API Reference - v1.24.2 v1

Package v1 contains API Schema definitions for the postgresql v1 API group

Resource Types

Backup

Backup is the Schema for the backups API

FieldDescription
apiVersion [Required]
string
postgresql.k8s.enterprisedb.io/v1
kind [Required]
string
Backup
metadata [Required]
meta/v1.ObjectMeta
No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field.
spec [Required]
BackupSpec

Specification of the desired behavior of the backup. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

status
BackupStatus

Most recently observed status of the backup. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Cluster

Cluster is the Schema for the PostgreSQL API

FieldDescription
apiVersion [Required]
string
postgresql.k8s.enterprisedb.io/v1
kind [Required]
string
Cluster
metadata [Required]
meta/v1.ObjectMeta
No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field.
spec [Required]
ClusterSpec

Specification of the desired behavior of the cluster. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

status
ClusterStatus

Most recently observed status of the cluster. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

ClusterImageCatalog

ClusterImageCatalog is the Schema for the clusterimagecatalogs API

FieldDescription
apiVersion [Required]
string
postgresql.k8s.enterprisedb.io/v1
kind [Required]
string
ClusterImageCatalog
metadata [Required]
meta/v1.ObjectMeta
No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field.
spec [Required]
ImageCatalogSpec

Specification of the desired behavior of the ClusterImageCatalog. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

ImageCatalog

ImageCatalog is the Schema for the imagecatalogs API

FieldDescription
apiVersion [Required]
string
postgresql.k8s.enterprisedb.io/v1
kind [Required]
string
ImageCatalog
metadata [Required]
meta/v1.ObjectMeta
No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field.
spec [Required]
ImageCatalogSpec

Specification of the desired behavior of the ImageCatalog. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Pooler

Pooler is the Schema for the poolers API

FieldDescription
apiVersion [Required]
string
postgresql.k8s.enterprisedb.io/v1
kind [Required]
string
Pooler
metadata [Required]
meta/v1.ObjectMeta
No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field.
spec [Required]
PoolerSpec

Specification of the desired behavior of the Pooler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

status
PoolerStatus

Most recently observed status of the Pooler. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

ScheduledBackup

ScheduledBackup is the Schema for the scheduledbackups API

FieldDescription
apiVersion [Required]
string
postgresql.k8s.enterprisedb.io/v1
kind [Required]
string
ScheduledBackup
metadata [Required]
meta/v1.ObjectMeta
No description provided.Refer to the Kubernetes API documentation for the fields of the metadata field.
spec [Required]
ScheduledBackupSpec

Specification of the desired behavior of the ScheduledBackup. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

status
ScheduledBackupStatus

Most recently observed status of the ScheduledBackup. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

AffinityConfiguration

Appears in:

AffinityConfiguration contains the info we need to create the affinity rules for Pods

FieldDescription
enablePodAntiAffinity
bool

Activates anti-affinity for the pods. The operator will define pods anti-affinity unless this field is explicitly set to false

topologyKey
string

TopologyKey to use for anti-affinity configuration. See k8s documentation for more info on that

nodeSelector
map[string]string

NodeSelector is map of key-value pairs used to define the nodes on which the pods can run. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

nodeAffinity
core/v1.NodeAffinity

NodeAffinity describes node affinity scheduling rules for the pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity

tolerations
[]core/v1.Toleration

Tolerations is a list of Tolerations that should be set for all the pods, in order to allow them to run on tainted nodes. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/

podAntiAffinityType
string

PodAntiAffinityType allows the user to decide whether pod anti-affinity between cluster instance has to be considered a strong requirement during scheduling or not. Allowed values are: "preferred" (default if empty) or "required". Setting it to "required", could lead to instances remaining pending until new kubernetes nodes are added if all the existing nodes don't match the required pod anti-affinity rule. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

additionalPodAntiAffinity
core/v1.PodAntiAffinity

AdditionalPodAntiAffinity allows to specify pod anti-affinity terms to be added to the ones generated by the operator if EnablePodAntiAffinity is set to true (default) or to be used exclusively if set to false.

additionalPodAffinity
core/v1.PodAffinity

AdditionalPodAffinity allows to specify pod affinity terms to be passed to all the cluster's pods.

AvailableArchitecture

Appears in:

AvailableArchitecture represents the state of a cluster's architecture

FieldDescription
goArch [Required]
string

GoArch is the name of the executable architecture

hash [Required]
string

Hash is the hash of the executable

BackupConfiguration

Appears in:

BackupConfiguration defines how the backup of the cluster are taken. The supported backup methods are BarmanObjectStore and VolumeSnapshot. For details and examples refer to the Backup and Recovery section of the documentation

FieldDescription
volumeSnapshot
VolumeSnapshotConfiguration

VolumeSnapshot provides the configuration for the execution of volume snapshot backups.

barmanObjectStore
github.com/cloudnative-pg/barman-cloud/pkg/api.BarmanObjectStoreConfiguration

The configuration for the barman-cloud tool suite

retentionPolicy
string

RetentionPolicy is the retention policy to be used for backups and WALs (i.e. '60d'). The retention policy is expressed in the form of XXu where XX is a positive integer and u is in [dwm] - days, weeks, months. It's currently only applicable when using the BarmanObjectStore method.

target
BackupTarget

The policy to decide which instance should perform backups. Available options are empty string, which will default to prefer-standby policy,primary to have backups run always on primary instances, prefer-standbyto have backups run preferably on the most updated standby, if available.

BackupMethod

(Alias of string)

Appears in:

BackupMethod defines the way of executing the physical base backups of the selected PostgreSQL instance

BackupPhase

(Alias of string)

Appears in:

BackupPhase is the phase of the backup

BackupPluginConfiguration

Appears in:

BackupPluginConfiguration contains the backup configuration used by the backup plugin

FieldDescription
name [Required]
string

Name is the name of the plugin managing this backup

parameters
map[string]string

Parameters are the configuration parameters passed to the backup plugin for this backup

BackupSnapshotElementStatus

Appears in:

BackupSnapshotElementStatus is a volume snapshot that is part of a volume snapshot method backup

FieldDescription
name [Required]
string

Name is the snapshot resource name

type [Required]
string

Type is tho role of the snapshot in the cluster, such as PG_DATA, PG_WAL and PG_TABLESPACE

tablespaceName
string

TablespaceName is the name of the snapshotted tablespace. Only set when type is PG_TABLESPACE

BackupSnapshotStatus

Appears in:

BackupSnapshotStatus the fields exclusive to the volumeSnapshot method backup

FieldDescription
elements
[]BackupSnapshotElementStatus

The elements list, populated with the gathered volume snapshots

BackupSource

Appears in:

BackupSource contains the backup we need to restore from, plus some information that could be needed to correctly restore it.

FieldDescription
LocalObjectReference
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference
(Members of LocalObjectReference are embedded into this type.)No description provided.
endpointCA
github.com/cloudnative-pg/machinery/pkg/api.SecretKeySelector

EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive.

BackupSpec

Appears in:

BackupSpec defines the desired state of Backup

FieldDescription
cluster [Required]
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

The cluster to backup

target
BackupTarget

The policy to decide which instance should perform this backup. If empty, it defaults to cluster.spec.backup.target. Available options are empty string, primary and prefer-standby.primary to have backups run always on primary instances,prefer-standby to have backups run preferably on the most updated standby, if available.

method
BackupMethod

The backup method to be used, possible options are barmanObjectStore,volumeSnapshot or plugin. Defaults to: barmanObjectStore.

pluginConfiguration
BackupPluginConfiguration

Configuration parameters passed to the plugin managing this backup

online
bool

Whether the default type of backup with volume snapshots is online/hot (true, default) or offline/cold (false) Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'

onlineConfiguration
OnlineConfiguration

Configuration parameters to control the online/hot backup with volume snapshots Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza

BackupStatus

Appears in:

BackupStatus defines the observed state of Backup

FieldDescription
BarmanCredentials
github.com/cloudnative-pg/barman-cloud/pkg/api.BarmanCredentials
(Members of BarmanCredentials are embedded into this type.)

The potential credentials for each cloud provider

endpointCA
github.com/cloudnative-pg/machinery/pkg/api.SecretKeySelector

EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive.

endpointURL
string

Endpoint to be used to upload data to the cloud, overriding the automatic endpoint discovery

destinationPath
string

The path where to store the backup (i.e. s3://bucket/path/to/folder) this path, with different destination folders, will be used for WALs and for data. This may not be populated in case of errors.

serverName
string

The server name on S3, the cluster name is used if this parameter is omitted

encryption
string

Encryption method required to S3 API

backupId
string

The ID of the Barman backup

backupName
string

The Name of the Barman backup

phase
BackupPhase

The last backup status

startedAt
meta/v1.Time

When the backup was started

stoppedAt
meta/v1.Time

When the backup was terminated

beginWal
string

The starting WAL

endWal
string

The ending WAL

beginLSN
string

The starting xlog

endLSN
string

The ending xlog

error
string

The detected error

commandOutput
string

Unused. Retained for compatibility with old versions.

commandError
string

The backup command output in case of error

backupLabelFile
[]byte

Backup label file content as returned by Postgres in case of online (hot) backups

tablespaceMapFile
[]byte

Tablespace map file content as returned by Postgres in case of online (hot) backups

instanceID
InstanceID

Information to identify the instance where the backup has been taken from

snapshotBackupStatus
BackupSnapshotStatus

Status of the volumeSnapshot backup

method
BackupMethod

The backup method being used

online
bool

Whether the backup was online/hot (true) or offline/cold (false)

BackupTarget

(Alias of string)

Appears in:

BackupTarget describes the preferred targets for a backup

BootstrapConfiguration

Appears in:

BootstrapConfiguration contains information about how to create the PostgreSQL cluster. Only a single bootstrap method can be defined among the supported ones. initdb will be used as the bootstrap method if left unspecified. Refer to the Bootstrap page of the documentation for more information.

FieldDescription
initdb
BootstrapInitDB

Bootstrap the cluster via initdb

recovery
BootstrapRecovery

Bootstrap the cluster from a backup

pg_basebackup
BootstrapPgBaseBackup

Bootstrap the cluster taking a physical backup of another compatible PostgreSQL instance

BootstrapInitDB

Appears in:

BootstrapInitDB is the configuration of the bootstrap process when initdb is used Refer to the Bootstrap page of the documentation for more information.

FieldDescription
database
string

Name of the database used by the application. Default: app.

owner
string

Name of the owner of the database in the instance to be used by applications. Defaults to the value of the database key.

secret
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch

redwood
bool

If we need to enable/disable Redwood compatibility. Requires EPAS and for EPAS defaults to true

options
[]string

The list of options that must be passed to initdb when creating the cluster. Deprecated: This could lead to inconsistent configurations, please use the explicit provided parameters instead. If defined, explicit values will be ignored.

dataChecksums
bool

Whether the -k option should be passed to initdb, enabling checksums on data pages (default: false)

encoding
string

The value to be passed as option --encoding for initdb (default:UTF8)

localeCollate
string

The value to be passed as option --lc-collate for initdb (default:C)

localeCType
string

The value to be passed as option --lc-ctype for initdb (default:C)

walSegmentSize
int

The value in megabytes (1 to 1024) to be passed to the --wal-segsizeoption for initdb (default: empty, resulting in PostgreSQL default: 16MB)

postInitSQL
[]string

List of SQL queries to be executed as a superuser in the postgresdatabase right after the cluster has been created - to be used with extreme care (by default empty)

postInitApplicationSQL
[]string

List of SQL queries to be executed as a superuser in the application database right after the cluster has been created - to be used with extreme care (by default empty)

postInitTemplateSQL
[]string

List of SQL queries to be executed as a superuser in the template1database right after the cluster has been created - to be used with extreme care (by default empty)

import
Import

Bootstraps the new cluster by importing data from an existing PostgreSQL instance using logical backup (pg_dump and pg_restore)

postInitApplicationSQLRefs
SQLRefs

List of references to ConfigMaps or Secrets containing SQL files to be executed as a superuser in the application database right after the cluster has been created. The references are processed in a specific order: first, all Secrets are processed, followed by all ConfigMaps. Within each group, the processing order follows the sequence specified in their respective arrays. (by default empty)

postInitTemplateSQLRefs
SQLRefs

List of references to ConfigMaps or Secrets containing SQL files to be executed as a superuser in the template1 database right after the cluster has been created. The references are processed in a specific order: first, all Secrets are processed, followed by all ConfigMaps. Within each group, the processing order follows the sequence specified in their respective arrays. (by default empty)

postInitSQLRefs
SQLRefs

List of references to ConfigMaps or Secrets containing SQL files to be executed as a superuser in the postgres database right after the cluster has been created. The references are processed in a specific order: first, all Secrets are processed, followed by all ConfigMaps. Within each group, the processing order follows the sequence specified in their respective arrays. (by default empty)

BootstrapPgBaseBackup

Appears in:

BootstrapPgBaseBackup contains the configuration required to take a physical backup of an existing PostgreSQL cluster

FieldDescription
source [Required]
string

The name of the server of which we need to take a physical backup

database
string

Name of the database used by the application. Default: app.

owner
string

Name of the owner of the database in the instance to be used by applications. Defaults to the value of the database key.

secret
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch

BootstrapRecovery

Appears in:

BootstrapRecovery contains the configuration required to restore from an existing cluster using 3 methodologies: external cluster, volume snapshots or backup objects. Full recovery and Point-In-Time Recovery are supported. The method can be also be used to create clusters in continuous recovery (replica clusters), also supporting cascading replication when instances >

  1. Once the cluster exits recovery, the password for the superuser will be changed through the provided secret. Refer to the Bootstrap page of the documentation for more information.
FieldDescription
backup
BackupSource

The backup object containing the physical base backup from which to initiate the recovery procedure. Mutually exclusive with source and volumeSnapshots.

source
string

The external cluster whose backup we will restore. This is also used as the name of the folder under which the backup is stored, so it must be set to the name of the source cluster Mutually exclusive with backup.

volumeSnapshots
DataSource

The static PVC data source(s) from which to initiate the recovery procedure. Currently supporting VolumeSnapshotand PersistentVolumeClaim resources that map an existing PVC group, compatible with EDB Postgres for Kubernetes, and taken with a cold backup copy on a fenced Postgres instance (limitation which will be removed in the future when online backup will be implemented). Mutually exclusive with backup.

recoveryTarget
RecoveryTarget

By default, the recovery process applies all the available WAL files in the archive (full recovery). However, you can also end the recovery as soon as a consistent state is reached or recover to a point-in-time (PITR) by specifying a RecoveryTarget object, as expected by PostgreSQL (i.e., timestamp, transaction Id, LSN, ...). More info: https://www.postgresql.org/docs/current/runtime-config-wal.html#RUNTIME-CONFIG-WAL-RECOVERY-TARGET

database
string

Name of the database used by the application. Default: app.

owner
string

Name of the owner of the database in the instance to be used by applications. Defaults to the value of the database key.

secret
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch

CatalogImage

Appears in:

CatalogImage defines the image and major version

FieldDescription
image [Required]
string

The image reference

major [Required]
int

The PostgreSQL major version of the image. Must be unique within the catalog.

CertificatesConfiguration

Appears in:

CertificatesConfiguration contains the needed configurations to handle server certificates.

FieldDescription
serverCASecret
string

The secret containing the Server CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate the TLS certificate ServerTLSSecret.

Contains:

  • ca.crt: CA that should be used to validate the server certificate, used as sslrootcert in client connection strings.
  • ca.key: key used to generate Server SSL certs, if ServerTLSSecret is provided, this can be omitted.
serverTLSSecret
string

The secret of type kubernetes.io/tls containing the server TLS certificate and key that will be set asssl_cert_file and ssl_key_file so that clients can connect to postgres securely. If not defined, ServerCASecret must provide also ca.key and a new secret will be created using the provided CA.

replicationTLSSecret
string

The secret of type kubernetes.io/tls containing the client certificate to authenticate as the streaming_replica user. If not defined, ClientCASecret must provide also ca.key, and a new secret will be created using the provided CA.

clientCASecret
string

The secret containing the Client CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate all the client certificates.

Contains:

  • ca.crt: CA that should be used to validate the client certificates, used as ssl_ca_file of all the instances.
  • ca.key: key used to generate client certificates, if ReplicationTLSSecret is provided, this can be omitted.
serverAltDNSNames
[]string

The list of the server alternative DNS names to be added to the generated server TLS certificates, when required.

CertificatesStatus

Appears in:

CertificatesStatus contains configuration certificates and related expiration dates.

FieldDescription
CertificatesConfiguration
CertificatesConfiguration
(Members of CertificatesConfiguration are embedded into this type.)

Needed configurations to handle server certificates, initialized with default values, if needed.

expirations
map[string]string

Expiration dates for all certificates.

ClusterMonitoringTLSConfiguration

Appears in:

ClusterMonitoringTLSConfiguration is the type containing the TLS configuration for the cluster's monitoring

FieldDescription
enabled
bool

Enable TLS for the monitoring endpoint. Changing this option will force a rollout of all instances.

ClusterSpec

Appears in:

ClusterSpec defines the desired state of Cluster

FieldDescription
description
string

Description of this PostgreSQL cluster

inheritedMetadata
EmbeddedObjectMetadata

Metadata that will be inherited by all objects related to the Cluster

imageName
string

Name of the container image, supporting both tags (<image>:<tag>) and digests for deterministic and repeatable deployments (<image>:<tag>@sha256:<digestValue>)

imageCatalogRef
ImageCatalogRef

Defines the major PostgreSQL version we want to use within an ImageCatalog

imagePullPolicy
core/v1.PullPolicy

Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

schedulerName
string

If specified, the pod will be dispatched by specified Kubernetes scheduler. If not specified, the pod will be dispatched by the default scheduler. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/

postgresUID
int64

The UID of the postgres user inside the image, defaults to 26

postgresGID
int64

The GID of the postgres user inside the image, defaults to 26

instances [Required]
int

Number of instances required in the cluster

minSyncReplicas
int

Minimum number of instances required in synchronous replication with the primary. Undefined or 0 allow writes to complete when no standby is available.

maxSyncReplicas
int

The target value for the synchronous replication quorum, that can be decreased if the number of ready standbys is lower than this. Undefined or 0 disable synchronous replication.

postgresql
PostgresConfiguration

Configuration of the PostgreSQL server

replicationSlots
ReplicationSlotsConfiguration

Replication slots management configuration

bootstrap
BootstrapConfiguration

Instructions to bootstrap this cluster

replica
ReplicaClusterConfiguration

Replica cluster configuration

superuserSecret
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

The secret containing the superuser password. If not defined a new secret will be created with a randomly generated password

enableSuperuserAccess
bool

When this option is enabled, the operator will use the SuperuserSecretto update the postgres user password (if the secret is not present, the operator will automatically create one). When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, and then blank the password of the postgresuser by setting it to NULL. Disabled by default.

certificates
CertificatesConfiguration

The configuration for the CA and related certificates

imagePullSecrets
[]github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

The list of pull secrets to be used to pull the images. If the license key contains a pull secret that secret will be automatically included.

storage
StorageConfiguration

Configuration of the storage of the instances

serviceAccountTemplate
ServiceAccountTemplate

Configure the generation of the service account

walStorage
StorageConfiguration

Configuration of the storage for PostgreSQL WAL (Write-Ahead Log)

ephemeralVolumeSource
core/v1.EphemeralVolumeSource

EphemeralVolumeSource allows the user to configure the source of ephemeral volumes.

startDelay
int32

The time in seconds that is allowed for a PostgreSQL instance to successfully start up (default 3600). The startup probe failure threshold is derived from this value using the formula: ceiling(startDelay / 10).

stopDelay
int32

The time in seconds that is allowed for a PostgreSQL instance to gracefully shutdown (default 1800)

smartStopDelay
int32

Deprecated: please use SmartShutdownTimeout instead

smartShutdownTimeout
int32

The time in seconds that controls the window of time reserved for the smart shutdown of Postgres to complete. Make sure you reserve enough time for the operator to request a fast shutdown of Postgres (that is: stopDelay - smartShutdownTimeout).

switchoverDelay
int32

The time in seconds that is allowed for a primary PostgreSQL instance to gracefully shutdown during a switchover. Default value is 3600 seconds (1 hour).

failoverDelay
int32

The amount of time (in seconds) to wait before triggering a failover after the primary PostgreSQL instance in the cluster was detected to be unhealthy

livenessProbeTimeout
int32

LivenessProbeTimeout is the time (in seconds) that is allowed for a PostgreSQL instance to successfully respond to the liveness probe (default 30). The Liveness probe failure threshold is derived from this value using the formula: ceiling(livenessProbe / 10).

affinity
AffinityConfiguration

Affinity/Anti-affinity rules for Pods

topologySpreadConstraints
[]core/v1.TopologySpreadConstraint

TopologySpreadConstraints specifies how to spread matching pods among the given topology. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/

resources
core/v1.ResourceRequirements

Resources requirements of every generated Pod. Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information.

ephemeralVolumesSizeLimit
EphemeralVolumesSizeLimitConfiguration

EphemeralVolumesSizeLimit allows the user to set the limits for the ephemeral volumes

priorityClassName
string

Name of the priority class which will be used in every generated Pod, if the PriorityClass specified does not exist, the pod will not be able to schedule. Please refer to https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass for more information

primaryUpdateStrategy
PrimaryUpdateStrategy

Deployment strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be automated (unsupervised - default) or manual (supervised)

primaryUpdateMethod
PrimaryUpdateMethod

Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be with a switchover (switchover) or in-place (restart - default)

backup
BackupConfiguration

The configuration to be used for backups

nodeMaintenanceWindow
NodeMaintenanceWindow

Define a maintenance window for the Kubernetes nodes

licenseKey
string

The license key of the cluster. When empty, the cluster operates in trial mode and after the expiry date (default 30 days) the operator will cease any reconciliation attempt. For details, please refer to the license agreement that comes with the operator.

licenseKeySecret
core/v1.SecretKeySelector

The reference to the license key. When this is set it take precedence over LicenseKey.

monitoring
MonitoringConfiguration

The configuration of the monitoring infrastructure of this cluster

externalClusters
[]ExternalCluster

The list of external clusters which are used in the configuration

logLevel
string

The instances' log level, one of the following values: error, warning, info (default), debug, trace

projectedVolumeTemplate
core/v1.ProjectedVolumeSource

Template to be used to define projected volumes, projected volumes will be mounted under /projected base folder

env
[]core/v1.EnvVar

Env follows the Env format to pass environment variables to the pods created in the cluster

envFrom
[]core/v1.EnvFromSource

EnvFrom follows the EnvFrom format to pass environment variables sources to the pods to be used by Env

managed
ManagedConfiguration

The configuration that is used by the portions of PostgreSQL that are managed by the instance manager

seccompProfile
core/v1.SeccompProfile

The SeccompProfile applied to every Pod and Container. Defaults to: RuntimeDefault

tablespaces
[]TablespaceConfiguration

The tablespaces configuration

enablePDB
bool

Manage the PodDisruptionBudget resources within the cluster. When configured as true (default setting), the pod disruption budgets will safeguard the primary node from being terminated. Conversely, setting it to false will result in the absence of anyPodDisruptionBudget resource, permitting the shutdown of all nodes hosting the PostgreSQL cluster. This latter configuration is advisable for any PostgreSQL cluster employed for development/staging purposes.

plugins
[]PluginConfiguration

The plugins configuration, containing any plugin to be loaded with the corresponding configuration

probes
ProbesConfiguration

The configuration of the probes to be injected in the PostgreSQL Pods.

ClusterStatus

Appears in:

ClusterStatus defines the observed state of Cluster

FieldDescription
instances
int

The total number of PVC Groups detected in the cluster. It may differ from the number of existing instance pods.

readyInstances
int

The total number of ready instances in the cluster. It is equal to the number of ready instance pods.

instancesStatus
map[PodStatus][]string

InstancesStatus indicates in which status the instances are

instancesReportedState
map[PodName]InstanceReportedState

The reported state of the instances during the last reconciliation loop

managedRolesStatus
ManagedRoles

ManagedRolesStatus reports the state of the managed roles in the cluster

tablespacesStatus
[]TablespaceState

TablespacesStatus reports the state of the declarative tablespaces in the cluster

timelineID
int

The timeline of the Postgres cluster

topology
Topology

Instances topology.

latestGeneratedNode
int

ID of the latest generated node (used to avoid node name clashing)

currentPrimary
string

Current primary instance

targetPrimary
string

Target primary instance, this is different from the previous one during a switchover or a failover

lastPromotionToken
string

LastPromotionToken is the last verified promotion token that was used to promote a replica cluster

pvcCount
int32

How many PVCs have been created by this cluster

jobCount
int32

How many Jobs have been created by this cluster

danglingPVC
[]string

List of all the PVCs created by this cluster and still available which are not attached to a Pod

resizingPVC
[]string

List of all the PVCs that have ResizingPVC condition.

initializingPVC
[]string

List of all the PVCs that are being initialized by this cluster

healthyPVC
[]string

List of all the PVCs not dangling nor initializing

unusablePVC
[]string

List of all the PVCs that are unusable because another PVC is missing

licenseStatus
github.com/EnterpriseDB/cloud-native-postgres/pkg/licensekey.Status

Status of the license

writeService
string

Current write pod

readService
string

Current list of read pods

phase
string

Current phase of the cluster

phaseReason
string

Reason for the current phase

secretsResourceVersion
SecretsResourceVersion

The list of resource versions of the secrets managed by the operator. Every change here is done in the interest of the instance manager, which will refresh the secret data

configMapResourceVersion
ConfigMapResourceVersion

The list of resource versions of the configmaps, managed by the operator. Every change here is done in the interest of the instance manager, which will refresh the configmap data

certificates
CertificatesStatus

The configuration for the CA and related certificates, initialized with defaults.

firstRecoverabilityPoint
string

The first recoverability point, stored as a date in RFC3339 format. This field is calculated from the content of FirstRecoverabilityPointByMethod

firstRecoverabilityPointByMethod
map[BackupMethod]meta/v1.Time

The first recoverability point, stored as a date in RFC3339 format, per backup method type

lastSuccessfulBackup
string

Last successful backup, stored as a date in RFC3339 format This field is calculated from the content of LastSuccessfulBackupByMethod

lastSuccessfulBackupByMethod
map[BackupMethod]meta/v1.Time

Last successful backup, stored as a date in RFC3339 format, per backup method type

lastFailedBackup
string

Stored as a date in RFC3339 format

cloudNativePostgresqlCommitHash
string

The commit hash number of which this operator running

currentPrimaryTimestamp
string

The timestamp when the last actual promotion to primary has occurred

currentPrimaryFailingSinceTimestamp
string

The timestamp when the primary was detected to be unhealthy This field is reported when .spec.failoverDelay is populated or during online upgrades

targetPrimaryTimestamp
string

The timestamp when the last request for a new primary has occurred

poolerIntegrations
PoolerIntegrations

The integration needed by poolers referencing the cluster

cloudNativePostgresqlOperatorHash
string

The hash of the binary of the operator

availableArchitectures
[]AvailableArchitecture

AvailableArchitectures reports the available architectures of a cluster

conditions
[]meta/v1.Condition

Conditions for cluster object

instanceNames
[]string

List of instance names in the cluster

onlineUpdateEnabled
bool

OnlineUpdateEnabled shows if the online upgrade is enabled inside the cluster

azurePVCUpdateEnabled
bool

AzurePVCUpdateEnabled shows if the PVC online upgrade is enabled for this cluster

image
string

Image contains the image name used by the pods

pluginStatus
[]PluginStatus

PluginStatus is the status of the loaded plugins

switchReplicaClusterStatus
SwitchReplicaClusterStatus

SwitchReplicaClusterStatus is the status of the switch to replica cluster

demotionToken
string

DemotionToken is a JSON token containing the information from pg_controldata such as Database system identifier, Latest checkpoint's TimeLineID, Latest checkpoint's REDO location, Latest checkpoint's REDO WAL file, and Time of latest checkpoint

ConfigMapResourceVersion

Appears in:

ConfigMapResourceVersion is the resource versions of the secrets managed by the operator

FieldDescription
metrics
map[string]string

A map with the versions of all the config maps used to pass metrics. Map keys are the config map names, map values are the versions

DataSource

Appears in:

DataSource contains the configuration required to bootstrap a PostgreSQL cluster from an existing storage

FieldDescription
storage [Required]
core/v1.TypedLocalObjectReference

Configuration of the storage of the instances

walStorage
core/v1.TypedLocalObjectReference

Configuration of the storage for PostgreSQL WAL (Write-Ahead Log)

tablespaceStorage
map[string]core/v1.TypedLocalObjectReference

Configuration of the storage for PostgreSQL tablespaces

DatabaseRoleRef

Appears in:

DatabaseRoleRef is a reference an a role available inside PostgreSQL

FieldDescription
name
string
No description provided.

EPASConfiguration

Appears in:

EPASConfiguration contains EDB Postgres Advanced Server specific configurations

FieldDescription
audit
bool

If true enables edb_audit logging

tde
TDEConfiguration

TDE configuration

EmbeddedObjectMetadata

Appears in:

EmbeddedObjectMetadata contains metadata to be inherited by all resources related to a Cluster

FieldDescription
labels
map[string]string
No description provided.
annotations
map[string]string
No description provided.

EnsureOption

(Alias of string)

Appears in:

EnsureOption represents whether we should enforce the presence or absence of a Role in a PostgreSQL instance

EphemeralVolumesSizeLimitConfiguration

Appears in:

EphemeralVolumesSizeLimitConfiguration contains the configuration of the ephemeral storage

FieldDescription
shm
k8s.io/apimachinery/pkg/api/resource.Quantity

Shm is the size limit of the shared memory volume

temporaryData
k8s.io/apimachinery/pkg/api/resource.Quantity

TemporaryData is the size limit of the temporary data volume

ExternalCluster

Appears in:

ExternalCluster represents the connection parameters to an external cluster which is used in the other sections of the configuration

FieldDescription
name [Required]
string

The server name, required

connectionParameters
map[string]string

The list of connection parameters, such as dbname, host, username, etc

sslCert
core/v1.SecretKeySelector

The reference to an SSL certificate to be used to connect to this instance

sslKey
core/v1.SecretKeySelector

The reference to an SSL private key to be used to connect to this instance

sslRootCert
core/v1.SecretKeySelector

The reference to an SSL CA public key to be used to connect to this instance

password
core/v1.SecretKeySelector

The reference to the password to be used to connect to the server. If a password is provided, EDB Postgres for Kubernetes creates a PostgreSQL passfile at /controller/external/NAME/pass (where "NAME" is the cluster's name). This passfile is automatically referenced in the connection string when establishing a connection to the remote PostgreSQL server from the current PostgreSQL Cluster. This ensures secure and efficient password management for external clusters.

barmanObjectStore
github.com/cloudnative-pg/barman-cloud/pkg/api.BarmanObjectStoreConfiguration

The configuration for the barman-cloud tool suite

ImageCatalogRef

Appears in:

ImageCatalogRef defines the reference to a major version in an ImageCatalog

FieldDescription
TypedLocalObjectReference
core/v1.TypedLocalObjectReference
(Members of TypedLocalObjectReference are embedded into this type.)No description provided.
major [Required]
int

The major version of PostgreSQL we want to use from the ImageCatalog

ImageCatalogSpec

Appears in:

ImageCatalogSpec defines the desired ImageCatalog

FieldDescription
images [Required]
[]CatalogImage

List of CatalogImages available in the catalog

Import

Appears in:

Import contains the configuration to init a database from a logic snapshot of an externalCluster

FieldDescription
source [Required]
ImportSource

The source of the import

type [Required]
SnapshotType

The import type. Can be microservice or monolith.

databases [Required]
[]string

The databases to import

roles
[]string

The roles to import

postImportApplicationSQL
[]string

List of SQL queries to be executed as a superuser in the application database right after is imported - to be used with extreme care (by default empty). Only available in microservice type.

schemaOnly
bool

When set to true, only the pre-data and post-data sections ofpg_restore are invoked, avoiding data import. Default: false.

ImportSource

Appears in:

ImportSource describes the source for the logical snapshot

FieldDescription
externalCluster [Required]
string

The name of the externalCluster used for import

InstanceID

Appears in:

InstanceID contains the information to identify an instance

FieldDescription
podName
string

The pod name

ContainerID
string

The container ID

InstanceReportedState

Appears in:

InstanceReportedState describes the last reported state of an instance during a reconciliation loop

FieldDescription
isPrimary [Required]
bool

indicates if an instance is the primary one

timeLineID
int

indicates on which TimelineId the instance is

LDAPBindAsAuth

Appears in:

LDAPBindAsAuth provides the required fields to use the bind authentication for LDAP

FieldDescription
prefix
string

Prefix for the bind authentication option

suffix
string

Suffix for the bind authentication option

LDAPBindSearchAuth

Appears in:

LDAPBindSearchAuth provides the required fields to use the bind+search LDAP authentication process

FieldDescription
baseDN
string

Root DN to begin the user search

bindDN
string

DN of the user to bind to the directory

bindPassword
core/v1.SecretKeySelector

Secret with the password for the user to bind to the directory

searchAttribute
string

Attribute to match against the username

searchFilter
string

Search filter to use when doing the search+bind authentication

LDAPConfig

Appears in:

LDAPConfig contains the parameters needed for LDAP authentication

FieldDescription
server
string

LDAP hostname or IP address

port
int

LDAP server port

scheme
LDAPScheme

LDAP schema to be used, possible options are ldap and ldaps

bindAsAuth
LDAPBindAsAuth

Bind as authentication configuration

bindSearchAuth
LDAPBindSearchAuth

Bind+Search authentication configuration

tls
bool

Set to 'true' to enable LDAP over TLS. 'false' is default

LDAPScheme

(Alias of string)

Appears in:

LDAPScheme defines the possible schemes for LDAP

ManagedConfiguration

Appears in:

ManagedConfiguration represents the portions of PostgreSQL that are managed by the instance manager

FieldDescription
roles
[]RoleConfiguration

Database roles managed by the Cluster

services
ManagedServices

Services roles managed by the Cluster

ManagedRoles

Appears in:

ManagedRoles tracks the status of a cluster's managed roles

FieldDescription
byStatus
map[RoleStatus][]string

ByStatus gives the list of roles in each state

cannotReconcile
map[string][]string

CannotReconcile lists roles that cannot be reconciled in PostgreSQL, with an explanation of the cause

passwordStatus
map[string]PasswordState

PasswordStatus gives the last transaction id and password secret version for each managed role

ManagedService

Appears in:

ManagedService represents a specific service managed by the cluster. It includes the type of service and its associated template specification.

FieldDescription
selectorType [Required]
ServiceSelectorType

SelectorType specifies the type of selectors that the service will have. Valid values are "rw", "r", and "ro", representing read-write, read, and read-only services.

updateStrategy
ServiceUpdateStrategy

UpdateStrategy describes how the service differences should be reconciled

serviceTemplate [Required]
ServiceTemplateSpec

ServiceTemplate is the template specification for the service.

ManagedServices

Appears in:

ManagedServices represents the services managed by the cluster.

FieldDescription
disabledDefaultServices
[]ServiceSelectorType

DisabledDefaultServices is a list of service types that are disabled by default. Valid values are "r", and "ro", representing read, and read-only services.

additional
[]ManagedService

Additional is a list of additional managed services specified by the user.

Metadata

Appears in:

Metadata is a structure similar to the metav1.ObjectMeta, but still parseable by controller-gen to create a suitable CRD for the user. The comment of PodTemplateSpec has an explanation of why we are not using the core data types.

FieldDescription
name
string

The name of the resource. Only supported for certain types

labels
map[string]string

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels

annotations
map[string]string

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations

MonitoringConfiguration

Appears in:

MonitoringConfiguration is the type containing all the monitoring configuration for a certain cluster

FieldDescription
disableDefaultQueries
bool

Whether the default queries should be injected. Set it to true if you don't want to inject default queries into the cluster. Default: false.

customQueriesConfigMap
[]github.com/cloudnative-pg/machinery/pkg/api.ConfigMapKeySelector

The list of config maps containing the custom queries

customQueriesSecret
[]github.com/cloudnative-pg/machinery/pkg/api.SecretKeySelector

The list of secrets containing the custom queries

enablePodMonitor
bool

Enable or disable the PodMonitor

tls
ClusterMonitoringTLSConfiguration

Configure TLS communication for the metrics endpoint. Changing tls.enabled option will force a rollout of all instances.

podMonitorMetricRelabelings
[]github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig

The list of metric relabelings for the PodMonitor. Applied to samples before ingestion.

podMonitorRelabelings
[]github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig

The list of relabelings for the PodMonitor. Applied to samples before scraping.

NodeMaintenanceWindow

Appears in:

NodeMaintenanceWindow contains information that the operator will use while upgrading the underlying node.

This option is only useful when the chosen storage prevents the Pods from being freely moved across nodes.

FieldDescription
reusePVC
bool

Reuse the existing PVC (wait for the node to come up again) or not (recreate it elsewhere - when instances >1)

inProgress
bool

Is there a node maintenance activity in progress?

OnlineConfiguration

Appears in:

OnlineConfiguration contains the configuration parameters for the online volume snapshot

FieldDescription
waitForArchive
bool

If false, the function will return immediately after the backup is completed, without waiting for WAL to be archived. This behavior is only useful with backup software that independently monitors WAL archiving. Otherwise, WAL required to make the backup consistent might be missing and make the backup useless. By default, or when this parameter is true, pg_backup_stop will wait for WAL to be archived when archiving is enabled. On a standby, this means that it will wait only when archive_mode = always. If write activity on the primary is low, it may be useful to run pg_switch_wal on the primary in order to trigger an immediate segment switch.

immediateCheckpoint
bool

Control whether the I/O workload for the backup initial checkpoint will be limited, according to the checkpoint_completion_target setting on the PostgreSQL server. If set to true, an immediate checkpoint will be used, meaning PostgreSQL will complete the checkpoint as soon as possible. false by default.

PasswordState

Appears in:

PasswordState represents the state of the password of a managed RoleConfiguration

FieldDescription
transactionID
int64

the last transaction ID to affect the role definition in PostgreSQL

resourceVersion
string

the resource version of the password secret

PgBouncerIntegrationStatus

Appears in:

PgBouncerIntegrationStatus encapsulates the needed integration for the pgbouncer poolers referencing the cluster

FieldDescription
secrets
[]string
No description provided.

PgBouncerPoolMode

(Alias of string)

Appears in:

PgBouncerPoolMode is the mode of PgBouncer

PgBouncerSecrets

Appears in:

PgBouncerSecrets contains the versions of the secrets used by pgbouncer

FieldDescription
authQuery
SecretVersion

The auth query secret version

PgBouncerSpec

Appears in:

PgBouncerSpec defines how to configure PgBouncer

FieldDescription
poolMode
PgBouncerPoolMode

The pool mode. Default: session.

authQuerySecret
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

The credentials of the user that need to be used for the authentication query. In case it is specified, also an AuthQuery (e.g. "SELECT usename, passwd FROM pg_catalog.pg_shadow WHERE usename=$1") has to be specified and no automatic CNP Cluster integration will be triggered.

authQuery
string

The query that will be used to download the hash of the password of a certain user. Default: "SELECT usename, passwd FROM public.user_search($1)". In case it is specified, also an AuthQuerySecret has to be specified and no automatic CNP Cluster integration will be triggered.

parameters
map[string]string

Additional parameters to be passed to PgBouncer - please check the CNP documentation for a list of options you can configure

pg_hba
[]string

PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file)

paused
bool

When set to true, PgBouncer will disconnect from the PostgreSQL server, first waiting for all queries to complete, and pause all new client connections until this value is set to false (default). Internally, the operator calls PgBouncer's PAUSE and RESUME commands.

PluginConfiguration

Appears in:

PluginConfiguration specifies a plugin that need to be loaded for this cluster to be reconciled

FieldDescription
name [Required]
string

Name is the plugin name

parameters
map[string]string

Parameters is the configuration of the plugin

PluginStatus

Appears in:

PluginStatus is the status of a loaded plugin

FieldDescription
name [Required]
string

Name is the name of the plugin

version [Required]
string

Version is the version of the plugin loaded by the latest reconciliation loop

capabilities
[]string

Capabilities are the list of capabilities of the plugin

operatorCapabilities
[]string

OperatorCapabilities are the list of capabilities of the plugin regarding the reconciler

walCapabilities
[]string

WALCapabilities are the list of capabilities of the plugin regarding the WAL management

backupCapabilities
[]string

BackupCapabilities are the list of capabilities of the plugin regarding the Backup management

status
string

Status contain the status reported by the plugin through the SetStatusInCluster interface

PodTemplateSpec

Appears in:

PodTemplateSpec is a structure allowing the user to set a template for Pod generation.

Unfortunately we can't use the corev1.PodTemplateSpec type because the generated CRD won't have the field for the metadata section.

References: https://github.com/kubernetes-sigs/controller-tools/issues/385 https://github.com/kubernetes-sigs/controller-tools/issues/448 https://github.com/prometheus-operator/prometheus-operator/issues/3041

FieldDescription
metadata
Metadata

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

spec
core/v1.PodSpec

Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

PodTopologyLabels

(Alias of map[string]string)

Appears in:

PodTopologyLabels represent the topology of a Pod. map[labelName]labelValue

PoolerIntegrations

Appears in:

PoolerIntegrations encapsulates the needed integration for the poolers referencing the cluster

FieldDescription
pgBouncerIntegration
PgBouncerIntegrationStatus
No description provided.

PoolerMonitoringConfiguration

Appears in:

PoolerMonitoringConfiguration is the type containing all the monitoring configuration for a certain Pooler.

Mirrors the Cluster's MonitoringConfiguration but without the custom queries part for now.

FieldDescription
enablePodMonitor
bool

Enable or disable the PodMonitor

podMonitorMetricRelabelings
[]github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig

The list of metric relabelings for the PodMonitor. Applied to samples before ingestion.

podMonitorRelabelings
[]github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.RelabelConfig

The list of relabelings for the PodMonitor. Applied to samples before scraping.

PoolerSecrets

Appears in:

PoolerSecrets contains the versions of all the secrets used

FieldDescription
serverTLS
SecretVersion

The server TLS secret version

serverCA
SecretVersion

The server CA secret version

clientCA
SecretVersion

The client CA secret version

pgBouncerSecrets
PgBouncerSecrets

The version of the secrets used by PgBouncer

PoolerSpec

Appears in:

PoolerSpec defines the desired state of Pooler

FieldDescription
cluster [Required]
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

This is the cluster reference on which the Pooler will work. Pooler name should never match with any cluster name within the same namespace.

type
PoolerType

Type of service to forward traffic to. Default: rw.

instances
int32

The number of replicas we want. Default: 1.

template
PodTemplateSpec

The template of the Pod to be created

pgbouncer [Required]
PgBouncerSpec

The PgBouncer configuration

deploymentStrategy
apps/v1.DeploymentStrategy

The deployment strategy to use for pgbouncer to replace existing pods with new ones

monitoring
PoolerMonitoringConfiguration

The configuration of the monitoring infrastructure of this pooler.

serviceTemplate
ServiceTemplateSpec

Template for the Service to be created

PoolerStatus

Appears in:

PoolerStatus defines the observed state of Pooler

FieldDescription
secrets
PoolerSecrets

The resource version of the config object

instances
int32

The number of pods trying to be scheduled

PoolerType

(Alias of string)

Appears in:

PoolerType is the type of the connection pool, meaning the service we are targeting. Allowed values are rw and ro.

PostgresConfiguration

Appears in:

PostgresConfiguration defines the PostgreSQL configuration

FieldDescription
parameters
map[string]string

PostgreSQL configuration options (postgresql.conf)

synchronous
SynchronousReplicaConfiguration

Configuration of the PostgreSQL synchronous replication feature

pg_hba
[]string

PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file)

pg_ident
[]string

PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file)

epas
EPASConfiguration

EDB Postgres Advanced Server specific configurations

syncReplicaElectionConstraint
SyncReplicaElectionConstraints

Requirements to be met by sync replicas. This will affect how the "synchronous_standby_names" parameter will be set up.

shared_preload_libraries
[]string

Lists of shared preload libraries to add to the default ones

ldap
LDAPConfig

Options to specify LDAP configuration

promotionTimeout
int32

Specifies the maximum number of seconds to wait when promoting an instance to primary. Default value is 40000000, greater than one year in seconds, big enough to simulate an infinite timeout

enableAlterSystem
bool

If this parameter is true, the user will be able to invoke ALTER SYSTEMon this EDB Postgres for Kubernetes Cluster. This should only be used for debugging and troubleshooting. Defaults to false.

PrimaryUpdateMethod

(Alias of string)

Appears in:

PrimaryUpdateMethod contains the method to use when upgrading the primary server of the cluster as part of rolling updates

PrimaryUpdateStrategy

(Alias of string)

Appears in:

PrimaryUpdateStrategy contains the strategy to follow when upgrading the primary server of the cluster as part of rolling updates

Probe

Appears in:

Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.

FieldDescription
initialDelaySeconds
int32

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

timeoutSeconds
int32

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

periodSeconds
int32

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

successThreshold
int32

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

failureThreshold
int32

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

terminationGracePeriodSeconds
int64

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

ProbesConfiguration

Appears in:

ProbesConfiguration represent the configuration for the probes to be injected in the PostgreSQL Pods

FieldDescription
startup [Required]
Probe

The startup probe configuration

liveness [Required]
Probe

The liveness probe configuration

readiness [Required]
Probe

The readiness probe configuration

RecoveryTarget

Appears in:

RecoveryTarget allows to configure the moment where the recovery process will stop. All the target options except TargetTLI are mutually exclusive.

FieldDescription
backupID
string

The ID of the backup from which to start the recovery process. If empty (default) the operator will automatically detect the backup based on targetTime or targetLSN if specified. Otherwise use the latest available backup in chronological order.

targetTLI
string

The target timeline ("latest" or a positive integer)

targetXID
string

The target transaction ID

targetName
string

The target name (to be previously created with pg_create_restore_point)

targetLSN
string

The target LSN (Log Sequence Number)

targetTime
string

The target time as a timestamp in the RFC3339 standard

targetImmediate
bool

End recovery as soon as a consistent state is reached

exclusive
bool

Set the target to be exclusive. If omitted, defaults to false, so that in Postgres, recovery_target_inclusive will be true

ReplicaClusterConfiguration

Appears in:

ReplicaClusterConfiguration encapsulates the configuration of a replica cluster

FieldDescription
self
string

Self defines the name of this cluster. It is used to determine if this is a primary or a replica cluster, comparing it with primary

primary
string

Primary defines which Cluster is defined to be the primary in the distributed PostgreSQL cluster, based on the topology specified in externalClusters

source [Required]
string

The name of the external cluster which is the replication origin

enabled
bool

If replica mode is enabled, this cluster will be a replica of an existing cluster. Replica cluster can be created from a recovery object store or via streaming through pg_basebackup. Refer to the Replica clusters page of the documentation for more information.

promotionToken
string

A demotion token generated by an external cluster used to check if the promotion requirements are met.

minApplyDelay
meta/v1.Duration

When replica mode is enabled, this parameter allows you to replay transactions only when the system time is at least the configured time past the commit time. This provides an opportunity to correct data loss errors. Note that when this parameter is set, a promotion token cannot be used.

ReplicationSlotsConfiguration

Appears in:

ReplicationSlotsConfiguration encapsulates the configuration of replication slots

FieldDescription
highAvailability
ReplicationSlotsHAConfiguration

Replication slots for high availability configuration

updateInterval
int

Standby will update the status of the local replication slots every updateInterval seconds (default 30).

synchronizeReplicas
SynchronizeReplicasConfiguration

Configures the synchronization of the user defined physical replication slots

ReplicationSlotsHAConfiguration

Appears in:

ReplicationSlotsHAConfiguration encapsulates the configuration of the replication slots that are automatically managed by the operator to control the streaming replication connections with the standby instances for high availability (HA) purposes. Replication slots are a PostgreSQL feature that makes sure that PostgreSQL automatically keeps WAL files in the primary when a streaming client (in this specific case a replica that is part of the HA cluster) gets disconnected.

FieldDescription
enabled
bool

If enabled (default), the operator will automatically manage replication slots on the primary instance and use them in streaming replication connections with all the standby instances that are part of the HA cluster. If disabled, the operator will not take advantage of replication slots in streaming connections with the replicas. This feature also controls replication slots in replica cluster, from the designated primary to its cascading replicas.

slotPrefix
string

Prefix for replication slots managed by the operator for HA. It may only contain lower case letters, numbers, and the underscore character. This can only be set at creation time. By default set to _cnp_.

RoleConfiguration

Appears in:

RoleConfiguration is the representation, in Kubernetes, of a PostgreSQL role with the additional field Ensure specifying whether to ensure the presence or absence of the role in the database

The defaults of the CREATE ROLE command are applied Reference: https://www.postgresql.org/docs/current/sql-createrole.html

FieldDescription
name [Required]
string

Name of the role

comment
string

Description of the role

ensure
EnsureOption

Ensure the role is present or absent - defaults to "present"

passwordSecret
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

Secret containing the password of the role (if present) If null, the password will be ignored unless DisablePassword is set

connectionLimit
int64

If the role can log in, this specifies how many concurrent connections the role can make. -1 (the default) means no limit.

validUntil
meta/v1.Time

Date and time after which the role's password is no longer valid. When omitted, the password will never expire (default).

inRoles
[]string

List of one or more existing roles to which this role will be immediately added as a new member. Default empty.

inherit
bool

Whether a role "inherits" the privileges of roles it is a member of. Defaults is true.

disablePassword
bool

DisablePassword indicates that a role's password should be set to NULL in Postgres

superuser
bool

Whether the role is a superuser who can override all access restrictions within the database - superuser status is dangerous and should be used only when really needed. You must yourself be a superuser to create a new superuser. Defaults is false.

createdb
bool

When set to true, the role being defined will be allowed to create new databases. Specifying false (default) will deny a role the ability to create databases.

createrole
bool

Whether the role will be permitted to create, alter, drop, comment on, change the security label for, and grant or revoke membership in other roles. Default is false.

login
bool

Whether the role is allowed to log in. A role having the loginattribute can be thought of as a user. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default is false.

replication
bool

Whether a role is a replication role. A role must have this attribute (or be a superuser) in order to be able to connect to the server in replication mode (physical or logical replication) and in order to be able to create or drop replication slots. A role having the replication attribute is a very highly privileged role, and should only be used on roles actually used for replication. Default is false.

bypassrls
bool

Whether a role bypasses every row-level security (RLS) policy. Default is false.

SQLRefs

Appears in:

SQLRefs holds references to ConfigMaps or Secrets containing SQL files. The references are processed in a specific order: first, all Secrets are processed, followed by all ConfigMaps. Within each group, the processing order follows the sequence specified in their respective arrays.

FieldDescription
secretRefs
[]github.com/cloudnative-pg/machinery/pkg/api.SecretKeySelector

SecretRefs holds a list of references to Secrets

configMapRefs
[]github.com/cloudnative-pg/machinery/pkg/api.ConfigMapKeySelector

ConfigMapRefs holds a list of references to ConfigMaps

ScheduledBackupSpec

Appears in:

ScheduledBackupSpec defines the desired state of ScheduledBackup

FieldDescription
suspend
bool

If this backup is suspended or not

immediate
bool

If the first backup has to be immediately start after creation or not

schedule [Required]
string

The schedule does not follow the same format used in Kubernetes CronJobs as it includes an additional seconds specifier, see https://pkg.go.dev/github.com/robfig/cron#hdr-CRON_Expression_Format

cluster [Required]
github.com/cloudnative-pg/machinery/pkg/api.LocalObjectReference

The cluster to backup

backupOwnerReference
string

Indicates which ownerReference should be put inside the created backup resources.

  • none: no owner reference for created backup objects (same behavior as before the field was introduced)
  • self: sets the Scheduled backup object as owner of the backup
  • cluster: set the cluster as owner of the backup
target
BackupTarget

The policy to decide which instance should perform this backup. If empty, it defaults to cluster.spec.backup.target. Available options are empty string, primary and prefer-standby.primary to have backups run always on primary instances,prefer-standby to have backups run preferably on the most updated standby, if available.

method
BackupMethod

The backup method to be used, possible options are barmanObjectStore,volumeSnapshot or plugin. Defaults to: barmanObjectStore.

pluginConfiguration
BackupPluginConfiguration

Configuration parameters passed to the plugin managing this backup

online
bool

Whether the default type of backup with volume snapshots is online/hot (true, default) or offline/cold (false) Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'

onlineConfiguration
OnlineConfiguration

Configuration parameters to control the online/hot backup with volume snapshots Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza

ScheduledBackupStatus

Appears in:

ScheduledBackupStatus defines the observed state of ScheduledBackup

FieldDescription
lastCheckTime
meta/v1.Time

The latest time the schedule

lastScheduleTime
meta/v1.Time

Information when was the last time that backup was successfully scheduled.

nextScheduleTime
meta/v1.Time

Next time we will run a backup

SecretVersion

Appears in:

SecretVersion contains a secret name and its ResourceVersion

FieldDescription
name
string

The name of the secret

version
string

The ResourceVersion of the secret

SecretsResourceVersion

Appears in:

SecretsResourceVersion is the resource versions of the secrets managed by the operator

FieldDescription
superuserSecretVersion
string

The resource version of the "postgres" user secret

replicationSecretVersion
string

The resource version of the "streaming_replica" user secret

applicationSecretVersion
string

The resource version of the "app" user secret

managedRoleSecretVersion
map[string]string

The resource versions of the managed roles secrets

caSecretVersion
string

Unused. Retained for compatibility with old versions.

clientCaSecretVersion
string

The resource version of the PostgreSQL client-side CA secret version

serverCaSecretVersion
string

The resource version of the PostgreSQL server-side CA secret version

serverSecretVersion
string

The resource version of the PostgreSQL server-side secret version

barmanEndpointCA
string

The resource version of the Barman Endpoint CA if provided

externalClusterSecretVersion
map[string]string

The resource versions of the external cluster secrets

metrics
map[string]string

A map with the versions of all the secrets used to pass metrics. Map keys are the secret names, map values are the versions

ServiceAccountTemplate

Appears in:

ServiceAccountTemplate contains the template needed to generate the service accounts

FieldDescription
metadata [Required]
Metadata

Metadata are the metadata to be used for the generated service account

ServiceSelectorType

(Alias of string)

Appears in:

ServiceSelectorType describes a valid value for generating the service selectors. It indicates which type of service the selector applies to, such as read-write, read, or read-only

ServiceTemplateSpec

Appears in:

ServiceTemplateSpec is a structure allowing the user to set a template for Service generation.

FieldDescription
metadata
Metadata

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

spec
core/v1.ServiceSpec

Specification of the desired behavior of the service. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

ServiceUpdateStrategy

(Alias of string)

Appears in:

ServiceUpdateStrategy describes how the changes to the managed service should be handled

SnapshotOwnerReference

(Alias of string)

Appears in:

SnapshotOwnerReference defines the reference type for the owner of the snapshot. This specifies which owner the processed resources should relate to.

SnapshotType

(Alias of string)

Appears in:

SnapshotType is a type of allowed import

StorageConfiguration

Appears in:

StorageConfiguration is the configuration used to create and reconcile PVCs, usable for WAL volumes, PGDATA volumes, or tablespaces

FieldDescription
storageClass
string

StorageClass to use for PVCs. Applied after evaluating the PVC template, if available. If not specified, the generated PVCs will use the default storage class

size
string

Size of the storage. Required if not already specified in the PVC template. Changes to this field are automatically reapplied to the created PVCs. Size cannot be decreased.

resizeInUseVolumes
bool

Resize existent PVCs, defaults to true

pvcTemplate
core/v1.PersistentVolumeClaimSpec

Template to be used to generate the Persistent Volume Claim

SwitchReplicaClusterStatus

Appears in:

SwitchReplicaClusterStatus contains all the statuses regarding the switch of a cluster to a replica cluster

FieldDescription
inProgress
bool

InProgress indicates if there is an ongoing procedure of switching a cluster to a replica cluster.

SyncReplicaElectionConstraints

Appears in:

SyncReplicaElectionConstraints contains the constraints for sync replicas election.

For anti-affinity parameters two instances are considered in the same location if all the labels values match.

In future synchronous replica election restriction by name will be supported.

FieldDescription
nodeLabelsAntiAffinity
[]string

A list of node labels values to extract and compare to evaluate if the pods reside in the same topology or not

enabled [Required]
bool

This flag enables the constraints for sync replicas

SynchronizeReplicasConfiguration

Appears in:

SynchronizeReplicasConfiguration contains the configuration for the synchronization of user defined physical replication slots

FieldDescription
enabled [Required]
bool

When set to true, every replication slot that is on the primary is synchronized on each standby

excludePatterns
[]string

List of regular expression patterns to match the names of replication slots to be excluded (by default empty)

SynchronousReplicaConfiguration

Appears in:

SynchronousReplicaConfiguration contains the configuration of the PostgreSQL synchronous replication feature. Important: at this moment, also .spec.minSyncReplicas and .spec.maxSyncReplicasneed to be considered.

FieldDescription
method [Required]
SynchronousReplicaConfigurationMethod

Method to select synchronous replication standbys from the listed servers, accepting 'any' (quorum-based synchronous replication) or 'first' (priority-based synchronous replication) as values.

number [Required]
int

Specifies the number of synchronous standby servers that transactions must wait for responses from.

maxStandbyNamesFromCluster
int

Specifies the maximum number of local cluster pods that can be automatically included in the synchronous_standby_names option in PostgreSQL.

standbyNamesPre
[]string

A user-defined list of application names to be added tosynchronous_standby_names before local cluster pods (the order is only useful for priority-based synchronous replication).

standbyNamesPost
[]string

A user-defined list of application names to be added tosynchronous_standby_names after local cluster pods (the order is only useful for priority-based synchronous replication).

SynchronousReplicaConfigurationMethod

(Alias of string)

Appears in:

SynchronousReplicaConfigurationMethod configures whether to use quorum based replication or a priority list

TDEConfiguration

Appears in:

TDEConfiguration contains the Transparent Data Encryption configuration

FieldDescription
enabled
bool

True if we want to have TDE enabled

secretKeyRef
core/v1.SecretKeySelector

Reference to the secret that contains the encryption key

wrapCommand
core/v1.SecretKeySelector

WrapCommand is the encrypt command provided by the user

unwrapCommand
core/v1.SecretKeySelector

UnwrapCommand is the decryption command provided by the user

passphraseCommand
core/v1.SecretKeySelector

PassphraseCommand is the command executed to get the passphrase that will be passed to the OpenSSL command to encrypt and decrypt

TablespaceConfiguration

Appears in:

TablespaceConfiguration is the configuration of a tablespace, and includes the storage specification for the tablespace

FieldDescription
name [Required]
string

The name of the tablespace

storage [Required]
StorageConfiguration

The storage configuration for the tablespace

owner
DatabaseRoleRef

Owner is the PostgreSQL user owning the tablespace

temporary
bool

When set to true, the tablespace will be added as a temp_tablespacesentry in PostgreSQL, and will be available to automatically house temp database objects, or other temporary files. Please refer to PostgreSQL documentation for more information on the temp_tablespaces GUC.

TablespaceState

Appears in:

TablespaceState represents the state of a tablespace in a cluster

FieldDescription
name [Required]
string

Name is the name of the tablespace

owner
string

Owner is the PostgreSQL user owning the tablespace

state [Required]
TablespaceStatus

State is the latest reconciliation state

error
string

Error is the reconciliation error, if any

TablespaceStatus

(Alias of string)

Appears in:

TablespaceStatus represents the status of a tablespace in the cluster

Topology

Appears in:

Topology contains the cluster topology

FieldDescription
instances
map[PodName]PodTopologyLabels

Instances contains the pod topology of the instances

nodesUsed
int32

NodesUsed represents the count of distinct nodes accommodating the instances. A value of '1' suggests that all instances are hosted on a single node, implying the absence of High Availability (HA). Ideally, this value should be the same as the number of instances in the Postgres HA cluster, implying shared nothing architecture on the compute side.

successfullyExtracted
bool

SuccessfullyExtracted indicates if the topology data was extract. It is useful to enact fallback behaviors in synchronous replica election in case of failures

VolumeSnapshotConfiguration

Appears in:

VolumeSnapshotConfiguration represents the configuration for the execution of snapshot backups.

FieldDescription
labels
map[string]string

Labels are key-value pairs that will be added to .metadata.labels snapshot resources.

annotations
map[string]string

Annotations key-value pairs that will be added to .metadata.annotations snapshot resources.

className
string

ClassName specifies the Snapshot Class to be used for PG_DATA PersistentVolumeClaim. It is the default class for the other types if no specific class is present

walClassName
string

WalClassName specifies the Snapshot Class to be used for the PG_WAL PersistentVolumeClaim.

tablespaceClassName
map[string]string

TablespaceClassName specifies the Snapshot Class to be used for the tablespaces. defaults to the PGDATA Snapshot Class, if set

snapshotOwnerReference
SnapshotOwnerReference

SnapshotOwnerReference indicates the type of owner reference the snapshot should have

online
bool

Whether the default type of backup with volume snapshots is online/hot (true, default) or offline/cold (false)

onlineConfiguration
OnlineConfiguration

Configuration parameters to control the online/hot backup with volume snapshots