Kind: SGConfig
listKind: SGConfigList
plural: sgconfigs
singular: sgconfig
StackGres Operator configuration is stored in SGConfig Custom Resource.
WARNING: Creating more than one SGConfig is forbidden in order to avoid misbehaviours. The single SGConfig should be created automatically during installation.
Example:
apiVersion: stackgres.io/v1
kind: SGConfig
metadata:
name: stackgres-operator
spec:
# Default values copied from <project_dir>/helm-charts/stackgres-operator/values.yaml
containerRegistry: quay.io
imagePullPolicy: IfNotPresent
operator:
image:
pullPolicy: IfNotPresent
restapi:
name: stackgres-restapi
image:
pullPolicy: IfNotPresent
adminui:
name: stackgres-adminui
image:
pullPolicy: IfNotPresent
service:
exposeHTTP: false
type: ClusterIP
jobs:
name: stackgres-jobs
image:
pullPolicy: IfNotPresent
authentication:
type: jwt
user: admin
extensions:
repositoryUrls:
- https://extensions.stackgres.io/postgres/repository
grafana:
autoEmbed: false
datasourceName: Prometheus
password: prom-operator
schema: http
user: admin
prometheus:
allowAutobind: true
See also StackGres Installation section.
SGConfig stores the configuration of the StackGres Operator
WARNING: Creating more than one SGConfig is forbidden. The single SGConfig should be created automatically during installation. More SGConfig may exists only when allowedNamespaces or allowedNamespaceLabelSelector is used.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| apiVersion | ✓ | string | stackgres.io/v1 | ||
| kind | ✓ | string | SGConfig | ||
| metadata | ✓ | ✓ | object | Refer to the Kubernetes API documentation for the fields of the metadata field. |
|
| spec | ✓ | object |
Spec defines the desired state of SGConfig |
||
| status | ✓ | object |
Status defines the observed state of SGConfig |
Spec defines the desired state of SGConfig
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| adminui | ✓ | object |
Section to configure Web Console container |
||
| allowImpersonationForRestApi | ✓ | boolean |
When set to true the cluster role for impersonation will be created even if disableClusterRole is set to true.
It is
|
||
| allowedNamespaceLabelSelector | ✓ | map[string]string |
Section to configure namespaces that the operator is allowed to use. If allowedNamespaces is defined it will be used instead. If empty all namespaces will be allowed (default).
See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#labelselector-v1-meta
|
||
| allowedNamespaces | ✓ | []string |
Section to configure allowed namespaces that the operator is allowed to use. If empty all namespaces will be allowed (default).
|
||
| authentication | ✓ | object |
Section to configure Web Console authentication |
||
| cert | ✓ | object |
Section to configure the Operator, REST API and Web Console certificates and JWT RSA key-pair. |
||
| collector | ✓ | object |
Section to configure OpenTelemetry Collector
By default a single instance of OpenTelemetry Collector will receive metrics from all monitored Pods and will then exports those metrics to a configured target (by default will expose a Prometheus exporter). See receivers section to scale this architecture to a set of OpenTelemetry Collectors.
|
||
| containerRegistry | ✓ | string |
The container registry host (and port) where the images will be pulled from.
|
||
| deploy | ✓ | object |
Section to configure deployment aspects. |
||
| developer | ✓ | object |
Section to configure developer options.
Following options are for developers only, but can also be useful in some cases ;)
|
||
| disableClusterRole | ✓ | boolean |
When set to true the creation of the operator ClusterRole and ClusterRoleBinding is disabled.
Also, when true, some features that rely on unnamespaced resources premissions will be disabled:
When set to It is
|
||
| disableCrdsAndWebhooksUpdate | ✓ | boolean |
When set to true the cluster role to update or patch CRDs will be disabled.
It is
|
||
| extensions | ✓ | object |
Section to configure extensions |
||
| grafana | ✓ | object |
Section to configure Grafana integration |
||
| imagePullPolicy | ✓ | string |
Image pull policy used for images loaded by the Operator Default: IfNotPresent |
||
| imagePullSecrets | ✓ | []object |
The list of references to secrets in the same namespace where a ServiceAccount is created by the operator to use for pulling any images in pods that reference such ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
|
||
| jobs | ✓ | object |
Section to configure Operator Installation Jobs |
||
| operator | ✓ | object |
Section to configure Operator Pod |
||
| pga | ✓ | object |
Section to configure PGA |
||
| prometheus | ✓ | object |
Section to configure Prometheus integration. |
||
| rbac | ✓ | object |
Section to configure RBAC for Web Console admin user |
||
| restapi | ✓ | object |
Section to configure REST API Pod |
||
| serviceAccount | ✓ | object |
Section to configure Operator Installation ServiceAccount |
||
| sgConfigNamespace | ✓ | string |
When set will indicate the namespace where the SGConfig used by the operator will be created.
By default the SGConfig will be created in the same namespace as the operator.
|
||
| shardingSphere | ✓ | object |
Section to configure integration with ShardingSphere operator |
Section to configure Web Console container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| image | ✓ | object |
Section to configure Web Console image |
||
| resources | ✓ | object |
Web Console resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core |
||
| service | ✓ | object |
Section to configure Web Console service. |
Section to configure Web Console image
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| name | ✓ | string |
Web Console image name Default: stackgres/admin-ui |
||
| pullPolicy | ✓ | string |
Web Console image pull policy Default: IfNotPresent |
||
| tag | ✓ | string |
Web Console image tag |
Section to configure Web Console service.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| exposeHTTP | ✓ | boolean |
When set to true the HTTP port will be exposed in the Web Console ServiceDefault: false |
||
| loadBalancerIP | ✓ | string |
LoadBalancer will get created with the IP specified in
this field. This feature depends on whether the underlying cloud-provider supports specifying
the loadBalancerIP when a load balancer is created. This field will be ignored if the
cloud-provider does not support the feature.
|
||
| loadBalancerSourceRanges | ✓ | []string |
If specified and supported by the platform,
this will restrict traffic through the cloud-provider load-balancer will be restricted to the
specified client IPs. This field will be ignored if the cloud-provider does not support the
feature.
More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
|
||
| nodePort | ✓ | integer |
The HTTPS port used to expose the Service on Kubernetes nodes |
||
| nodePortHTTP | ✓ | integer |
The HTTP port used to expose the Service on Kubernetes nodes |
||
| type | ✓ | string |
The type used for the service of the UI:
|
Section to configure Web Console authentication
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| createAdminSecret | ✓ | boolean |
When true will create the secret used to store the admin user credentials to access the UI.
Default: true |
||
| oidc | ✓ | object |
Section to configure Web Console OIDC authentication |
||
| password | ✓ | string |
The admin password that will be created for the Web Console.
If not specified a random password will be generated.
|
||
| secretRef | ✓ | object |
Allow to specify a reference to a Secret with the admin user credentials for the Web Console.
In order to assign properly permissions. Make sure the |
||
| type | ✓ | string |
Specify the authentication mechanism to use. By default is jwt, see https://stackgres.io/doc/latest/api/rbac#local-secret-mechanism.
If set to oidc then see https://stackgres.io/doc/latest/api/rbac/#openid-connect-provider-mechanism.
Default: jwt |
||
| user | ✓ | string |
The admin username that will be created for the Web Console
Operator bundle installation can not change the default value of this field.
|
Section to configure Web Console OIDC authentication
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| authServerUrl | ✓ | string |
|
||
| clientId | ✓ | string |
|
||
| clientIdSecretRef | ✓ | object |
|
||
| credentialsSecret | ✓ | string |
|
||
| credentialsSecretSecretRef | ✓ | object |
|
||
| tlsVerification | ✓ | string |
Can be one of required, certificate-validation or none |
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| key | ✓ | string |
|
||
| name | ✓ | string |
|
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| key | ✓ | string |
|
||
| name | ✓ | string |
|
Allow to specify a reference to a Secret with the admin user credentials for the Web Console.
In order to assign properly permissions. Make sure the user field match the value of the k8sUsername key in the referenced Secret.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| name | ✓ | string |
The name of the Secret. |
Section to configure the Operator, REST API and Web Console certificates and JWT RSA key-pair.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| autoapprove | ✓ | boolean |
If set to true the CertificateSigningRequest used to generate the certificate used by
Webhooks will be approved by the Operator Installation Job.
Default: true |
||
| certDuration | ✓ | integer |
The duration in days of the generated certificate for the Operator after which it will expire and be regenerated.
If not specified it will be set to 730 (2 years) by default.
|
||
| certManager | ✓ | object |
Section to configure cert-manager integration to generate Operator certificates |
||
| collectorCertDuration | ✓ | integer |
The duration in days of the generated certificate for the OpenTelemetry Collector after which it will expire and be regenerated.
If not specified it will be set to 730 (2 years) by default.
|
||
| collectorSecretName | ✓ | string |
The Secret name with the OpenTelemetry Collector certificate
of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
|
||
| createForCollector | ✓ | boolean |
When set to true the OpenTelemetry Collector certificate will be created.Default: true |
||
| createForOperator | ✓ | boolean |
When set to true the Operator certificate will be created.Default: true |
||
| createForWebApi | ✓ | boolean |
When set to true the Web Console / REST API certificate will be created.Default: true |
||
| regenerateCert | ✓ | boolean |
When set to true the Operator certificates will be regenerated if createForOperator is set to true, and the certificate is expired or invalid.
Default: true |
||
| regenerateCollectorCert | ✓ | boolean |
When set to true the OpenTelemetry Collector certificates will be regenerated if createForCollector is set to true, and the certificate is expired or invalid.
Default: true |
||
| regenerateWebCert | ✓ | boolean |
When set to true the Web Console / REST API certificates will be regenerated if createForWebApi is set to true, and the certificate is expired or invalid.
Default: true |
||
| regenerateWebRsa | ✓ | boolean |
When set to true the Web Console / REST API RSA key pair will be regenerated if createForWebApi is set to true, and the certificate is expired or invalid.
Default: true |
||
| secretName | ✓ | string |
The Secret name with the Operator Webhooks certificate issued by the Kubernetes cluster CA
of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
|
||
| webCertDuration | ✓ | integer |
The duration in days of the generated certificate for the Web Console / REST API after which it will expire and be regenerated.
If not specified it will be set to 730 (2 years) by default.
|
||
| webRsaDuration | ✓ | integer |
The duration in days of the generated RSA key pair for the Web Console / REST API after which it will expire and be regenerated.
If not specified it will be set to 730 (2 years) by default.
|
||
| webSecretName | ✓ | string |
The Secret name with the Web Console / REST API certificate
of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
|
Section to configure cert-manager integration to generate Operator certificates
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| autoConfigure | ✓ | boolean |
When set to true then Issuer and Certificate for Operator, Web Console / REST API and OpenTelemetry Collector
Pods will be generated
Default: false |
||
| duration | ✓ | string |
The requested duration (i.e. lifetime) of the Certificates. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io%2fv1 Default: 2160h |
||
| encoding | ✓ | string |
The private key cryptography standards (PKCS) encoding for this certificate’s private key to be encoded in. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificatePrivateKey Default: PKCS1 |
||
| renewBefore | ✓ | string |
How long before the currently issued certificate’s expiry cert-manager should renew the certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io%2fv1 Default: 360h |
||
| size | ✓ | integer |
Size is the key bit size of the corresponding private key for this certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificatePrivateKey Default: 2048 |
Section to configure OpenTelemetry Collector
By default a single instance of OpenTelemetry Collector will receive metrics from all monitored Pods and will then exports those metrics to a configured target (by default will expose a Prometheus exporter).
See receivers section to scale this architecture to a set of OpenTelemetry Collectors.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| affinity | ✓ | object |
OpenTelemetry Collector Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#affinity-v1-core |
||
| annotations | ✓ | object |
OpenTelemetry Collector Pod annotations |
||
| config | ✓ | object |
Section to configure OpenTelemetry Collector Configuration. See https://opentelemetry.io/docs/collector/configuration |
||
| name | ✓ | string |
OpenTelemetry Collector Deploymnet/Deamonset base name Default: stackgres-collector |
||
| nodeSelector | ✓ | object |
OpenTelemetry Collector Pod node selector |
||
| ports | ✓ | []object |
Section to configure OpenTelemetry Collector ports. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#containerport-v1-core |
||
| prometheusOperator | ✓ | object |
Section to configure OpenTelemetry Collector integration with Prometheus Operator. |
||
| receivers | ✓ | object |
This section allow to configure a variable number of OpenTelemetry Collector
receivers (by default equals to the number of Pod with metrics enabled)
that will scrape the metrics separately and send them to a defined number
of OpenTelemetry Collector exporters (by default 1) that exports those metrics
to one or more configured targets (by default will expose a Prometheus exporter).
|
||
| resources | ✓ | object |
OpenTelemetry Collector Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core |
||
| service | ✓ | object |
Section to configure OpenTelemetry Collector Service |
||
| serviceAccount | ✓ | object |
Section to configure OpenTelemetry Collector ServiceAccount |
||
| tolerations | ✓ | []object |
OpenTelemetry Collector Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#toleration-v1-core |
||
| volumeMounts | ✓ | []object |
Section to configure OpenTelemetry Collector Volume Mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Section to configure OpenTelemetry Collector Volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to configure OpenTelemetry Collector integration with Prometheus Operator.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| allowDiscovery | ✓ | boolean |
If set to false or monitors is set automatic bind to Prometheus
created using the Prometheus Operator will be disabled.
If disabled the cluster will not be binded to Prometheus automatically and will require manual configuration. Will be ignored if monitors is set.
|
||
| monitors | ✓ | []object |
Optional section to configure PodMonitors for specific Prometheus instances
WARNING: resources created by this integration that does set
the metadata namespace to the same as the operator will not
be removed when removing the helm chart. Changing the namespace
may require configure the Prometheus CR properly in order to
discover PodMonitor in such namespace.
|
Section to configure a PodMonitor for a specific Prometheus instance that will scrape from the collector Pod pointing by default to the prometheus exporter
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| metadata | ✓ | object |
Section to overwrite some PodMonitor metadata |
||
| name | ✓ | string |
The name of the Prometheus resource that will scrape from the collector Pod pointing by default to the prometheus exporter |
||
| namespace | ✓ | string |
The namespace of the Prometheus resource that will scrape from the collector Pod pointing by default to the prometheus exporter |
||
| spec | ✓ | object |
The PodMonitor spec that will be overwritten by the operator. See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitorSpec |
Section to overwrite some PodMonitor metadata
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
The labels to set for the PodMonitor |
||
| labels | ✓ | object |
The labels to set for the PodMonitor |
||
| name | ✓ | string |
The name of the PodMonitor |
||
| namespace | ✓ | string |
The namespace of the PodMonitor. Changing the namespace may require configure the Prometheus CR properly in order to discover PodMonitor in such namespace. |
||
| ownerReferences | ✓ | []object |
The ownerReferences to set for the PodMonitor in order to be garbage collected by the specified object. |
This section allow to configure a variable number of OpenTelemetry Collector receivers (by default equals to the number of Pod with metrics enabled) that will scrape the metrics separately and send them to a defined number of OpenTelemetry Collector exporters (by default 1) that exports those metrics to one or more configured targets (by default will expose a Prometheus exporter).
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| deployments | ✓ | []object |
A set of separate Deployments of 1 instance each that allow to set the OpenTelemetry Collectors receivers to a specified number of instances.
When not set the number of Deployment of OpenTelemetry Collectors receivers will match the number of instances of all the existing SGClusters
that has the field Each Deployment will use a configuration for the OpenTelemetry Collector that will scrape from a set of SGClusters Pods that has the field
If is possible to override (even partially) the list of SGCluster Pods using the |
||
| enabled | ✓ | boolean |
When set to true it enables the creation of a set of OpenTelemetry Collectors receivers
that will be scraping from the SGCluster Pods and allow to scale the observability
architecture and a set of OpenTelemetry Collectors exporters that exports those metrics
to one or more configured targets.
Default: false |
||
| exporters | ✓ | integer |
When receivers are enabled indicates the number of OpenTelemetry Collectors exporters that
exports metrics to one or more configured targets.
Default: 1 |
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| affinity | ✓ | object |
OpenTelemetry Collector Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#affinity-v1-core |
||
| annotations | ✓ | object |
OpenTelemetry Collector Pod annotations |
||
| nodeSelector | ✓ | object |
OpenTelemetry Collector Pod node selector |
||
| resources | ✓ | object |
OpenTelemetry Collector Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core |
||
| sgClusters | ✓ | []object |
List of SGCluster Pods to scrape from this Deployment’s Pod that will be included to the OpenTelemetry Collector
configuration alongside the SGCluster Pods assigned as described in SGConfig.spec.collector.receivers.deployments.
|
||
| tolerations | ✓ | []object |
OpenTelemetry Collector Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#toleration-v1-core |
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| indexes | ✓ | []integer |
The indexes of the SGCluster’s Pods that will be included to the OpenTelemetry Collector configuration alongside
the SGCluster Pods assigned as described in SGConfig.spec.collector.receivers.deployments.
If not specified all the SGCluster’s Pods will be included.
|
||
| name | ✓ | string |
The name of the SGCluster |
||
| namespace | ✓ | string |
The namespace of the SGCluster |
Section to configure OpenTelemetry Collector Service
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
OpenTelemetry Collector Service annotations |
||
| spec | ✓ | object |
Section to configure OpenTelemetry Collector Service specs. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#servicespec-v1-core |
Section to configure OpenTelemetry Collector ServiceAccount
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
OpenTelemetry Collector ServiceAccount annotations |
||
| repoCredentials | ✓ | []string |
Repositories credentials Secret names |
Section to configure deployment aspects.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| collector | ✓ | boolean |
When set to true the OpenTelemetry Collector will be deployed.Default: true |
||
| operator | ✓ | boolean |
When set to true the Operator will be deployed.Default: true |
||
| restapi | ✓ | boolean |
When set to true the Web Console / REST API will be deployed.Default: true |
Section to configure developer options.
Following options are for developers only, but can also be useful in some cases ;)
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| allowPullExtensionsFromImageRepository | ✓ | boolean |
If set to true and extensions.cache.enabled is also true
it will try to download extensions from images (experimental)
Default: false |
||
| disableArbitraryUser | ✓ | boolean |
It set to true disable arbitrary user that is set for OpenShift clusters
Default: false |
||
| enableJvmDebug | ✓ | boolean |
Only work with JVM version and allow connect
on port 8000 of operator Pod with jdb or similar
Default: false |
||
| enableJvmDebugSuspend | ✓ | boolean |
Only work with JVM version and if enableJvmDebug is true
suspend the JVM until a debugger session is started
Default: false |
||
| externalOperatorIp | ✓ | string |
Set the external Operator IP |
||
| externalOperatorPort | ✓ | integer |
Set the external Operator port |
||
| externalPgaIp | ✓ | string |
Set the external PGA IP |
||
| externalPgaPort | ✓ | integer |
Set the external PGA port |
||
| externalRestApiIp | ✓ | string |
Set the external REST API IP |
||
| externalRestApiPort | ✓ | integer |
Set the external REST API port |
||
| logLevel | ✓ | string |
Set quarkus.log.level. See https://quarkus.io/guides/logging#root-logger-configuration |
||
| patches | ✓ | object |
Section to define patches for some StackGres Pods
|
||
| showDebug | ✓ | boolean |
If set to true add extra debug to any script controlled by the reconciliation cycle of the operator configurationDefault: false |
||
| showStackTraces | ✓ | boolean |
Set quarkus.log.console.format to %d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{4.}] (%t) %s%e%n. See https://quarkus.io/guides/logging#logging-formatDefault: false |
||
| useJvmImages | ✓ | boolean |
The operator will use JVM version of the images
Default: false |
||
| version | ✓ | string |
Set the operator version (used for testing) |
Section to define patches for some StackGres Pods
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| adminui | ✓ | object |
Section to define volumes to be used by the adminui container
|
||
| clusterController | ✓ | object |
Section to define volumes to be used by the cluster controller container
|
||
| distributedlogsController | ✓ | object |
Section to define volumes to be used by the distributedlogs controller container
|
||
| jobs | ✓ | object |
Section to define volumes to be used by the jobs container
|
||
| operator | ✓ | object |
Section to define volumes to be used by the operator container
|
||
| restapi | ✓ | object |
Section to define volumes to be used by the restapi container
|
||
| stream | ✓ | object |
Section to define volumes to be used by the stream container
|
Section to define volumes to be used by the adminui container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| volumeMounts | ✓ | []object |
Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to define volumes to be used by the cluster controller container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| volumeMounts | ✓ | []object |
Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to define volumes to be used by the distributedlogs controller container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| volumeMounts | ✓ | []object |
Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to define volumes to be used by the jobs container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| volumeMounts | ✓ | []object |
Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to define volumes to be used by the operator container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| volumeMounts | ✓ | []object |
Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to define volumes to be used by the restapi container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| volumeMounts | ✓ | []object |
Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to define volumes to be used by the stream container
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| volumeMounts | ✓ | []object |
Pod’s container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core |
||
| volumes | ✓ | []object |
Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core |
Section to configure extensions
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| cache | ✓ | object |
Section to configure extensions cache (experimental).
This feature is in beta and may cause failures, please use with caution and report any
error to https://gitlab.com/ongresinc/stackgres/-/issues/new
|
||
| repositoryUrls | ✓ | []string |
A list of extensions repository URLs used to retrieve extensions
To set a proxy for extensions repository add parameter proxyUrl to the URL:
Other URL parameters are:
|
Section to configure extensions cache (experimental).
This feature is in beta and may cause failures, please use with caution and report any error to https://gitlab.com/ongresinc/stackgres/-/issues/new
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| enabled | ✓ | boolean |
When set to true enable the extensions cache.
This feature is in beta and may cause failures, please use with caution and report any
error to https://gitlab.com/ongresinc/stackgres/-/issues/new
|
||
| hostPath | ✓ | string |
If set, will use a host path volume with the specified path for the extensions cache
instead of a PersistentVolume
|
||
| persistentVolume | ✓ | object |
Section to configure the extensions cache PersistentVolume |
||
| preloadedExtensions | ✓ | []string |
An array of extensions pattern used to pre-loaded estensions into the extensions cache Default: [x86_64/linux/timescaledb-1.7.4-pg12] |
Section to configure the extensions cache PersistentVolume
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| size | ✓ | string |
The PersistentVolume size for the extensions cache
Only use whole numbers (e.g. not 1e6) and K/Ki/M/Mi/G/Gi as units
|
||
| storageClass | ✓ | string |
If defined set storage class
If set to “-” (equivalent to storageClass: "" in a PV spec) disables
dynamic provisioning
If undefined (the default) or set to null, no storageClass spec is
set, choosing the default provisioner. (gp2 on AWS, standard on
GKE, AWS & OpenStack)
|
Section to configure Grafana integration
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| autoEmbed | ✓ | boolean |
When set to true embed automatically Grafana into the Web Console by creating the
StackGres dashboard and the read-only role used to read it from the Web Console
Default: false |
||
| dashboardConfigMap | ✓ | string |
The ConfigMap name with the dashboard JSON in the key grafana-dashboard.json
that will be created in Grafana. If not set the default
|
||
| dashboardId | ✓ | string |
The dashboard id that will be create in Grafana
(see https://grafana.com/grafana/dashboards). By default 9628. (used to embed automatically
Grafana)
Manual Steps: Create grafana dashboard for postgres exporter and copy/paste share URL:
|
||
| datasourceName | ✓ | string |
The datasource name used to create the StackGres Dashboard into Grafana Default: Prometheus |
||
| password | ✓ | string |
The password to access Grafana. By default prom-operator (the default in for
kube-prometheus-stack helm chart). (used to embed automatically Grafana)
Default: prom-operator |
||
| schema | ✓ | string |
The schema to access Grafana. By default http. (used to embed manually and
automatically grafana)
Default: http |
||
| secretName | ✓ | string |
The name of secret with credentials to access Grafana. (used to embed
automatically Grafana, alternative to use user and password)
|
||
| secretNamespace | ✓ | string |
The namespace of secret with credentials to access Grafana. (used to
embed automatically Grafana, alternative to use user and password)
|
||
| secretPasswordKey | ✓ | string |
The key of secret with password used to access Grafana. (used to
embed automatically Grafana, alternative to use user and password)
|
||
| secretUserKey | ✓ | string |
The key of secret with username used to access Grafana. (used to embed
automatically Grafana, alternative to use user and password)
|
||
| token | ✓ | string |
The Grafana API token to access the PostgreSQL dashboard created
in Grafana (used to embed manually Grafana)
Manual Steps: Create and copy/paste grafana API token:
|
||
| url | ✓ | string |
The URL of the PostgreSQL dashboard created in Grafana (used to embed manually
Grafana)
|
||
| user | ✓ | string |
The username to access Grafana. By default admin. (used to embed automatically
Grafana)
Default: admin |
||
| webHost | ✓ | string |
The service host name to access grafana (used to embed manually and
automatically Grafana).
The parameter value should point to the grafana service following the
DNS reference svc_name.namespace
|
A reference to a secrets in the same namespace where a ServiceAccount is created by the operator to use for pulling any images in pods that reference such ServiceAccount.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| name | ✓ | string |
The name of the referenced Secret. |
Section to configure Operator Installation Jobs
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| affinity | ✓ | object |
Operator Installation Jobs affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#affinity-v1-core |
||
| annotations | ✓ | object |
Operator Installation Jobs annotations |
||
| image | ✓ | object |
Section to configure Operator Installation Jobs image |
||
| nodeSelector | ✓ | object |
Operator Installation Jobs node selector |
||
| resources | ✓ | object |
Operator Installation Jobs resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core |
||
| serviceAccount | ✓ | object |
Section to configure Jobs ServiceAccount |
||
| tolerations | ✓ | []object |
Operator Installation Jobs tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#toleration-v1-core |
Section to configure Operator Installation Jobs image
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| name | ✓ | string |
Operator Installation Jobs image name Default: stackgres/jobs |
||
| pullPolicy | ✓ | string |
Operator Installation Jobs image pull policy Default: IfNotPresent |
||
| tag | ✓ | string |
Operator Installation Jobs image tag |
Section to configure Jobs ServiceAccount
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
Jobs ServiceAccount annotations |
||
| repoCredentials | ✓ | []string |
Repositories credentials Secret names |
Section to configure Operator Pod
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| affinity | ✓ | object |
Operator Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#affinity-v1-core
|
||
| annotations | ✓ | object |
Operator Pod annotations |
||
| image | ✓ | object |
Section to configure Operator image |
||
| nodeSelector | ✓ | object |
Operator Pod node selector
|
||
| resources | ✓ | object |
Operator Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core
|
||
| service | ✓ | object |
Section to configure Operator Service |
||
| serviceAccount | ✓ | object |
Section to configure Operator ServiceAccount |
||
| tolerations | ✓ | []object |
Operator Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#toleration-v1-core
|
Section to configure Operator image
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| name | ✓ | string |
Operator image name
|
||
| pullPolicy | ✓ | string |
Operator image pull policy
|
||
| tag | ✓ | string |
Operator image tag
|
Section to configure Operator Service
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
Section to configure Operator Service annotations
|
Section to configure Operator ServiceAccount
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
Section to configure Operator ServiceAccount annotations
|
||
| repoCredentials | ✓ | []string |
Repositories credentials Secret names
|
Section to configure PGA
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| repositoryUrls | ✓ | []string |
A list of PGA repository URLs used to retrieve images
To set a proxy for PGA repository add parameter proxyUrl to the URL:
Other URL parameters are:
|
Section to configure Prometheus integration.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| allowAutobind | ✓ | boolean |
If set to false disable automatic bind to Prometheus
created using the Prometheus Operator.
If disabled the cluster will not be binded to Prometheus automatically and will require manual
intervention by the Kubernetes cluster administrator.
Default: true |
Section to configure RBAC for Web Console admin user
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| create | ✓ | boolean |
When set to true the admin user is assigned the cluster-admin ClusterRole by creating
ClusterRoleBinding.
Default: true |
Section to configure REST API Pod
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| affinity | ✓ | object |
REST API Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#affinity-v1-core |
||
| annotations | ✓ | object |
REST API Pod annotations |
||
| image | ✓ | object |
Section to configure REST API image |
||
| name | ✓ | string |
REST API Deployment name Default: stackgres-restapi |
||
| nodeSelector | ✓ | object |
REST API Pod node selector |
||
| resources | ✓ | object |
REST API Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core |
||
| service | ✓ | object |
Section to configure REST API Service |
||
| serviceAccount | ✓ | object |
Section to configure REST API ServiceAccount |
||
| tolerations | ✓ | []object |
REST API Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#toleration-v1-core |
Section to configure REST API image
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| name | ✓ | string |
REST API image name Default: stackgres/restapi |
||
| pullPolicy | ✓ | string |
REST API image pull policy Default: IfNotPresent |
||
| tag | ✓ | string |
REST API image tag |
Section to configure REST API Service
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
REST API Service annotations |
Section to configure REST API ServiceAccount
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
REST API ServiceAccount annotations |
||
| repoCredentials | ✓ | []string |
Repositories credentials Secret names |
Section to configure Operator Installation ServiceAccount
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| annotations | ✓ | object |
Section to configure Installation ServiceAccount annotations |
||
| create | ✓ | boolean |
If true the Operator Installation ServiceAccount will be created
|
||
| repoCredentials | ✓ | []string |
Repositories credentials Secret names
|
Section to configure integration with ShardingSphere operator
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| serviceAccount | ✓ | object |
Section to configure ServiceAccount used by ShardingSphere operator.
You may configure a specific value for a sharded cluster under section
|
Section to configure ServiceAccount used by ShardingSphere operator.
You may configure a specific value for a sharded cluster under section
SGShardedCluster.speccoordinator.configurations.shardingSphere.serviceAccount.
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| name | ✓ | ✓ | string |
The name of the ServiceAccount used by ShardingSphere operator |
|
| namespace | ✓ | ✓ | string |
The namespace of the ServiceAccount used by ShardingSphere operator |
Status defines the observed state of SGConfig
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| conditions | ✓ | []object |
|
||
| existingCrUpdatedToVersion | ✓ | string |
Indicate the version to which existing CRs have been updated to |
||
| grafana | ✓ | object |
|
||
| removeOldOperatorBundleResources | ✓ | boolean |
Indicate when the old operator bundle resources has been removed |
||
| version | ✓ | string |
Latest version of the operator used to check for updates |
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| lastTransitionTime | ✓ | string |
Last time the condition transitioned from one status to another. |
||
| message | ✓ | string |
A human readable message indicating details about the transition. |
||
| reason | ✓ | string |
The reason for the condition’s last transition. |
||
| status | ✓ | string |
Status of the condition, one of True, False, Unknown. |
||
| type | ✓ | string |
Type of deployment condition. |
Property |
Required |
Updatable |
May Require Restart |
Type |
Description |
|---|---|---|---|---|---|
| configHash | ✓ | string |
Grafana configuration hash |
||
| token | ✓ | string |
Grafana Token that allow to access dashboards |
||
| urls | ✓ | []string |
Grafana URLs to StackGres dashboards |