You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have searched for an existing issue, and could not find anything. I believe this is a new bug.
I have read the troubleshooting guide
I have read the troubleshooting guide and I think this is a new bug.
I am running a supported version of CloudNativePG
I have read the troubleshooting guide and I think this is a new bug.
Contact Details
No response
Version
1.23.0
What version of Kubernetes are you using?
1.28
What is your Kubernetes environment?
Cloud: Google GKE
How did you install the operator?
Helm
What happened?
Hello,
i have deployed the new ImageCatalog and the Cluster yaml. The Pod restarted and pulled the new image correctly.
When checking the status with kubectl cnpg plugin, the image displayed was the default postgresql image 16.2.
I have used in my imagecatalog the postgis image.
Cluster resource
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: autpgc16dbms01-development
namespace: aut
labels:
workload: database
spec:
env:
- name: TZ
value: "Europe/Vienna"
resources:
requests:
memory: "16Gi"
cpu: "4"
limits:
memory: "16Gi"
cpu: "4"
storage:
storageClass: zonalpdssd-storageclass
size: 50Gi
walStorage:
storageClass: zonalpdssd-storageclass
size: 50Gi #shrinking not possible after expanding
affinity:
tolerations:
- key: "node-pool"
operator: "Exists"
effect: "NoSchedule"
enablePodAntiAffinity: true
topologyKey: topology.kubernetes.io/zone
podAntiAffinityType: required
description: "PGCluster Crm data and insights"#imagePullSecret is required because the images are located in a private registry
imagePullSecrets:
- name: regcred #must exist in the namespace of the cluster
imageCatalogRef:
apiGroup: postgresql.cnpg.io
kind: ImageCatalog
name: postgis
major: 16
instances: 1
primaryUpdateStrategy: unsupervised
#PostgreSQL configs
postgresql:
enableAlterSystem: true
parameters:
#pthomschitz## good inital - change on APP request
work_mem: "20MB"#per Transaction for Orders and Groups - up to usage
max_wal_size: "1GB"#1% von DBsize
min_wal_size: "256MB"#50% von max_wal_size
maintenance_work_mem: "1GB"
max_connections: '100'#effective 97 (max_connections - superuser_reserved_connections)
max_slot_wal_keep_size: "4GB"## CHANGE before deploy
shared_buffers: "4096MB"#25% von memory
effective_cache_size: "12048MB"# 50 - 75% vom memory
max_worker_processes: "4"#Anzahl CPUs
max_parallel_workers: "4"#Anzahl CPUs
max_parallel_workers_per_gather: "2"#Anzahl CPUs/2
max_parallel_maintenance_workers: "2"#Anzahl CPUs/2## fixed
effective_io_concurrency: "200"#100 bei Raid5 bzw SSD - bis 300
random_page_cost: "1.1"
checkpoint_timeout: "5min"
checkpoint_completion_target: "0.9"
superuser_reserved_connections: "3"
password_encryption: "scram-sha-256"### fixed - extensions# shared_preload_library: "pg_stat_statements,auto_explain" added by operator automatically
pg_stat_statements.max: "1000"
pg_stat_statements.track: "all"
auto_explain.log_min_duration: "10s"### fixed - logging/audit#log_line_prefix: "%m %u %d [%p]: "
log_checkpoints: "off"
log_connections: "on"
log_disconnections: "on"
log_lock_waits: "off"
log_temp_files: "-1"
pgaudit.log: "READ, WRITE, FUNCTION, DDL, ROLE"
pgaudit.log_catalog: "off"
pgaudit.log_parameter: "on"
pgaudit.log_relation: "on"
pgaudit.log_rows: "on"
pgaudit.log_statement: "on"
pg_hba:
- hostssl all all 0.0.0.0/0 scram-sha-256
bootstrap:
initdb:
localeCollate: 'en_US.utf8'
localeCType: 'en_US.utf8'
database: postgres
owner: postgres
secret:
name: postgres-superuser-secret
dataChecksums: true
encoding: 'UTF8'#default
postInitTemplateSQL:
- create user vault_admin with password 'Start1234' CREATEROLE;
- create user apl_admin with password 'Start1234' CREATEDB CREATEROLE;
- revoke create,usage on schema public from public;
- revoke all on database template1 from public;
- create ROLE app_readonly;
- COMMENT ON ROLE app_readonly IS 'Application RO Role';
- COMMENT ON ROLE apl_admin IS 'Application Plattform User';
- create ROLE app_readwrite;
- COMMENT ON ROLE app_readwrite IS 'Application RW Role';
- COMMENT ON ROLE vault_admin IS 'Vault Usermanagement';
- GRANT vault_admin to apl_admin with ADMIN OPTION;
- GRANT app_readwrite TO vault_admin WITH ADMIN OPTION;#in dev grant readwrite
- GRANT app_readonly TO app_readwrite with Admin option;
- grant app_readwrite to apl_admin with Admin option;
- GRANT CONNECT ON DATABASE postgres to apl_admin,vault_admin;
- CREATE SCHEMA general AUTHORIZATION pg_database_owner;
- REVOKE CREATE ON SCHEMA general from app_readonly;
- ALTER DEFAULT PRIVILEGES IN SCHEMA general,public for role postgres,apl_admin grant SELECT ON TABLES to app_readonly,pg_database_owner;
- ALTER DEFAULT PRIVILEGES IN SCHEMA general,public for role postgres,apl_admin grant SELECT,USAGE ON SEQUENCES to app_readonly,pg_database_owner;
- ALTER DEFAULT PRIVILEGES IN SCHEMA general,public for role postgres,apl_admin grant EXECUTE ON FUNCTIONS to app_readwrite,pg_database_owner;
- ALTER DEFAULT PRIVILEGES IN SCHEMA general,public for role postgres,apl_admin grant USAGE ON TYPES to app_readonly,pg_database_owner;
- GRANT USAGE ON SCHEMA general,public TO app_readonly;
- alter user app_readwrite set pgaudit.log to 'NONE';
- alter user app_readonly set pgaudit.log to 'NONE';
- alter user postgres set pgaudit.log to 'NONE';#Superuser config
enableSuperuserAccess: true
superuserSecret:
name: postgres-superuser-secret
serviceAccountTemplate: #workloadidentity for backup to cloud storage
metadata:
annotations:
iam.gke.io/gcp-service-account: autpgc16dbms01-development@ri-te-cs-dbms-k8s-development.iam.gserviceaccount.com
monitoring:
enablePodMonitor: true
---
apiVersion: postgresql.cnpg.io/v1
kind: ImageCatalog
metadata:
name: postgis
namespace: aut
spec:
images:
- major: 16
image: riag.jfrog.io/docker-virtual/cloudnative-pg/postgis:16-3.4-39
Relevant log output
Normal Pulled 73s kubelet Container image "riag.jfrog.io/docker-virtual/cloudnative-pg/cloudnative-pg:1.23.0" already present on machine
Normal Created 73s kubelet Created container bootstrap-controller
Normal Started 73s kubelet Started container bootstrap-controller
Normal Pulling 72s kubelet Pulling image "riag.jfrog.io/docker-virtual/cloudnative-pg/postgis:16-3.4-38"
Normal Pulled 60s kubelet Successfully pulled image "riag.jfrog.io/docker-virtual/cloudnative-pg/postgis:16-3.4-38"in 12.054s (12.054s including waiting)
Normal Created 60s kubelet Created container postgres
Normal Started 60s kubelet Started container postgres
m_kristo@dbms-jumphost-dev:/gitlab/dbms/Development/development-dbms/pgclusters$ k cnpg status autpgc16dbms01-development -n aut
Cluster Summary
Name: autpgc16dbms01-development
Namespace: aut
System ID: 7361066488748818459
PostgreSQL Image: ghcr.io/cloudnative-pg/postgresql:16.2
Primary instance: autpgc16dbms01-development-1
Primary start time: 2024-04-23 16:17:38 +0200 CEST (uptime 65h41m32s)
Status: Cluster in healthy state
Instances: 1
Ready instances: 1
Current Write LSN: 0/14001000 (Timeline: 1 - WAL File: 000000010000000000000014)
Code of Conduct
I agree to follow this project's Code of Conduct
The text was updated successfully, but these errors were encountered:
Is there an existing issue already for this bug?
I have read the troubleshooting guide
I am running a supported version of CloudNativePG
Contact Details
No response
Version
1.23.0
What version of Kubernetes are you using?
1.28
What is your Kubernetes environment?
Cloud: Google GKE
How did you install the operator?
Helm
What happened?
Hello,
i have deployed the new ImageCatalog and the Cluster yaml. The Pod restarted and pulled the new image correctly.
When checking the status with kubectl cnpg plugin, the image displayed was the default postgresql image 16.2.
I have used in my imagecatalog the postgis image.
Cluster resource
Relevant log output
Code of Conduct
The text was updated successfully, but these errors were encountered: