OperatorHub.io

If your Kubernetes cluster is already running the Operator Lifecycle Manager, the PostgreSQL Operator can be installed as part of Crunchy PostgreSQL for Kubernetes that is available in OperatorHub.io.

Before You Begin

There are a few manual steps that the cluster administrator must perform prior to installing the PostgreSQL Operator. At the very least, it must be provided with an initial configuration.

First, make sure OLM and the OperatorHub.io catalog are installed by running kubectl get CatalogSources --all-namespaces. You should see something similar to the following:

NAMESPACE   NAME                    DISPLAY               TYPE   PUBLISHER
olm         operatorhubio-catalog   Community Operators   grpc   OperatorHub.io

Take note of the name and namespace above, you will need them later on.

Next, select a namespace in which to install the PostgreSQL Operator. PostgreSQL clusters will also be deployed here. If it does not exist, create it now.

export PGO_OPERATOR_NAMESPACE=pgo
kubectl create namespace "$PGO_OPERATOR_NAMESPACE"

Next, clone the PostgreSQL Operator repository locally.

git clone -b v4.5.0 https://github.com/CrunchyData/postgres-operator.git
cd postgres-operator

PostgreSQL Operator Configuration

Edit conf/postgres-operator/pgo.yaml to configure the deployment. Look over all of the options and make any changes necessary for your environment. A full description of each option is available in the pgo.yaml configuration guide.

When the file is ready, upload the entire directory to the pgo-config ConfigMap.

kubectl -n "$PGO_OPERATOR_NAMESPACE" create configmap pgo-config \
  --from-file=./conf/postgres-operator

Secrets

Configure pgBackRest for your environment. If you do not plan to use AWS S3 to store backups, you can omit the aws-s3 keys below.

kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret generic pgo-backrest-repo-config \
  --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/config \
  --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config \
  --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt \
  --from-literal=aws-s3-key="<your-aws-s3-key>" \
  --from-literal=aws-s3-key-secret="<your-aws-s3-key-secret>"

Certificates (optional)

The PostgreSQL Operator has an API that uses TLS to communicate securely with clients. If you have a certificate bundle validated by your organization, you can install it now. If not, the API will automatically generate and use a self-signed certificate.

kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret tls pgo.tls \
  --cert=/path/to/server.crt \
  --key=/path/to/server.key

Once these resources are in place, the PostgreSQL Operator can be installed into the cluster.

Installation

Create an OperatorGroup and a Subscription in your chosen namespace. Make sure the source and sourceNamespace match the CatalogSource from earlier.

kubectl -n "$PGO_OPERATOR_NAMESPACE" create -f- <<YAML
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
  name: postgresql
spec:
  targetNamespaces: ["$PGO_OPERATOR_NAMESPACE"]

---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: postgresql
spec:
  name: postgresql
  channel: stable
  source: operatorhubio-catalog
  sourceNamespace: olm
  startingCSV: postgresoperator.v4.5.0
YAML

After You Install

Once the PostgreSQL Operator is installed in your Kubernetes cluster, you will need to do a few things to use the PostgreSQL Operator Client.

Install the first set of client credentials and download the pgo binary and client certificates.

PGO_CMD=kubectl ./deploy/install-bootstrap-creds.sh
PGO_CMD=kubectl ./installers/kubectl/client-setup.sh

The client needs to be able to reach the PostgreSQL Operator API from outside the Kubernetes cluster. Create an external service or forward a port locally.

kubectl -n "$PGO_OPERATOR_NAMESPACE" expose deployment postgres-operator --type=LoadBalancer

export PGO_APISERVER_URL="https://$(
  kubectl -n "$PGO_OPERATOR_NAMESPACE" get service postgres-operator \
    -o jsonpath="{.status.loadBalancer.ingress[*]['ip','hostname']}"
):8443"

or

kubectl -n "$PGO_OPERATOR_NAMESPACE" port-forward deployment/postgres-operator 8443

export PGO_APISERVER_URL="https://127.0.0.1:8443"

Verify connectivity using the pgo command.

pgo version
# pgo client version 4.5.0
# pgo-apiserver version 4.5.0