Migrate ephemeral postgresql from bitnami chart to CloudNativePG#5266
Draft
supersven wants to merge 4 commits into
Draft
Migrate ephemeral postgresql from bitnami chart to CloudNativePG#5266supersven wants to merge 4 commits into
supersven wants to merge 4 commits into
Conversation
The bitnami postgresql images are no longer publicly available, so the bitnami chart can't be used for integration test bring-up. Replace the two bitnami postgresql releases with CloudNativePG: one operator per namespace (namespace-scoped via WATCH_NAMESPACE) plus a single-instance cnpg/cluster release per namespace. The wire-server postgresql host config switches from "postgresql" to "postgresql-rw" (CNPG's primary service). PostgreSQL is pinned to 17 to match what the unpinned bitnami chart was pulling. Application database wire-server stays owned by postgres; the wire-server role and the dyn-N databases are created via postInitSQL.
zebot
added
the
ok-to-test
Drop the per-namespace cnpg operator releases. The cluster already has a cluster-wide operator installed in the cnpg-system namespace owning the cnpg CRDs, so attempting to install another operator collides on CRD ownership. The cnpg/cluster releases work directly against the existing operator.
initdb.owner: postgres caused CNPG to short-circuit and skip creating the wire-server application database, leading to a bootstrap failure. Switch the owner to a dedicated dbadmin role so CNPG creates the database normally. The wire-server role is created in postInitSQL as a grantee, and postInitApplicationSQL adds the PG15+ public schema grant that the role needs to create tables during migrations.
postInitSQL runs against the postgres system database before CNPG creates the application database, so GRANT ON DATABASE wire-server failed with database does not exist. Move the wire-server database grant to postInitApplicationSQL, which runs in the application database after it has been created.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Nothing to see here, yet. I'm checking how far I get moving to CloudNativePG
Bitnami PostgreSQL images became unavailable (https://aws.amazon.com/blogs/containers/bitnami-image-removal-from-ecr-public/), so we need to do something else. Platform and SD are using CloudNativePG. Let's see how far we get with that.
For now, this installs one controller per namespace. This could be improved to use a global one in a next step.
Ticket: https://wearezeta.atlassian.net/browse/WPB-26364
Checklist
changelog.d