4.6.2

Crunchy Data announces the release of the PostgreSQL Operator 4.6.2 on March 22, 2021.

The PostgreSQL Operator is released in conjunction with the Crunchy Container Suite.

PostgreSQL Operator 4.6.2 release includes the following software versions upgrades:

  • Patroni is now at version 2.0.2.
  • pgBouncer for CentOS 8 / UBI 8 is rebuilt to use the libc for its async DNS backend.

PostgreSQL Operator is tested against Kubernetes 1.17 - 1.20, OpenShift 3.11, OpenShift 4.4+, Google Kubernetes Engine (GKE), Amazon EKS, Microsoft AKS, and VMware Enterprise PKS 1.3+, and works on other Kubernetes distributions as well.

Changes

  • The Postgres Operator and associated containers now contain defaults to use more locked down Pod and Container security context settings. These include setting allowPrivilegeEscalation to false and explicitly stating that the container should not run as root. Many of these were already honored, if not defaulted, within the Postgres Operator ecosystem, but these changes make the settings explicit. This is all configuration: there are no breaking changes, and these configurations can be supported down to at least the 4.2 series.
  • Revert setting “UsePAM” to “yes” by default as the bug fix in Docker that required that change was applied roughly one year ago.
  • On Operator boot, Automatically detect when deployed in an OpenShift environment and set DisableFSGroup to true. This makes it easier to get started with the Postgres Operator in an OpenShift environment with the default security settings (i.e. restricted). If you use the anyuid Security Context Constraint, you will need to explicitly set DisableFSGroup to false.

Fixes

  • Ensure archive_mode is forced to on when performing using the “restore in place” method. This ensures that the timeline is correctly incremented post-restore, which could manifest itself with various types of WAL archive failures.
  • Fix error when attempting to perform restores when using node affinity. Reported by (@gilfrade) and Cristian Chiru (@cristichiru).
  • Fix issue where certain pgAdmin 4 functions did not work (e.g. taking a backup) due to python references in EL8 containers. Reported by (@douggutaby).
  • Ensure a Postgres cluster shutdown can execute even if the status subresource of a pgclusters.crunchydata.com custom resource is missing.
  • Ensure major upgrades via crunchy-upgrade support PostgreSQL 12 and PostgreSQL 13. Reported by (@lbartnicki92).
  • Fix installed RBAC permissions via OLM. Reported by Tim Bo (@timbrd), with additional analysis from Aleksander Roszig (@AleksanderRoszig) and Eric Ace (@aceeric).