CYBERTEC-PG-Operator
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage Support
  1. CPO (CYBERTEC-PG-Operator)
  2. /
  3. References
  4. /
  5. PostgreSQL

PostgreSQL

CRD for kind postgresql

NameTyperequiredDescription
apiVersionstringtrueacid.zalando.do/v1
kindstringtrue
metadataobjecttrue
specobjecttrue
statusobjectfalse

spec

NameTyperequiredDescription
additionalVolumesarrayfalseList of additional volumes to mount in each container of the statefulset pod
allowedSourceRangesarrayfalseThe corresponding load balancer is accessible only to the networks defined by this parameter
backupobjectfalseEnables the definition of a customised backup solution for the cluster
cloneobjectfalseDefines the clone-target for the Cluster
connectionPoolerobjectfalseDefines the configuration and settings for every type of a connectionPoolers (Primary and Replica).
databasesmapfalseDefines the name of the database, they are created by the operator. See tutorial
dockerImagestringtrueDefines the used PostgreSQL-Container-Image for this cluster
enableLogicalBackupbooleanfalseEnable logical Backups for this Cluster (Stored on S3) - s3-configuration for Operator is needed (Not for pgBackRest)
enableConnectionPoolerbooleanfalsecreates a ConnectionPooler for the primary Pod
enableReplicaConnectionPoolerbooleanfalsecreates a ConnectionPooler for the replica Pods
enableMasterLoadBalancerbooleanfalseDefine whether to enable the load balancer pointing to the Postgres primary
enableReplicaLoadBalancerbooleanfalseDefine whether to enable the load balancer pointing to the Postgres replicas
enableMasterPoolerLoadBalancerbooleanfalseDefine whether to enable the load balancer pointing to the primary ConnectionPooler
enableReplicaPoolerLoadBalancerbooleanfalseDefine whether to enable the load balancer pointing to the Replica-ConnectionPooler
enableShmVolumebooleanfalseStart a database pod without limitations on shm memory. By default Docker limit /dev/shm to 64M (see e.g. the docker issue, which could be not enough if PostgreSQL uses parallel workers heavily. If this option is present and value is true, to the target database pod will be mounted a new tmpfs volume to remove this limitation.
envarrayfalseAllows to add own Envs to the PostgreSQL containers
initContainersarrayfalseEnables the definition of init-containers
logicalBackupSchedulestringfalseEnables the scheduling of logical backups based on cron-syntax. Example: 30 00 * * *
maintenanceWindowsarrayfalseEnables the definition of maintenance windows for the cluster. Example: Sat:00:00-04:00
masterServiceAnnotationsmapfalseEnables the definition of annotations for the Primary Service
monitormapfalseEnables monitoring on the basis of the defined image
nodeAffinitymapfalseEnables overwriting of the nodeAffinity
numberOfInstancesinttrueNumber of nodes of the cluster
patronimapfalseEnables the customisation of patroni settings
podPriorityClassNamestringfalsea name of the priority class that should be assigned to the cluster pods. If not set then the default priority class is taken. The priority class itself must be defined in advance
podAnnotationsmapfalseA map of key value pairs that gets attached as annotations to each pod created for the database.
postgresqlmapfalseEnables the customisation of PostgreSQL settings and parameters
preparedDatabasesmapfalseAllows you to define databases including owner, schemas and extension and have the operator generate them. item See tutorial
replicaServiceAnnotationsmapfalseEnables the definition of annotations for the Replica Service
resourcesmaptrueCPU & Memory (Limit & Request) definition for the Postgres container
ServiceAnnotationsmapfalseA map of key value pairs that gets attached as annotations to each Service created for the database.
sidecarsarrayfalseEnables the definition of custom sidecars
spiloFSGroupintfalsethe Persistent Volumes for the Spilo pods in the StatefulSet will be owned and writable by the group ID specified. This will override the spilo_fsgroup operator parameter
spiloRunAsGroupintfalsesets the group ID which should be used in the container to run the process.
spiloRunAsUserintfalseSets the user ID which should be used in the container to run the process. This must be set to run the container without root.
standbymapfalseEnables the creation of a standby cluster at the time of the creation of a new cluster
streamsarrayfalseEnables change data capture streams for defined database tables
tdemapfalseEnables the activation of TDE if a new cluster is created
teamIdstringtruename of the team the cluster belongs to. Will be removed soon
tlsmapfalseCustom TLS certificate
tolerationsarrayfalsea list of tolerations that apply to the cluster pods. Each element of that list is a dictionary with the following fields:
key, operator, value, effect and tolerationSeconds
topologySpreadConstraintsmapfalseEnables the definition of a topologySpreadConstraint. See K8s-Documentation
usersmapfalsea map of usernames to user flags for the users that should be created in the cluster by the operator. See tutorial
usersWithSecretRotationlistfalselist of users to enable credential rotation in K8s secrets. The rotation interval can only be configured globally.
usersWithInPlaceSecretRotationlistfalselist of users to enable in-place password rotation in K8s secrets. The rotation interval can only be configured globally.
volumemaptruedefine the properties of the persistent storage that stores Postgres data
⬅ Back to Parent

additionalVolumes

NameTyperequiredDescription
namestringtrueEnables the definition of a pgbackrest-setup for the cluster
mountPathstringtrueEnables the definition of a pgbackrest-setup for the cluster
targetContainersarraytrueEnables the definition of a pgbackrest-setup for the cluster
subPathstringfalseEnables the definition of a pgbackrest-setup for the cluster
isSubPathExprbooleanfalseEnables the definition of a pgbackrest-setup for the cluster
volumeSourcemaptrueEnables the definition of a pgbackrest-setup for the cluster
⬅ Back to Parent

backup

NameTyperequiredDescription
pgbackrestobjectfalseEnables the definition of a pgbackrest-setup for the cluster
⬅ Back to Parent

clone

NameTyperequiredDescription
clusterstringtrueName of the cluster to be cloned. Random value if the cluster does not exist locally.
pgbackrestobjectfalseEnables the definition of a pgbackrest-setup for the cluster
⬅ Back to Parent

connectionPooler

NameTyperequiredDescription
numberOfInstancesinttrueNumber of Pods per Pooler
modestringtruepooling mode for pgBouncer (session, transaction, statement)
schemastringtrueSchema for Pooler (Default: pooler)
userstringtrueUsername for Pooler (Default: pooler)
maxDBConnectionsstringtruemaxConnections to the DB-Pod(s)
resourcesmaptrueCPU & Memory (Limit & Request) definition for the Pooler

⬅ Back to Parent

⬅ Back to Parent" aria-label="Anchor to: ⬅ Back to Parent" href="#hahahugoshortcode24s4hbhb">

env

NameTyperequiredDescription
namestringtrueKeyfield for the ENV-Entry
valuestringtrueValuefield for the ENV-Entry
⬅ Back to Parent

initContainers

NameTyperequiredDescription
namestringtrueName for the container
imagestringtrueDocker-Image for container
commandstringfalseto override CMD inside the container
envarrayfalseAllows to add own Envs to the container
resourcesmapfalseCPU & Memory (Limit & Request) definition for the container
portsarrayfalseDefine open ports for the container
⬅ Back to Parent

monitor

NameTyperequiredDescription
imagestringtrueDocker-Image for the metric exporter
⬅ Back to Parent

patroni

NameTyperequiredDescription
failsafe_modebooleanfalsePatroni failsafe_mode parameter value. See the Patroni documentation for more details.
initdbmapfalsea map of key-value pairs describing initdb parameters
loop_waitstringfalsePatroni loop_wait parameter value, optional. The default is set by the PostgreSQL image.
maximum_lag_on_failoverstringfalsePatroni maximum_lag_on_failover parameter value, optional. The default is set by the PostgreSQL image.
multisitemapfalseMultisite configuration - Check the Documentation first
pg_hbaarrayfalselist of custom pg_hba lines to replace default ones. One entry per item (example: - hostssl all all 0.0.0.0/0 scram-sha-256)
retry_timeoutintfalsePatroni retry_timeout parameter value, optional. The default is set by the PostgreSQL image.
slotsmapfalsepermanent replication slots that Patroni preserves after failover by re-creating them on the new primary immediately. after doing a promote. Use preferred slot-name as map-item
synchronous_modebooleanfalseDPatroni synchronous_mode parameter value, optional. The default is false.
synchronous_mode_strictbooleanfalsePatroni synchronous_mode_strict parameter value, optional. The default is false.
synchronous_node_countintfalsePatroni synchronous_node_count parameter value, optional. The default is set to 1. Only used if synchronous_mode_strict is true
ttlintfalsePatroni ttl parameter value, optional. The default is set by the PostgreSQL image.
⬅ Back to Parent

PostgreSQL

NameTyperequiredDescription
parametersmapfalsePostgreSQL-Parameter as item (Example: max_connections: “100”). For help check out the CYBERTEC PostgreSQL Configurator
versionstringfalsea map of key-value pairs describing initdb parameters
⬅ Back to Parent

preparedDatabases

NameTyperequiredDescription
defaultUsersbooleanfalseCreates roles with LOGIN permission and _usersuffix. Default: false
extensionsmapfalseIncludes the Extensions as items (key:value). Key is the Name of the Extension and value the schema. Example: pgcrypto: public
schemasmapfalseIncludes the schemanames as items.
⬅ Back to Parent

resources

NameTyperequiredDescription
requestsmaptruecpu and memory definitons (request.cpu / request.memory)
limitsmaptruecpu and memory definitons (limits.cpu / limits.memory)
⬅ Back to Parent

sidecars

NameTyperequiredDescription
namestringtrueName for the container
imagestringtrueDocker-Image for container
commandstringfalseto override CMD inside the container
envarrayfalseAllows to add own Envs to the container
resourcesmapfalseCPU & Memory (Limit & Request) definition for the container
portsarrayfalseDefine open ports for the container
⬅ Back to Parent

standby

NameTyperequiredDescription
standby_hoststringtrueEndpoint of the primary cluster
standby_portstringtruePostgreSQL port of the primary cluster
⬅ Back to Parent

streams

NameTyperequiredDescription
applicationIdstringtrueThe application name to which the database and CDC belongs to.
databasestringtrueName of the database from where events will be published via Postgres’ logical decoding feature.
tablesmaptrueDefines a map of table names and their properties (eventType, idColumn and payloadColumn).
batchSizeintfalseDefines the size of batches in which events are consumed. Defaults to 1
enableRecoverybooleanfalseFlag to enable a dead letter queue recovery for all streams tables.
filterstringfalseStreamed events can be filtered by a jsonpath expression for each table.
standby_portstringfalsePostgreSQL port of the primary cluster
⬅ Back to Parent

tde

NameTyperequiredDescription
enablebooleantrueenable TDE during initDB
⬅ Back to Parent

tolerations

NameTyperequiredDescription
keystringfalseKey for the taint attribute of the node
operatorstringfalseComparison operator (Equal or Exists).
valuestringfalseValue of the taint (only relevant for ‘Equal’).
effectstringfalseSpecifies how the node handles the pod (NoExecute, NoSchedule, PreferNoSchedule)
tolerationSecondsintfalseSpecifies how long the pod tolerates the taint (only for NoExecute).
⬅ Back to Parent

volume

NameTyperequiredDescription
sizestringtruethe size of the target volume. Usual Kubernetes size modifiers, i.e. Gi or Mi, apply
storageClassstringfalsethe name of the Kubernetes storage class to draw the persistent volume from. If empty K8s will choose the default StorageClass
subPathstringfalseSubpath to use when mounting volume into PostgreSQL container.
iopsintfalseWhen running the operator on AWS the latest generation of EBS volumes (gp3) allows for configuring the number of IOPS. Maximum is 16000
throughputintfalseWhen running the operator on AWS the latest generation of EBS volumes (gp3) allows for configuring the throughput in MB/s. Maximum is 1000
selectormapfalseA label query over PVs to consider for binding. See the Kubernetes documentation for details on using matchLabels and matchExpressions
⬅ Back to Parent

volumeSource

NameTyperequiredDescription
emptyDirstringfalseemptyDir: {}
PersistentVolumeClaimmapfalsePersistentVolumeClaim-Objekt
configMapmapfalseconfigMap-Objekt
⬅ Back to Parent

volumeSource-PersistentVolumeClaim

NameTyperequiredDescription
claimNamestringtrueName of the PersistentVolumeClaim
readyOnlybooleanfalsePersistentVolumeClaim-Objekt
⬅ Back to Parent

volumeSource-configMap

NameTyperequiredDescription
namestringtrueName of the Configmap
⬅ Back to Parent

multisite

NameTyperequiredDescription
enablebooleantrueEnable multisite-feature
etcdmaptrueEnables the definition of a pgbackrest-setup for the cluster
retry_timeoutinttruePatroni retry_timeout parameter value for the global etcd, optional. The default is set by the PostgreSQL image.
sitestringtrueName for the site of this cluster
ttlinttruePatroni ttl parameter value for the global etcd, optional. The default is set by the PostgreSQL image.
⬅ Back to Parent

slots

NameTyperequiredDescription
typestringtrueSlot-Type (physical or logical)
databasestringfalseDatabasename - for logical replication only
pluginstringfalsePlugin - for logical replication only

⬅ Back to Parent

⬅ Back to Parent" aria-label="Anchor to: ⬅ Back to Parent" href="#hahahugoshortcode24s22hbhb">

schemas

NameTyperequiredDescription
defaultRolesbooleanfalseCreates schema exclusiv roles with NOLOGIN permission and _usersuffix Default: true
defaultUsersbooleanfalseCreates schema exclusiv roles with LOGIN permission and _usersuffix Default: false

etcd

NameTyperequiredDescription
hostsstringtruelist of etcd hosts, including etcd-client-port (default: 2379), comma separated like in the etcd config
passwordstringfalsePassword for the global etcd
protocolstringtrueProtocol for the global etcd (http or https)
userstringfalseUsername for the global etcd
⬅ Back to Parent

requests

NameTyperequiredDescription
cpustringtruecpu definitons Example: 1000m
memorystringtruememory definitons Example: 1000Mi
⬅ Back to Parent

limits

NameTyperequiredDescription
cpustringtruecpu definitons Example: 1000m
memorystringtruememory definitons Example: 1000Mi
⬅ Back to Parent

pgbackrest

NameTyperequiredDescription
configurationobjectfalseEnables the definition of a pgbackrest-setup for the cluster
globalobjectfalse
imagestringtrue
reposarraytrue
resourcesobjectfalseCPU & Memory (Limit & Request) definition for the pgBackRest container
⬅ Back to Parent

configuration

NameTyperequiredDescription
secretobjectfalseSecretname with the contained S3 credentials (AccessKey & SecretAccessKey) (Note: must be placed in the same namespace as the cluster)
protectionobjectfalseEnable Protection-Options
⬅ Back to Parent

protection

NameTyperequiredDescription
restorebooleanfalseA restore is ignored as long as this option is set to true.
⬅ Back to Parent

repos

NameTyperequiredDescription
namestringtrueName of the repository Required:Repo[1-4]
storagestringtrueDefines the used backup-storage (Choose from List: pvc,s3,blob,gcs)
resourcestringtrueBucket-/Instance-/Storage- or PVC-Name
endpointstringfalseThe Endpoint for the choosen Storage (Not required for local storage)
regionstringfalseRegion for the choosen Storage (S3 only)
schedulestringfalseObject for defining automatic backups
⬅ Back to Parent

schedule

NameTyperequiredDescription
fullstringfalse(Cron-Syntax) Define full backup
incrstringfalse(Cron-Syntax) Define incremental backup
diffstringfalse(Cron-Syntax) Define differential backup
⬅ Back to Parent

status

NameTyperequiredDescription
PostgresClusterStatusstringfalseShows the cluster status. Filled by the Operator
⬅ Back to Parent
gdoc_arrow_left_alt Tutorials A product of CYBERTEC Operator-Configuration gdoc_arrow_right_alt