Crunchy Postgres for Kubernetes 5.1.x Release Notes

Release notes for each of the 5.1.x releases.

Component versions

Crunchy Postgres
for Kubernetes		PostgrespgBackRestpgbouncerPatronipgadmin
5.1.814.92.471.193.1.04.30
5.1.714.82.451.192.1.74.30
5.1.614.82.451.192.1.74.30
5.1.514.72.411.182.1.74.30
5.1.414.62.411.172.1.44.30
5.1.314.52.401.172.1.44.30
5.1.214.42.381.152.1.34.30
5.1.114.32.381.152.1.34.30
5.1.014.32.381.152.1.34.30

Postgres extension versions

Crunchy Postgres for Kubernetes versionPostGISpgRoutingpgauditpg_cronpg_partmanpgnodemxset_userwal2jsonTimescaleDBorafcepgvector
5.1.83.0 (earliest)
3.3.2 (latest)		2.6.3 (earliest)
3.3.1 (latest)		1.2.4 (earliest)
1.7.0 (latest)		1.5.24.7.31.44.0.12.52.10.34.2.60.4.4
5.1.73.0 (earliest)
3.3.2 (latest)		2.6.3 (earliest)
3.3.1 (latest)		1.2.4 (earliest)
1.7.0 (latest)		1.5.24.7.31.44.0.12.52.10.34.2.60.4.4
5.1.62.3 (earliest)
3.3.2 (latest)		2.6.3 (earliest)
3.3.1 (latest)		1.2.4 (earliest)
1.7.0 (latest)		1.5.24.7.31.44.0.12.52.10.34.2.6
5.1.52.3 (earliest)
3.1.8 (latest)		2.6.3 (earliest)
3.1.4 (latest)		1.2.4 (earliest)
1.6.2 (latest)		1.4.24.7.21.3.04.0.12.52.9.24.1.1
5.1.42.3 (earliest)
3.1.7 (latest)		2.6.3 (earliest)
3.1.4 (latest)		1.2.4 (earliest)
1.6.2 (latest)		1.4.24.7.11.3.03.0.02.52.8.13.25.1
5.1.32.3 (earliest)
3.1.6 (latest)		2.6.3 (earliest)
3.1.4 (latest)		1.2.4 (earliest)
1.6.2 (latest)		1.4.14.6.21.3.03.0.02.42.7.23.24.0
5.1.22.3 (earliest)
3.1.5 (latest)		2.6.3 (earliest)
3.1.4 (latest)		1.2.4 (earliest)
1.6.2 (latest)		1.4.14.6.11.3.03.0.02.42.6.1
5.1.12.3 (earliest)
3.1.5 (latest)		2.6.3 (earliest)
3.1.4 (latest)		1.2.4 (earliest)
1.6.2 (latest)		1.4.14.6.11.3.03.0.02.42.6.1
5.1.02.3 (earliest)
3.1.4 (latest)		2.6.3 (earliest)
3.1.4 (latest)		1.2.4 (earliest)
1.6.2 (latest)		1.4.14.6.01.3.03.0.02.42.6.0

A bold version number indicates that the component version was updated in latest release.

5.1.8

Changes

  • PostgreSQL versions 14.9, 13.12, 12.16, and 11.21 are now available.
  • Patroni is now at version 3.1.0.
  • pgBackrest is now at version 2.47.
  • pgBouncer is now at version 1.19.1.

Fixes

  • PostgresClusters that do not request huge pages can now be restored on nodes with huge pages.

5.1.7

Changes

  • The pgaudit_analyze tool is deprecated and may be removed in a future release.

Fixes

  • Backup jobs for S3-compatible object storage repositories would fail with a message about config hash mismatch. This is now fixed.

5.1.6

Fixes

  • PostgresClusters that do not request huge pages can now initialize on nodes with huge pages. Kubernetes container runtimes still configure cgroups incorrectly in these cases, but initdb no longer crashes.

5.1.5

This release contains new component and Postgres versions, but no additional fixes or changes.

5.1.4

Fixes

  • With the exception of the –repo option itself, PGO no longer prevents users from specifying pgBackRest options containing the string “repo” (e.g. –repo1-retention-full).
  • PGO now properly filters Jobs by namespace when reconciling restore or data migrations Job, ensuring PostgresClusters with the same name can be created within different namespaces.

5.1.3

Fixes

  • A better timeout has been set for the pg_ctl start and stop commands that are run during a restore.
  • A restore can now be re-attempted if PGO is unable to cleanly start or stop the database during a previous restore attempt.

5.1.2

This release contains new component and Postgres versions, but no additional fixes or changes.

5.1.1

Fixes

  • It is now possible to perform major PostgreSQL version upgrades when using an external WAL directory.
  • The documentation for pgAdmin 4 now clearly states that any pgAdmin user created by PGO will have a @pgo suffix.

5.1.0

Major Features

pgAdmin 4 Integration

PGO v5.1 reintroduces the pgAdmin 4 integration from PGO v4. v5.1 adds the spec.userInterace.pgAdmin section to the PostgresCluster custom resource to enable pgAdmin 4 integration for a Postgres cluster. Any users defined in spec.users are are synced with pgAdmin 4, allowing for a seamless management experience.

Please see the pgAdmin 4 section of the PGO documentation for more information about this integration.

Removal of SSH Requirement for Local Backups

Previous versions of PGO relied on the use of ssh to take backups and store archive files on Kubernetes-managed storage. PGO v5.1 now uses mTLS to securely transfer and manage these files.

The upgrade to pgBackRest TLS is seamless and transparent if using related image environment variables with your PGO Deployment (please see the PostgresCluster CRD reference for more information). This is because PGO will automatically handle updating all image tags across all existing PostgresCluster's following the upgrade to v5.1, seamlessly rolling out any new images as required for proper pgBackRest TLS functionality.

If you are not using related image environment variables, and are instead explicitly defining images via the image fields in your PostgresCluster spec, then an additional step is required in order to ensure a seamless upgrade. Specifically, all postgrescluster.spec.image and postgrescluster.spec.backups.pgbackrest.image fields must first be updated to specify images containing pgBackRest 2.38. Therefore, prior to upgrading, please update all postgrescluster.spec.image and postgrescluster.spec.backups.pgbackrest.image fields to the latest versions of the crunchy-postgres and crunchy-pgbackrest containers available per the Components and Compatibility guide (please note that the crunchy-postgres container should be updated to the latest version available for the major version of PostgreSQL currently being utilized within a cluster).

In the event that PGO is upgraded to v5.1 before updating your image tags, simply update any image fields in your PostgresCluster spec as soon as possible following the upgrade.

Features

  • Set Pod Disruption Budgets (PDBs) for both Postgres and PgBouncer instances.
  • Postgres configuration changes requiring a database restart are now automatically rolled out to all instances in the cluster.
  • Do not recreate instance Pods for changes that only require a Postgres restart. These types of changes are now applied more quickly.
  • Support for manual switchovers or failovers.
  • Rotate PgBouncer TLS certificates without downtime.
  • Add support for using Active Directory for securely authenticating with PostgreSQL using the GSSAPI.
  • Support for using AWS IAM roles with S3 with backups when PGO is deployed in EKS.
  • The characters used for password generation can now be controlled using the postgrescluster.spec.users.password.type parameter. Choices are AlphaNumeric and ASCII; defaults to ASCII.
  • Introduction for automatically checking for updates for PGO and Postgres components. If an update is discovered, it is included in the PGO logs.

Changes

  • As a result of a fix in PgBouncer v1.16, PGO no longer sets verbosity settings in the PgBouncer configuration to catch missing %include directives. Users can increase verbosity in their own configuration files to maintain the previous behavior.
  • The Postgres archive_timeout setting now defaults to 60 seconds (60s), which matches the behavior from PGO v4. If you do not require for WAL files to be generated once a minute (e.g. generally idle system where a window of data-loss is acceptable or a development system), you can set this to 0:
spec:
  patroni:
    dynamicConfiguration:
      postgresql:
        parameters:
          archive_timeout: 0
  • All Pods now have enableServiceLinks set to false in order to ensure injected environment variables do not conflict with the various applications running within.

Fixes

  • The names of CronJobs created for scheduled backups are shortened to <cluster name>-<repo#>-<backup type> to allow for longer PostgresCluster names.