Replace bitanmi postgres with CNPG-Postgres Operator + Tenants
Closed this issue · 5 comments
Overview
Since we need to standardize MTLS, backups to S3, secrets and such across multiple postgres deployments it makes sense to use an operator/tenant model similar to how we use minio.
This ticket supersedes the following tasks:
This ticket overlaps with:
This ticket potentially resolves:
Options
There are 3 major Postgres operators out there at the moment:
- Zolando
- CrunchyData
- CNPG.
Of those I see that CNPG most closely shares our philosophy and architecture because CNPG provides support for:
- Helm installation
- Ingress-Nginx
- Certmanager
- Monitoring via Grafana, Prometheus, and Alert Manager
- backups to Minio Gateway
They do not provide a tenant helm chart though.
Tasks
- Create a basic tenant Helm chart - HERE
- Create ArgoCD appsets for Operator and Tenant
- Add required options to Prometheus-Stack values.yaml to support monitoring and metrics
- Add Grafana dashboard configmap to Prometheus-Stack appset
- Add support to smol-k8s-lab for pre-generated minio secrets + buckets when postgres is used
- Integrate with Mastodon
- Integrate with Nextcloud
- Integrate with Zitadel
- Integrate with Matrix
- document and test postgres restore process
- document the minor and major version upgrade process
---Optional---
- integrate with iceshrimp (maybe?)
- integrate with artifactory
- integrate with coturn
sounds great! I'll be here to support!
We can start with nextcloud btw, as I'm already working on the eso-helm-chart-test branch to switch to object storage.
Opened a ticket with CNPG regarding TLS auth issues: cloudnative-pg/cloudnative-pg#3301
backup and restore process documented here: https://github.com/small-hack/argocd-apps/tree/main/postgres/operators/cloud-native-postgres/backups