0

I have installed https://github.com/zalando/postgres-operator on my K8S cluster on namespace postgres

helm install postgres-operator -n postgres ./charts/postgres-operator 
helm install postgres-operator-ui -n postgres ./charts/postgres-operator-ui

and have created a database as follows: 

kind: "postgresql"
apiVersion: "acid.zalan.do/v1"

metadata:
  name: "acid-databaker-db"
  namespace: "dev"
  labels:
    team: acid

spec:
  teamId: "acid"
  postgresql:
    version: "12"
  numberOfInstances: 2
  volume:
    size: "5Gi"
  users:
    admin: []
  databases:
    keycloak: admin
  allowedSourceRanges:
    # IP ranges to access your cluster go here

  resources:
    requests:
      cpu: 100m
      memory: 100Mi
    limits:
      cpu: 500m
      memory: 500Mi

The database instances are up and running on namespace dev:

NAME                       TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
acid-databaker-db          ClusterIP   10.245.205.143   <none>        5432/TCP   10h
acid-databaker-db-config   ClusterIP   None             <none>        <none>     10h
acid-databaker-db-repl     ClusterIP   10.245.152.182   <none>        5432/TCP   10h

And the output of Postgres service:

Name:              acid-databaker-db
Namespace:         dev
Labels:            application=spilo
                   cluster-name=acid-databaker-db
                   spilo-role=master
                   team=acid
Annotations:       <none>
Selector:          <none>
Type:              ClusterIP
IP:                10.245.205.143
Port:              postgresql  5432/TCP
TargetPort:        5432/TCP
Endpoints:         10.244.1.49:5432
Session Affinity:  None
Events:            <none>

I also tried to connect to the created database via PSQL client on from my local computer as follows: 

export PGMASTER=$(kubectl get pods -o jsonpath={.items..metadata.name} -l application=spilo,cluster-name=acid-databaker-db,spilo-role=master)
export PGPASSWORD=$(kubectl get secret  postgres.acid-databaker-db.credentials.postgresql.acid.zalan.do -o 'jsonpath={.data.password}' | base64 -d)

kubectl port-forward $PGMASTER 5432:5432
Forwarding from 127.0.0.1:5432 -> 5432
Forwarding from [::1]:5432 -> 5432

and I tried to connect to db and list all the created db: 

psql (12.2 (Ubuntu 12.2-4))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
Type "help" for help.

postgres=# \dt
            List of relations
 Schema |     Name     | Type  |  Owner   
--------+--------------+-------+----------
 public | postgres_log | table | postgres
(1 row)

Why does the keycloak not exist, I have created above?

Improve this question

1 Answer 1

Reset to default
2

It seems you missed out the database owner rights and the role for the application, here is the correct manifest:

kind: "postgresql"
apiVersion: "acid.zalan.do/v1"

metadata:
  name: "acid-databaker-db"
  namespace: "postgres"
  labels:
    team: acid

spec:
  teamId: "acid"
  postgresql:
    version: "12"
  numberOfInstances: 2
  volume:
    size: "5Gi"
  users:
    admin: # database owner
      - superuser
      - createdb
    keycloak: [] # role for application
  databases:
    keycloakDB: keycloak # dbname: owner

  allowedSourceRanges:
    # IP ranges to access your cluster go here

  resources:
    requests:
      cpu: 100m
      memory: 100Mi
    limits:
      cpu: 500m
      memory: 500Mi
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.