OperatorHub.io
If your Kubernetes cluster is already running the Operator Lifecycle Manager, the PostgreSQL Operator can be installed as part of Crunchy PostgreSQL for Kubernetes that is available in OperatorHub.io.
Before You Begin
There are a few manual steps that the cluster administrator must perform prior to installing the PostgreSQL Operator. At the very least, it must be provided with an initial configuration.
First, make sure OLM and the OperatorHub.io catalog are installed by running
kubectl get CatalogSources --all-namespaces
. You should see something similar to the following:
NAMESPACE NAME DISPLAY TYPE PUBLISHER
olm operatorhubio-catalog Community Operators grpc OperatorHub.io
Take note of the name and namespace above, you will need them later on.
Next, select a namespace in which to install the PostgreSQL Operator. PostgreSQL clusters will also be deployed here. If it does not exist, create it now.
export PGO_OPERATOR_NAMESPACE=pgo
kubectl create namespace "$PGO_OPERATOR_NAMESPACE"
Next, clone the PostgreSQL Operator repository locally.
git clone -b v4.5.0 https://github.com/CrunchyData/postgres-operator.git
cd postgres-operator
PostgreSQL Operator Configuration
Edit conf/postgres-operator/pgo.yaml
to configure the deployment. Look over all of the options and make any
changes necessary for your environment. A full description of each option is available in the
pgo.yaml
configuration guide.
When the file is ready, upload the entire directory to the pgo-config
ConfigMap.
kubectl -n "$PGO_OPERATOR_NAMESPACE" create configmap pgo-config \
--from-file=./conf/postgres-operator
Secrets
Configure pgBackRest for your environment. If you do not plan to use AWS S3 to store backups, you can omit
the aws-s3
keys below.
kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret generic pgo-backrest-repo-config \
--from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/config \
--from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config \
--from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt \
--from-literal=aws-s3-key="<your-aws-s3-key>" \
--from-literal=aws-s3-key-secret="<your-aws-s3-key-secret>"
Certificates (optional)
The PostgreSQL Operator has an API that uses TLS to communicate securely with clients. If you have a certificate bundle validated by your organization, you can install it now. If not, the API will automatically generate and use a self-signed certificate.
kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret tls pgo.tls \
--cert=/path/to/server.crt \
--key=/path/to/server.key
Once these resources are in place, the PostgreSQL Operator can be installed into the cluster.
Installation
Create an OperatorGroup
and a Subscription
in your chosen namespace.
Make sure the source
and sourceNamespace
match the CatalogSource from earlier.
kubectl -n "$PGO_OPERATOR_NAMESPACE" create -f- <<YAML
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: postgresql
spec:
targetNamespaces: ["$PGO_OPERATOR_NAMESPACE"]
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: postgresql
spec:
name: postgresql
channel: stable
source: operatorhubio-catalog
sourceNamespace: olm
startingCSV: postgresoperator.v4.5.0
YAML
After You Install
Once the PostgreSQL Operator is installed in your Kubernetes cluster, you will need to do a few things to use the PostgreSQL Operator Client.
Install the first set of client credentials and download the pgo
binary and client certificates.
PGO_CMD=kubectl ./deploy/install-bootstrap-creds.sh
PGO_CMD=kubectl ./installers/kubectl/client-setup.sh
The client needs to be able to reach the PostgreSQL Operator API from outside the Kubernetes cluster. Create an external service or forward a port locally.
kubectl -n "$PGO_OPERATOR_NAMESPACE" expose deployment postgres-operator --type=LoadBalancer
export PGO_APISERVER_URL="https://$(
kubectl -n "$PGO_OPERATOR_NAMESPACE" get service postgres-operator \
-o jsonpath="{.status.loadBalancer.ingress[*]['ip','hostname']}"
):8443"
or
kubectl -n "$PGO_OPERATOR_NAMESPACE" port-forward deployment/postgres-operator 8443
export PGO_APISERVER_URL="https://127.0.0.1:8443"
Verify connectivity using the pgo
command.
pgo version
# pgo client version 4.5.0
# pgo-apiserver version 4.5.0