DON'T PANIC:
USE THE POSTGRESQL OPERATOR FOR KUBERNETES AND OPENSHIFT
Crunchy Data Solutions, Inc
- Industry leader in providing enterprise PostgreSQL support and open source solutions
- Crunchy Certified PostgreSQL
- 100% Open Source PostgreSQL
- Emphasis in Data Security and Compliance
- Common Criteria EAL 2+ Certified
- World class PostgreSQL expertise - includes Core Developers, Committers and Major Contributors.
- Responsible for a number of PostgreSQL enhancements including pgJDBC, pgBackRest, pgAudit, pgPartman, and others
- We're hiring!
Outline
- Introduction
- Operator Basics
- Deployment
- Why the Operator?
- PostgreSQL Container Design Features
- Building Blocks
- Operator Usage
- Roadmap
Operator Basics
- Open Source - https://github.com/crunchydata/postgres-operator
- Controller - component run per-namespace on Kubernetes or OpenShift
- REST API - Provides a REST API and a REST client
- Command Line Interface - to control the Operator and define metadata
- Deployment - runs as standard Deployment, watches for changes to CRDs
- Custom Resource Definitions - stores deployment metadata
- Security - Provides RBAC authorization and TLS/Basic Auth security
Operator Architecture
PostgreSQL Deployment
Why the Operator?
- Automation
- Standardization
- Ease of Use
- Large Scale Deployments
- Complex Orchestrations
- Separation of Tasks
- Lightweight
PostgreSQL Container Design Features
- Clustering - runs as a primary or replica
- Replication - allows for synchronous or asynchronous replication
- Predefined objects - initializes example database objects in setup.sql
- Locale support - specify any locale for use
- Secrets support - store database credentials with Kubernetes secrets
- Config override - override pg_hba.conf, postgresql.conf, setup.sql
- Openshift Random UID support - use random UID for postgres user
- Backup/Restore - allows restore using a predefined backup archive
- Up-to-Date PostgreSQL Images -
- PostgreSQL Version 9.5.14
- PostgreSQL Version 9.6.10
- PostgreSQL Version 10.5
Building Blocks
- crunchy-postgres - runs PostgreSQL
- crunchy-backup - performs pg_basebackup on a database container
- crunchy-backrest - deploys pgBackRest alongside the database
- crunchy-upgrade - runs pg_upgrade to perform a major upgrade
- crunchy-pgpool - open source load-balancing with pgPool II
- crunchy-pgbadger - deploys pgBadger
- crunchy-collect - monitors with postgres_exporter & node_exporter
- crunchy-grafana - deploys Grafana
- crunchy-prometheus - deploys Prometheus
Minimum Requirements
- Docker 1.12+
- Kubernetes 1.7.0+
- OpenShift Origin 1.7.0+
- Golang 1.8+
- CentOS 7 or RHEL 7
create cluster
pgo create cluster NAME [flags]
[-e, --series]
[-l, --labels]
[-z, --policies]
[-w, --password]
[-m, --metrics]
[-g, --custom-config]
[-s, --secret-from]
[-c, --ccp-image-tag]
[-x, --backup-path]
[-p, --backup-pvc]
[--service-type]
[--pgpool]
[--pgpool-secret]
[--pgbadger]
[--pgbackrest]
[--autofail]
[--archive]
[--storage-config]
[--replica-storage-config]
[--resources-config]
[--node-label]
show cluster
pgo show (cluster | upgrade | config | backup | pvc | policy | user) (NAME | all) [flags]
[-o, --output]
[-s, --selector]
[-v, --version]
delete cluster
pgo delete (cluster | policy | upgrade | user | backup) NAME [flags]
[-b, --delete-backups]
[-d, --delete-data]
[-n, --no-prompt]
[-s, --selector]
test cluster
pgo test NAME [flags]
[-o, --output]
[-s, --selector]
create policy
pgo create policy NAME [flags]
[-i, --in-file]
[-u, --url]
apply policy
pgo apply NAME [flags]
[-d, --dry-run]
[-s, --selector]
user management
pgo user [flags]
[-c, --change-password]
[-b, --db]
[-e, --expired]
[-m, --managed]
[-s, --selector]
[-u, --update-passwords]
[-v, --valid-days]
show user
pgo show user NAME [flags]
[-s, --selector]
label Clusters
pgo label [flags]
[-x, --delete-label]
[-d, --dry-run]
[-l, --label]
[-s, --selector]
data loading
pgo load [flags]
[-l, --load-config]
[-z, --policies]
[-s, --selector]
pgo reload
pgo reload NAME [flags]
[-n, --no-prompt]
[--selector]
manual failover
pgo failover [flags]
[-n, --no-prompt]
[--query]
[--target]
scale cluster
pgo scale NAME [flags]
[-c, --ccp-image-tag]
[-r, --replica-count]
[-n, --no-prompt]
[--target]
[--scale-down-target]
[--service-type]
[--query]
[--delete-data]
[--node-label]
[--storage-config]
[--resources-config]
upgrade cluster
pgo upgrade NAME [flags]
[-c, --ccp-image-tag]
[-t, --upgrade-type]
disk capacity
pgo df [flags]
[-s, --selector]
operator status
pgo status [flags]
[-o, --output]
general
pgo version
pgo [command] --help
pgo.yaml
Cluster:
CCPImagePrefix: crunchydata
Metrics: false
Badger: false
CCPImageTag: centos7-10.5-2.1.0
Port: 5432
User: testuser
Database: userdb
PasswordAgeDays: 60
PasswordLength: 8
Strategy: 1
Replicas: 0
ArchiveMode: false
ArchiveTimeout: 60
ServiceType: ClusterIP
Backrest: false
Autofail: false
PrimaryStorage: storage1
BackupStorage: storage1
ReplicaStorage: storage1
Storage:
storage1:
AccessMode: ReadWriteMany
Size: 200M
StorageType: create
SupplementalGroups: 65534
storage2:
AccessMode: ReadWriteOnce
Size: 333M
StorageType: dynamic
StorageClass: gluster-heketi
Fsgroup: 26
storage3:
AccessMode: ReadWriteOnce
Size: 440M
StorageType: dynamic
StorageClass: fast
Fsgroup: 26
DefaultContainerResource:
ContainerResources:
small:
RequestsMemory: 512Mi
RequestsCPU: 0.1
LimitsMemory: 512Mi
LimitsCPU: 0.1
large:
RequestsMemory: 2Gi
RequestsCPU: 2.0
LimitsMemory: 2Gi
LimitsCPU: 4.0
Pgo:
AutofailSleepSeconds: 9
Audit: false
LSPVCTemplate: /config/pgo.lspvc-template.json
LoadTemplate: /config/pgo.load-template.json
COImagePrefix: crunchydata
COImageTag: centos7-3.2.0
show configuration
pgo show config
Operator GUI
Summary
- Securely provision thousands of databases in a reliable, auditable environment
- Allow for deployment to any cloud platform, public or private, from a single interface
- Create highly-available PostgreSQL clusters with full DR capabilities for databases of terabyte scale
- Instantly provision databases that meet complex compliance requirements