alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity

chore: Update manifests after change

Browse Source
This commit is contained in:
gitea-bot
2025-12-04 04:54:08 +00:00
parent dad1b4623c
commit bfe0e18539
2066 changed files with 378996 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clusters/cl01tl/manifests/cloudnative-pg/-.yml Normal file
View File

@@ -0,0 +1,2 @@
---

21
clusters/cl01tl/manifests/cloudnative-pg/Certificate-barman-cloud-client.yml Normal file
View File

@@ -0,0 +1,21 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/client-certificate.yaml
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: barman-cloud-client
namespace: cloudnative-pg
spec:
commonName: barman-cloud-client
duration: 2160h
isCA: false
issuerRef:
group: cert-manager.io
kind: Issuer
name: cloudnative-pg-plugin-barman-cloud-selfsigned-issuer
renewBefore: 360h
secretName: barman-cloud-client-tls
usages:
- client auth
privateKey:
rotationPolicy: Always

23
clusters/cl01tl/manifests/cloudnative-pg/Certificate-barman-cloud-server.yml Normal file
View File

@@ -0,0 +1,23 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/server-certificate.yaml
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: barman-cloud-server
namespace: cloudnative-pg
spec:
commonName: barman-cloud
dnsNames:
- barman-cloud
duration: 2160h
isCA: false
issuerRef:
group: cert-manager.io
kind: Issuer
name: cloudnative-pg-plugin-barman-cloud-selfsigned-issuer
renewBefore: 360h
secretName: barman-cloud-server-tls
usages:
- server auth
privateKey:
rotationPolicy: Always

33
clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-edit.yml Normal file
View File

@@ -0,0 +1,33 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudnative-pg-edit
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- backups
- clusters
- clusters/status
- databases
- failoverquorums
- poolers
- publications
- scheduledbackups
- imagecatalogs
- clusterimagecatalogs
- subscriptions
verbs:
- create
- delete
- deletecollection
- patch
- update

69
clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-plugin-barman-cloud.yml Normal file
View File

@@ -0,0 +1,69 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudnative-pg-plugin-barman-cloud
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- get
- list
- watch
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores/finalizers
verbs:
- update
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores/status
verbs:
- get
- patch
- update
- apiGroups:
- postgresql.cnpg.io
resources:
- backups
verbs:
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/finalizers
verbs:
- update
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- get
- list
- patch
- update
- watch

31
clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg-view.yml Normal file
View File

@@ -0,0 +1,31 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudnative-pg-view
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- postgresql.cnpg.io
resources:
- backups
- clusters
- clusters/status
- databases
- failoverquorums
- poolers
- publications
- scheduledbackups
- imagecatalogs
- clusterimagecatalogs
- subscriptions
verbs:
- get
- list
- watch

239
clusters/cl01tl/manifests/cloudnative-pg/ClusterRole-cloudnative-pg.yml Normal file
View File

@@ -0,0 +1,239 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- patch
- apiGroups:
- postgresql.cnpg.io
resources:
- clusterimagecatalogs
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- configmaps
- secrets
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- configmaps/status
- secrets/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
- pods
- pods/exec
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- ""
resources:
- pods/status
verbs:
- get
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
- apiGroups:
- monitoring.coreos.com
resources:
- podmonitors
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- backups
- clusters
- databases
- poolers
- publications
- scheduledbackups
- subscriptions
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- failoverquorums
verbs:
- create
- delete
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- backups/status
- databases/status
- publications/status
- scheduledbackups/status
- subscriptions/status
verbs:
- get
- patch
- update
- apiGroups:
- postgresql.cnpg.io
resources:
- imagecatalogs
verbs:
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/finalizers
- poolers/finalizers
verbs:
- update
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/status
- poolers/status
- failoverquorums/status
verbs:
- get
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshots
verbs:
- create
- get
- list
- patch
- watch

20
clusters/cl01tl/manifests/cloudnative-pg/ClusterRoleBinding-cloudnative-pg-plugin-barman-cloud-binding.yml Normal file
View File

@@ -0,0 +1,20 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
helm.sh/chart: plugin-barman-cloud-0.3.1
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "v0.9.0"
app.kubernetes.io/managed-by: Helm
name: cloudnative-pg-plugin-barman-cloud-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cloudnative-pg-plugin-barman-cloud
subjects:
- kind: ServiceAccount
name: cloudnative-pg-plugin-barman-cloud
namespace: cloudnative-pg

20
clusters/cl01tl/manifests/cloudnative-pg/ClusterRoleBinding-cloudnative-pg.yml Normal file
View File

@@ -0,0 +1,20 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cloudnative-pg
subjects:
- kind: ServiceAccount
name: cloudnative-pg
namespace: cloudnative-pg

32
clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-controller-manager-config.yml Normal file
View File

@@ -0,0 +1,32 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/config.yaml
#
# Copyright © contributors to CloudNativePG, established as
# CloudNativePG a Series of LF Projects, LLC.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
#
apiVersion: v1
kind: ConfigMap
metadata:
name: cnpg-controller-manager-config
namespace: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
data: {}

495
clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-cnpg-default-monitoring.yml Normal file
View File

@@ -0,0 +1,495 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/monitoring-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: cnpg-default-monitoring
namespace: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
cnpg.io/reload: ""
data:
queries: |
backends:
query: |
SELECT sa.datname
, sa.usename
, sa.application_name
, states.state
, COALESCE(sa.count, 0) AS total
, COALESCE(sa.max_tx_secs, 0) AS max_tx_duration_seconds
FROM ( VALUES ('active')
, ('idle')
, ('idle in transaction')
, ('idle in transaction (aborted)')
, ('fastpath function call')
, ('disabled')
) AS states(state)
LEFT JOIN (
SELECT datname
, state
, usename
, COALESCE(application_name, '') AS application_name
, COUNT(*)
, COALESCE(EXTRACT (EPOCH FROM (max(now() - xact_start))), 0) AS max_tx_secs
FROM pg_catalog.pg_stat_activity
GROUP BY datname, state, usename, application_name
) sa ON states.state = sa.state
WHERE sa.usename IS NOT NULL
metrics:
- datname:
usage: "LABEL"
description: "Name of the database"
- usename:
usage: "LABEL"
description: "Name of the user"
- application_name:
usage: "LABEL"
description: "Name of the application"
- state:
usage: "LABEL"
description: "State of the backend"
- total:
usage: "GAUGE"
description: "Number of backends"
- max_tx_duration_seconds:
usage: "GAUGE"
description: "Maximum duration of a transaction in seconds"
backends_waiting:
query: |
SELECT count(*) AS total
FROM pg_catalog.pg_locks blocked_locks
JOIN pg_catalog.pg_locks blocking_locks
ON blocking_locks.locktype = blocked_locks.locktype
AND blocking_locks.database IS NOT DISTINCT FROM blocked_locks.database
AND blocking_locks.relation IS NOT DISTINCT FROM blocked_locks.relation
AND blocking_locks.page IS NOT DISTINCT FROM blocked_locks.page
AND blocking_locks.tuple IS NOT DISTINCT FROM blocked_locks.tuple
AND blocking_locks.virtualxid IS NOT DISTINCT FROM blocked_locks.virtualxid
AND blocking_locks.transactionid IS NOT DISTINCT FROM blocked_locks.transactionid
AND blocking_locks.classid IS NOT DISTINCT FROM blocked_locks.classid
AND blocking_locks.objid IS NOT DISTINCT FROM blocked_locks.objid
AND blocking_locks.objsubid IS NOT DISTINCT FROM blocked_locks.objsubid
AND blocking_locks.pid != blocked_locks.pid
JOIN pg_catalog.pg_stat_activity blocking_activity ON blocking_activity.pid = blocking_locks.pid
WHERE NOT blocked_locks.granted
metrics:
- total:
usage: "GAUGE"
description: "Total number of backends that are currently waiting on other queries"
pg_database:
query: |
SELECT datname
, pg_catalog.pg_database_size(datname) AS size_bytes
, pg_catalog.age(datfrozenxid) AS xid_age
, pg_catalog.mxid_age(datminmxid) AS mxid_age
FROM pg_catalog.pg_database
WHERE datallowconn
metrics:
- datname:
usage: "LABEL"
description: "Name of the database"
- size_bytes:
usage: "GAUGE"
description: "Disk space used by the database"
- xid_age:
usage: "GAUGE"
description: "Number of transactions from the frozen XID to the current one"
- mxid_age:
usage: "GAUGE"
description: "Number of multiple transactions (Multixact) from the frozen XID to the current one"
pg_postmaster:
query: |
SELECT EXTRACT(EPOCH FROM pg_postmaster_start_time) AS start_time
FROM pg_catalog.pg_postmaster_start_time()
metrics:
- start_time:
usage: "GAUGE"
description: "Time at which postgres started (based on epoch)"
pg_replication:
query: "SELECT CASE WHEN (
NOT pg_catalog.pg_is_in_recovery()
OR pg_catalog.pg_last_wal_receive_lsn() = pg_catalog.pg_last_wal_replay_lsn())
THEN 0
ELSE GREATEST (0,
EXTRACT(EPOCH FROM (now() - pg_catalog.pg_last_xact_replay_timestamp())))
END AS lag,
pg_catalog.pg_is_in_recovery() AS in_recovery,
EXISTS (TABLE pg_stat_wal_receiver) AS is_wal_receiver_up,
(SELECT count(*) FROM pg_catalog.pg_stat_replication) AS streaming_replicas"
metrics:
- lag:
usage: "GAUGE"
description: "Replication lag behind primary in seconds"
- in_recovery:
usage: "GAUGE"
description: "Whether the instance is in recovery"
- is_wal_receiver_up:
usage: "GAUGE"
description: "Whether the instance wal_receiver is up"
- streaming_replicas:
usage: "GAUGE"
description: "Number of streaming replicas connected to the instance"
pg_replication_slots:
query: |
SELECT slot_name,
slot_type,
database,
active,
(CASE pg_catalog.pg_is_in_recovery()
WHEN TRUE THEN pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_last_wal_receive_lsn(), restart_lsn)
ELSE pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), restart_lsn)
END) as pg_wal_lsn_diff
FROM pg_catalog.pg_replication_slots
WHERE NOT temporary
metrics:
- slot_name:
usage: "LABEL"
description: "Name of the replication slot"
- slot_type:
usage: "LABEL"
description: "Type of the replication slot"
- database:
usage: "LABEL"
description: "Name of the database"
- active:
usage: "GAUGE"
description: "Flag indicating whether the slot is active"
- pg_wal_lsn_diff:
usage: "GAUGE"
description: "Replication lag in bytes"
pg_stat_archiver:
query: |
SELECT archived_count
, failed_count
, COALESCE(EXTRACT(EPOCH FROM (now() - last_archived_time)), -1) AS seconds_since_last_archival
, COALESCE(EXTRACT(EPOCH FROM (now() - last_failed_time)), -1) AS seconds_since_last_failure
, COALESCE(EXTRACT(EPOCH FROM last_archived_time), -1) AS last_archived_time
, COALESCE(EXTRACT(EPOCH FROM last_failed_time), -1) AS last_failed_time
, COALESCE(CAST(CAST('x'||pg_catalog.right(pg_catalog.split_part(last_archived_wal, '.', 1), 16) AS pg_catalog.bit(64)) AS pg_catalog.int8), -1) AS last_archived_wal_start_lsn
, COALESCE(CAST(CAST('x'||pg_catalog.right(pg_catalog.split_part(last_failed_wal, '.', 1), 16) AS pg_catalog.bit(64)) AS pg_catalog.int8), -1) AS last_failed_wal_start_lsn
, EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
FROM pg_catalog.pg_stat_archiver
metrics:
- archived_count:
usage: "COUNTER"
description: "Number of WAL files that have been successfully archived"
- failed_count:
usage: "COUNTER"
description: "Number of failed attempts for archiving WAL files"
- seconds_since_last_archival:
usage: "GAUGE"
description: "Seconds since the last successful archival operation"
- seconds_since_last_failure:
usage: "GAUGE"
description: "Seconds since the last failed archival operation"
- last_archived_time:
usage: "GAUGE"
description: "Epoch of the last time WAL archiving succeeded"
- last_failed_time:
usage: "GAUGE"
description: "Epoch of the last time WAL archiving failed"
- last_archived_wal_start_lsn:
usage: "GAUGE"
description: "Archived WAL start LSN"
- last_failed_wal_start_lsn:
usage: "GAUGE"
description: "Last failed WAL LSN"
- stats_reset_time:
usage: "GAUGE"
description: "Time at which these statistics were last reset"
pg_stat_bgwriter:
runonserver: "<17.0.0"
query: |
SELECT checkpoints_timed
, checkpoints_req
, checkpoint_write_time
, checkpoint_sync_time
, buffers_checkpoint
, buffers_clean
, maxwritten_clean
, buffers_backend
, buffers_backend_fsync
, buffers_alloc
FROM pg_catalog.pg_stat_bgwriter
metrics:
- checkpoints_timed:
usage: "COUNTER"
description: "Number of scheduled checkpoints that have been performed"
- checkpoints_req:
usage: "COUNTER"
description: "Number of requested checkpoints that have been performed"
- checkpoint_write_time:
usage: "COUNTER"
description: "Total amount of time that has been spent in the portion of checkpoint processing where files are written to disk, in milliseconds"
- checkpoint_sync_time:
usage: "COUNTER"
description: "Total amount of time that has been spent in the portion of checkpoint processing where files are synchronized to disk, in milliseconds"
- buffers_checkpoint:
usage: "COUNTER"
description: "Number of buffers written during checkpoints"
- buffers_clean:
usage: "COUNTER"
description: "Number of buffers written by the background writer"
- maxwritten_clean:
usage: "COUNTER"
description: "Number of times the background writer stopped a cleaning scan because it had written too many buffers"
- buffers_backend:
usage: "COUNTER"
description: "Number of buffers written directly by a backend"
- buffers_backend_fsync:
usage: "COUNTER"
description: "Number of times a backend had to execute its own fsync call (normally the background writer handles those even when the backend does its own write)"
- buffers_alloc:
usage: "COUNTER"
description: "Number of buffers allocated"
pg_stat_bgwriter_17:
runonserver: ">=17.0.0"
name: pg_stat_bgwriter
query: |
SELECT buffers_clean
, maxwritten_clean
, buffers_alloc
, EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
FROM pg_catalog.pg_stat_bgwriter
metrics:
- buffers_clean:
usage: "COUNTER"
description: "Number of buffers written by the background writer"
- maxwritten_clean:
usage: "COUNTER"
description: "Number of times the background writer stopped a cleaning scan because it had written too many buffers"
- buffers_alloc:
usage: "COUNTER"
description: "Number of buffers allocated"
- stats_reset_time:
usage: "GAUGE"
description: "Time at which these statistics were last reset"
pg_stat_checkpointer:
runonserver: ">=17.0.0"
query: |
SELECT num_timed AS checkpoints_timed
, num_requested AS checkpoints_req
, restartpoints_timed
, restartpoints_req
, restartpoints_done
, write_time
, sync_time
, buffers_written
, EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time
FROM pg_catalog.pg_stat_checkpointer
metrics:
- checkpoints_timed:
usage: "COUNTER"
description: "Number of scheduled checkpoints that have been performed"
- checkpoints_req:
usage: "COUNTER"
description: "Number of requested checkpoints that have been performed"
- restartpoints_timed:
usage: "COUNTER"
description: "Number of scheduled restartpoints due to timeout or after a failed attempt to perform it"
- restartpoints_req:
usage: "COUNTER"
description: "Number of requested restartpoints that have been performed"
- restartpoints_done:
usage: "COUNTER"
description: "Number of restartpoints that have been performed"
- write_time:
usage: "COUNTER"
description: "Total amount of time that has been spent in the portion of processing checkpoints and restartpoints where files are written to disk, in milliseconds"
- sync_time:
usage: "COUNTER"
description: "Total amount of time that has been spent in the portion of processing checkpoints and restartpoints where files are synchronized to disk, in milliseconds"
- buffers_written:
usage: "COUNTER"
description: "Number of buffers written during checkpoints and restartpoints"
- stats_reset_time:
usage: "GAUGE"
description: "Time at which these statistics were last reset"
pg_stat_database:
query: |
SELECT datname
, xact_commit
, xact_rollback
, blks_read
, blks_hit
, tup_returned
, tup_fetched
, tup_inserted
, tup_updated
, tup_deleted
, conflicts
, temp_files
, temp_bytes
, deadlocks
, blk_read_time
, blk_write_time
FROM pg_catalog.pg_stat_database
metrics:
- datname:
usage: "LABEL"
description: "Name of this database"
- xact_commit:
usage: "COUNTER"
description: "Number of transactions in this database that have been committed"
- xact_rollback:
usage: "COUNTER"
description: "Number of transactions in this database that have been rolled back"
- blks_read:
usage: "COUNTER"
description: "Number of disk blocks read in this database"
- blks_hit:
usage: "COUNTER"
description: "Number of times disk blocks were found already in the buffer cache, so that a read was not necessary (this only includes hits in the PostgreSQL buffer cache, not the operating system's file system cache)"
- tup_returned:
usage: "COUNTER"
description: "Number of rows returned by queries in this database"
- tup_fetched:
usage: "COUNTER"
description: "Number of rows fetched by queries in this database"
- tup_inserted:
usage: "COUNTER"
description: "Number of rows inserted by queries in this database"
- tup_updated:
usage: "COUNTER"
description: "Number of rows updated by queries in this database"
- tup_deleted:
usage: "COUNTER"
description: "Number of rows deleted by queries in this database"
- conflicts:
usage: "COUNTER"
description: "Number of queries canceled due to conflicts with recovery in this database"
- temp_files:
usage: "COUNTER"
description: "Number of temporary files created by queries in this database"
- temp_bytes:
usage: "COUNTER"
description: "Total amount of data written to temporary files by queries in this database"
- deadlocks:
usage: "COUNTER"
description: "Number of deadlocks detected in this database"
- blk_read_time:
usage: "COUNTER"
description: "Time spent reading data file blocks by backends in this database, in milliseconds"
- blk_write_time:
usage: "COUNTER"
description: "Time spent writing data file blocks by backends in this database, in milliseconds"
pg_stat_replication:
primary: true
query: |
SELECT usename
, COALESCE(application_name, '') AS application_name
, COALESCE(client_addr::text, '') AS client_addr
, COALESCE(client_port::text, '') AS client_port
, EXTRACT(EPOCH FROM backend_start) AS backend_start
, COALESCE(pg_catalog.age(backend_xmin), 0) AS backend_xmin_age
, pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), sent_lsn) AS sent_diff_bytes
, pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), write_lsn) AS write_diff_bytes
, pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), flush_lsn) AS flush_diff_bytes
, COALESCE(pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), replay_lsn),0) AS replay_diff_bytes
, COALESCE((EXTRACT(EPOCH FROM write_lag)),0)::float AS write_lag_seconds
, COALESCE((EXTRACT(EPOCH FROM flush_lag)),0)::float AS flush_lag_seconds
, COALESCE((EXTRACT(EPOCH FROM replay_lag)),0)::float AS replay_lag_seconds
FROM pg_catalog.pg_stat_replication
metrics:
- usename:
usage: "LABEL"
description: "Name of the replication user"
- application_name:
usage: "LABEL"
description: "Name of the application"
- client_addr:
usage: "LABEL"
description: "Client IP address"
- client_port:
usage: "LABEL"
description: "Client TCP port"
- backend_start:
usage: "COUNTER"
description: "Time when this process was started"
- backend_xmin_age:
usage: "COUNTER"
description: "The age of this standby's xmin horizon"
- sent_diff_bytes:
usage: "GAUGE"
description: "Difference in bytes from the last write-ahead log location sent on this connection"
- write_diff_bytes:
usage: "GAUGE"
description: "Difference in bytes from the last write-ahead log location written to disk by this standby server"
- flush_diff_bytes:
usage: "GAUGE"
description: "Difference in bytes from the last write-ahead log location flushed to disk by this standby server"
- replay_diff_bytes:
usage: "GAUGE"
description: "Difference in bytes from the last write-ahead log location replayed into the database on this standby server"
- write_lag_seconds:
usage: "GAUGE"
description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written it"
- flush_lag_seconds:
usage: "GAUGE"
description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written and flushed it"
- replay_lag_seconds:
usage: "GAUGE"
description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written, flushed and applied it"
pg_settings:
query: |
SELECT name,
CASE setting WHEN 'on' THEN '1' WHEN 'off' THEN '0' ELSE setting END AS setting
FROM pg_catalog.pg_settings
WHERE vartype IN ('integer', 'real', 'bool')
ORDER BY 1
metrics:
- name:
usage: "LABEL"
description: "Name of the setting"
- setting:
usage: "GAUGE"
description: "Setting value"
pg_extensions:
query: |
SELECT
current_database() as datname,
name as extname,
default_version,
installed_version,
CASE
WHEN default_version = installed_version THEN 0
ELSE 1
END AS update_available
FROM pg_catalog.pg_available_extensions
WHERE installed_version IS NOT NULL
metrics:
- datname:
usage: "LABEL"
description: "Name of the database"
- extname:
usage: "LABEL"
description: "Extension name"
- default_version:
usage: "LABEL"
description: "Default version"
- installed_version:
usage: "LABEL"
description: "Installed version"
- update_available:
usage: "GAUGE"
description: "An update is available"
target_databases:
- '*'

9
clusters/cl01tl/manifests/cloudnative-pg/ConfigMap-plugin-barman-cloud-config.yml Normal file
View File

@@ -0,0 +1,9 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/configmap.yaml
apiVersion: v1
data:
SIDECAR_IMAGE: "ghcr.io/cloudnative-pg/plugin-barman-cloud-sidecar:v0.9.0"
kind: ConfigMap
metadata:
name: plugin-barman-cloud-config
namespace: cloudnative-pg

438
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-backups.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,438 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: backups.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: Backup
listKind: BackupList
plural: backups
singular: backup
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .spec.method
name: Method
type: string
- jsonPath: .status.phase
name: Phase
type: string
- jsonPath: .status.error
name: Error
type: string
name: v1
schema:
openAPIV3Schema:
description: A Backup resource is a request for a PostgreSQL backup by the user.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Specification of the desired behavior of the backup.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
cluster:
description: The cluster to backup
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
method:
default: barmanObjectStore
description: |-
The backup method to be used, possible options are `barmanObjectStore`,
`volumeSnapshot` or `plugin`. Defaults to: `barmanObjectStore`.
enum:
- barmanObjectStore
- volumeSnapshot
- plugin
type: string
online:
description: |-
Whether the default type of backup with volume snapshots is
online/hot (`true`, default) or offline/cold (`false`)
Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'
type: boolean
onlineConfiguration:
description: |-
Configuration parameters to control the online/hot backup with volume snapshots
Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza
properties:
immediateCheckpoint:
description: |-
Control whether the I/O workload for the backup initial checkpoint will
be limited, according to the `checkpoint_completion_target` setting on
the PostgreSQL server. If set to true, an immediate checkpoint will be
used, meaning PostgreSQL will complete the checkpoint as soon as
possible. `false` by default.
type: boolean
waitForArchive:
default: true
description: |-
If false, the function will return immediately after the backup is completed,
without waiting for WAL to be archived.
This behavior is only useful with backup software that independently monitors WAL archiving.
Otherwise, WAL required to make the backup consistent might be missing and make the backup useless.
By default, or when this parameter is true, pg_backup_stop will wait for WAL to be archived when archiving is
enabled.
On a standby, this means that it will wait only when archive_mode = always.
If write activity on the primary is low, it may be useful to run pg_switch_wal on the primary in order to trigger
an immediate segment switch.
type: boolean
type: object
pluginConfiguration:
description: Configuration parameters passed to the plugin managing this backup
properties:
name:
description: Name is the name of the plugin managing this backup
type: string
parameters:
additionalProperties:
type: string
description: |-
Parameters are the configuration parameters passed to the backup
plugin for this backup
type: object
required:
- name
type: object
target:
description: |-
The policy to decide which instance should perform this backup. If empty,
it defaults to `cluster.spec.backup.target`.
Available options are empty string, `primary` and `prefer-standby`.
`primary` to have backups run always on primary instances,
`prefer-standby` to have backups run preferably on the most updated
standby, if available.
enum:
- primary
- prefer-standby
type: string
required:
- cluster
type: object
x-kubernetes-validations:
- message: BackupSpec is immutable once set
rule: oldSelf == self
status:
description: |-
Most recently observed status of the backup. This data may not be up to
date. Populated by the system. Read-only.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
azureCredentials:
description: The credentials to use to upload data to Azure Blob Storage
properties:
connectionString:
description: The connection string to be used
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
inheritFromAzureAD:
description: Use the Azure AD based authentication without providing explicitly the keys.
type: boolean
storageAccount:
description: The storage account where to upload data
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
storageKey:
description: |-
The storage account key to be used in conjunction
with the storage account name
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
storageSasToken:
description: |-
A shared-access-signature to be used in conjunction with
the storage account name
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
type: object
backupId:
description: The ID of the Barman backup
type: string
backupLabelFile:
description: Backup label file content as returned by Postgres in case of online (hot) backups
format: byte
type: string
backupName:
description: The Name of the Barman backup
type: string
beginLSN:
description: The starting xlog
type: string
beginWal:
description: The starting WAL
type: string
commandError:
description: The backup command output in case of error
type: string
commandOutput:
description: Unused. Retained for compatibility with old versions.
type: string
destinationPath:
description: |-
The path where to store the backup (i.e. s3://bucket/path/to/folder)
this path, with different destination folders, will be used for WALs
and for data. This may not be populated in case of errors.
type: string
encryption:
description: Encryption method required to S3 API
type: string
endLSN:
description: The ending xlog
type: string
endWal:
description: The ending WAL
type: string
endpointCA:
description: |-
EndpointCA store the CA bundle of the barman endpoint.
Useful when using self-signed certificates to avoid
errors with certificate issuer and barman-cloud-wal-archive.
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
endpointURL:
description: |-
Endpoint to be used to upload data to the cloud,
overriding the automatic endpoint discovery
type: string
error:
description: The detected error
type: string
googleCredentials:
description: The credentials to use to upload data to Google Cloud Storage
properties:
applicationCredentials:
description: The secret containing the Google Cloud Storage JSON file with the credentials
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
gkeEnvironment:
description: |-
If set to true, will presume that it's running inside a GKE environment,
default to false.
type: boolean
type: object
instanceID:
description: Information to identify the instance where the backup has been taken from
properties:
ContainerID:
description: The container ID
type: string
podName:
description: The pod name
type: string
type: object
majorVersion:
description: |-
The PostgreSQL major version that was running when the
backup was taken.
type: integer
method:
description: The backup method being used
type: string
online:
description: Whether the backup was online/hot (`true`) or offline/cold (`false`)
type: boolean
phase:
description: The last backup status
type: string
pluginMetadata:
additionalProperties:
type: string
description: A map containing the plugin metadata
type: object
s3Credentials:
description: The credentials to use to upload data to S3
properties:
accessKeyId:
description: The reference to the access key id
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
inheritFromIAMRole:
description: Use the role based authentication without providing explicitly the keys.
type: boolean
region:
description: The reference to the secret containing the region name
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
secretAccessKey:
description: The reference to the secret access key
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
sessionToken:
description: The references to the session key
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
type: object
serverName:
description: |-
The server name on S3, the cluster name is used if this
parameter is omitted
type: string
snapshotBackupStatus:
description: Status of the volumeSnapshot backup
properties:
elements:
description: The elements list, populated with the gathered volume snapshots
items:
description: BackupSnapshotElementStatus is a volume snapshot that is part of a volume snapshot method backup
properties:
name:
description: Name is the snapshot resource name
type: string
tablespaceName:
description: |-
TablespaceName is the name of the snapshotted tablespace. Only set
when type is PG_TABLESPACE
type: string
type:
description: Type is tho role of the snapshot in the cluster, such as PG_DATA, PG_WAL and PG_TABLESPACE
type: string
required:
- name
- type
type: object
type: array
type: object
startedAt:
description: When the backup was started
format: date-time
type: string
stoppedAt:
description: When the backup was terminated
format: date-time
type: string
tablespaceMapFile:
description: Tablespace map file content as returned by Postgres in case of online (hot) backups
format: byte
type: string
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

81
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusterimagecatalogs.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,81 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: clusterimagecatalogs.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: ClusterImageCatalog
listKind: ClusterImageCatalogList
plural: clusterimagecatalogs
singular: clusterimagecatalog
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
description: ClusterImageCatalog is the Schema for the clusterimagecatalogs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Specification of the desired behavior of the ClusterImageCatalog.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
images:
description: List of CatalogImages available in the catalog
items:
description: CatalogImage defines the image and major version
properties:
image:
description: The image reference
type: string
major:
description: The PostgreSQL major version of the image. Must be unique within the catalog.
minimum: 10
type: integer
required:
- image
- major
type: object
maxItems: 8
minItems: 1
type: array
x-kubernetes-validations:
- message: Images must have unique major versions
rule: self.all(e, self.filter(f, f.major==e.major).size() == 1)
required:
- images
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources: {}

6492
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-clusters.postgresql.cnpg.io Normal file
View File

File diff suppressed because it is too large Load Diff

369
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-databases.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,369 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: databases.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: Database
listKind: DatabaseList
plural: databases
singular: database
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .spec.name
name: PG Name
type: string
- jsonPath: .status.applied
name: Applied
type: boolean
- description: Latest reconciliation message
jsonPath: .status.message
name: Message
type: string
name: v1
schema:
openAPIV3Schema:
description: Database is the Schema for the databases API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Specification of the desired Database.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
allowConnections:
description: |-
Maps to the `ALLOW_CONNECTIONS` parameter of `CREATE DATABASE` and
`ALTER DATABASE`. If false then no one can connect to this database.
type: boolean
builtinLocale:
description: |-
Maps to the `BUILTIN_LOCALE` parameter of `CREATE DATABASE`. This
setting cannot be changed. Specifies the locale name when the
builtin provider is used. This option requires `localeProvider` to
be set to `builtin`. Available from PostgreSQL 17.
type: string
x-kubernetes-validations:
- message: builtinLocale is immutable
rule: self == oldSelf
cluster:
description: The name of the PostgreSQL cluster hosting the database.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
collationVersion:
description: |-
Maps to the `COLLATION_VERSION` parameter of `CREATE DATABASE`. This
setting cannot be changed.
type: string
x-kubernetes-validations:
- message: collationVersion is immutable
rule: self == oldSelf
connectionLimit:
description: |-
Maps to the `CONNECTION LIMIT` clause of `CREATE DATABASE` and
`ALTER DATABASE`. How many concurrent connections can be made to
this database. -1 (the default) means no limit.
type: integer
databaseReclaimPolicy:
default: retain
description: The policy for end-of-life maintenance of this database.
enum:
- delete
- retain
type: string
encoding:
description: |-
Maps to the `ENCODING` parameter of `CREATE DATABASE`. This setting
cannot be changed. Character set encoding to use in the database.
type: string
x-kubernetes-validations:
- message: encoding is immutable
rule: self == oldSelf
ensure:
default: present
description: Ensure the PostgreSQL database is `present` or `absent` - defaults to "present".
enum:
- present
- absent
type: string
extensions:
description: The list of extensions to be managed in the database
items:
description: ExtensionSpec configures an extension in a database
properties:
ensure:
default: present
description: |-
Specifies whether an extension/schema should be present or absent in
the database. If set to `present`, the extension/schema will be
created if it does not exist. If set to `absent`, the
extension/schema will be removed if it exists.
enum:
- present
- absent
type: string
name:
description: Name of the extension/schema
type: string
schema:
description: |-
The name of the schema in which to install the extension's objects,
in case the extension allows its contents to be relocated. If not
specified (default), and the extension's control file does not
specify a schema either, the current default object creation schema
is used.
type: string
version:
description: |-
The version of the extension to install. If empty, the operator will
install the default version (whatever is specified in the
extension's control file)
type: string
required:
- name
type: object
type: array
icuLocale:
description: |-
Maps to the `ICU_LOCALE` parameter of `CREATE DATABASE`. This
setting cannot be changed. Specifies the ICU locale when the ICU
provider is used. This option requires `localeProvider` to be set to
`icu`. Available from PostgreSQL 15.
type: string
x-kubernetes-validations:
- message: icuLocale is immutable
rule: self == oldSelf
icuRules:
description: |-
Maps to the `ICU_RULES` parameter of `CREATE DATABASE`. This setting
cannot be changed. Specifies additional collation rules to customize
the behavior of the default collation. This option requires
`localeProvider` to be set to `icu`. Available from PostgreSQL 16.
type: string
x-kubernetes-validations:
- message: icuRules is immutable
rule: self == oldSelf
isTemplate:
description: |-
Maps to the `IS_TEMPLATE` parameter of `CREATE DATABASE` and `ALTER
DATABASE`. If true, this database is considered a template and can
be cloned by any user with `CREATEDB` privileges.
type: boolean
locale:
description: |-
Maps to the `LOCALE` parameter of `CREATE DATABASE`. This setting
cannot be changed. Sets the default collation order and character
classification in the new database.
type: string
x-kubernetes-validations:
- message: locale is immutable
rule: self == oldSelf
localeCType:
description: |-
Maps to the `LC_CTYPE` parameter of `CREATE DATABASE`. This setting
cannot be changed.
type: string
x-kubernetes-validations:
- message: localeCType is immutable
rule: self == oldSelf
localeCollate:
description: |-
Maps to the `LC_COLLATE` parameter of `CREATE DATABASE`. This
setting cannot be changed.
type: string
x-kubernetes-validations:
- message: localeCollate is immutable
rule: self == oldSelf
localeProvider:
description: |-
Maps to the `LOCALE_PROVIDER` parameter of `CREATE DATABASE`. This
setting cannot be changed. This option sets the locale provider for
databases created in the new cluster. Available from PostgreSQL 16.
type: string
x-kubernetes-validations:
- message: localeProvider is immutable
rule: self == oldSelf
name:
description: The name of the database to create inside PostgreSQL. This setting cannot be changed.
type: string
x-kubernetes-validations:
- message: name is immutable
rule: self == oldSelf
- message: the name postgres is reserved
rule: self != 'postgres'
- message: the name template0 is reserved
rule: self != 'template0'
- message: the name template1 is reserved
rule: self != 'template1'
owner:
description: |-
Maps to the `OWNER` parameter of `CREATE DATABASE`.
Maps to the `OWNER TO` command of `ALTER DATABASE`.
The role name of the user who owns the database inside PostgreSQL.
type: string
schemas:
description: The list of schemas to be managed in the database
items:
description: SchemaSpec configures a schema in a database
properties:
ensure:
default: present
description: |-
Specifies whether an extension/schema should be present or absent in
the database. If set to `present`, the extension/schema will be
created if it does not exist. If set to `absent`, the
extension/schema will be removed if it exists.
enum:
- present
- absent
type: string
name:
description: Name of the extension/schema
type: string
owner:
description: |-
The role name of the user who owns the schema inside PostgreSQL.
It maps to the `AUTHORIZATION` parameter of `CREATE SCHEMA` and the
`OWNER TO` command of `ALTER SCHEMA`.
type: string
required:
- name
type: object
type: array
tablespace:
description: |-
Maps to the `TABLESPACE` parameter of `CREATE DATABASE`.
Maps to the `SET TABLESPACE` command of `ALTER DATABASE`.
The name of the tablespace (in PostgreSQL) that will be associated
with the new database. This tablespace will be the default
tablespace used for objects created in this database.
type: string
template:
description: |-
Maps to the `TEMPLATE` parameter of `CREATE DATABASE`. This setting
cannot be changed. The name of the template from which to create
this database.
type: string
x-kubernetes-validations:
- message: template is immutable
rule: self == oldSelf
required:
- cluster
- name
- owner
type: object
x-kubernetes-validations:
- message: builtinLocale is only available when localeProvider is set to `builtin`
rule: '!has(self.builtinLocale) || self.localeProvider == ''builtin'''
- message: icuLocale is only available when localeProvider is set to `icu`
rule: '!has(self.icuLocale) || self.localeProvider == ''icu'''
- message: icuRules is only available when localeProvider is set to `icu`
rule: '!has(self.icuRules) || self.localeProvider == ''icu'''
status:
description: |-
Most recently observed status of the Database. This data may not be up to
date. Populated by the system. Read-only.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
applied:
description: Applied is true if the database was reconciled correctly
type: boolean
extensions:
description: Extensions is the status of the managed extensions
items:
description: DatabaseObjectStatus is the status of the managed database objects
properties:
applied:
description: |-
True of the object has been installed successfully in
the database
type: boolean
message:
description: Message is the object reconciliation message
type: string
name:
description: The name of the object
type: string
required:
- applied
- name
type: object
type: array
message:
description: Message is the reconciliation output message
type: string
observedGeneration:
description: |-
A sequence number representing the latest
desired state that was synchronized
format: int64
type: integer
schemas:
description: Schemas is the status of the managed schemas
items:
description: DatabaseObjectStatus is the status of the managed database objects
properties:
applied:
description: |-
True of the object has been installed successfully in
the database
type: boolean
message:
description: Message is the object reconciliation message
type: string
name:
description: The name of the object
type: string
required:
- applied
- name
type: object
type: array
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

79
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-failoverquorums.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,79 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: failoverquorums.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: FailoverQuorum
listKind: FailoverQuorumList
plural: failoverquorums
singular: failoverquorum
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
description: |-
FailoverQuorum contains the information about the current failover
quorum status of a PG cluster. It is updated by the instance manager
of the primary node and reset to zero by the operator to trigger
an update.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
status:
description: Most recently observed status of the failover quorum.
properties:
method:
description: Contains the latest reported Method value.
type: string
primary:
description: |-
Primary is the name of the primary instance that updated
this object the latest time.
type: string
standbyNames:
description: |-
StandbyNames is the list of potentially synchronous
instance names.
items:
type: string
type: array
standbyNumber:
description: |-
StandbyNumber is the number of synchronous standbys that transactions
need to wait for replies from.
type: integer
type: object
required:
- metadata
type: object
served: true
storage: true
subresources:
status: {}

81
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-imagecatalogs.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,81 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: imagecatalogs.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: ImageCatalog
listKind: ImageCatalogList
plural: imagecatalogs
singular: imagecatalog
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
description: ImageCatalog is the Schema for the imagecatalogs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Specification of the desired behavior of the ImageCatalog.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
images:
description: List of CatalogImages available in the catalog
items:
description: CatalogImage defines the image and major version
properties:
image:
description: The image reference
type: string
major:
description: The PostgreSQL major version of the image. Must be unique within the catalog.
minimum: 10
type: integer
required:
- image
- major
type: object
maxItems: 8
minItems: 1
type: array
x-kubernetes-validations:
- message: Images must have unique major versions
rule: self.all(e, self.filter(f, f.major==e.major).size() == 1)
required:
- images
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources: {}

674
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-objectstores.barmancloud.cnpg.io Normal file
View File

@@ -0,0 +1,674 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: objectstores.barmancloud.cnpg.io
spec:
group: barmancloud.cnpg.io
names:
kind: ObjectStore
listKind: ObjectStoreList
plural: objectstores
singular: objectstore
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: ObjectStore is the Schema for the objectstores API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Specification of the desired behavior of the ObjectStore.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
configuration:
description: The configuration for the barman-cloud tool suite
properties:
azureCredentials:
description: The credentials to use to upload data to Azure Blob Storage
properties:
connectionString:
description: The connection string to be used
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
inheritFromAzureAD:
description: Use the Azure AD based authentication without providing explicitly the keys.
type: boolean
storageAccount:
description: The storage account where to upload data
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
storageKey:
description: |-
The storage account key to be used in conjunction
with the storage account name
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
storageSasToken:
description: |-
A shared-access-signature to be used in conjunction with
the storage account name
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
type: object
data:
description: |-
The configuration to be used to backup the data files
When not defined, base backups files will be stored uncompressed and may
be unencrypted in the object store, according to the bucket default
policy.
properties:
additionalCommandArgs:
description: |-
AdditionalCommandArgs represents additional arguments that can be appended
to the 'barman-cloud-backup' command-line invocation. These arguments
provide flexibility to customize the backup process further according to
specific requirements or configurations.
Example:
In a scenario where specialized backup options are required, such as setting
a specific timeout or defining custom behavior, users can use this field
to specify additional command arguments.
Note:
It's essential to ensure that the provided arguments are valid and supported
by the 'barman-cloud-backup' command, to avoid potential errors or unintended
behavior during execution.
items:
type: string
type: array
compression:
description: |-
Compress a backup file (a tar file per tablespace) while streaming it
to the object store. Available options are empty string (no
compression, default), `gzip`, `bzip2`, and `snappy`.
enum:
- bzip2
- gzip
- snappy
type: string
encryption:
description: |-
Whenever to force the encryption of files (if the bucket is
not already configured for that).
Allowed options are empty string (use the bucket policy, default),
`AES256` and `aws:kms`
enum:
- AES256
- aws:kms
type: string
immediateCheckpoint:
description: |-
Control whether the I/O workload for the backup initial checkpoint will
be limited, according to the `checkpoint_completion_target` setting on
the PostgreSQL server. If set to true, an immediate checkpoint will be
used, meaning PostgreSQL will complete the checkpoint as soon as
possible. `false` by default.
type: boolean
jobs:
description: |-
The number of parallel jobs to be used to upload the backup, defaults
to 2
format: int32
minimum: 1
type: integer
type: object
destinationPath:
description: |-
The path where to store the backup (i.e. s3://bucket/path/to/folder)
this path, with different destination folders, will be used for WALs
and for data
minLength: 1
type: string
endpointCA:
description: |-
EndpointCA store the CA bundle of the barman endpoint.
Useful when using self-signed certificates to avoid
errors with certificate issuer and barman-cloud-wal-archive
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
endpointURL:
description: |-
Endpoint to be used to upload data to the cloud,
overriding the automatic endpoint discovery
type: string
googleCredentials:
description: The credentials to use to upload data to Google Cloud Storage
properties:
applicationCredentials:
description: The secret containing the Google Cloud Storage JSON file with the credentials
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
gkeEnvironment:
description: |-
If set to true, will presume that it's running inside a GKE environment,
default to false.
type: boolean
type: object
historyTags:
additionalProperties:
type: string
description: |-
HistoryTags is a list of key value pairs that will be passed to the
Barman --history-tags option.
type: object
s3Credentials:
description: The credentials to use to upload data to S3
properties:
accessKeyId:
description: The reference to the access key id
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
inheritFromIAMRole:
description: Use the role based authentication without providing explicitly the keys.
type: boolean
region:
description: The reference to the secret containing the region name
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
secretAccessKey:
description: The reference to the secret access key
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
sessionToken:
description: The references to the session key
properties:
key:
description: The key to select
type: string
name:
description: Name of the referent.
type: string
required:
- key
- name
type: object
type: object
serverName:
description: |-
The server name on S3, the cluster name is used if this
parameter is omitted
type: string
tags:
additionalProperties:
type: string
description: |-
Tags is a list of key value pairs that will be passed to the
Barman --tags option.
type: object
wal:
description: |-
The configuration for the backup of the WAL stream.
When not defined, WAL files will be stored uncompressed and may be
unencrypted in the object store, according to the bucket default policy.
properties:
archiveAdditionalCommandArgs:
description: |-
Additional arguments that can be appended to the 'barman-cloud-wal-archive'
command-line invocation. These arguments provide flexibility to customize
the WAL archive process further, according to specific requirements or configurations.
Example:
In a scenario where specialized backup options are required, such as setting
a specific timeout or defining custom behavior, users can use this field
to specify additional command arguments.
Note:
It's essential to ensure that the provided arguments are valid and supported
by the 'barman-cloud-wal-archive' command, to avoid potential errors or unintended
behavior during execution.
items:
type: string
type: array
compression:
description: |-
Compress a WAL file before sending it to the object store. Available
options are empty string (no compression, default), `gzip`, `bzip2`,
`lz4`, `snappy`, `xz`, and `zstd`.
enum:
- bzip2
- gzip
- lz4
- snappy
- xz
- zstd
type: string
encryption:
description: |-
Whenever to force the encryption of files (if the bucket is
not already configured for that).
Allowed options are empty string (use the bucket policy, default),
`AES256` and `aws:kms`
enum:
- AES256
- aws:kms
type: string
maxParallel:
description: |-
Number of WAL files to be either archived in parallel (when the
PostgreSQL instance is archiving to a backup object store) or
restored in parallel (when a PostgreSQL standby is fetching WAL
files from a recovery object store). If not specified, WAL files
will be processed one at a time. It accepts a positive integer as a
value - with 1 being the minimum accepted value.
minimum: 1
type: integer
restoreAdditionalCommandArgs:
description: |-
Additional arguments that can be appended to the 'barman-cloud-wal-restore'
command-line invocation. These arguments provide flexibility to customize
the WAL restore process further, according to specific requirements or configurations.
Example:
In a scenario where specialized backup options are required, such as setting
a specific timeout or defining custom behavior, users can use this field
to specify additional command arguments.
Note:
It's essential to ensure that the provided arguments are valid and supported
by the 'barman-cloud-wal-restore' command, to avoid potential errors or unintended
behavior during execution.
items:
type: string
type: array
type: object
required:
- destinationPath
type: object
x-kubernetes-validations:
- fieldPath: .serverName
message: use the 'serverName' plugin parameter in the Cluster resource
reason: FieldValueForbidden
rule: '!has(self.serverName)'
instanceSidecarConfiguration:
description: The configuration for the sidecar that runs in the instance pods
properties:
additionalContainerArgs:
description: |-
AdditionalContainerArgs is an optional list of command-line arguments
to be passed to the sidecar container when it starts.
The provided arguments are appended to the containers default arguments.
items:
type: string
type: array
x-kubernetes-validations:
- message: do not set --log-level in additionalContainerArgs; use spec.instanceSidecarConfiguration.logLevel
reason: FieldValueForbidden
rule: '!self.exists(a, a.startsWith(''--log-level''))'
env:
description: The environment to be explicitly passed to the sidecar
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: |-
Name of the environment variable.
May consist of any printable ASCII characters except '='.
type: string
value:
description: |-
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "".
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: |-
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
fileKeyRef:
description: |-
FileKeyRef selects a key of the env file.
Requires the EnvFiles feature gate to be enabled.
properties:
key:
description: |-
The key within the env file. An invalid key will prevent the pod from starting.
The keys defined within a source may consist of any printable ASCII characters except '='.
During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.
type: string
optional:
default: false
description: |-
Specify whether the file or its key must be defined. If the file or key
does not exist, then the env var is not published.
If optional is set to true and the specified key does not exist,
the environment variable will not be set in the Pod's containers.
If optional is set to false and the specified key does not exist,
an error will be returned during Pod creation.
type: boolean
path:
description: |-
The path within the volume from which to select the file.
Must be relative and may not contain the '..' path or start with '..'.
type: string
volumeName:
description: The name of the volume mount containing the env file.
type: string
required:
- key
- path
- volumeName
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
logLevel:
default: info
description: 'The log level for PostgreSQL instances. Valid values are: `error`, `warning`, `info` (default), `debug`, `trace`'
enum:
- error
- warning
- info
- debug
- trace
type: string
resources:
description: Resources define cpu/memory requests and limits for the sidecar that runs in the instance pods.
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This field depends on the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
request:
description: |-
Request is the name chosen for a request in the referenced claim.
If empty, everything from the claim is made available, otherwise
only the result of this request.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
retentionPolicyIntervalSeconds:
default: 1800
description: |-
The retentionCheckInterval defines the frequency at which the
system checks and enforces retention policies.
type: integer
type: object
retentionPolicy:
description: |-
RetentionPolicy is the retention policy to be used for backups
and WALs (i.e. '60d'). The retention policy is expressed in the form
of `XXu` where `XX` is a positive integer and `u` is in `[dwm]` -
days, weeks, months.
pattern: ^[1-9][0-9]*[dwm]$
type: string
required:
- configuration
type: object
status:
description: |-
Most recently observed status of the ObjectStore. This data may not be up to
date. Populated by the system. Read-only.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
serverRecoveryWindow:
additionalProperties:
description: |-
RecoveryWindow represents the time span between the first
recoverability point and the last successful backup of a PostgreSQL
server, defining the period during which data can be restored.
properties:
firstRecoverabilityPoint:
description: |-
The first recoverability point in a PostgreSQL server refers to
the earliest point in time to which the database can be
restored.
format: date-time
type: string
lastFailedBackupTime:
description: The last failed backup time
format: date-time
type: string
lastSuccessfulBackupTime:
description: The last successful backup time
format: date-time
type: string
type: object
description: ServerRecoveryWindow maps each server to its recovery window
type: object
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

8850
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-poolers.postgresql.cnpg.io Normal file
View File

File diff suppressed because it is too large Load Diff

190
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-publications.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,190 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: publications.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: Publication
listKind: PublicationList
plural: publications
singular: publication
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .spec.name
name: PG Name
type: string
- jsonPath: .status.applied
name: Applied
type: boolean
- description: Latest reconciliation message
jsonPath: .status.message
name: Message
type: string
name: v1
schema:
openAPIV3Schema:
description: Publication is the Schema for the publications API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PublicationSpec defines the desired state of Publication
properties:
cluster:
description: The name of the PostgreSQL cluster that identifies the "publisher"
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
dbname:
description: |-
The name of the database where the publication will be installed in
the "publisher" cluster
type: string
x-kubernetes-validations:
- message: dbname is immutable
rule: self == oldSelf
name:
description: The name of the publication inside PostgreSQL
type: string
x-kubernetes-validations:
- message: name is immutable
rule: self == oldSelf
parameters:
additionalProperties:
type: string
description: |-
Publication parameters part of the `WITH` clause as expected by
PostgreSQL `CREATE PUBLICATION` command
type: object
publicationReclaimPolicy:
default: retain
description: The policy for end-of-life maintenance of this publication
enum:
- delete
- retain
type: string
target:
description: Target of the publication as expected by PostgreSQL `CREATE PUBLICATION` command
properties:
allTables:
description: |-
Marks the publication as one that replicates changes for all tables
in the database, including tables created in the future.
Corresponding to `FOR ALL TABLES` in PostgreSQL.
type: boolean
x-kubernetes-validations:
- message: allTables is immutable
rule: self == oldSelf
objects:
description: Just the following schema objects
items:
description: PublicationTargetObject is an object to publish
properties:
table:
description: |-
Specifies a list of tables to add to the publication. Corresponding
to `FOR TABLE` in PostgreSQL.
properties:
columns:
description: The columns to publish
items:
type: string
type: array
name:
description: The table name
type: string
only:
description: Whether to limit to the table only or include all its descendants
type: boolean
schema:
description: The schema name
type: string
required:
- name
type: object
tablesInSchema:
description: |-
Marks the publication as one that replicates changes for all tables
in the specified list of schemas, including tables created in the
future. Corresponding to `FOR TABLES IN SCHEMA` in PostgreSQL.
type: string
type: object
x-kubernetes-validations:
- message: tablesInSchema and table are mutually exclusive
rule: (has(self.tablesInSchema) && !has(self.table)) || (!has(self.tablesInSchema) && has(self.table))
maxItems: 100000
type: array
x-kubernetes-validations:
- message: specifying a column list when the publication also publishes tablesInSchema is not supported
rule: '!(self.exists(o, has(o.table) && has(o.table.columns)) && self.exists(o, has(o.tablesInSchema)))'
type: object
x-kubernetes-validations:
- message: allTables and objects are mutually exclusive
rule: (has(self.allTables) && !has(self.objects)) || (!has(self.allTables) && has(self.objects))
required:
- cluster
- dbname
- name
- target
type: object
status:
description: PublicationStatus defines the observed state of Publication
properties:
applied:
description: Applied is true if the publication was reconciled correctly
type: boolean
message:
description: Message is the reconciliation output message
type: string
observedGeneration:
description: |-
A sequence number representing the latest
desired state that was synchronized
format: int64
type: integer
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

190
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-scheduledbackups.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,190 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: scheduledbackups.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: ScheduledBackup
listKind: ScheduledBackupList
plural: scheduledbackups
singular: scheduledbackup
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .status.lastScheduleTime
name: Last Backup
type: date
name: v1
schema:
openAPIV3Schema:
description: ScheduledBackup is the Schema for the scheduledbackups API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Specification of the desired behavior of the ScheduledBackup.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
backupOwnerReference:
default: none
description: |-
Indicates which ownerReference should be put inside the created backup resources.<br />
- none: no owner reference for created backup objects (same behavior as before the field was introduced)<br />
- self: sets the Scheduled backup object as owner of the backup<br />
- cluster: set the cluster as owner of the backup<br />
enum:
- none
- self
- cluster
type: string
cluster:
description: The cluster to backup
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
immediate:
description: If the first backup has to be immediately start after creation or not
type: boolean
method:
default: barmanObjectStore
description: |-
The backup method to be used, possible options are `barmanObjectStore`,
`volumeSnapshot` or `plugin`. Defaults to: `barmanObjectStore`.
enum:
- barmanObjectStore
- volumeSnapshot
- plugin
type: string
online:
description: |-
Whether the default type of backup with volume snapshots is
online/hot (`true`, default) or offline/cold (`false`)
Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'
type: boolean
onlineConfiguration:
description: |-
Configuration parameters to control the online/hot backup with volume snapshots
Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza
properties:
immediateCheckpoint:
description: |-
Control whether the I/O workload for the backup initial checkpoint will
be limited, according to the `checkpoint_completion_target` setting on
the PostgreSQL server. If set to true, an immediate checkpoint will be
used, meaning PostgreSQL will complete the checkpoint as soon as
possible. `false` by default.
type: boolean
waitForArchive:
default: true
description: |-
If false, the function will return immediately after the backup is completed,
without waiting for WAL to be archived.
This behavior is only useful with backup software that independently monitors WAL archiving.
Otherwise, WAL required to make the backup consistent might be missing and make the backup useless.
By default, or when this parameter is true, pg_backup_stop will wait for WAL to be archived when archiving is
enabled.
On a standby, this means that it will wait only when archive_mode = always.
If write activity on the primary is low, it may be useful to run pg_switch_wal on the primary in order to trigger
an immediate segment switch.
type: boolean
type: object
pluginConfiguration:
description: Configuration parameters passed to the plugin managing this backup
properties:
name:
description: Name is the name of the plugin managing this backup
type: string
parameters:
additionalProperties:
type: string
description: |-
Parameters are the configuration parameters passed to the backup
plugin for this backup
type: object
required:
- name
type: object
schedule:
description: |-
The schedule does not follow the same format used in Kubernetes CronJobs
as it includes an additional seconds specifier,
see https://pkg.go.dev/github.com/robfig/cron#hdr-CRON_Expression_Format
type: string
suspend:
description: If this backup is suspended or not
type: boolean
target:
description: |-
The policy to decide which instance should perform this backup. If empty,
it defaults to `cluster.spec.backup.target`.
Available options are empty string, `primary` and `prefer-standby`.
`primary` to have backups run always on primary instances,
`prefer-standby` to have backups run preferably on the most updated
standby, if available.
enum:
- primary
- prefer-standby
type: string
required:
- cluster
- schedule
type: object
status:
description: |-
Most recently observed status of the ScheduledBackup. This data may not be up
to date. Populated by the system. Read-only.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
lastCheckTime:
description: The latest time the schedule
format: date-time
type: string
lastScheduleTime:
description: Information when was the last time that backup was successfully scheduled.
format: date-time
type: string
nextScheduleTime:
description: Next time we will run a backup
format: date-time
type: string
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

149
clusters/cl01tl/manifests/cloudnative-pg/CustomResourceDefinition-subscriptions.postgresql.cnpg.io Normal file
View File

@@ -0,0 +1,149 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/crds/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.19.0
helm.sh/resource-policy: keep
name: subscriptions.postgresql.cnpg.io
spec:
group: postgresql.cnpg.io
names:
kind: Subscription
listKind: SubscriptionList
plural: subscriptions
singular: subscription
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.cluster.name
name: Cluster
type: string
- jsonPath: .spec.name
name: PG Name
type: string
- jsonPath: .status.applied
name: Applied
type: boolean
- description: Latest reconciliation message
jsonPath: .status.message
name: Message
type: string
name: v1
schema:
openAPIV3Schema:
description: Subscription is the Schema for the subscriptions API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: SubscriptionSpec defines the desired state of Subscription
properties:
cluster:
description: The name of the PostgreSQL cluster that identifies the "subscriber"
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
dbname:
description: |-
The name of the database where the publication will be installed in
the "subscriber" cluster
type: string
x-kubernetes-validations:
- message: dbname is immutable
rule: self == oldSelf
externalClusterName:
description: The name of the external cluster with the publication ("publisher")
type: string
name:
description: The name of the subscription inside PostgreSQL
type: string
x-kubernetes-validations:
- message: name is immutable
rule: self == oldSelf
parameters:
additionalProperties:
type: string
description: |-
Subscription parameters included in the `WITH` clause of the PostgreSQL
`CREATE SUBSCRIPTION` command. Most parameters cannot be changed
after the subscription is created and will be ignored if modified
later, except for a limited set documented at:
https://www.postgresql.org/docs/current/sql-altersubscription.html#SQL-ALTERSUBSCRIPTION-PARAMS-SET
type: object
publicationDBName:
description: |-
The name of the database containing the publication on the external
cluster. Defaults to the one in the external cluster definition.
type: string
publicationName:
description: |-
The name of the publication inside the PostgreSQL database in the
"publisher"
type: string
subscriptionReclaimPolicy:
default: retain
description: The policy for end-of-life maintenance of this subscription
enum:
- delete
- retain
type: string
required:
- cluster
- dbname
- externalClusterName
- name
- publicationName
type: object
status:
description: SubscriptionStatus defines the observed state of Subscription
properties:
applied:
description: Applied is true if the subscription was reconciled correctly
type: boolean
message:
description: Message is the reconciliation output message
type: string
observedGeneration:
description: |-
A sequence number representing the latest
desired state that was synchronized
format: int64
type: integer
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

81
clusters/cl01tl/manifests/cloudnative-pg/Deployment-cloudnative-pg-plugin-barman-cloud.yml Normal file
View File

@@ -0,0 +1,81 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
helm.sh/chart: plugin-barman-cloud-0.3.1
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "v0.9.0"
app.kubernetes.io/managed-by: Helm
name: cloudnative-pg-plugin-barman-cloud
namespace: cloudnative-pg
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
# RollingUpdate strategy is not supported by the operator yet, so it can only use the Recreate strategy.
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
spec:
containers:
- args:
- operator
- --server-cert=/server/tls.crt
- --server-key=/server/tls.key
- --client-cert=/client/tls.crt
- --server-address=:9090
- --leader-elect
- --log-level=debug
env:
- name: SIDECAR_IMAGE
valueFrom:
configMapKeyRef:
key: SIDECAR_IMAGE
name: plugin-barman-cloud-config
image: "ghcr.io/cloudnative-pg/plugin-barman-cloud:v0.9.0"
name: barman-cloud
ports:
- containerPort: 9090
protocol: TCP
readinessProbe:
initialDelaySeconds: 10
periodSeconds: 10
tcpSocket:
port: 9090
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 10001
runAsUser: 10001
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /server
name: server
- mountPath: /client
name: client
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
serviceAccountName: cloudnative-pg-plugin-barman-cloud
volumes:
- name: server
secret:
secretName: barman-cloud-server-tls
- name: client
secret:
secretName: barman-cloud-client-tls

106
clusters/cl01tl/manifests/cloudnative-pg/Deployment-cloudnative-pg.yml Normal file
View File

@@ -0,0 +1,106 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: cloudnative-pg
namespace: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 2
selector:
matchLabels:
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
template:
metadata:
annotations:
checksum/rbac: ecc7ac52a42c48513234accf4bd785afb5889e77f0672f57c00b875960e3497a
checksum/config: c9268d2e1b50fbad8b125b152e51e44e51e393aef15b37b31b8ef35e60c039ec
checksum/monitoring-config: 5b7dc0c42a24b297d6f659777324c4105b8ce5e022ee55e973a2f3697f4e7702
labels:
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
spec:
containers:
- args:
- controller
- --leader-elect
- --max-concurrent-reconciles=10
- --config-map-name=cnpg-controller-manager-config
- --webhook-port=9443
command:
- /manager
env:
- name: OPERATOR_IMAGE_NAME
value: "ghcr.io/cloudnative-pg/cloudnative-pg:1.27.1"
- name: OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: MONITORING_QUERIES_CONFIGMAP
value: "cnpg-default-monitoring"
image: "ghcr.io/cloudnative-pg/cloudnative-pg:1.27.1"
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /readyz
port: 9443
scheme: HTTPS
initialDelaySeconds: 3
name: manager
ports:
- containerPort: 8080
name: metrics
protocol: TCP
- containerPort: 9443
name: webhook-server
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9443
scheme: HTTPS
initialDelaySeconds: 3
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 10001
runAsUser: 10001
seccompProfile:
type: RuntimeDefault
startupProbe:
failureThreshold: 6
httpGet:
path: /readyz
port: 9443
scheme: HTTPS
periodSeconds: 5
volumeMounts:
- mountPath: /controller
name: scratch-data
- mountPath: /run/secrets/cnpg.io/webhook
name: webhook-certificates
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
serviceAccountName: cloudnative-pg
terminationGracePeriodSeconds: 10
volumes:
- emptyDir: {}
name: scratch-data
- name: webhook-certificates
secret:
defaultMode: 420
optional: true
secretName: cnpg-webhook-cert

9
clusters/cl01tl/manifests/cloudnative-pg/Issuer-cloudnative-pg-plugin-barman-cloud-selfsigned-issuer.yml Normal file
View File

@@ -0,0 +1,9 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/certificate-issuer.yaml
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: cloudnative-pg-plugin-barman-cloud-selfsigned-issuer
namespace: cloudnative-pg
spec:
selfSigned: {}

97
clusters/cl01tl/manifests/cloudnative-pg/MutatingWebhookConfiguration-cnpg-mutating-webhook-configuration.yml Normal file
View File

@@ -0,0 +1,97 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/mutatingwebhookconfiguration.yaml
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: cnpg-mutating-webhook-configuration
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /mutate-postgresql-cnpg-io-v1-backup
port: 443
failurePolicy: Fail
name: mbackup.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- backups
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /mutate-postgresql-cnpg-io-v1-cluster
port: 443
failurePolicy: Fail
name: mcluster.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- clusters
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /mutate-postgresql-cnpg-io-v1-database
port: 443
failurePolicy: Fail
name: mdatabase.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- databases
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /mutate-postgresql-cnpg-io-v1-scheduledbackup
port: 443
failurePolicy: Fail
name: mscheduledbackup.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- scheduledbackups
sideEffects: None

38
clusters/cl01tl/manifests/cloudnative-pg/PodMonitor-cloudnative-pg.yml Normal file
View File

@@ -0,0 +1,38 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/podmonitor.yaml
#
# Copyright © contributors to CloudNativePG, established as
# CloudNativePG a Series of LF Projects, LLC.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
#
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: cloudnative-pg
namespace: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
podMetricsEndpoints:
- port: metrics

45
clusters/cl01tl/manifests/cloudnative-pg/Role-cloudnative-pg-plugin-barman-cloud-leader-election-role.yml Normal file
View File

@@ -0,0 +1,45 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/additional-rbac/leader_election.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
helm.sh/chart: plugin-barman-cloud-0.3.1
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "v0.9.0"
app.kubernetes.io/managed-by: Helm
name: cloudnative-pg-plugin-barman-cloud-leader-election-role
namespace: cloudnative-pg
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch

21
clusters/cl01tl/manifests/cloudnative-pg/RoleBinding-cloudnative-pg-plugin-barman-cloud-leader-election-rolebinding.yml Normal file
View File

@@ -0,0 +1,21 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/additional-rbac/leader_election.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
helm.sh/chart: plugin-barman-cloud-0.3.1
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "v0.9.0"
app.kubernetes.io/managed-by: Helm
name: cloudnative-pg-plugin-barman-cloud-leader-election-rolebinding
namespace: cloudnative-pg
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cloudnative-pg-plugin-barman-cloud-leader-election-role
subjects:
- kind: ServiceAccount
name: cloudnative-pg-plugin-barman-cloud
namespace: cloudnative-pg

26
clusters/cl01tl/manifests/cloudnative-pg/Service-barman-cloud.yml Normal file
View File

@@ -0,0 +1,26 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
helm.sh/chart: plugin-barman-cloud-0.3.1
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "v0.9.0"
app.kubernetes.io/managed-by: Helm
cnpg.io/pluginName: barman-cloud.cloudnative-pg.io
annotations:
cnpg.io/pluginClientSecret: barman-cloud-client-tls
cnpg.io/pluginPort: "9090"
cnpg.io/pluginServerSecret: barman-cloud-server-tls
name: barman-cloud
namespace: cloudnative-pg
spec:
ports:
- port: 9090
protocol: TCP
targetPort: 9090
selector:
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg

22
clusters/cl01tl/manifests/cloudnative-pg/Service-cnpg-webhook-service.yml Normal file
View File

@@ -0,0 +1,22 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: cnpg-webhook-service
namespace: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
spec:
type: ClusterIP
ports:
- port: 443
targetPort: webhook-server
name: webhook-server
selector:
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg

13
clusters/cl01tl/manifests/cloudnative-pg/ServiceAccount-cloudnative-pg-plugin-barman-cloud.yml Normal file
View File

@@ -0,0 +1,13 @@
---
# Source: cloudnative-pg/charts/plugin-barman-cloud/templates/rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh/chart: plugin-barman-cloud-0.3.1
app.kubernetes.io/name: plugin-barman-cloud
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "v0.9.0"
app.kubernetes.io/managed-by: Helm
name: cloudnative-pg-plugin-barman-cloud
namespace: cloudnative-pg

13
clusters/cl01tl/manifests/cloudnative-pg/ServiceAccount-cloudnative-pg.yml Normal file
View File

@@ -0,0 +1,13 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: cloudnative-pg
namespace: cloudnative-pg
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm

118
clusters/cl01tl/manifests/cloudnative-pg/ValidatingWebhookConfiguration-cnpg-validating-webhook-configuration.yml Normal file
View File

@@ -0,0 +1,118 @@
---
# Source: cloudnative-pg/charts/cloudnative-pg/templates/validatingwebhookconfiguration.yaml
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: cnpg-validating-webhook-configuration
labels:
helm.sh/chart: cloudnative-pg-0.26.1
app.kubernetes.io/name: cloudnative-pg
app.kubernetes.io/instance: cloudnative-pg
app.kubernetes.io/version: "1.27.1"
app.kubernetes.io/managed-by: Helm
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /validate-postgresql-cnpg-io-v1-backup
port: 443
failurePolicy: Fail
name: vbackup.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- backups
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /validate-postgresql-cnpg-io-v1-cluster
port: 443
failurePolicy: Fail
name: vcluster.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- clusters
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /validate-postgresql-cnpg-io-v1-scheduledbackup
port: 443
failurePolicy: Fail
name: vscheduledbackup.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- scheduledbackups
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /validate-postgresql-cnpg-io-v1-database
port: 443
failurePolicy: Fail
name: vdatabase.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- databases
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: cnpg-webhook-service
namespace: cloudnative-pg
path: /validate-postgresql-cnpg-io-v1-pooler
port: 443
failurePolicy: Fail
name: vpooler.cnpg.io
rules:
- apiGroups:
- postgresql.cnpg.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- poolers
sideEffects: None