diff --git a/CHANGELOG.md b/CHANGELOG.md index d5df1d7a..7fcd4c4b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v0.11.0 - 2021-12-03] +### Changed + * The `loadBalancer` & `replicaLoadBalancer` config parameters have been deprecated. Their defaults have been preserved for this release, so `loadBalancer.enabled` still defaults to `true`. It is now recommended that `loadBalancer.enabled` & `replicaLoadBalancer.enabled` be set to false, and instead the new `service.primary` & `service.replica` config values should be used. + ## [v0.10.0 - 2021-09-28] This changeset introduces the ability to control the generated Kubernetes Services for the primary and replicas. It is now possible to declare the exact type of Service being generated, with support for NodePort services. diff --git a/Makefile b/Makefile index c49b9462..7f36b81f 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,3 @@ -ROGUE_KUSTOMIZE_FILES := $(shell find charts/timescaledb-single/kustomize/ -mindepth 2 -type f ! -path '*kustomize/example*') -ROGUE_KUSTOMIZE_DIRS := $(shell find charts/timescaledb-single/kustomize/ -mindepth 1 -type d ! -path '*kustomize/example*') SINGLE_CHART_DIR := charts/timescaledb-single MULTI_CHART_DIR := charts/timescaledb-multinode CI_SINGLE_DIR := $(SINGLE_CHART_DIR)/ci/ @@ -20,22 +18,11 @@ publish-multinode: .PHONY: publish-single publish-single: - @if [ "$(ROGUE_KUSTOMIZE_FILES)" != "" ]; then \ - echo "Found non-example files in the timescaledb-single/kustomize directory"; \ - echo "Please remove these files using 'make clean' or manually"; \ - echo ""; \ - echo "Unfortunately we cannot exclude these files in .helmignore due to"; \ - echo " https://github.com/helm/helm/issues/3622"; \ - echo ""; \ - exit 1; \ - fi helm package charts/timescaledb-single --destination charts/repo helm repo index charts/repo .PHONY: clean clean: clean-ci - @if [ "$(ROGUE_KUSTOMIZE_FILES)" != "" ]; then rm -v $(ROGUE_KUSTOMIZE_FILES); fi - @if [ "$(ROGUE_KUSTOMIZE_DIRS)" != "" ]; then rmdir -v $(ROGUE_KUSTOMIZE_DIRS); fi .PHONY: assert-schema-equals assert-schema-equals: @@ -102,7 +89,6 @@ prepare-ci: @kubectl config set-context --current --namespace $(K8S_NAMESPACE) @kubectl apply -f tests/custom_pgbouncer_user_list.yaml @kubectl apply -f tests/custom-init-scripts.yaml - @kubectl kustomize "$(SINGLE_CHART_DIR)/kustomize/example" | kubectl apply --namespace $(K8S_NAMESPACE) -f - @for storageclass in gp2 slow; do \ kubectl get storageclass/$${storageclass} > /dev/null 2> /dev/null || \ kubectl get storageclass -o json \ diff --git a/charts/timescaledb-multinode/Chart.yaml b/charts/timescaledb-multinode/Chart.yaml index b59b46e5..fe16e6bc 100644 --- a/charts/timescaledb-multinode/Chart.yaml +++ b/charts/timescaledb-multinode/Chart.yaml @@ -4,7 +4,7 @@ apiVersion: v1 name: timescaledb-multinode description: 'TimescaleDB Multinode Deployment.' -version: 0.8.0 +version: 0.11.0 # appVersion specifies the version of the software, which can vary wildly, # e.g. TimescaleDB 1.4.1 on PostgreSQL 11 or TimescaleDB 1.5.0 on PostgreSQL 12. # https://github.com/helm/helm/blob/master/docs/charts.md#the-appversion-field diff --git a/charts/timescaledb-multinode/admin-guide.md b/charts/timescaledb-multinode/admin-guide.md index b06ca784..23049822 100644 --- a/charts/timescaledb-multinode/admin-guide.md +++ b/charts/timescaledb-multinode/admin-guide.md @@ -20,7 +20,7 @@ The following table lists the configurable parameters of the TimescaleDB Helm ch | `fullnameOverride` | Override the fullname of the chart | `nil` | | `replicaCount` | Amount of pods to spawn | `3` | | `image.repository` | The image to pull | `timescale/timescaledb-ha` | -| `image.tag` | The version of the image to pull | `pg12.5-ts2.0.0-p0` +| `image.tag` | The version of the image to pull | `pg14.1-ts2.5.1-p0` | `image.pullPolicy` | The pull policy | `IfNotPresent` | | `credentials.accessNode.superuser`| Password of the superuser for the Access Node | `tea` | | `credentials.dataNode.superuser` | Password of the superuser for the Data Nodes | `coffee` | @@ -46,13 +46,13 @@ The following table lists the configurable parameters of the TimescaleDB Helm ch ### Examples - Override value using commandline parameters ```console - helm upgrade --install my-release . --set image.tag=pg12.5-ts2.0.0-p0 --set image.pullPolicy=Always + helm upgrade --install my-release . --set image.tag=pg14.1-ts2.5.1-p0 --set image.pullPolicy=Always ``` - Override values using `myvalues.yaml` ```yaml # Filename: myvalues.yaml image: - tag: pg12.5-ts2.0.0-p0 + tag: pg14.1-ts2.5.1-p0 pullPolicy: Always postgresql: databases: diff --git a/charts/timescaledb-multinode/templates/statefulset-timescaledb-accessnode.yaml b/charts/timescaledb-multinode/templates/statefulset-timescaledb-accessnode.yaml index dd06740a..32f00abe 100644 --- a/charts/timescaledb-multinode/templates/statefulset-timescaledb-accessnode.yaml +++ b/charts/timescaledb-multinode/templates/statefulset-timescaledb-accessnode.yaml @@ -42,6 +42,8 @@ spec: image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: + - name: PG_HBA_TAIL + value: host all all all md5 - name: POSTGRESQL_CUSTOM_PARAMETERS value: | {{- range $key, $value := .Values.postgresql.parameters }} @@ -79,6 +81,7 @@ spec: echo "*:*:*:postgres:${POSTGRES_PASSWORD_DATA_NODE}" > "${PGDATA}/../.pgpass" chown postgres:postgres "${PGDATA}/../.pgpass" "${PGDATA}/postgresql_helm_customizations.conf" chmod 0600 "${PGDATA}/../.pgpass" + grep "${PG_HBA_TAIL}" "${PGDATA}/pg_hba.conf" || echo "${PG_HBA_TAIL}" >> "${PGDATA}/pg_hba.conf" volumeMounts: - name: storage-volume mountPath: "{{ .Values.persistentVolume.mountPath }}" diff --git a/charts/timescaledb-multinode/templates/statefulset-timescaledb-datanode.yaml b/charts/timescaledb-multinode/templates/statefulset-timescaledb-datanode.yaml index b1661168..65b99542 100644 --- a/charts/timescaledb-multinode/templates/statefulset-timescaledb-datanode.yaml +++ b/charts/timescaledb-multinode/templates/statefulset-timescaledb-datanode.yaml @@ -42,6 +42,8 @@ spec: image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: + - name: PG_HBA_TAIL + value: host all all all md5 - name: POSTGRESQL_CUSTOM_PARAMETERS value: | {{- range $key, $value := .Values.postgresql.parameters }} @@ -74,6 +76,7 @@ spec: # The TimescaleDB extension should not be available by default, as this interferes with the bootstrapping # done by the access nodes. Therefore we drop the extensions from template1 echo "DROP EXTENSION timescaledb" | /docker-entrypoint.sh postgres --single -D "${PGDATA}" template1 + grep "${PG_HBA_TAIL}" "${PGDATA}/pg_hba.conf" || echo "${PG_HBA_TAIL}" >> "${PGDATA}/pg_hba.conf" volumeMounts: - name: storage-volume mountPath: "{{ .Values.persistentVolume.mountPath }}" diff --git a/charts/timescaledb-multinode/values.yaml b/charts/timescaledb-multinode/values.yaml index f991dbd3..ccf70e47 100644 --- a/charts/timescaledb-multinode/values.yaml +++ b/charts/timescaledb-multinode/values.yaml @@ -11,7 +11,7 @@ image: # Image was built from # https://github.com/timescale/timescaledb-docker-ha repository: timescale/timescaledb-ha - tag: pg12-ts2.0.0-p0 + tag: pg14.1-ts2.5.1-p0 pullPolicy: IfNotPresent # Credentials used by PostgreSQL diff --git a/charts/timescaledb-single/Chart.yaml b/charts/timescaledb-single/Chart.yaml index e0379039..dfecf14a 100644 --- a/charts/timescaledb-single/Chart.yaml +++ b/charts/timescaledb-single/Chart.yaml @@ -4,7 +4,7 @@ apiVersion: v1 name: timescaledb-single description: 'TimescaleDB HA Deployment.' -version: 0.10.0 +version: 0.11.0 # appVersion specifies the version of the software, which can vary wildly, # e.g. TimescaleDB 1.4.1 on PostgreSQL 11 or TimescaleDB 1.5.0 on PostgreSQL 12. # https://github.com/helm/helm/blob/master/docs/charts.md#the-appversion-field diff --git a/charts/timescaledb-single/README.md b/charts/timescaledb-single/README.md index e6c4e615..cc445516 100644 --- a/charts/timescaledb-single/README.md +++ b/charts/timescaledb-single/README.md @@ -103,7 +103,7 @@ my-release LoadBalancer 10.100.149.189 verylongname.example.com 5432:31 Using the External IP for the service (which will route through the LoadBalancer to the Master), you can connect via `psql` using the superuser `postgres` by: -* decoding the password you generated with kustomize +* decoding the password you have configured ```console PGPOSTGRESPASSWORD=$(kubectl get secret --namespace default my-release-credentials -o jsonpath="{.data.PATRONI_SUPERUSER_PASSWORD}" | base64 --decode) ``` diff --git a/charts/timescaledb-single/admin-guide.md b/charts/timescaledb-single/admin-guide.md index 3cafb1f5..5ba795d9 100644 --- a/charts/timescaledb-single/admin-guide.md +++ b/charts/timescaledb-single/admin-guide.md @@ -35,7 +35,7 @@ The following table lists the configurable parameters of the TimescaleDB Helm ch | `fullnameOverride` | Override the fullname of the chart | `nil` | | `image.pullPolicy` | The pull policy | `IfNotPresent` | | `image.repository` | The image to pull | `timescale/timescaledb-ha` | -| `image.tag` | The version of the image to pull | `pg13-ts2.1-latest` +| `image.tag` | The version of the image to pull | `pg14.1-ts2.5.1-p0` | `loadBalancer.annotations` | Deprecated(0.10.0): Pass on annotations to the Load Balancer | An AWS ELB annotation to increase the idle timeout | | `loadBalancer.enabled` | Deprecated(0.10.0): If enabled, creates a LB for the primary | `true` | | `loadBalancer.spec` | Deprecated(0.10.0): Extra configuration for service spec | `nil` | @@ -170,13 +170,13 @@ at: https://pgbackrest.org/command.html#introduction ### Examples - Override value using commandline parameters ```console - helm upgrade --install my-release charts/timescaledb-single --set image.tag=pg12.5-ts2.0.0-p0 --set image.pullPolicy=Always + helm upgrade --install my-release charts/timescaledb-single --set image.tag=pg14.1-ts2.5.1-p0 --set image.pullPolicy=Always ``` - Override values using `myvalues.yaml`git ```yaml # Filename: myvalues.yaml image: - tag: pg13.2-ts2.1.1-p1 + tag: pg14.1-ts2.5.1-p0 pullPolicy: Always patroni: postgresql: diff --git a/charts/timescaledb-single/upgrade-guide.md b/charts/timescaledb-single/upgrade-guide.md index 365299e0..1e987457 100644 --- a/charts/timescaledb-single/upgrade-guide.md +++ b/charts/timescaledb-single/upgrade-guide.md @@ -22,9 +22,25 @@ helm upgrade --install my-release ./charts/timescaledb-single -f values/my-relea # Upgrading from 0.10 to 0.11 -Handndling secrets was changed to remove kustomize wrapper. `unsafe_credentials` was removed and helm now generates secrets on first run unless they are provided in `secrets` map. To upgrade from previous chart version it is necessary to move secrets from objects in kubernetes cluster into helm chart values. +## Major PostgreSQL version bump +The default Docker Image now points to PostgreSQL 14 instead of PostgreSQL 13, +the default image however does contain the PostgreSQL 13 binaries as well. -To make migration simpler, chart still offers a way to reference external secrets with new fields in `secrets` map. In order to preserve previous secrets change the following section in `values.yaml`: +If you want to run PostgreSQL 14 on the 0.11 Helm Charts you should set version to 13 in +your `values.yaml`: + +```yaml +version: 13 +``` + +Doing a [`pg_upgrade`](https://www.postgresql.org/docs/14/pgupgrade.html) is (for now) out of scope +for these Helm Charts. + +## Deprecation of `kustomize` + +Handling secrets was changed to remove kustomize wrapper. `unsafe_credentials` was removed and helm now generates secrets on first run unless they are provided in `secrets` map. To upgrade from previous chart version it is necessary to move secrets from objects in kubernetes cluster into helm chart values. + +To make migration simpler, the chart still offers a way to reference external secrets with new fields in `secrets` map. In order to preserve previous secrets change the following section in `values.yaml`: ```yaml secretNames: diff --git a/charts/timescaledb-single/values.yaml b/charts/timescaledb-single/values.yaml index a907b1bb..11910574 100644 --- a/charts/timescaledb-single/values.yaml +++ b/charts/timescaledb-single/values.yaml @@ -20,7 +20,7 @@ image: # Image was built from # https://github.com/timescale/timescaledb-docker-ha repository: timescale/timescaledb-ha - tag: pg13.4-ts2.4.2-p0 + tag: pg14.1-ts2.5.1-p0 pullPolicy: Always # By default those secrets are randomly generated. diff --git a/tests/wait_for_example_job.yaml b/tests/wait_for_example_job.yaml index e09b3427..30d7ecfe 100644 --- a/tests/wait_for_example_job.yaml +++ b/tests/wait_for_example_job.yaml @@ -11,7 +11,7 @@ spec: restartPolicy: OnFailure containers: - name: waiter - image: timescale/timescaledb-ha:pg13-ts2.1-latest + image: timescale/timescaledb-ha:pg14.1-ts2.5.1-p0 resources: limits: cpu: 100m