StackGres Docs > CRD Reference > SGConfig

SGConfig

Kind: SGConfig

listKind: SGConfigList

plural: sgconfigs

singular: sgconfig

StackGres Operator configuration is stored in SGConfig Custom Resource.

WARNING: Creating more than one SGConfig is forbidden in order to avoid misbehaviours. The single SGConfig should be created automatically during installation.

Example:


apiVersion: stackgres.io/v1
kind: SGConfig
metadata:
  name: stackgres-operator
spec:
  # Default values copied from <project_dir>/helm-charts/stackgres-operator/values.yaml
  containerRegistry: quay.io
  imagePullPolicy: IfNotPresent
  operator:
    image:
      pullPolicy: IfNotPresent
  restapi:
    name: stackgres-restapi
    image:
      pullPolicy: IfNotPresent
  adminui:
    image:
      pullPolicy: IfNotPresent
    service:
      exposeHTTP: false
      type: ClusterIP
  authentication:
    type: jwt
    user: admin
  extensions:
    repositoryUrls:
    - https://extensions.stackgres.io/postgres/repository
  grafana:
    autoEmbed: false
    datasourceName: Prometheus
    password: prom-operator
    schema: http
    user: admin
  prometheus:
    allowAutobind: true

SGConfig stores the configuration of the StackGres Operator

WARNING: Creating more than one SGConfig is forbidden. The single SGConfig should be created automatically during installation. More SGConfig may exist only when allowedNamespaces or allowedNamespaceLabelSelector is used.

Property	Description
	Workaround for hugo bug not rendering first table row
apiVersion string	stackgres.io/v1 Constraints: required, immutable
kind string	SGConfig Constraints: required, immutable
metadata object	Refer to the Kubernetes API documentation for the fields of the `metadata` field. Constraints: required, updatable
spec object	Spec defines the desired state of SGConfig Constraints: optional, updatable
status object	Status defines the observed state of SGConfig Constraints: optional, updatable

SGConfig.spec

^{^{↩ Parent}}

Spec defines the desired state of SGConfig

Property	Description
	Workaround for hugo bug not rendering first table row
adminui object	Section to configure Web Console container Constraints: optional, updatable
allowImpersonationForRestApi boolean	When set to `true` the cluster role for impersonation will be created even if `disableClusterRole` is set to `true`. It is `false` by default. This value can only be set in operator helm chart. Constraints: optional, updatable
allowedNamespaceLabelSelector map[string]string	Section to configure namespaces that the operator is allowed to use. If allowedNamespaces is defined it will be used instead. If empty all namespaces will be allowed (default). See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#labelselector-v1-meta This value can only be set in operator helm chart. Constraints: optional, updatable
allowedNamespaces []string	Section to configure allowed namespaces that the operator is allowed to use. If empty all namespaces will be allowed (default). This value can only be set in operator helm chart or with the environment variable `ALLOWED_NAMESPACES`. It is set by OLM when scoping the operator. Constraints: optional, updatable
authentication object	Section to configure Web Console authentication Constraints: optional, updatable
cert object	Section to configure the Operator, REST API and Web Console certificates and JWT RSA key-pair. Constraints: optional, updatable
collector object	Section to configure OpenTelemetry Collector By default a single instance of OpenTelemetry Collector will receive metrics from all monitored Pods and will then exports those metrics to a configured target (by default will expose a Prometheus exporter). See receivers section to scale this architecture to a set of OpenTelemetry Collectors. Constraints: optional, updatable Default: map[config:map[exporters:map[otlp:map[endpoint:stackgres-collector:4317 tls:map[ca_file:/etc/operator/certs/tls.crt]] prometheus:map[enable_open_metrics:false endpoint:0.0.0.0:9464 metric_expiration:5m resource_to_telemetry_conversion:map[enabled:false] send_timestamps:true tls:map[ca_file:/etc/operator/certs/tls.crt cert_file:/etc/operator/certs/tls.crt key_file:/etc/operator/certs/tls.key reload_interval:10m]]] processors:map[memory_limiter:map[check_interval:1s limit_percentage:80 spike_limit_percentage:15]] receivers:map[otlp:map[protocols:map[grpc:map[endpoint:0.0.0.0:4317 tls:map[ca_file:/etc/operator/certs/tls.crt cert_file:/etc/operator/certs/tls.crt key_file:/etc/operator/certs/tls.key]]]]] service:map[pipelines:map[metrics:map[exporters:[prometheus] processors:[memory_limiter] receivers:[prometheus]]]]] ports:[map[containerPort:9464 name:prom-http protocol:TCP]] prometheusOperator:map[allowDiscovery:true] resources:map[limits:map[cpu:1 memory:4Gi] requests:map[cpu:250m memory:1Gi]] service:map[spec:map[ports:[map[name:prom-http port:9464 protocol:TCP targetPort:prom-http]] type:ClusterIP]]]
containerRegistry string	The container registry host (and port) where the images will be pulled from. This value can only be set in operator helm chart or with the environment variable `SG_CONTAINER_REGISTRY`. Constraints: optional, updatable Default: quay.io
deploy object	Section to configure deployment aspects. Constraints: optional, updatable
developer object	Section to configure developer options. Following options are for developers only, but can also be useful in some cases ;) Constraints: optional, updatable
disableClusterRole boolean	When set to `true` the creation of the operator ClusterRole and ClusterRoleBinding is disabled. Also, when `true`, some features that rely on unnamespaced resources permissions will be disabled: Creation and upgrade of CustomResourceDefinitions Set CA bundle for Webhooks Check existence of CustomResourceDefinition when listing custom resources Validation of StorageClass REST API endpoint `can-i/{verb}/{resource}` and `can-i` will always return the full list of permissions for any resource and verb since they rely on creation of subjectaccessreviews unnamespaced resource that requires a cluster role. Other REST API endpoints will not work since they rely on impersonation that requires a cluster role. This point in particular breaks the Web Console completely. You may still enable this specific cluster role with `.allowImpersonationForRestApi`. If you do not need the Web Console you may still disable it completely by setting `.deploy.restapi` to `false`. When set to `true` and `allowedNamespaces` is not set or is empty then `allowedNamespaces` will be considered set and containing only the namespace of the operator. It is `false` by default. This value can only be set in operator helm chart. Constraints: optional, updatable
disableCrdsAndWebhooksUpdate boolean	When set to `true` the cluster role to update or patch CRDs will be disabled. It is `false` by default. This value can only be set in operator helm chart. Constraints: optional, updatable
extensions object	Section to configure extensions Constraints: optional, updatable
grafana object	Section to configure Grafana integration Constraints: optional, updatable
imagePullPolicy string	Image pull policy used for images loaded by the Operator Constraints: optional, updatable Default: IfNotPresent
imagePullSecrets []object	The list of references to secrets in the same namespace where a ServiceAccount is created by the operator to use for pulling any images in pods that reference such ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod Constraints: optional, updatable
jobs object	Section to configure Operator Installation Jobs Constraints: optional, updatable
operator object	Section to configure Operator Pod Constraints: optional, updatable
prometheus object	Deprecated this section has been replaced by `.spec.collector.prometheusOperator`. Section to configure Prometheus integration. Constraints: optional, updatable
rbac object	Section to configure RBAC for Web Console admin user Constraints: optional, updatable
restapi object	Section to configure REST API Pod Constraints: optional, updatable
serviceAccount object	Section to configure Operator Installation ServiceAccount Constraints: optional, updatable
sgConfigNamespace string	When set will indicate the namespace where the SGConfig used by the operator will be created. By default the SGConfig will be created in the same namespace as the operator. This value can only be set in operator helm chart. Constraints: optional, updatable
shardingSphere object	Section to configure integration with ShardingSphere operator Constraints: optional, updatable

SGConfig.spec.adminui

^{^{↩ Parent}}

Section to configure Web Console container

Property	Description
	Workaround for hugo bug not rendering first table row
image object	Section to configure Web Console image Constraints: optional, updatable
resources object	Web Console resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#resourcerequirements-v1-core Constraints: optional, updatable
service object	Section to configure Web Console service. Constraints: optional, updatable

SGConfig.spec.adminui.image

^{^{↩ Parent}}

Section to configure Web Console image

Property	Description
	Workaround for hugo bug not rendering first table row
name string	Web Console image name Constraints: optional, updatable Default: stackgres/admin-ui
pullPolicy string	Web Console image pull policy Constraints: optional, updatable Default: IfNotPresent
tag string	Web Console image tag Constraints: optional, updatable

SGConfig.spec.adminui.service

^{^{↩ Parent}}

Section to configure Web Console service.

Property	Description
	Workaround for hugo bug not rendering first table row
exposeHTTP boolean	When set to `true` the HTTP port will be exposed in the Web Console Service Constraints: optional, updatable Default: false
loadBalancerIP string	LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Constraints: optional, updatable
loadBalancerSourceRanges []string	If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature. More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/ Constraints: optional, updatable
nodePort integer	The HTTPS port used to expose the Service on Kubernetes nodes Constraints: optional, updatable
nodePortHTTP integer	The HTTP port used to expose the Service on Kubernetes nodes Constraints: optional, updatable
type string	The type used for the service of the UI: Set to LoadBalancer to create a load balancer (if supported by the kubernetes cluster) to allow connect from Internet to the UI. Note that enabling this feature will probably incur some fee that depend on the host of the kubernetes cluster (for example this is true for EKS, GKE and AKS). Set to NodePort to expose admin UI from kubernetes nodes. Constraints: optional, updatable Default: ClusterIP

SGConfig.spec.authentication

^{^{↩ Parent}}

Section to configure Web Console authentication

Property	Description
	Workaround for hugo bug not rendering first table row
createAdminSecret boolean	When `true` will create the secret used to store the admin user credentials to access the UI. Constraints: optional, updatable Default: true
oidc object	Section to configure Web Console OIDC authentication Constraints: optional, updatable
password string	The admin password that will be created for the Web Console. If not specified a random password will be generated. Constraints: optional, updatable
secretRef object	Allow to specify a reference to a Secret with the admin user credentials for the Web Console. In order to assign properly permissions. Make sure the `user` field match the value of the `k8sUsername` key in the referenced Secret. Constraints: optional, updatable
type string	Specify the authentication mechanism to use. By default is `jwt`, see https://stackgres.io/doc/latest/api/rbac#local-secret-mechanism. If set to `oidc` then see https://stackgres.io/doc/latest/api/rbac/#openid-connect-provider-mechanism. Constraints: optional, updatable Default: jwt
user string	The admin username that will be created for the Web Console Operator bundle installation can not change the default value of this field. Constraints: optional, updatable Default: admin

SGConfig.spec.authentication.oidc

^{^{↩ Parent}}

Section to configure Web Console OIDC authentication

Property	Description
	Workaround for hugo bug not rendering first table row
authServerUrl string	Constraints: optional, updatable
clientId string	Constraints: optional, updatable
clientIdSecretRef object	Constraints: optional, updatable
credentialsSecret string	Constraints: optional, updatable
credentialsSecretSecretRef object	Constraints: optional, updatable
tlsVerification string	Can be one of `required`, `certificate-validation` or `none` Constraints: optional, updatable

SGConfig.spec.authentication.oidc.clientIdSecretRef

^{^{↩ Parent}}

Property	Description
	Workaround for hugo bug not rendering first table row
key string	Constraints: optional, updatable
name string	Constraints: optional, updatable

SGConfig.spec.authentication.oidc.credentialsSecretSecretRef

^{^{↩ Parent}}

Property	Description
	Workaround for hugo bug not rendering first table row
key string	Constraints: optional, updatable
name string	Constraints: optional, updatable

SGConfig.spec.authentication.secretRef

^{^{↩ Parent}}

Allow to specify a reference to a Secret with the admin user credentials for the Web Console.

In order to assign properly permissions. Make sure the user field match the value of the k8sUsername key in the referenced Secret.

Property	Description
	Workaround for hugo bug not rendering first table row
name string	The name of the Secret. Constraints: optional, updatable

SGConfig.spec.cert

^{^{↩ Parent}}

Section to configure the Operator, REST API and Web Console certificates and JWT RSA key-pair.

Property	Description
	Workaround for hugo bug not rendering first table row
autoapprove boolean	If set to `true` the CertificateSigningRequest used to generate the certificate used by Webhooks will be approved by the Operator Installation Job. Constraints: optional, updatable Default: true
certDuration integer	The duration in days of the generated certificate for the Operator after which it will expire and be regenerated. If not specified it will be set to 730 (2 years) by default. Constraints: optional, updatable
certManager object	Section to configure cert-manager integration to generate Operator certificates Constraints: optional, updatable
collectorCertDuration integer	The duration in days of the generated certificate for the OpenTelemetry Collector after which it will expire and be regenerated. If not specified it will be set to 730 (2 years) by default. Constraints: optional, updatable
collectorSecretName string	The Secret name with the OpenTelemetry Collector certificate of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets Constraints: optional, updatable
createForCollector boolean	When set to `true` the OpenTelemetry Collector certificate will be created. Constraints: optional, updatable Default: true
createForOperator boolean	When set to `true` the Operator certificate will be created. Constraints: optional, updatable Default: true
createForWebApi boolean	When set to `true` the Web Console / REST API certificate will be created. Constraints: optional, updatable Default: true
regenerateCert boolean	When set to `true` the Operator certificates will be regenerated if `createForOperator` is set to `true`, and the certificate is expired or invalid. Constraints: optional, updatable Default: true
regenerateCollectorCert boolean	When set to `true` the OpenTelemetry Collector certificates will be regenerated if `createForCollector` is set to `true`, and the certificate is expired or invalid. Constraints: optional, updatable Default: true
regenerateWebCert boolean	When set to `true` the Web Console / REST API certificates will be regenerated if `createForWebApi` is set to `true`, and the certificate is expired or invalid. Constraints: optional, updatable Default: true
regenerateWebRsa boolean	When set to `true` the Web Console / REST API RSA key pair will be regenerated if `createForWebApi` is set to `true`, and the certificate is expired or invalid. Constraints: optional, updatable Default: true
secretName string	The Secret name with the Operator Webhooks certificate issued by the Kubernetes cluster CA of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets Constraints: optional, updatable
webCertDuration integer	The duration in days of the generated certificate for the Web Console / REST API after which it will expire and be regenerated. If not specified it will be set to 730 (2 years) by default. Constraints: optional, updatable
webRsaDuration integer	The duration in days of the generated RSA key pair for the Web Console / REST API after which it will expire and be regenerated. If not specified it will be set to 730 (2 years) by default. Constraints: optional, updatable
webSecretName string	The Secret name with the Web Console / REST API certificate of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets Constraints: optional, updatable

SGConfig.spec.cert.certManager

^{^{↩ Parent}}

Section to configure cert-manager integration to generate Operator certificates

Property	Description
	Workaround for hugo bug not rendering first table row
autoConfigure boolean	When set to `true` then Issuer and Certificate for Operator, Web Console / REST API and OpenTelemetry Collector Pods will be generated Constraints: optional, updatable Default: false
duration string	The requested duration (i.e. lifetime) of the Certificates. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io%2fv1 Constraints: optional, updatable Default: 2160h
encoding string	The private key cryptography standards (PKCS) encoding for this certificate’s private key to be encoded in. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificatePrivateKey Constraints: optional, updatable Default: PKCS1
renewBefore string	How long before the currently issued certificate’s expiry cert-manager should renew the certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io%2fv1 Constraints: optional, updatable Default: 360h
size integer	Size is the key bit size of the corresponding private key for this certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificatePrivateKey Constraints: optional, updatable Default: 2048

SGConfig.spec.collector

^{^{↩ Parent}}

Section to configure OpenTelemetry Collector

By default a single instance of OpenTelemetry Collector will receive metrics from all monitored Pods and will then exports those metrics to a configured target (by default will expose a Prometheus exporter).

See receivers section to scale this architecture to a set of OpenTelemetry Collectors.

Property	Description
	Workaround for hugo bug not rendering first table row
affinity object	OpenTelemetry Collector Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#affinity-v1-core Constraints: optional, updatable
annotations object	OpenTelemetry Collector Pod annotations Constraints: optional, updatable
config object	Section to configure OpenTelemetry Collector Configuration. See https://opentelemetry.io/docs/collector/configuration Constraints: optional, updatable
name string	OpenTelemetry Collector Deployment/DaemonSet base name Constraints: optional, updatable Default: stackgres-collector
nodeSelector object	OpenTelemetry Collector Pod node selector Constraints: optional, updatable
ports []object	Section to configure OpenTelemetry Collector ports. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#containerport-v1-core Constraints: optional, updatable
prometheusOperator object	Section to configure OpenTelemetry Collector integration with Prometheus Operator. Constraints: optional, updatable
receivers object	This section allow to configure a variable number of OpenTelemetry Collector receivers (by default equals to the number of Pod with metrics enabled) that will scrape the metrics separately and send them to a defined number of OpenTelemetry Collector exporters (by default 1) that exports those metrics to one or more configured targets (by default will expose a Prometheus exporter). Constraints: optional, updatable
resources object	OpenTelemetry Collector Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#resourcerequirements-v1-core Constraints: optional, updatable
service object	Section to configure OpenTelemetry Collector Service Constraints: optional, updatable
serviceAccount object	Section to configure OpenTelemetry Collector ServiceAccount Constraints: optional, updatable
tolerations []object	OpenTelemetry Collector Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#toleration-v1-core Constraints: optional, updatable
volumeMounts []object	Section to configure OpenTelemetry Collector Volume Mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volumemount-v1-core Constraints: optional, updatable
volumes []object	Section to configure OpenTelemetry Collector Volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volume-v1-core Constraints: optional, updatable

SGConfig.spec.collector.prometheusOperator

^{^{↩ Parent}}

Section to configure OpenTelemetry Collector integration with Prometheus Operator.

Property	Description
	Workaround for hugo bug not rendering first table row
allowDiscovery boolean	If set to false or monitors is set automatic bind to Prometheus created using the Prometheus Operator will be disabled. If disabled the cluster will not be bound to Prometheus automatically and will require manual configuration. Will be ignored if monitors is set. Constraints: optional, updatable Default: true
monitors []object	Optional section to configure PodMonitors for specific Prometheus instances WARNING: resources created by this integration that does set the metadata namespace to the same as the operator will not be removed when removing the helm chart. Changing the namespace may require configure the Prometheus CR properly in order to discover PodMonitor in such namespace. Constraints: optional, updatable

SGConfig.spec.collector.prometheusOperator.monitors[index]

^{^{↩ Parent}}

Section to configure a PodMonitor for a specific Prometheus instance that will scrape from the collector Pod pointing by default to the prometheus exporter

Property	Description
	Workaround for hugo bug not rendering first table row
metadata object	Section to overwrite some PodMonitor metadata Constraints: optional, updatable
name string	The name of the Prometheus resource that will scrape from the collector Pod pointing by default to the prometheus exporter Constraints: optional, updatable
namespace string	The namespace of the Prometheus resource that will scrape from the collector Pod pointing by default to the prometheus exporter Constraints: optional, updatable
spec object	The PodMonitor spec that will be overwritten by the operator. See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitorSpec Constraints: optional, updatable

SGConfig.spec.collector.prometheusOperator.monitors[index].metadata

^{^{↩ Parent}}

Section to overwrite some PodMonitor metadata

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	The annotations to set for the PodMonitor Constraints: optional, updatable
labels object	The labels to set for the PodMonitor Constraints: optional, updatable
name string	The name of the PodMonitor Constraints: optional, updatable
namespace string	The namespace of the PodMonitor. Changing the namespace may require configure the Prometheus CR properly in order to discover PodMonitor in such namespace. Constraints: optional, updatable
ownerReferences []object	The ownerReferences to set for the PodMonitor in order to be garbage collected by the specified object. Constraints: optional, updatable

SGConfig.spec.collector.receivers

^{^{↩ Parent}}

This section allow to configure a variable number of OpenTelemetry Collector receivers (by default equals to the number of Pod with metrics enabled) that will scrape the metrics separately and send them to a defined number of OpenTelemetry Collector exporters (by default 1) that exports those metrics to one or more configured targets (by default will expose a Prometheus exporter).

Property	Description
	Workaround for hugo bug not rendering first table row
deployments []object	A set of separate Deployments of 1 instance each that allow to set the OpenTelemetry Collectors receivers to a specified number of instances. When not set the number of Deployment of OpenTelemetry Collectors receivers will match the number of instances of all the existing SGClusters that has the field `.spec.configurations.observability.enableMetrics` set to `true`. Also, when not set, each Deployment will include a pod affinity rule matching any of the SGClusters Pods set defined below. This will allow to create an OpenTelemetry Collector receiver instance dedicated to each SGCluster Pod running in the same Node. Each Deployment will use a configuration for the OpenTelemetry Collector that will scrape from a set of SGClusters Pods that has the field `.spec.configurations.observability.enableMetrics` set to `true`. The set of Pods of each of those OpenTelemetry Collector configuration will be a partition of the list of SGClusters Pods that has the field `.spec.configurations.observability.enableMetrics` set to `true` ordered by the field `Pod.metadata.creationTimestamp` (from the oldest to the newest) and ordered crescently alphabetically by the fields `Pod.metadata.namespace` and `Pod.metadata.name`. If is possible to override (even partially) the list of SGCluster Pods using the `sgClusters` section. Constraints: optional, updatable
enabled boolean	When set to `true` it enables the creation of a set of OpenTelemetry Collectors receivers that will be scraping from the SGCluster Pods and allow to scale the observability architecture and a set of OpenTelemetry Collectors exporters that exports those metrics to one or more configured targets. Constraints: optional, updatable Default: false
exporters integer	When receivers are enabled indicates the number of OpenTelemetry Collectors exporters that exports metrics to one or more configured targets. Constraints: optional, updatable Default: 1

SGConfig.spec.collector.receivers.deployments[index]

^{^{↩ Parent}}

Property	Description
	Workaround for hugo bug not rendering first table row
affinity object	OpenTelemetry Collector Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#affinity-v1-core Constraints: optional, updatable
annotations object	OpenTelemetry Collector Pod annotations Constraints: optional, updatable
nodeSelector object	OpenTelemetry Collector Pod node selector Constraints: optional, updatable
resources object	OpenTelemetry Collector Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#resourcerequirements-v1-core Constraints: optional, updatable
sgClusters []object	List of SGCluster Pods to scrape from this Deployment’s Pod that will be included to the OpenTelemetry Collector configuration alongside the SGCluster Pods assigned as described in `SGConfig.spec.collector.receivers.deployments`. Constraints: optional, updatable
tolerations []object	OpenTelemetry Collector Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#toleration-v1-core Constraints: optional, updatable

SGConfig.spec.collector.receivers.deployments[index].sgClusters[index]

^{^{↩ Parent}}

Property	Description
	Workaround for hugo bug not rendering first table row
indexes []integer	The indexes of the SGCluster’s Pods that will be included to the OpenTelemetry Collector configuration alongside the SGCluster Pods assigned as described in `SGConfig.spec.collector.receivers.deployments`. If not specified all the SGCluster’s Pods will be included. Constraints: optional, updatable
name string	The name of the SGCluster Constraints: optional, updatable
namespace string	The namespace of the SGCluster Constraints: optional, updatable

SGConfig.spec.collector.service

^{^{↩ Parent}}

Section to configure OpenTelemetry Collector Service

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	OpenTelemetry Collector Service annotations Constraints: optional, updatable
spec object	Section to configure OpenTelemetry Collector Service specs. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#servicespec-v1-core Constraints: optional, updatable

SGConfig.spec.collector.serviceAccount

^{^{↩ Parent}}

Section to configure OpenTelemetry Collector ServiceAccount

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	OpenTelemetry Collector ServiceAccount annotations Constraints: optional, updatable
repoCredentials []string	Repositories credentials Secret names Constraints: optional, updatable

SGConfig.spec.deploy

^{^{↩ Parent}}

Section to configure deployment aspects.

Property	Description
	Workaround for hugo bug not rendering first table row
collector boolean	When set to `true` the OpenTelemetry Collector will be deployed. Constraints: optional, updatable Default: true
operator boolean	When set to `true` the Operator will be deployed. Constraints: optional, updatable Default: true
restapi boolean	When set to `true` the Web Console / REST API will be deployed. Constraints: optional, updatable Default: true

SGConfig.spec.developer

^{^{↩ Parent}}

Section to configure developer options.

Following options are for developers only, but can also be useful in some cases ;)

Property	Description
	Workaround for hugo bug not rendering first table row
allowPullExtensionsFromImageRepository boolean	If set to `true` and `extensions.cache.enabled` is also `true` it will try to download extensions from images (experimental) Constraints: optional, updatable Default: false
disableArbitraryUser boolean	It set to `true` disable arbitrary user that is set for OpenShift clusters Constraints: optional, updatable Default: false
enableJvmDebug boolean	Only work with JVM version and allow connect on port 8000 of operator Pod with jdb or similar Constraints: optional, updatable Default: false
enableJvmDebugSuspend boolean	Only work with JVM version and if `enableJvmDebug` is `true` suspend the JVM until a debugger session is started Constraints: optional, updatable Default: false
externalOperatorIp string	Set the external Operator IP Constraints: optional, updatable
externalOperatorPort integer	Set the external Operator port Constraints: optional, updatable
externalRestApiIp string	Set the external REST API IP Constraints: optional, updatable
externalRestApiPort integer	Set the external REST API port Constraints: optional, updatable
logLevel string	Set `quarkus.log.level`. See https://quarkus.io/guides/logging#root-logger-configuration Constraints: optional, updatable
patches object	Section to define patches for some StackGres Pods Constraints: optional, updatable
showDebug boolean	If set to `true` add extra debug to any script controlled by the reconciliation cycle of the operator configuration Constraints: optional, updatable Default: false
showStackTraces boolean	Set `quarkus.log.console.format` to `%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{4.}] (%t) %s%e%n`. See https://quarkus.io/guides/logging#logging-format Constraints: optional, updatable Default: false
useJvmImages boolean	The operator will use JVM version of the images Constraints: optional, updatable Default: false
version string	Set the operator version (used for testing) Constraints: optional, updatable

SGConfig.spec.developer.patches

^{^{↩ Parent}}

Section to define patches for some StackGres Pods

Property	Description
	Workaround for hugo bug not rendering first table row
adminui object	Section to define volumes to be used by the adminui container Constraints: optional, updatable
clusterController object	Section to define volumes to be used by the cluster controller container Constraints: optional, updatable
operator object	Section to define volumes to be used by the operator container Constraints: optional, updatable
restapi object	Section to define volumes to be used by the restapi container Constraints: optional, updatable
stream object	Section to define volumes to be used by the stream container Constraints: optional, updatable

SGConfig.spec.developer.patches.adminui

^{^{↩ Parent}}

Section to define volumes to be used by the adminui container

Property	Description
	Workaround for hugo bug not rendering first table row
volumeMounts []object	Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volumemount-v1-core Constraints: optional, updatable
volumes []object	Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volume-v1-core Constraints: optional, updatable

SGConfig.spec.developer.patches.clusterController

^{^{↩ Parent}}

Section to define volumes to be used by the cluster controller container

Property	Description
	Workaround for hugo bug not rendering first table row
volumeMounts []object	Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volumemount-v1-core Constraints: optional, updatable
volumes []object	Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volume-v1-core Constraints: optional, updatable

SGConfig.spec.developer.patches.operator

^{^{↩ Parent}}

Section to define volumes to be used by the operator container

Property	Description
	Workaround for hugo bug not rendering first table row
volumeMounts []object	Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volumemount-v1-core Constraints: optional, updatable
volumes []object	Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volume-v1-core Constraints: optional, updatable

SGConfig.spec.developer.patches.restapi

^{^{↩ Parent}}

Section to define volumes to be used by the restapi container

Property	Description
	Workaround for hugo bug not rendering first table row
volumeMounts []object	Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volumemount-v1-core Constraints: optional, updatable
volumes []object	Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volume-v1-core Constraints: optional, updatable

SGConfig.spec.developer.patches.stream

^{^{↩ Parent}}

Section to define volumes to be used by the stream container

Property	Description
	Workaround for hugo bug not rendering first table row
volumeMounts []object	Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volumemount-v1-core Constraints: optional, updatable
volumes []object	Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#volume-v1-core Constraints: optional, updatable

SGConfig.spec.extensions

^{^{↩ Parent}}

Section to configure extensions

Property	Description
	Workaround for hugo bug not rendering first table row
cache object	Section to configure extensions cache (experimental). This feature is in beta and may cause failures, please use with caution and report any error to https://gitlab.com/ongresinc/stackgres/-/issues/new Constraints: optional, updatable
repositoryUrls []string	A list of extensions repository URLs used to retrieve extensions To set a proxy for extensions repository add parameter proxyUrl to the URL: `https://extensions.stackgres.io/postgres/repository?proxyUrl=<proxy scheme>%3A%2F%2F<proxy host>[%3A<proxy port>]` (URL encoded) Other URL parameters are: `skipHostnameVerification`: set it to `true` in order to use a server or a proxy with a self signed certificate `retry`: set it to `<max retries>[:<sleep before next retry>]` in order to retry a request on failure `setHttpScheme`: set it to `true` in order to force using HTTP scheme Constraints: optional, updatable Default: [https://extensions.stackgres.io/postgres/repository]

SGConfig.spec.extensions.cache

^{^{↩ Parent}}

Section to configure extensions cache (experimental).

This feature is in beta and may cause failures, please use with caution and report any error to https://gitlab.com/ongresinc/stackgres/-/issues/new

Property	Description
	Workaround for hugo bug not rendering first table row
enabled boolean	When set to `true` enable the extensions cache. This feature is in beta and may cause failures, please use with caution and report any error to https://gitlab.com/ongresinc/stackgres/-/issues/new Constraints: optional, updatable Default: false
hostPath string	If set, will use a host path volume with the specified path for the extensions cache instead of a PersistentVolume Constraints: optional, updatable
persistentVolume object	Section to configure the extensions cache PersistentVolume Constraints: optional, updatable
preloadedExtensions []string	An array of extensions pattern used to pre-loaded extensions into the extensions cache Constraints: optional, updatable Default: [x86_64/linux/timescaledb-1.7.4-pg12]

SGConfig.spec.extensions.cache.persistentVolume

^{^{↩ Parent}}

Section to configure the extensions cache PersistentVolume

Property	Description
	Workaround for hugo bug not rendering first table row
size string	The PersistentVolume size for the extensions cache Only use whole numbers (e.g. not 1e6) and K/Ki/M/Mi/G/Gi as units Constraints: optional, updatable Default: 1Gi
storageClass string	If defined set storage class If set to “-” (equivalent to storageClass: "" in a PV spec) disables dynamic provisioning If undefined (the default) or set to null, no storageClass spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) Constraints: optional, updatable

SGConfig.spec.grafana

^{^{↩ Parent}}

Section to configure Grafana integration

Property	Description
	Workaround for hugo bug not rendering first table row
autoEmbed boolean	When set to `true` embed automatically Grafana into the Web Console by creating the StackGres dashboard and the read-only role used to read it from the Web Console Constraints: optional, updatable Default: false
dashboardConfigMap string	The ConfigMap name with the dashboard JSON in the key `grafana-dashboard.json` that will be created in Grafana. If not set the default Constraints: optional, updatable
dashboardId string	The dashboard id that will be create in Grafana (see https://grafana.com/grafana/dashboards). By default 9628. (used to embed automatically Grafana) Manual Steps: Create grafana dashboard for postgres exporter and copy/paste share URL: Grafana > Create > Import > Grafana.com Dashboard 9628 Copy/paste grafana dashboard URL for postgres exporter: Grafana > Dashboard > Manage > Select postgres exporter dashboard > Copy URL Constraints: optional, updatable
datasourceName string	The datasource name used to create the StackGres Dashboard into Grafana Constraints: optional, updatable Default: Prometheus
password string	The password to access Grafana. By default prom-operator (the default in for kube-prometheus-stack helm chart). (used to embed automatically Grafana) Constraints: optional, updatable Default: prom-operator
schema string	The schema to access Grafana. By default http. (used to embed manually and automatically grafana) Constraints: optional, updatable Default: http
secretName string	The name of secret with credentials to access Grafana. (used to embed automatically Grafana, alternative to use `user` and `password`) Constraints: optional, updatable
secretNamespace string	The namespace of secret with credentials to access Grafana. (used to embed automatically Grafana, alternative to use `user` and `password`) Constraints: optional, updatable
secretPasswordKey string	The key of secret with password used to access Grafana. (used to embed automatically Grafana, alternative to use `user` and `password`) Constraints: optional, updatable
secretUserKey string	The key of secret with username used to access Grafana. (used to embed automatically Grafana, alternative to use `user` and `password`) Constraints: optional, updatable
token string	The Grafana API token to access the PostgreSQL dashboard created in Grafana (used to embed manually Grafana) Manual Steps: Create and copy/paste grafana API token: Grafana > Configuration > API Keys > Add API key (for viewer) > Copy key value Constraints: optional, updatable
url string	The URL of the PostgreSQL dashboard created in Grafana (used to embed manually Grafana) Constraints: optional, updatable
user string	The username to access Grafana. By default admin. (used to embed automatically Grafana) Constraints: optional, updatable Default: admin
webHost string	The service host name to access grafana (used to embed manually and automatically Grafana). The parameter value should point to the grafana service following the DNS reference `svc_name.namespace` Constraints: optional, updatable

SGConfig.spec.imagePullSecrets[index]

^{^{↩ Parent}}

A reference to a secrets in the same namespace where a ServiceAccount is created by the operator to use for pulling any images in pods that reference such ServiceAccount.

Property	Description
	Workaround for hugo bug not rendering first table row
name string	The name of the referenced Secret. Constraints: optional, updatable

SGConfig.spec.jobs

^{^{↩ Parent}}

Section to configure Operator Installation Jobs

Property	Description
	Workaround for hugo bug not rendering first table row
affinity object	Operator Installation Jobs affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#affinity-v1-core Constraints: optional, updatable
annotations object	Operator Installation Jobs annotations Constraints: optional, updatable
image object	Section to configure Operator Installation Jobs image Constraints: optional, updatable
nodeSelector object	Operator Installation Jobs node selector Constraints: optional, updatable
resources object	Operator Installation Jobs resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#resourcerequirements-v1-core Constraints: optional, updatable
serviceAccount object	Section to configure Jobs ServiceAccount Constraints: optional, updatable
tolerations []object	Operator Installation Jobs tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#toleration-v1-core Constraints: optional, updatable

SGConfig.spec.jobs.image

^{^{↩ Parent}}

Section to configure Operator Installation Jobs image

Property	Description
	Workaround for hugo bug not rendering first table row
pullPolicy string	Operator Installation Jobs image pull policy Constraints: optional, updatable Default: IfNotPresent

SGConfig.spec.jobs.serviceAccount

^{^{↩ Parent}}

Section to configure Jobs ServiceAccount

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	Jobs ServiceAccount annotations Constraints: optional, updatable
repoCredentials []string	Repositories credentials Secret names Constraints: optional, updatable

SGConfig.spec.operator

^{^{↩ Parent}}

Section to configure Operator Pod

Property	Description
	Workaround for hugo bug not rendering first table row
affinity object	Operator Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#affinity-v1-core This value can only be set in operator helm chart. Constraints: optional, updatable
annotations object	Operator Pod annotations Constraints: optional, updatable
hostNetwork boolean	Host networking requested for this pod. Use the host’s network namespace. If this option is set, the ports that will be used must be specified. Default to false. This value can only be set in operator helm chart. Constraints: optional, updatable Default: false
image object	Section to configure Operator image Constraints: optional, updatable
internalHttpPort integer	The port that the operator will use to listen for HTTP This value can only be set in operator helm chart or with the environment variable `OPERATOR_HTTP_PORT`. Constraints: optional, updatable Default: 8080
internalHttpsPort integer	The port that the operator will use to listen for HTTPS This value can only be set in operator helm chart or with the environment variable `OPERATOR_HTTPS_PORT`. Constraints: optional, updatable Default: 8443
nodeSelector object	Operator Pod node selector This value can only be set in operator helm chart. Constraints: optional, updatable
port integer	The port that will be exposed by the operator Service for HTTPS This value can only be set in operator helm chart. Constraints: optional, updatable Default: 443
resources object	Operator Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#resourcerequirements-v1-core This value can only be set in operator helm chart. Constraints: optional, updatable
service object	Section to configure Operator Service Constraints: optional, updatable
serviceAccount object	Section to configure Operator ServiceAccount Constraints: optional, updatable
tolerations []object	Operator Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#toleration-v1-core This value can only be set in operator helm chart. Constraints: optional, updatable

SGConfig.spec.operator.image

^{^{↩ Parent}}

Section to configure Operator image

Property	Description
	Workaround for hugo bug not rendering first table row
name string	Operator image name This value can only be set in operator helm chart. Constraints: optional, updatable Default: stackgres/operator
pullPolicy string	Operator image pull policy This value can only be set in operator helm chart. Constraints: optional, updatable Default: IfNotPresent
tag string	Operator image tag This value can only be set in operator helm chart. Constraints: optional, updatable

SGConfig.spec.operator.service

^{^{↩ Parent}}

Section to configure Operator Service

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	Section to configure Operator Service annotations This value can only be set in operator helm chart. Constraints: optional, updatable

SGConfig.spec.operator.serviceAccount

^{^{↩ Parent}}

Section to configure Operator ServiceAccount

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	Section to configure Operator ServiceAccount annotations This value can only be set in operator helm chart. Constraints: optional, updatable
repoCredentials []string	Repositories credentials Secret names This value can only be set in operator helm chart. Constraints: optional, updatable

SGConfig.spec.prometheus

^{^{↩ Parent}}

Deprecated this section has been replaced by .spec.collector.prometheusOperator.

Section to configure Prometheus integration.

Property	Description
	Workaround for hugo bug not rendering first table row
allowAutobind boolean	Deprecated this field has been replaced by `.spec.collector.prometheusOperator.allowDiscovery`. If set to false disable automatic bind to Prometheus created using the Prometheus Operator. If disabled the cluster will not be bound to Prometheus automatically and will require manual intervention by the Kubernetes cluster administrator. Constraints: optional, updatable Default: true

SGConfig.spec.rbac

^{^{↩ Parent}}

Section to configure RBAC for Web Console admin user

Property	Description
	Workaround for hugo bug not rendering first table row
create boolean	When set to `true` the admin user is assigned the `cluster-admin` ClusterRole by creating ClusterRoleBinding. Constraints: optional, updatable Default: true

SGConfig.spec.restapi

^{^{↩ Parent}}

Section to configure REST API Pod

Property	Description
	Workaround for hugo bug not rendering first table row
affinity object	REST API Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#affinity-v1-core Constraints: optional, updatable
annotations object	REST API Pod annotations Constraints: optional, updatable
image object	Section to configure REST API image Constraints: optional, updatable
name string	REST API Deployment name Constraints: optional, updatable Default: stackgres-restapi
nodeSelector object	REST API Pod node selector Constraints: optional, updatable
resources object	REST API Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#resourcerequirements-v1-core Constraints: optional, updatable
service object	Section to configure REST API Service Constraints: optional, updatable
serviceAccount object	Section to configure REST API ServiceAccount Constraints: optional, updatable
tolerations []object	REST API Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#toleration-v1-core Constraints: optional, updatable

SGConfig.spec.restapi.image

^{^{↩ Parent}}

Section to configure REST API image

Property	Description
	Workaround for hugo bug not rendering first table row
name string	REST API image name Constraints: optional, updatable Default: stackgres/restapi
pullPolicy string	REST API image pull policy Constraints: optional, updatable Default: IfNotPresent
tag string	REST API image tag Constraints: optional, updatable

SGConfig.spec.restapi.service

^{^{↩ Parent}}

Section to configure REST API Service

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	REST API Service annotations Constraints: optional, updatable

SGConfig.spec.restapi.serviceAccount

^{^{↩ Parent}}

Section to configure REST API ServiceAccount

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	REST API ServiceAccount annotations Constraints: optional, updatable
repoCredentials []string	Repositories credentials Secret names Constraints: optional, updatable

SGConfig.spec.serviceAccount

^{^{↩ Parent}}

Section to configure Operator Installation ServiceAccount

Property	Description
	Workaround for hugo bug not rendering first table row
annotations object	Section to configure Installation ServiceAccount annotations Constraints: optional, updatable
create boolean	If `true` the Operator Installation ServiceAccount will be created This value can only be set in operator helm chart. Constraints: optional, updatable Default: true
repoCredentials []string	Repositories credentials Secret names This value can only be set in operator helm chart. Constraints: optional, updatable

SGConfig.spec.shardingSphere

^{^{↩ Parent}}

Section to configure integration with ShardingSphere operator

Property	Description
	Workaround for hugo bug not rendering first table row
serviceAccount object	Section to configure ServiceAccount used by ShardingSphere operator. You may configure a specific value for a sharded cluster under section `SGShardedCluster.spec.coordinator.configurations.shardingSphere.serviceAccount`. Constraints: optional, updatable

SGConfig.spec.shardingSphere.serviceAccount

^{^{↩ Parent}}

Section to configure ServiceAccount used by ShardingSphere operator.

You may configure a specific value for a sharded cluster under section SGShardedCluster.spec.coordinator.configurations.shardingSphere.serviceAccount.

Property	Description
	Workaround for hugo bug not rendering first table row
name string	The name of the ServiceAccount used by ShardingSphere operator Constraints: required, updatable
namespace string	The namespace of the ServiceAccount used by ShardingSphere operator Constraints: required, updatable

SGConfig.status

^{^{↩ Parent}}

Status defines the observed state of SGConfig

Property	Description
	Workaround for hugo bug not rendering first table row
conditions []object	Constraints: optional, updatable
existingCrUpdatedToVersion string	Indicate the version to which existing CRs have been updated to Constraints: optional, updatable
grafana object	Constraints: optional, updatable
version string	Latest version of the operator used to check for updates Constraints: optional, updatable

SGConfig.status.conditions[index]

^{^{↩ Parent}}

Property	Description
	Workaround for hugo bug not rendering first table row
lastTransitionTime string	Last time the condition transitioned from one status to another. Constraints: optional, updatable
message string	A human readable message indicating details about the transition. Constraints: optional, updatable
reason string	The reason for the condition’s last transition. Constraints: optional, updatable
status string	Status of the condition, one of True, False, Unknown. Constraints: optional, updatable
type string	Type of deployment condition. Constraints: optional, updatable

SGConfig.status.grafana

^{^{↩ Parent}}

Property	Description
	Workaround for hugo bug not rendering first table row
configHash string	Grafana configuration hash Constraints: optional, updatable
token string	Grafana Token that allow to access dashboards Constraints: optional, updatable
urls []string	Grafana URLs to StackGres dashboards Constraints: optional, updatable