# -- Override the name of the cluster nameOverride: "" # -- Override the namespace of the chart namespaceOverride: "" # -- Type of the CNPG database. Available types: # * `postgresql` # * `tensorchord` type: postgresql # -- Cluster mode of operation. Available modes: # * `standalone` - Default mode. Creates new or updates an existing CNPG cluster. # * `recovery` - Same as standalone but creates a cluster from a backup, object store or via pg_basebackup mode: standalone # -- Cluster settings cluster: instances: 3 # -- Default image image: repository: ghcr.io/cloudnative-pg/postgresql tag: "17.5-1-bullseye" # -- Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated. # More info: https://kubernetes.io/docs/concepts/containers/images#updating-images imagePullPolicy: IfNotPresent # -- The list of pull secrets to be used to pull the images. # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-LocalObjectReference imagePullSecrets: [] # -- Default storage size storage: size: 10Gi storageClass: "" walStorage: enabled: true size: 2Gi storageClass: "" # -- The UID and GID of the postgres user inside the image, defaults to 26 postgresUID: -1 postgresGID: -1 # -- Customization of service definitions. Please refer to https://cloudnative-pg.io/documentation/current/service_management/ services: {} # -- Resources requirements of every generated Pod. # Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information. # We strongly advise you use the same setting for limits and requests so that your cluster pods are given a Guaranteed QoS. # See: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/ resources: requests: memory: 256Mi cpu: 100m limits: hugepages-2Mi: 256Mi priorityClassName: "" # -- Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been # successfully updated. It can be switchover (default) or restart. primaryUpdateMethod: switchover # -- Strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been # successfully updated: it can be automated (unsupervised - default) or manual (supervised) primaryUpdateStrategy: unsupervised # -- The instances' log level, one of the following values: error, warning, info (default), debug, trace logLevel: "info" # -- Affinity/Anti-affinity rules for Pods. # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-AffinityConfiguration affinity: enablePodAntiAffinity: true topologyKey: kubernetes.io/hostname # -- The configuration for the CA and related certificates. # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration certificates: {} # -- When this option is enabled, the operator will use the SuperuserSecret to update the postgres user password. # If the secret is not present, the operator will automatically create one. # When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, # and then blank the password of the postgres user by setting it to NULL. enableSuperuserAccess: false superuserSecret: "" # -- Allow to disable PDB, mainly useful for upgrade of single-instance clusters or development purposes # See: https://cloudnative-pg.io/documentation/current/kubernetes_upgrade/#pod-disruption-budgets enablePDB: true # -- This feature enables declarative management of existing roles, as well as the creation of new roles if they are not # already present in the database. # See: https://cloudnative-pg.io/documentation/current/declarative_role_management/ roles: [] # - name: dante # ensure: present # comment: Dante Alighieri # login: true # superuser: false # inRoles: # - pg_monitor # - pg_signal_backend # -- Enable default monitoring and alert rules monitoring: # -- Whether to enable monitoring enabled: false podMonitor: # -- Whether to enable the PodMonitor enabled: true # --The list of relabelings for the PodMonitor. # Applied to samples before scraping. relabelings: [] # -- The list of metric relabelings for the PodMonitor. # Applied to samples before ingestion. metricRelabelings: [] prometheusRule: # -- Whether to enable the PrometheusRule automated alerts enabled: false # -- Exclude specified rules excludeRules: [] # -- Whether the default queries should be injected. # Set it to true if you don't want to inject default queries into the cluster. disableDefaultQueries: false # -- Custom Prometheus metrics # Will be stored in the ConfigMap customQueries: [] # - name: "pg_cache_hit_ratio" # query: "SELECT current_database() as datname, sum(heap_blks_hit) / (sum(heap_blks_hit) + sum(heap_blks_read)) as ratio FROM pg_statio_user_tables;" # metrics: # - datname: # usage: "LABEL" # description: "Name of the database" # - ratio: # usage: GAUGE # description: "Cache hit ratio" # -- The list of secrets containing the custom queries customQueriesSecret: [] # - name: custom-queries-secret # key: custom-queries # -- Parameters to be set for the database itself # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration postgresql: # -- PostgreSQL configuration options (postgresql.conf) parameters: shared_buffers: 128MB max_slot_wal_keep_size: 2000MB hot_standby_feedback: "on" # -- Quorum-based Synchronous Replication synchronous: {} # method: any # number: 1 # -- PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) pg_hba: [] # - host all all 10.244.0.0/16 md5 # -- PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file) pg_ident: [] # - mymap /^(.*)@mydomain\.com$ \1 # -- Lists of shared preload libraries to add to the default ones shared_preload_libraries: [] # - pgaudit # -- PostgreSQL LDAP configuration (see https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration) ldap: {} # https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration # server: 'openldap.default.svc.cluster.local' # bindSearchAuth: # baseDN: 'ou=org,dc=example,dc=com' # bindDN: 'cn=admin,dc=example,dc=com' # bindPassword: # name: 'ldapBindPassword' # key: 'data' # searchAttribute: 'uid' # -- Bootstrap is the configuration of the bootstrap process when initdb is used. # See: https://cloudnative-pg.io/documentation/current/bootstrap/ # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb initdb: {} # database: app # owner: "" # Defaults to the database name # secret: # name: "" # Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch # options: [] # encoding: UTF8 # postInitSQL: # - CREATE EXTENSION IF NOT EXISTS vector; # postInitApplicationSQL: [] # postInitTemplateSQL: [] # -- Configure the metadata of the generated service account serviceAccountTemplate: {} additionalLabels: {} annotations: {} # -- Recovery settings when booting cluster from external cluster recovery: # -- Available recovery methods: # * `backup` - Recovers a CNPG cluster from a CNPG backup (PITR supported) Needs to be on the same cluster in the same namespace. # * `objectStore` - Recovers a CNPG cluster from a barman object store (PITR supported). # * `pgBaseBackup` - Recovers a CNPG cluster viaa streaming replication protocol. Useful if you want to # migrate databases to CloudNativePG, even from outside Kubernetes. # * `import` - Import one or more databases from an existing Postgres cluster. method: backup # See https://cloudnative-pg.io/documentation/current/recovery/#recovery-from-a-backup-object backup: # -- Point in time recovery target. Specify one of the following: pitrTarget: # -- Time in RFC3339 format time: "" # -- Name of the database used by the application. Default: `app`. database: app # -- Name of the owner of the database in the instance to be used by applications. Defaults to the value of the `database` key. owner: "" # -- Name of the backup to recover from. backupName: "" # See https://cloudnative-pg.io/documentation/current/recovery/#recovery-from-an-object-store objectStore: # -- Point in time recovery target. Specify one of the following: pitrTarget: # -- Time in RFC3339 format time: "" # -- Name of the database used by the application. Default: `app`. database: app # -- Name of the owner of the database in the instance to be used by applications. Defaults to the value of the `database` key. owner: "" # -- Object store backup name name: recovery # -- Overrides the provider specific default path. Defaults to: # S3: s3:// # Azure: https://..core.windows.net/ # Google: gs:// destinationPath: "" # -- Overrides the provider specific default endpoint. Defaults to: # S3: https://s3..amazonaws.com" # Leave empty if using the default S3 endpoint endpointURL: "https://nyc3.digitaloceanspaces.com" # -- Specifies a CA bundle to validate a privately signed certificate. endpointCA: # -- Creates a secret with the given value if true, otherwise uses an existing secret. create: false name: "" key: "" # -- Generate external cluster name, uses: {{ .Release.Name }}-postgresql--backup-index-{{ index }} index: 1 # -- Override the name of the backup cluster, defaults to "cluster.name" clusterName: "" # -- Specifies secret that contains S3 credentials, should contain the keys ACCESS_KEY_ID and ACCESS_SECRET_KEY endpointCredentials: "" # -- Storage wal: # -- WAL compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. compression: snappy # -- Whether to instruct the storage provider to encrypt WAL files. One of `` (use the storage container default), `AES256` or `aws:kms`. encryption: "" # -- Number of WAL files to be archived or restored in parallel. maxParallel: 1 data: # -- Data compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. compression: snappy # -- Whether to instruct the storage provider to encrypt data files. One of `` (use the storage container default), `AES256` or `aws:kms`. encryption: "" # -- Number of data files to be archived or restored in parallel. jobs: 1 # See https://cloudnative-pg.io/documentation/current/bootstrap/#bootstrap-from-a-live-cluster-pg_basebackup pgBaseBackup: # -- Name of the database used by the application. Default: `app`. database: app # -- Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch secret: "" # -- Name of the owner of the database in the instance to be used by applications. Defaults to the value of the `database` key. owner: "" # -- Configuration for the source database source: host: "" port: 5432 username: "" database: "app" sslMode: "verify-full" passwordSecret: # -- Whether to create a secret for the password create: false # -- Name of the secret containing the password name: "" # -- The key in the secret containing the password key: "password" # -- The password value to use when creating the secret value: "" sslKeySecret: name: "" key: "" sslCertSecret: name: "" key: "" sslRootCertSecret: name: "" key: "" # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-Import import: # -- One of `microservice` or `monolith.` # See: https://cloudnative-pg.io/documentation/current/database_import/#how-it-works type: "microservice" # -- Databases to import databases: [] # -- Roles to import roles: [] # -- List of SQL queries to be executed as a superuser in the application database right after is imported. # To be used with extreme care. Only available in microservice type. postImportApplicationSQL: [] # -- When set to true, only the pre-data and post-data sections of pg_restore are invoked, avoiding data import. schemaOnly: false # -- List of custom options to pass to the `pg_dump` command. IMPORTANT: Use these options with caution and at your # own risk, as the operator does not validate their content. Be aware that certain options may conflict with the # operator's intended functionality or design. pgDumpExtraOptions: [] # -- List of custom options to pass to the `pg_restore` command. IMPORTANT: Use these options with caution and at # your own risk, as the operator does not validate their content. Be aware that certain options may conflict with the # operator's intended functionality or design. pgRestoreExtraOptions: [] # -- Configuration for the source database source: host: "" port: 5432 username: app database: app sslMode: "verify-full" passwordSecret: # -- Whether to create a secret for the password create: false # -- Name of the secret containing the password name: "" # -- The key in the secret containing the password key: "password" # -- The password value to use when creating the secret value: "" sslKeySecret: name: "" key: "" sslCertSecret: name: "" key: "" sslRootCertSecret: name: "" key: "" # -- Backup settings backup: # -- You need to configure backups manually, so backups are disabled by default. enabled: false # -- Method to create backups, options currently are only objectStore method: objectStore # -- Options for object store backups objectStore: [] # - # # -- Object store backup name # name: external # # -- Overrides the provider specific default path. Defaults to: # # S3: s3:// # # Azure: https://..core.windows.net/ # # Google: gs:// # destinationPath: "" # # -- Overrides the provider specific default endpoint. Defaults to: # # https://nyc3.digitaloceanspaces.com # endpointURL: "" # # -- Specifies a CA bundle to validate a privately signed certificate. # endpointCA: # # -- Creates a secret with the given value if true, otherwise uses an existing secret. # create: false # name: "" # key: "" # # -- Generate external cluster name, uses: {{ .Release.Name }}-postgresql--backup-index-{{ index }} # index: 1 # # -- Override the name of the backup cluster, defaults to "cluster.name" # clusterName: "" # # -- Specifies secret that contains S3 credentials, should contain the keys ACCESS_KEY_ID and ACCESS_SECRET_KEY # endpointCredentials: "" # # -- Retention policy for backups # retentionPolicy: "30d" # # -- Specificies if this backup will do WALs # isWALArchiver: true # # -- Storage # wal: # # -- WAL compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. # compression: snappy # # -- Whether to instruct the storage provider to encrypt WAL files. One of `` (use the storage container default), `AES256` or `aws:kms`. # encryption: "" # # -- Number of WAL files to be archived or restored in parallel. # maxParallel: 1 # data: # # -- Data compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`. # compression: snappy # # -- Whether to instruct the storage provider to encrypt data files. One of `` (use the storage container default), `AES256` or `aws:kms`. # encryption: "" # # -- Number of data files to be archived or restored in parallel. # jobs: 1 # -- List of scheduled backups scheduledBackups: [] # - # # -- Scheduled backup name # name: daily-backup # # -- Schedule in cron format # schedule: "0 0 0 * * *" # # -- Start backup on deployment # immediate: false # # -- Temporarily stop scheduled backups from running # suspend: false # # -- Backup owner reference # backupOwnerReference: self # # -- Backup method, can be `barman-cloud.cloudnative-pg.io` (default) # plugin: barman-cloud.cloudnative-pg.io # # -- Name of backup target # backupName: external # -- List of PgBouncer poolers poolers: [] # - # # -- Pooler name # name: rw # # -- PgBouncer type of service to forward traffic to. # type: rw # # -- PgBouncer pooling mode # poolMode: transaction # # -- Number of PgBouncer instances # instances: 3 # # -- PgBouncer configuration parameters # parameters: # max_client_conn: "1000" # default_pool_size: "25" # monitoring: # # -- Whether to enable monitoring # enabled: false # podMonitor: # # -- Whether to enable the PodMonitor # enabled: true # # -- Custom PgBouncer deployment template. # # Use to override image, specify resources, etc. # template: {} # - # # -- Pooler name # name: ro # # -- PgBouncer type of service to forward traffic to. # type: ro # # -- PgBouncer pooling mode # poolMode: transaction # # -- Number of PgBouncer instances # instances: 3 # # -- PgBouncer configuration parameters # parameters: # max_client_conn: "1000" # default_pool_size: "25" # monitoring: # # -- Whether to enable monitoring # enabled: false # podMonitor: # # -- Whether to enable the PodMonitor # enabled: true # # -- Custom PgBouncer deployment template. # # Use to override image, specify resources, etc. # template: {}