API Reference v1

Package v1beta1 contains API Schema definitions for the pgd v1beta1 API group

Resource Types

CertificateKeystores

Appears in:

CertificateKeystores configures additional keystore output formats to be created in the Certificate's output Secret.

FieldDescription
jks
JKSKeystore

JKS configures options for storing a JKS keystore in thespec.secretName Secret resource.

pkcs12
PKCS12Keystore

PKCS12 configures options for storing a PKCS12 keystore in thespec.secretName Secret resource.

CertificatePrivateKey

Appears in:

CertificatePrivateKey contains configuration options for private keys used by the Certificate controller. This allows control of how private keys are rotated.

FieldDescription
rotationPolicy
PrivateKeyRotationPolicy

RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target spec.secretName. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility.

encoding
PrivateKeyEncoding

The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are PKCS1 and PKCS8 standing for PKCS#1 and PKCS#8, respectively. Defaults to PKCS1 if not specified.

algorithm
PrivateKeyAlgorithm

Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either RSA,Ed25519 or ECDSAIf algorithm is specified and size is not provided, key size of 256 will be used for ECDSA key algorithm and key size of 2048 will be used for RSA key algorithm. key size is ignored when using the Ed25519 key algorithm.

size
int

Size is the key bit size of the corresponding private key for this certificate. If algorithm is set to RSA, valid values are 2048, 4096 or 8192, and will default to 2048 if not specified. If algorithm is set to ECDSA, valid values are 256, 384 or 521, and will default to 256 if not specified. If algorithm is set to Ed25519, Size is ignored. No other values are allowed.

CertificateSpec

Appears in:

CertificateSpec defines the desired state of Certificate. A valid Certificate requires at least one of a CommonName, DNSName, or URISAN to be valid.

FieldDescription
subject
X509Subject

Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name).

commonName
string

CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4

duration
Duration

The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration orrenewBefore period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration

renewBefore
Duration

How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration

dnsNames
[]string

DNSNames is a list of DNS subjectAltNames to be set on the Certificate.

ipAddresses
[]string

IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.

uris
[]string

URIs is a list of URI subjectAltNames to be set on the Certificate.

emailAddresses
[]string

EmailAddresses is a list of email subjectAltNames to be set on the Certificate.

secretName [Required]
string

SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. IMPORTANT: this field was required in the original cert-manager API declaration

keystores
CertificateKeystores

Keystores configures additional keystore output formats stored in thesecretName Secret resource.

issuerRef [Required]
ObjectReference

IssuerRef is a reference to the issuer for this certificate. If the kind field is not set, or set to Issuer, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the kind field is set to ClusterIssuer, a ClusterIssuer with the provided name will be used. The name field in this stanza is required at all times.

isCA
bool

IsCA will mark this Certificate as valid for certificate signing. This will automatically add the cert sign usage to the list of usages.

usages
[]KeyUsage

Usages is the set of x509 usages that are requested for the certificate. Defaults to digital signature and key encipherment if not specified.

privateKey
CertificatePrivateKey

Options to control private keys used for the Certificate.

encodeUsagesInRequest
bool

EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest

revisionHistoryLimit
int32

revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single CertificateRequest created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of 1 or greater. If unset (nil), revisions will not be garbage collected. Default value is nil.

ConditionStatus

(Alias of string)

ConditionStatus represents a condition's status.

JKSKeystore

Appears in:

JKSKeystore configures options for storing a JKS keystore in the spec.secretNameSecret resource.

FieldDescription
create [Required]
bool

Create enables JKS keystore creation for the Certificate. If true, a file named keystore.jks will be created in the target Secret resource, encrypted using the password stored inpasswordSecretRef. The keystore file will only be updated upon re-issuance. A file named truststore.jks will also be created in the target Secret resource, encrypted using the password stored inpasswordSecretRef containing the issuing Certificate Authority

passwordSecretRef [Required]
SecretKeySelector

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore.

KeyUsage

(Alias of string)

Appears in:

KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3

https://tools.ietf.org/html/rfc5280#section-4.2.1.12

Valid KeyUsage values are as follows: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"

LocalObjectReference

Appears in:

LocalObjectReference is a reference to an object in the same namespace as the referent. If the referent is a cluster-scoped resource (e.g. a ClusterIssuer), the reference instead refers to the resource with the given name in the configured 'cluster resource namespace', which is set as a flag on the controller component (and defaults to the namespace that cert-manager runs in).

FieldDescription
name [Required]
string

Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

ObjectReference

Appears in:

ObjectReference is a reference to an object with a given name, kind and group.

FieldDescription
name [Required]
string

Name of the resource being referred to.

group
string

Group of the resource being referred to.

PKCS12Keystore

Appears in:

PKCS12Keystore configures options for storing a PKCS12 keystore in thespec.secretName Secret resource.

FieldDescription
create [Required]
bool

Create enables PKCS12 keystore creation for the Certificate. If true, a file named keystore.p12 will be created in the target Secret resource, encrypted using the password stored inpasswordSecretRef. The keystore file will only be updated upon re-issuance. A file named truststore.p12 will also be created in the target Secret resource, encrypted using the password stored inpasswordSecretRef containing the issuing Certificate Authority

passwordSecretRef [Required]
SecretKeySelector

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore.

PrivateKeyAlgorithm

(Alias of string)

Appears in:

PrivateKeyAlgorithm represent a private key algorithm

PrivateKeyEncoding

(Alias of string)

Appears in:

PrivateKeyEncoding represent a private key encoding

PrivateKeyRotationPolicy

(Alias of string)

Appears in:

PrivateKeyRotationPolicy denotes how private keys should be generated or sourced when a Certificate is being issued.

SecretKeySelector

Appears in:

SecretKeySelector is a reference to a specific 'key' within a Secret resource. In some instances, key is a required field.

FieldDescription
LocalObjectReference
LocalObjectReference
(Members of LocalObjectReference are embedded into this type.)

The name of the Secret resource being referred to.

key
string

The key of the entry in the Secret resource's data field to be used. Some instances of this field may be defaulted, in others it may be required.

X509Subject

Appears in:

X509Subject Full X509 name specification

FieldDescription
organizations
[]string

Organizations to be used on the Certificate.

countries
[]string

Countries to be used on the Certificate.

organizationalUnits
[]string

Organizational Units to be used on the Certificate.

localities
[]string

Cities to be used on the Certificate.

provinces
[]string

State/Provinces to be used on the Certificate.

streetAddresses
[]string

Street addresses to be used on the Certificate.

postalCodes
[]string

Postal codes to be used on the Certificate.

serialNumber
string

Serial number to be used on the Certificate.

PGDGroup

PGDGroup is the Schema for the pgdgroups API

FieldDescription
apiVersion [Required]
string
pgd.k8s.enterprisedb.io/v1beta1
kind [Required]
string
PGDGroup
spec [Required]
PGDGroupSpec
No description provided.
status [Required]
PGDGroupStatus
No description provided.

PGDGroupCleanup

PGDGroupCleanup is the Schema for the pgdgroupcleanups API

FieldDescription
apiVersion [Required]
string
pgd.k8s.enterprisedb.io/v1beta1
kind [Required]
string
PGDGroupCleanup
spec [Required]
PGDGroupCleanupSpec
No description provided.
status [Required]
PGDGroupCleanupStatus
No description provided.

Backup

Appears in:

Backup configures the backup of cnp-pgd nodes

FieldDescription
configuration [Required]
BackupConfiguration

The CNP configuration to be used for backup. ServerName value is reserved by the operator.

cron
ScheduledBackupSpec

The scheduled backup for the data. This field is deprecated and will be removed in future versions.

schedulers [Required]
[]ScheduledBackupSpec

Define schedulers for the backup. Each scheduler has a different backup method. Only one of either backup.cron or backup.schedulers can be defined.

BackupStatus

Appears in:

BackupStatus contains the current status of the pgd backup

FieldDescription
clusterName [Required]
string

ClusterName the elected cluster to take the backup, the backup could be scheduled with different methods, but only one cluster will take the backup

scheduledBackupName [Required]
string

ScheduledBackupName is the name of the scheduled backup. This field is deprecated, will be migrated to ScheduledBackupStatus

scheduledBackupHash [Required]
string

ScheduledBackupHash is the hash of the scheduled backup configuration. This field is deprecated, will be migrated to ScheduledBackupStatus

scheduledBackups [Required]
[]ScheduledBackupStatus

ScheduledBackupStatus contains the status of all scheduled backups

CNPStatus

Appears in:

CNPStatus contains any relevant status for the operator about CNP

FieldDescription
dataInstances [Required]
int32
No description provided.
witnessInstances [Required]
int32
No description provided.
firstRecoverabilityPointsByMethod [Required]
map[string]RecoverabilityPointsByMethod

The recoverability points by method, keyed per CNP clusterName nolint: lll

firstRecoverabilityPoints [Required]
map[string]string

The recoverability points, keyed per CNP clusterName, as a date in RFC3339 format

superUserSecretIsPresent [Required]
bool
No description provided.
applicationUserSecretIsPresent [Required]
bool
No description provided.
podDisruptionBudgetIsPresent [Required]
bool
No description provided.

CertManagerTemplate

Appears in:

CertManagerTemplate contains the data to generate a certificate request

FieldDescription
spec [Required]
CertificateSpec

The Certificate object specification

metadata [Required]
Metadata

The label and annotations metadata

ClientCertConfiguration

Appears in:

ClientCertConfiguration contains the information to generate the certificate for the streaming_replica user

FieldDescription
caCertSecret [Required]
string

CACertSecret is the secret of the CA to be injected into the CloudNativePG configuration

certManager [Required]
CertManagerTemplate

The cert-manager template used to generate the certificates

preProvisioned [Required]
ClientPreProvisionedCertificates

PreProvisioned contains how to fetch the pre-generated client certificates

ClientPreProvisionedCertificates

Appears in:

ClientPreProvisionedCertificates instruct how to fetch the pre-generated client certificates

FieldDescription
streamingReplica [Required]
PreProvisionedCertificate

StreamingReplica the pre-generated certificate for 'streaming_replica' user

CnpBaseConfiguration

Appears in:

CnpBaseConfiguration contains the configuration parameters that can be applied to both CNP Witness and Data nodes

FieldDescription
startDelay [Required]
int32

The time in seconds that is allowed for a PostgreSQL instance to successfully start up (default 3600)

stopDelay [Required]
int32

The time in seconds that is allowed for a PostgreSQL instance node to gracefully shutdown (default 180)

smartShutdownTimeout
int32

The time in seconds that controls the window of time reserved for the smart shutdown of Postgres to complete. Make sure you reserve enough time for the operator to request a fast shutdown of Postgres (that is: stopDelay - smartShutdownTimeout).

storage [Required]
StorageConfiguration

Configuration of the storage of the instances

walStorage [Required]
StorageConfiguration

Configuration of the WAL storage for the instances

clusterMaxStartDelay [Required]
int32

The time in seconds that is allowed for a PostgreSQL instance to successfully start up (default 300)

affinity
AffinityConfiguration

Affinity/Anti-affinity rules for Pods

resources
ResourceRequirements

Resources requirements of every generated Pod. Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information.

postgresql
PostgresConfiguration

Configuration of the PostgreSQL server

monitoring [Required]
MonitoringConfiguration

The configuration of the monitoring infrastructure of this cluster

logLevel [Required]
string

The instances' log level, one of the following values: error, warning, info (default), debug, trace

serviceAccountTemplate [Required]
ServiceAccountTemplate

The service account template to be passed to CNP

otel [Required]
OTELConfiguration

OpenTelemetry Configuration

postInitSQL
[]string

List of SQL queries to be executed as a superuser immediately after a node has been created - to be used with extreme care (by default empty)

postInitTemplateSQL
[]string

List of SQL queries to be executed as a superuser in the template1after a node has been created - to be used with extreme care (by default empty)

postInitApplicationSQL
[]string

List of SQL queries to be executed as a superuser in the application database right after the cluster has been created - to be used with extreme care as any data created in application database before logical join will cause the join to fail (by default empty)

postInitApplicationSQLRefs
PostInitApplicationSQLRefs

List of references to ConfigMaps or Secrets containing SQL files to be executed as a superuser in the application database right after the cluster has been created. The references are processed in a specific order: first, all Secrets are processed, followed by all ConfigMaps. Within each group, the processing order follows the sequence specified in their respective arrays. - to be used with extreme care (by default empty)

seccompProfile [Required]
SeccompProfile

The SeccompProfile applied to every Pod and Container. Defaults to: RuntimeDefault

metadata [Required]
InheritedMetadata

Metadata applied exclusively to the generated Cluster resources. Useful for applying AppArmor profiles.

managed [Required]
ManagedConfiguration

The configuration that is used by the portions of PostgreSQL that are managed by the CNP instance manager

projectedVolumeTemplate
ProjectedVolumeSource

Template to be used to define projected volumes, projected volumes will be mounted under /projected base folder

tablespaces
[]TablespaceConfiguration

The tablespaces configuration

topologySpreadConstraints
[]TopologySpreadConstraint

TopologySpreadConstraints specifies how to spread matching pods among the given topology. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/

CnpConfiguration

Appears in:

CnpConfiguration contains the configurations of the data nodes that will be injected into the resulting clusters composing the PGD group

FieldDescription
CnpBaseConfiguration
CnpBaseConfiguration
(Members of CnpBaseConfiguration are embedded into this type.)No description provided.
enableSuperuserAccess
bool

When this option is enabled, the CNP operator will create or use the secret defined in the SuperuserSecret to allow superuser (postgres) access to the database. When this option is disabled on a running Group, the operator will ignore the content of the secret and set the password of the postgres user to NULL. Enabled by default.

superuserSecret
LocalObjectReference

The secret containing the superuser password. A new secret will be created with a randomly generated password if not defined. This field is only allowed in the CNP Instances configuration. A Witness Node will always use the same SuperuserSecret as the other instances.

ConnectionString

(Alias of map[string]string)

Appears in:

ConnectionString represent the parameters to connect to a PostgreSQL cluster

ConnectivityConfiguration

Appears in:

ConnectivityConfiguration describes how to generate the services and certificates for the PGDGroup

FieldDescription
dns [Required]
RootDNSConfiguration

Describes how the FQDN for the resources should be generated

tls [Required]
TLSConfiguration

The configuration of the TLS infrastructure

nodeServiceTemplate [Required]
ServiceTemplate

Instructs how to generate the service for each node

groupServiceTemplate [Required]
ServiceTemplate

Instructs how to generate the service for the PGDGroup

proxyServiceTemplate [Required]
ServiceTemplate

Instructs how to generate the service pointing to the PGD Proxy for write leader node routing

proxyReadServiceTemplate [Required]
ServiceTemplate

Instructs how to generate the service pointing to the PGD Proxy for read nodes routing

ConnectivityStatus

Appears in:

ConnectivityStatus contains any relevant status for the operator about Connectivity

FieldDescription
replicationTLSCertificate [Required]
ReplicationCertificateStatus

ReplicationTLSCertificate is the name of the replication TLS certificate, if we have it

nodeTLSCertificates [Required]
[]NodeCertificateStatus

NodeTLSCertificates are the names of the certificates that have been created for the PGD nodes

unusedCertificates [Required]
[]string

UnusedCertificates are the names of the certificates that we don't use anymore for the PGD nodes

nodesWithoutCertificates [Required]
[]string

NodesWithoutCertificates are the names of the nodes which have not a server certificate

nodesNeedingServiceReconciliation [Required]
[]string

NodesNeedingServiceReconciliation are the names of the nodes which have not a server certificate

configurationHash [Required]
string

ConfigurationHash is the hash code of the connectivity configuration, used to check if we had a change in the configuration or not

DNSConfiguration

Appears in:

DNSConfiguration describes how the FQDN for the resources should be generated

FieldDescription
domain [Required]
string

Contains the domain name of by all services in the PGDGroup. It is responsibility of the user to ensure that the value specified here matches with the rendered nodeServiceTemplate and groupServiceTemplate

hostSuffix [Required]
string

Contains an optional suffix to add to all the service names in the PGDGroup. The meaning of this setting it to allow the user to easily mark all the services created in a location for routing purpose (i.e., add a generic rule to CoreDNS to rewrite some service suffixes as local)

DiscoveryJobConfig

Appears in:

DiscoveryJobConfig contains a series of fields that configure the discovery job

FieldDescription
delay [Required]
int

Delay amount of time to sleep between retries, measured in seconds

retries [Required]
int

Retries how many times the operation should be retried

timeout [Required]
int

Timeout amount of time given to the operation to succeed, measured in seconds

InheritedMetadata

Appears in:

InheritedMetadata contains metadata to be inherited by all resources related to a Cluster

FieldDescription
labels [Required]
map[string]string
No description provided.
annotations [Required]
map[string]string
No description provided.

Metadata

Appears in:

Metadata is a structure similar to the metav1.ObjectMeta, but still parseable by controller-gen to create a suitable CRD for the user.

FieldDescription
labels
map[string]string

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels

annotations
map[string]string

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations

NodeCertificateStatus

Appears in:

NodeCertificateStatus encapsulate the status of the server certificate of a CNP node

FieldDescription
ReplicationCertificateStatus
ReplicationCertificateStatus
(Members of ReplicationCertificateStatus are embedded into this type.)No description provided.
nodeName [Required]
string

NodeName is the name of the CNP cluster using this certificate

NodeKindName

(Alias of string)

Appears in:

NodeKindName is a type containing the potential values of node_kind_name from bdr.node_summary

NodeSummary

Appears in:

NodeSummary shows relevant info from bdr.node_summary

FieldDescription
node_name [Required]
string

Name of the node

node_group_name [Required]
string

NodeGroupName is the name of the joined group

peer_state_name [Required]
string

Consistent state of the node in human-readable form

peer_target_state_name [Required]
string

State which the node is trying to reach (during join or promotion)

node_kind_name [Required]
NodeKindName

The kind of node: witness or data

NodesExtensionsStatus

(Alias of []github.com/EnterpriseDB/pg4k-pgd/api/v1beta1.NodeExtensionStatus)

NodesExtensionsStatus contains a list of NodeExtensionStatus entries

OTELConfiguration

Appears in:

OTELConfiguration is the configuration for external openTelemetry

FieldDescription
metricsURL [Required]
string

The OpenTelemetry HTTP endpoint URL to accept metrics data

traceURL [Required]
string

The OpenTelemetry HTTP endpoint URL to accept trace data

traceEnable [Required]
bool

Whether to push trace data to OpenTelemetry traceUrl

tls [Required]
OTELTLSConfiguration

TLSConfiguration provides the TLS certificate configuration when MetricsURL and TraceURL are using HTTPS

OTELTLSConfiguration

Appears in:

OTELTLSConfiguration contains the certificate configuration for TLS connections to openTelemetry

FieldDescription
caBundleSecretRef [Required]
SecretKeySelector

CABundleSecretRef is a reference to a secret field containing the CA bundle to verify the openTelemetry server certificate

clientCertSecret [Required]
LocalObjectReference

ClientCertSecret is the name of the secret containing the client certificate used to connect to openTelemetry. It must contain both the standard "tls.crt" and "tls.key" files, encoded in PEM format.

PGDGroupCleanupSpec

Appears in:

PGDGroupCleanupSpec defines the desired state of PGDGroupCleanup

FieldDescription
executor [Required]
string
No description provided.
target [Required]
string
No description provided.
force [Required]
bool

Force will force the removal of the PGDGroup even if the target PGDGroup nodes are not parted

PGDGroupCleanupStatus

Appears in:

PGDGroupCleanupStatus defines the observed state of PGDGroupCleanup

FieldDescription
phase [Required]
github.com/EnterpriseDB/pg4k-pgd/pkg/resources.OperatorPhaseCleanup
No description provided.

PGDGroupSpec

Appears in:

PGDGroupSpec defines the desired state of PGDGroup

FieldDescription
imageName [Required]
string

Name of the container image, supporting both tags (<image>:<tag>) and digests for deterministic and repeatable deployments (<image>:<tag>@sha256:<digestValue>)

imagePullPolicy
PullPolicy

Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

imagePullSecrets [Required]
[]LocalObjectReference

The list of pull secrets to be used to pull operator and or the operand images

inheritedMetadata [Required]
InheritedMetadata

Metadata that will be inherited by all objects related to the pgdGroup

instances [Required]
int32

Number of instances required in the cluster

proxyInstances [Required]
int32

Number of proxy instances required in the cluster

witnessInstances [Required]
int32

Number of witness instances required in the cluster

backup [Required]
Backup

The configuration to be used for backups in the CNP instances.

restore [Required]
Restore

The configuration to restore this PGD group from an Object Store service

cnp [Required]
CnpConfiguration

Instances configuration that will be injected into the CNP clusters that compose the PGD Group

witness [Required]
CnpBaseConfiguration

WitnessInstances configuration that will be injected into the WitnessInstances CNP clusters If not defined, it will default to the Instances configuration

pgd [Required]
PgdConfiguration

Pgd contains instructions to bootstrap this cluster

pgdProxy [Required]
PGDProxyConfiguration

PGDProxy contains instructions to configure PGD Proxy

connectivity [Required]
ConnectivityConfiguration

Configures the connectivity of the PGDGroup, like services and certificates that will be used.

failingFinalizerTimeLimitSeconds [Required]
int32

The amount of seconds that the operator will wait in case of a failing finalizer. A finalizer is considered failing when the operator cannot reach any nodes of the PGDGroup

PGDGroupStatus

Appears in:

PGDGroupStatus defines the observed state of PGDGroup

FieldDescription
latestGeneratedNode [Required]
int32

ID of the latest generated node (used to avoid node name clashing)

phase [Required]
github.com/EnterpriseDB/pg4k-pgd/pkg/resources.OperatorPhase

The initialization phase of this cluster

phaseDetails [Required]
string

The details of the current phase

phaseTroubleshootHints [Required]
string

PhaseTroubleshootHints general troubleshooting indications for the given phase

phaseType [Required]
github.com/EnterpriseDB/pg4k-pgd/pkg/resources.PhaseType

PhaseType describes the phase category.

conditions [Required]
[]Condition

Conditions for PGDGroup object

nodes [Required]
[]NodeSummary

The list of summaries for the nodes in the group

backup [Required]
BackupStatus

The node that is taking backups of this PGDGroup

restore [Required]
RestoreStatus

The status of the restore process

PGD [Required]
PGDStatus

Last known status of PGD

CNP [Required]
CNPStatus

Last known status of CNP

PGDProxy [Required]
PGDProxyStatus

Last known status of PGDProxy

connectivity [Required]
ConnectivityStatus

Last known status of Connectivity

pause [Required]
PauseStatus

Last known status of Pause

PGDNodeGroupEntry

Appears in:

PGDNodeGroupEntry shows information about the node groups available in the PGD configuration

FieldDescription
name [Required]
string

Name is the name of the node group

enableProxyRouting [Required]
bool

EnableProxyRouting is true is the node group allows running PGD Proxies

enableRaft [Required]
bool

EnableRaft is true if the node group has a subgroup raft instance

routeWriterMaxLag [Required]
int64

RouteWriterMaxLag Maximum lag in bytes of the new write candidate to be selected as write leader, if no candidate passes this, there will be no writer selected automatically

routeReaderMaxLag [Required]
int64

RouteReaderMaxLag Maximum lag in bytes for node to be considered viable read-only node

routeWriterWaitFlush [Required]
bool

RouteWriterWaitFlush Whether to wait for replication queue flush before switching to new leader when using bdr.routing_leadership_transfer()

PGDNodeGroupSettings

Appears in:

PGDNodeGroupSettings contains the settings of the PGD Group

FieldDescription
routeWriterMaxLag [Required]
int64

RouteWriterMaxLag Maximum lag in bytes of the new write candidate to be selected as write leader, if no candidate passes this, there will be no writer selected automatically Defaults to -1

routeReaderMaxLag [Required]
int64

RouteReaderMaxLag Maximum lag in bytes for node to be considered viable read-only node Defaults to -1

routeWriterWaitFlush [Required]
bool

RouteWriterWaitFlush Whether to wait for replication queue flush before switching to new leader when using bdr.routing_leadership_transfer()Defaults to false

PGDProxyConfiguration

Appears in:

PGDProxyConfiguration defines the configuration of PGD Proxy

FieldDescription
imageName [Required]
string

Name of the PGDProxy container image

logLevel [Required]
string

The PGD Proxy log level, one of the following values: error, warning, info (default), debug, trace

logEncoder [Required]
string

The format of the log output

proxyAffinity [Required]
Affinity

ProxyAffinity/Anti-affinity rules for pods

proxyNodeSelector [Required]
map[string]string

ProxyNodeSelector rules for pods

proxyTolerations [Required]
[]Toleration

ProxyTolerations rules for pods

proxyResources
ResourceRequirements

Defines the resources assigned to the proxy. If not defined uses defaults requests and limits values.

PGDProxyEntry

Appears in:

PGDProxyEntry shows information about the proxies available in the PGD configuration

FieldDescription
name [Required]
string

Name is the name of the proxy

fallbackGroupNames [Required]
[]string

FallbackGroupNames are the names of the fallback groups configured for this proxy

parentGroupName [Required]
string

ParentGroupName is the parent PGD group of this proxy

maxClientConn [Required]
int

MaxClientConn maximum number of connections the proxy will accept

maxServerConn [Required]
int

MaxServerConn maximum number of connections the proxy will make to the Postgres node

serverConnTimeout [Required]
int64

ServerConnTimeout connection timeout for server connections in seconds

serverConnKeepalive [Required]
int64

ServerConnKeepalive keepalive interval for server connections in seconds

fallbackGroupTimeout [Required]
int64

FallbackGroupTimeout the interval after which the routing falls back to one of the fallback_groups

consensusGracePeriod [Required]
int64

ConsensusGracePeriod the duration in seconds for which proxy continues to route even upon loss of a Raft leader.

readListenPort [Required]
int

ReadListenPort is the port where the proxy will listen and route queries to read nodes

PGDProxySettings

Appears in:

PGDProxySettings contains the settings of the proxy

FieldDescription
fallbackGroups [Required]
[]string

FallbackGroups is the list of groups the proxy should forward connection to when all the data nodes of this PGD group are not available

maxClientConn [Required]
int

MaxClientConn maximum number of connections the proxy will accept. Defaults to 32767

maxServerConn [Required]
int

MaxServerConn maximum number of connections the proxy will make to the Postgres node. Defaults to 32767

serverConnTimeout [Required]
int64

ServerConnTimeout connection timeout for server connections in seconds. Defaults to 2

serverConnKeepalive [Required]
int64

ServerConnKeepalive keepalive interval for server connections in seconds. Defaults to 10

fallbackGroupTimeout [Required]
int64

FallbackGroupTimeout the interval after which the routing falls back to one of the fallback_groups. Defaults to 60

consensusGracePeriod [Required]
int64

ConsensusGracePeriod the duration in seconds for which proxy continues to route even upon loss of a Raft leader. If set to 0s, proxy stops routing immediately. Defaults to 6

enableReadNodeRouting [Required]
bool

EnableReadNodeRouting is the switch to control whether the proxy will route queries to read nodes through read_listen_port or not. By default it is false

PGDProxyStatus

Appears in:

PGDProxyStatus any relevant status for the operator about PGDProxy

FieldDescription
proxyInstances [Required]
int32
No description provided.
writeLead [Required]
string

WriteLead is a reserved field for the operator, is not intended for external usage. Will be removed in future versions

proxyHash [Required]
string

ProxyHash contains the hash we use to detect if we need to reconcile the proxies

PGDStatus

Appears in:

PGDStatus any relevant status for the operator about PGD

FieldDescription
raftConsensusLastChangedStatus [Required]
github.com/EnterpriseDB/pg4k-pgd/pkg/resources.PGDRaftStatus

RaftConsensusLastChangedStatus indicates the latest reported status from bdr.monitor_group_raft

raftConsensusLastChangedMessage [Required]
string

RaftConsensusLastChangedMessage indicates the latest reported message from bdr.monitor_group_raft

raftConsensusLastChangedTimestamp [Required]
string

RaftConsensusLastChangedTimestamp indicates when the status and message were first reported

registeredProxies [Required]
[]PGDProxyEntry

RegisteredProxies is the status of the registered proxies

nodeGroup [Required]
PGDNodeGroupEntry

NodeGroup is the status of the node group associated with the PGDGroup

ParentGroupConfiguration

Appears in:

ParentGroupConfiguration contains the topology configuration of PGD

FieldDescription
name [Required]
string

Name of the parent group

create [Required]
bool

Create is true when the operator should create the parent group if it doesn't exist

PauseStatus

Appears in:

PauseStatus contains the information of group hibernating

FieldDescription
active [Required]
bool

Active indicates the PGDGroup is either:

  • in process of pausing
  • already paused
  • in process of resuming
instances [Required]
int32

Instances is the number of paused PGD instances

lastStartedTime [Required]
Time

LastStartedTime is the last time the PGDGroup started pausing

lastCompletedTime [Required]
Time

LastCompletedTime is last time the PGDGroup completed pausing

lastResumeStartedTime [Required]
Time

LastResumeStartedTime is the last time the PGDGroup started resuming

lastResumeCompletedTime [Required]
Time

LastCompletedTime is last time the PGDGroup completed resuming

PgdConfiguration

Appears in:

PgdConfiguration is the configuration of the PGD group structure

FieldDescription
parentGroup [Required]
ParentGroupConfiguration

ParentGroup configures the topology of the PGD group

discovery [Required]
[]ConnectionString

The parameters we will use to connect to a node belonging to the parent PGD group. Even if provided, the following parameters will be overridden with default values:application_name, sslmode, dbname and user. The following parameters should not be provided nor used, as they are not even overridden with defaults:sslkey, sslcert, sslrootcert

discoveryJob [Required]
DiscoveryJobConfig

DiscoveryJob the configuration of the PGD Discovery job

databaseName [Required]
string

Name of the database used by the application. Default: app.

ownerName [Required]
string

Name of the owner of the database in the instance to be used by applications. Defaults to the value of the database key.

ownerCredentialsSecret [Required]
LocalObjectReference

Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch

proxySettings [Required]
PGDProxySettings

Configuration for the proxy

nodeGroupSettings [Required]
PGDNodeGroupSettings

Configuration for the PGD Group

globalRouting [Required]
bool

GlobalRouting is true when global routing is enabled, and in this case the proxies will be created in the parent group

mutations [Required]
SQLMutations

List of SQL mutations to apply to the node group

PreProvisionedCertificate

Appears in:

PreProvisionedCertificate contains the data needed to supply a pre-generated certificate

FieldDescription
secretRef [Required]
string

SecretRef a name pointing to a secret that contains a tls.crt and tls.key

RecoverabilityPointsByMethod

(Alias of map[github.com/EnterpriseDB/cloud-native-postgres/api/v1.BackupMethod]k8s.io/apimachinery/pkg/apis/meta/v1.Time)

Appears in:

RecoverabilityPointsByMethod contains the first recoverability points for a given backup method

ReplicationCertificateStatus

Appears in:

ReplicationCertificateStatus encapsulate the certificate status

FieldDescription
name [Required]
string

Name is the name of the certificate

hash [Required]
string

Hash is the hash of the configuration for which it has been generated

isReady [Required]
bool

Ready is true when the certificate is ready

preProvisioned [Required]
bool

PreProvisioned is true if the certificate is preProvisioned

Restore

Appears in:

Restore configures the restore of a PGD group from an object store

FieldDescription
volumeSnapshots
VolumeSnapshotsConfiguration

The configuration for volumeSnapshot restore

barmanObjectStore [Required]
BarmanObjectStoreConfiguration

The configuration for the barman-cloud tool suite

recoveryTarget [Required]
RecoveryTarget

By default, the recovery process applies all the available WAL files in the archive (full recovery). However, you can also end the recovery as soon as a consistent state is reached or recover to a point-in-time (PITR) by specifying a RecoveryTarget object, as expected by PostgreSQL (i.e., timestamp, transaction Id, LSN, ...). More info: https://www.postgresql.org/docs/current/runtime-config-wal.html#RUNTIME-CONFIG-WAL-RECOVERY-TARGET

serverNames [Required]
[]string

The list of server names to be used as a recovery origin. One of these servers will be elected as the seeding one when evaluating the recovery target, this option is only used when restore from barmanObjectStore.

RestoreStatus

Appears in:

RestoreStatus contains the current status of the restore process

FieldDescription
serverName [Required]
string

The name of the server to be restored

VolumeSnapshots [Required]
[]VolumeSnapshotRestoreStatus

selected volumeSnapshots to restore

RootDNSConfiguration

Appears in:

RootDNSConfiguration describes how the FQDN for the resources should be generated

FieldDescription
DNSConfiguration
DNSConfiguration
(Members of DNSConfiguration are embedded into this type.)No description provided.
additional [Required]
[]DNSConfiguration

AdditionalDNSConfigurations adds more possible FQDNs for the resources

SQLMutation

SQLMutation is a series of SQL statements to apply atomically

FieldDescription
isApplied [Required]
[]string

List of boolean-returning SQL queries. If any of them returns false the mutation will be applied

exec [Required]
[]string

List of SQL queries to be executed to apply this mutation

type
SQLMutationType

Type determines when the SQLMutation occurs. 'always': reconcile the mutation at each reconciliation cycle 'beforeSubgroupRaft': are executed only before the subgroupRaft is enabled If not specified, the Type defaults to 'always'.

SQLMutationType

(Alias of string)

Appears in:

SQLMutationType a supported type of SQL Mutation

SQLMutations

(Alias of []github.com/EnterpriseDB/pg4k-pgd/api/v1beta1.SQLMutation)

Appears in:

SQLMutations A list of SQLMutation

ScheduledBackupSpec

Appears in:

ScheduledBackupSpec defines the desired state of ScheduledBackup

FieldDescription
suspend [Required]
bool

If this backup is suspended or not

immediate [Required]
bool

If the first backup has to be immediately start after creation or not

schedule [Required]
string

The schedule does not follow the same format used in Kubernetes CronJobs as it includes an additional second specifier, see https://pkg.go.dev/github.com/robfig/cron#hdr-CRON_Expression_Format

backupOwnerReference [Required]
string

Indicates which ownerReference should be put inside the created backup resources.

  • none: no owner reference for created backup objects (same behavior as before the field was introduced)
  • self: sets the Scheduled backup object as owner of the backup
  • cluster: set the cluster as owner of the backup
target [Required]
BackupTarget

The policy to decide which instance should perform this backup. If empty, it defaults to cluster.spec.backup.target. Available options are empty string, primary and prefer-standby.primary to have backups run always on primary instances,prefer-standby to have backups run preferably on the most updated standby, if available.

method
BackupMethod

The backup method to be used, possible options are barmanObjectStoreand volumeSnapshot. Defaults to: barmanObjectStore.

online
bool

Whether the default type of backup with volume snapshots is online/hot (true, default) or offline/cold (false) Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'

onlineConfiguration
OnlineConfiguration

Configuration parameters to control the online/hot backup with volume snapshots Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza

ScheduledBackupStatus

Appears in:

ScheduledBackupStatus contains the status of the scheduled backup

FieldDescription
method [Required]
BackupMethod

Method is the backup method used to take the backup

name [Required]
string

Name is the name of the scheduled backup

hash [Required]
string

Hash is the hash of the scheduled backup configuration

ServerCertConfiguration

Appears in:

ServerCertConfiguration contains the information to generate the certificates for the nodes

FieldDescription
caCertSecret [Required]
string

CACertSecret is the secret of the CA to be injected into the CloudNativePG configuration

certManager [Required]
CertManagerTemplate

The cert-manager template used to generate the certificates

ServiceTemplate

Appears in:

ServiceTemplate is a structure that allows the user to set a template for the Service generation.

FieldDescription
metadata
Metadata

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

spec
ServiceSpec

Specification of the desired behavior of the service. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

updateStrategy
ServiceUpdateStrategy

UpdateStrategy indicates how to update the services generated by this template.

ServiceUpdateStrategy

(Alias of string)

Appears in:

ServiceUpdateStrategy defines the type for updating LoadBalancers. Allowed values are "patch" and "replace".

TLSConfiguration

Appears in:

TLSConfiguration is the configuration of the TLS infrastructure used by PGD to connect to the nodes

FieldDescription
mode [Required]
TLSMode
No description provided.
serverCert [Required]
ServerCertConfiguration

The configuration for the server certificates

clientCert [Required]
ClientCertConfiguration

The configuration for the client certificates

TLSMode

(Alias of string)

Appears in:

TLSMode describes which mode should be used for the node to node communications

VolumeSnapshotRestoreStatus

Appears in:

VolumeSnapshotRestoreStatus the volumeSnapshot to restore

FieldDescription
snapshotName [Required]
string

SnapshotName is the snapshot name to restore

pvcRole [Required]
github.com/EnterpriseDB/cloud-native-postgres/pkg/utils.PVCRole

PVCRole is the pvcRole snapshot to restore

tablespaceName [Required]
string

TablespaceName is the tablespace name the snapshot belongs to, if the pvcRole is PG_TABLESPACE

VolumeSnapshotsConfiguration

Appears in:

VolumeSnapshotsConfiguration contains the configuration for the volumeSnapshots restore

FieldDescription
selector [Required]
LabelSelector

Label selector used to select the volumeSnapshot to restore