From f4588cc56646f1de25685092e46510c6f8b738c2 Mon Sep 17 00:00:00 2001 From: Yannic Remmet-Zarotiadis Date: Thu, 26 Sep 2024 11:50:44 +0200 Subject: [PATCH 1/4] adding services settings to cluster template Signed-off-by: Yannic Remmet-Zarotiadis --- charts/cluster/README.md | 1 + charts/cluster/templates/cluster.yaml | 7 ++++++- charts/cluster/values.schema.json | 3 +++ charts/cluster/values.yaml | 2 ++ 4 files changed, 12 insertions(+), 1 deletion(-) diff --git a/charts/cluster/README.md b/charts/cluster/README.md index 5b3fcd204..d277c4144 100644 --- a/charts/cluster/README.md +++ b/charts/cluster/README.md @@ -176,6 +176,7 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | cluster.priorityClassName | string | `""` | | | cluster.resources | object | `{}` | Resources requirements of every generated Pod. Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information. We strongly advise you use the same setting for limits and requests so that your cluster pods are given a Guaranteed QoS. See: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/ | | cluster.roles | list | `[]` | This feature enables declarative management of existing roles, as well as the creation of new roles if they are not already present in the database. See: https://cloudnative-pg.io/documentation/current/declarative_role_management/ | +| cluster.services | object | `{}` | Customization of service definions. Please refer to https://cloudnative-pg.io/documentation/1.24/service_management/ | | cluster.storage.size | string | `"8Gi"` | | | cluster.storage.storageClass | string | `""` | | | cluster.superuserSecret | string | `""` | | diff --git a/charts/cluster/templates/cluster.yaml b/charts/cluster/templates/cluster.yaml index c1879cfef..b42ab4f8f 100644 --- a/charts/cluster/templates/cluster.yaml +++ b/charts/cluster/templates/cluster.yaml @@ -52,6 +52,7 @@ spec: name: {{ . }} {{ end }} postgresql: + shared_preload_libraries: {{- if eq .Values.type "timescaledb" }} - timescaledb @@ -68,7 +69,11 @@ spec: {{- toYaml .pg_ident | nindent 6 }} {{ end }} - managed: + managed: + {{- with .Values.cluster.services }} + services: + {{- toYaml . | nindent 6 }} + {{ end }} {{- with .Values.cluster.roles }} roles: {{- toYaml . | nindent 6 }} diff --git a/charts/cluster/values.schema.json b/charts/cluster/values.schema.json index 9e35d7a90..dce989e11 100644 --- a/charts/cluster/values.schema.json +++ b/charts/cluster/values.schema.json @@ -276,6 +276,9 @@ "roles": { "type": "array" }, + "services": { + "type": "object" + }, "storage": { "type": "object", "properties": { diff --git a/charts/cluster/values.yaml b/charts/cluster/values.yaml index 8398c74d1..d5fe0cffc 100644 --- a/charts/cluster/values.yaml +++ b/charts/cluster/values.yaml @@ -160,6 +160,8 @@ cluster: # -- The GID of the postgres user inside the image, defaults to 26 postgresGID: -1 + services: {} # -- Customization of service definions. Please refer to https://cloudnative-pg.io/documentation/1.24/service_management/ + # -- Resources requirements of every generated Pod. # Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information. # We strongly advise you use the same setting for limits and requests so that your cluster pods are given a Guaranteed QoS. From 149242ae5505659fc4e5d76860b208c80efe5fe2 Mon Sep 17 00:00:00 2001 From: Yannic Remmet-Zarotiadis Date: Thu, 26 Sep 2024 14:32:30 +0200 Subject: [PATCH 2/4] adds ldap configuration to cluster template Co-authored-by: Vanessa Fabian Signed-off-by: Yannic Remmet-Zarotiadis --- charts/cluster/README.md | 1 + charts/cluster/templates/cluster.yaml | 3 ++- charts/cluster/values.schema.json | 3 +++ charts/cluster/values.yaml | 10 ++++++++++ 4 files changed, 16 insertions(+), 1 deletion(-) diff --git a/charts/cluster/README.md b/charts/cluster/README.md index d277c4144..f6d3853db 100644 --- a/charts/cluster/README.md +++ b/charts/cluster/README.md @@ -170,6 +170,7 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | cluster.postgresql.parameters | object | `{}` | PostgreSQL configuration options (postgresql.conf) | | cluster.postgresql.pg_hba | list | `[]` | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) | | cluster.postgresql.pg_ident | list | `[]` | PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file) | +| cluster.postgresql.ldap | list | `[]` | PostgreSQL LDAP configuration (lines to be appended to the pg_hba.conf file) (see https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration) | | cluster.postgresql.shared_preload_libraries | list | `[]` | Lists of shared preload libraries to add to the default ones | | cluster.primaryUpdateMethod | string | `"switchover"` | Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated. It can be switchover (default) or restart. | | cluster.primaryUpdateStrategy | string | `"unsupervised"` | Strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be automated (unsupervised - default) or manual (supervised) | diff --git a/charts/cluster/templates/cluster.yaml b/charts/cluster/templates/cluster.yaml index b42ab4f8f..09da326f2 100644 --- a/charts/cluster/templates/cluster.yaml +++ b/charts/cluster/templates/cluster.yaml @@ -52,7 +52,6 @@ spec: name: {{ . }} {{ end }} postgresql: - shared_preload_libraries: {{- if eq .Values.type "timescaledb" }} - timescaledb @@ -67,6 +66,8 @@ spec: {{- toYaml .pg_hba | nindent 6 }} pg_ident: {{- toYaml .pg_ident | nindent 6 }} + ldap: + {{- toYaml .ldap | nindent 6 }} {{ end }} managed: diff --git a/charts/cluster/values.schema.json b/charts/cluster/values.schema.json index dce989e11..3a848df92 100644 --- a/charts/cluster/values.schema.json +++ b/charts/cluster/values.schema.json @@ -258,6 +258,9 @@ }, "shared_preload_libraries": { "type": "array" + }, + "ldap": { + "type": "array" } } }, diff --git a/charts/cluster/values.yaml b/charts/cluster/values.yaml index d5fe0cffc..567385e3e 100644 --- a/charts/cluster/values.yaml +++ b/charts/cluster/values.yaml @@ -251,6 +251,16 @@ cluster: # - mymap /^(.*)@mydomain\.com$ \1 shared_preload_libraries: [] # - pgaudit + ldap: {} + # https://cloudnative-pg.io/documentation/1.24/postgresql_conf/#ldap-configuration + # server: 'openldap.default.svc.cluster.local' + # bindSearchAuth: + # baseDN: 'ou=org,dc=example,dc=com' + # bindDN: 'cn=admin,dc=example,dc=com' + # bindPassword: + # name: 'ldapBindPassword' + # key: 'data' + # searchAttribute: 'uid' # -- BootstrapInitDB is the configuration of the bootstrap process when initdb is used. # See: https://cloudnative-pg.io/documentation/current/bootstrap/ From bebe071c9d969ac35e7a1019e061cf4c714ec002 Mon Sep 17 00:00:00 2001 From: Yannic Remmet-Zarotiadis Date: Tue, 1 Oct 2024 08:14:16 +0200 Subject: [PATCH 3/4] fixing ldap configuration Signed-off-by: Yannic Remmet-Zarotiadis --- charts/cluster/README.md | 2 +- charts/cluster/templates/cluster.yaml | 2 ++ charts/cluster/values.schema.json | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/cluster/README.md b/charts/cluster/README.md index f6d3853db..9e16517e5 100644 --- a/charts/cluster/README.md +++ b/charts/cluster/README.md @@ -170,7 +170,7 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | cluster.postgresql.parameters | object | `{}` | PostgreSQL configuration options (postgresql.conf) | | cluster.postgresql.pg_hba | list | `[]` | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) | | cluster.postgresql.pg_ident | list | `[]` | PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file) | -| cluster.postgresql.ldap | list | `[]` | PostgreSQL LDAP configuration (lines to be appended to the pg_hba.conf file) (see https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration) | +| cluster.postgresql.ldap | list | `[]` | PostgreSQL LDAP configuration (see https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration) | | cluster.postgresql.shared_preload_libraries | list | `[]` | Lists of shared preload libraries to add to the default ones | | cluster.primaryUpdateMethod | string | `"switchover"` | Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated. It can be switchover (default) or restart. | | cluster.primaryUpdateStrategy | string | `"unsupervised"` | Strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be automated (unsupervised - default) or manual (supervised) | diff --git a/charts/cluster/templates/cluster.yaml b/charts/cluster/templates/cluster.yaml index 09da326f2..c80454134 100644 --- a/charts/cluster/templates/cluster.yaml +++ b/charts/cluster/templates/cluster.yaml @@ -66,8 +66,10 @@ spec: {{- toYaml .pg_hba | nindent 6 }} pg_ident: {{- toYaml .pg_ident | nindent 6 }} + {{- if .ldap }} ldap: {{- toYaml .ldap | nindent 6 }} + {{- end}} {{ end }} managed: diff --git a/charts/cluster/values.schema.json b/charts/cluster/values.schema.json index 3a848df92..177ab9953 100644 --- a/charts/cluster/values.schema.json +++ b/charts/cluster/values.schema.json @@ -260,7 +260,7 @@ "type": "array" }, "ldap": { - "type": "array" + "type": "object" } } }, From f4de98a4077e16cc2f5ae276035807c0480b9d1f Mon Sep 17 00:00:00 2001 From: Yannic Remmet-Zarotiadis Date: Wed, 16 Oct 2024 10:49:06 +0200 Subject: [PATCH 4/4] remove remove unnecessary whitespaces remove unnecessary whitespaces Signed-off-by: Yannic Remmet-Zarotiadis --- charts/cluster/values.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/cluster/values.yaml b/charts/cluster/values.yaml index 3457ed0b2..0d8758d99 100644 --- a/charts/cluster/values.yaml +++ b/charts/cluster/values.yaml @@ -160,8 +160,9 @@ cluster: # -- The GID of the postgres user inside the image, defaults to 26 postgresGID: -1 - services: {} # -- Customization of service definions. Please refer to https://cloudnative-pg.io/documentation/1.24/service_management/ - + # -- Customization of service definions. Please refer to https://cloudnative-pg.io/documentation/1.24/service_management/ + services: {} + # -- Resources requirements of every generated Pod. # Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information. # We strongly advise you use the same setting for limits and requests so that your cluster pods are given a Guaranteed QoS.