io
+ names:
+ kind: Backup
+ listKind: BackupList
+ plural: backups
+ singular: backup
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - jsonPath: .spec.cluster.name
+ name: Cluster
+ type: string
+ - jsonPath: .spec.method
+ name: Method
+ type: string
+ - jsonPath: .status.phase
+ name: Phase
+ type: string
+ - jsonPath: .status.error
+ name: Error
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: A Backup resource is a request for a PostgreSQL backup by the
+ user.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: |-
+ Specification of the desired behavior of the backup.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ properties:
+ cluster:
+ description: The cluster to backup
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ method:
+ default: barmanObjectStore
+ description: |-
+ The backup method to be used, possible options are `barmanObjectStore`,
+ `volumeSnapshot` or `plugin`. Defaults to: `barmanObjectStore`.
+ enum:
+ - barmanObjectStore
+ - volumeSnapshot
+ - plugin
+ type: string
+ online:
+ description: |-
+ Whether the default type of backup with volume snapshots is
+ online/hot (`true`, default) or offline/cold (`false`)
+ Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'
+ type: boolean
+ onlineConfiguration:
+ description: |-
+ Configuration parameters to control the online/hot backup with volume snapshots
+ Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza
+ properties:
+ immediateCheckpoint:
+ description: |-
+ Control whether the I/O workload for the backup initial checkpoint will
+ be limited, according to the `checkpoint_completion_target` setting on
+ the PostgreSQL server. If set to true, an immediate checkpoint will be
+ used, meaning PostgreSQL will complete the checkpoint as soon as
+ possible. `false` by default.
+ type: boolean
+ waitForArchive:
+ default: true
+ description: |-
+ If false, the function will return immediately after the backup is completed,
+ without waiting for WAL to be archived.
+ This behavior is only useful with backup software that independently monitors WAL archiving.
+ Otherwise, WAL required to make the backup consistent might be missing and make the backup useless.
+ By default, or when this parameter is true, pg_backup_stop will wait for WAL to be archived when archiving is
+ enabled.
+ On a standby, this means that it will wait only when archive_mode = always.
+ If write activity on the primary is low, it may be useful to run pg_switch_wal on the primary in order to trigger
+ an immediate segment switch.
+ type: boolean
+ type: object
+ pluginConfiguration:
+ description: Configuration parameters passed to the plugin managing
+ this backup
+ properties:
+ name:
+ description: Name is the name of the plugin managing this backup
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ description: |-
+ Parameters are the configuration parameters passed to the backup
+ plugin for this backup
+ type: object
+ required:
+ - name
+ type: object
+ target:
+ description: |-
+ The policy to decide which instance should perform this backup. If empty,
+ it defaults to `cluster.spec.backup.target`.
+ Available options are empty string, `primary` and `prefer-standby`.
+ `primary` to have backups run always on primary instances,
+ `prefer-standby` to have backups run preferably on the most updated
+ standby, if available.
+ enum:
+ - primary
+ - prefer-standby
+ type: string
+ required:
+ - cluster
+ type: object
+ x-kubernetes-validations:
+ - message: BackupSpec is immutable once set
+ rule: oldSelf == self
+ status:
+ description: |-
+ Most recently observed status of the backup. This data may not be up to
+ date. Populated by the system. Read-only.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ properties:
+ azureCredentials:
+ description: The credentials to use to upload data to Azure Blob Storage
+ properties:
+ connectionString:
+ description: The connection string to be used
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ inheritFromAzureAD:
+ description: Use the Azure AD based authentication without providing
+ explicitly the keys.
+ type: boolean
+ storageAccount:
+ description: The storage account where to upload data
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ storageKey:
+ description: |-
+ The storage account key to be used in conjunction
+ with the storage account name
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ storageSasToken:
+ description: |-
+ A shared-access-signature to be used in conjunction with
+ the storage account name
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ useDefaultAzureCredentials:
+ description: |-
+ Use the default Azure authentication flow, which includes DefaultAzureCredential.
+ This allows authentication using environment variables and managed identities.
+ type: boolean
+ type: object
+ backupId:
+ description: The ID of the Barman backup
+ type: string
+ backupLabelFile:
+ description: Backup label file content as returned by Postgres in
+ case of online (hot) backups
+ format: byte
+ type: string
+ backupName:
+ description: The Name of the Barman backup
+ type: string
+ beginLSN:
+ description: The starting xlog
+ type: string
+ beginWal:
+ description: The starting WAL
+ type: string
+ commandError:
+ description: The backup command output in case of error
+ type: string
+ commandOutput:
+ description: Unused. Retained for compatibility with old versions.
+ type: string
+ destinationPath:
+ description: |-
+ The path where to store the backup (i.e. s3://bucket/path/to/folder)
+ this path, with different destination folders, will be used for WALs
+ and for data. This may not be populated in case of errors.
+ type: string
+ encryption:
+ description: Encryption method required to S3 API
+ type: string
+ endLSN:
+ description: The ending xlog
+ type: string
+ endWal:
+ description: The ending WAL
+ type: string
+ endpointCA:
+ description: |-
+ EndpointCA store the CA bundle of the barman endpoint.
+ Useful when using self-signed certificates to avoid
+ errors with certificate issuer and barman-cloud-wal-archive.
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ endpointURL:
+ description: |-
+ Endpoint to be used to upload data to the cloud,
+ overriding the automatic endpoint discovery
+ type: string
+ error:
+ description: The detected error
+ type: string
+ googleCredentials:
+ description: The credentials to use to upload data to Google Cloud
+ Storage
+ properties:
+ applicationCredentials:
+ description: The secret containing the Google Cloud Storage JSON
+ file with the credentials
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ gkeEnvironment:
+ description: |-
+ If set to true, will presume that it's running inside a GKE environment,
+ default to false.
+ type: boolean
+ type: object
+ instanceID:
+ description: Information to identify the instance where the backup
+ has been taken from
+ properties:
+ ContainerID:
+ description: The container ID
+ type: string
+ podName:
+ description: The pod name
+ type: string
+ sessionID:
+ description: |-
+ The instance manager session ID. This is a unique identifier generated at instance manager
+ startup and changes on every restart (including container reboots). Used to detect if
+ the instance manager was restarted during long-running operations like backups, which
+ would terminate any running backup process.
+ type: string
+ type: object
+ majorVersion:
+ description: |-
+ The PostgreSQL major version that was running when the
+ backup was taken.
+ type: integer
+ method:
+ description: The backup method being used
+ type: string
+ online:
+ description: Whether the backup was online/hot (`true`) or offline/cold
+ (`false`)
+ type: boolean
+ phase:
+ description: The last backup status
+ type: string
+ pluginMetadata:
+ additionalProperties:
+ type: string
+ description: A map containing the plugin metadata
+ type: object
+ reconciliationStartedAt:
+ description: When the backup process was started by the operator
+ format: date-time
+ type: string
+ reconciliationTerminatedAt:
+ description: When the reconciliation was terminated by the operator
+ (either successfully or not)
+ format: date-time
+ type: string
+ s3Credentials:
+ description: The credentials to use to upload data to S3
+ properties:
+ accessKeyId:
+ description: The reference to the access key id
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ inheritFromIAMRole:
+ description: Use the role based authentication without providing
+ explicitly the keys.
+ type: boolean
+ region:
+ description: The reference to the secret containing the region
+ name
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ secretAccessKey:
+ description: The reference to the secret access key
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ sessionToken:
+ description: The references to the session key
+ properties:
+ key:
+ description: The key to select
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ type: object
+ serverName:
+ description: |-
+ The server name on S3, the cluster name is used if this
+ parameter is omitted
+ type: string
+ snapshotBackupStatus:
+ description: Status of the volumeSnapshot backup
+ properties:
+ elements:
+ description: The elements list, populated with the gathered volume
+ snapshots
+ items:
+ description: BackupSnapshotElementStatus is a volume snapshot
+ that is part of a volume snapshot method backup
+ properties:
+ name:
+ description: Name is the snapshot resource name
+ type: string
+ tablespaceName:
+ description: |-
+ TablespaceName is the name of the snapshotted tablespace. Only set
+ when type is PG_TABLESPACE
+ type: string
+ type:
+ description: Type is tho role of the snapshot in the cluster,
+ such as PG_DATA, PG_WAL and PG_TABLESPACE
+ type: string
+ required:
+ - name
+ - type
+ type: object
+ type: array
+ type: object
+ startedAt:
+ description: When the backup execution was started by the backup tool
+ format: date-time
+ type: string
+ stoppedAt:
+ description: When the backup execution was terminated by the backup
+ tool
+ format: date-time
+ type: string
+ tablespaceMapFile:
+ description: Tablespace map file content as returned by Postgres in
+ case of online (hot) backups
+ format: byte
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}CustomResourceDefinition: clusterimagecatalogs.postgresql.cnpg.io+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.20.1
+ helm.sh/resource-policy: keep
+ name: clusterimagecatalogs.postgresql.cnpg.io
+spec:
+ group: postgresql.cnpg.io
+ names:
+ kind: ClusterImageCatalog
+ listKind: ClusterImageCatalogList
+ plural: clusterimagecatalogs
+ singular: clusterimagecatalog
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: ClusterImageCatalog is the Schema for the clusterimagecatalogs
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: |-
+ Specification of the desired behavior of the ClusterImageCatalog.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ properties:
+ images:
+ description: List of CatalogImages available in the catalog
+ items:
+ description: CatalogImage defines the image and major version
+ properties:
+ extensions:
+ description: The configuration of the extensions to be added
+ items:
+ description: |-
+ ExtensionConfiguration is the configuration used to add
+ PostgreSQL extensions to the Cluster.
+ properties:
+ bin_path:
+ description: |-
+ A list of directories within the image to be appended to the
+ PostgreSQL process's `PATH` environment variable.
+ items:
+ type: string
+ type: array
+ dynamic_library_path:
+ description: |-
+ The list of directories inside the image which should be added to dynamic_library_path.
+ If not defined, defaults to "/lib".
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ Env is a list of custom environment variables to be set in the
+ PostgreSQL process for this extension. It is the responsibility of the
+ cluster administrator to ensure the variables are correct for the
+ specific extension. Note that changes to these variables require
+ a manual cluster restart to take effect.
+ items:
+ description: |-
+ ExtensionEnvVar defines an environment variable for a specific extension
+ image volume.
+ properties:
+ name:
+ description: |-
+ Name of the environment variable to be injected into the
+ PostgreSQL process.
+ minLength: 1
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ value:
+ description: |-
+ Value of the environment variable. CloudNativePG performs a direct
+ replacement of this value, with support for placeholder expansion.
+ The ${`image_root`} placeholder resolves to the absolute mount path
+ of the extension's volume (e.g., `/extensions/my-extension`). This
+ is particularly useful for allowing applications or libraries to
+ locate specific directories within the mounted image.
+ Unrecognized placeholders are rejected. To include a literal ${...}
+ in the value, escape it as $${...}.
+ minLength: 1
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ extension_control_path:
+ description: |-
+ The list of directories inside the image which should be added to extension_control_path.
+ If not defined, defaults to "/share".
+ items:
+ type: string
+ type: array
+ image:
+ description: The image containing the extension.
+ properties:
+ pullPolicy:
+ description: |-
+ Policy for pulling OCI objects. Possible values are:
+ Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.
+ Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.
+ IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.
+ Defaults to Always if :latest tag is specified, or I🚨 Diff is too long
Stats: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.