Crunchy Data announces the release of the PostgreSQL Operator 4.5.3 on June 2, 2021.

The PostgreSQL Operator is released in conjunction with the Crunchy Container Suite.

PostgreSQL Operator 4.5.3 release includes the following software versions upgrades:

  • PostgreSQL is at 13.3, 12.7, 11.12, 10.17, and 9.6.22.
  • Patroni is now at version 2.0.2.
  • pgBouncer for CentOS 8 / UBI 8 is rebuilt to use the libc for its async DNS backend.


  • Revert setting “UsePAM” to “yes” by default as the bug fix in Docker that required that change was applied roughly one year ago.
  • Allow for the PGOADMIN_USERNAME, PGOADMIN_PASSWORD, PGOADMIN_ROLENAME credential bootstrap variables to be overriden as part of the OLM and development install process. Contributed by Mathieu Parent (@sathieu).
  • Update Helm installer to follow appropriate conventions. Contributed by Jakub Ráček (@kubaracek).


  • Fix crash due to superfluous trailing whitespace when parsing --backup-opts in pgo backup. Reported by Samir Faci (@safaci2000).
  • Fix issue where metrics about pgBackRest backups could not be scraped if the backups were stored in a S3-like environment that requires the use of disabling TLS verification. Reported by (@lphan-clv) and (@dakine1111).
  • Fix issue where certain pgAdmin 4 functions did not work (e.g. taking a backup) due to python references in EL8 containers. Reported by (@douggutaby).
  • Fix how the pgAdmin 4 Service is identified in pgo test. Prior to this, it was identified as a “primary”; now it is “pgadmin”.
  • Ensure a Postgres cluster shutdown can execute even if the status subresource of a pgclusters.crunchydata.com custom resource is missing.
  • Ensure major upgrades via crunchy-upgrade support PostgreSQL 12 and PostgreSQL 13. Reported by (@lbartnicki92).
  • Fix nonbreaking error message that occurs when pgo-scheduler container shuts down in the UBI 8 base container.
  • The pgo-deployer and Ansible installer will no longer create an initial TLS secret for the PGO apiserver. PGO apiserver has been able to self-create this for a long time, and PGO defers to that. This fixes an issue that occurred on newer builds where certificates generated by OpenSSL contained incomplete usage blocks, which could cause for these certificates to be properly outright rejected.