PostgreSQL of Opstella Installation

🟢 Management

PostgreSQL is a Database service for Opstella

Prerequisites

• 💿Persistence Storage Access for PostgreSQL for Opstella
  • On Kubernetes when requesting for a PVC, will request with Storage Class specified.
• 💾S3-Compatible Object Storage (SeaweedFS)
  • Required for PostgreSQL Backups (WAL Archiving)

Preparation

Kubernetes Cluster Preparation

1. Connect to 🟢 Management Kubernetes Cluster ; i.e w/ Kubeconfig File

   Ensure you have defined and loaded your Global Shell Variables as described in Shell Variables.

   source $HOME/opstella-installation/shell-values/kubernetes/management_cluster.vars.sh

   export KUBECONFIG="$HOME/opstella-installation/kubeconfigs/management_cluster.yaml"

2. Prepare 🟢 Management Kubernetes Cluster Information

   Ensure K8S_INTERNAL_DOMAIN, K8S_STORAGECLASS_NAME are defined as per the Shell Variables guide.

---

PostgreSQL for Opstella Preparation

1. Create PostgreSQL Initial Admin Credentials with Kubernetes Secret

   • Username: postgres (Default Admin of PostgreSQL)
   • Password: CHANGEME ; NOTE: Only Allowed Special Characters are !-_=+?@

   export OPSTELLA_POSTGRES_SUPERUSER_PASSWORD="CHANGEME"
   export OPSTELLA_POSTGRES_USER_PASSWORD="CHANGEME"

   Note

   SEAWEEDFS_HA_S3_POSTGRES_BACKUP_PASSWORD is assumed to be exported as defined in the SeaweedFS (HA) Installation guide.

2. Provision PostgreSQL for Opstella Platform

   The following manifest defines the entire PostgreSQL system, including credentials and the CNPG cluster.

   cat <<EOF > $HOME/opstella-installation/kubernetes-manifests/opstella-postgres.yaml
   ---
   # Postgres Superuser (root) Credentials
   apiVersion: v1
   kind: Secret
   type: kubernetes.io/basic-auth
   metadata:
     name: opstella-postgres-superuser
     namespace: opstella-system
   stringData:
     username: postgres
     password: "${OPSTELLA_POSTGRES_SUPERUSER_PASSWORD}"
   ---
   # Opstella Platform Application User Credentials
   apiVersion: v1
   kind: Secret
   type: kubernetes.io/basic-auth
   metadata:
     name: opstella-postgres-user
     namespace: opstella-system
   stringData:
     username: opstella_platform_user
     password: "${OPSTELLA_POSTGRES_USER_PASSWORD}"
   ---
   # S3 Credentials for Postgres Backups (to SeaweedFS HA)
   apiVersion: v1
   kind: Secret
   type: Opaque
   metadata:
     name: opstella-postgres-s3-secret
     namespace: opstella-system
   stringData:
     S3_ACCESS_KEY: "postgres-backup"
     S3_SECRET_KEY: "${SEAWEEDFS_HA_S3_POSTGRES_BACKUP_PASSWORD}"
   ---
   apiVersion: barmancloud.cnpg.io/v1
   kind: ObjectStore
   metadata:
     name: opstella-postgres-backup
     namespace: opstella-system
   spec:
     # This resource defines the backup destination for the Barman Cloud Plugin
     configuration:
       destinationPath: s3://postgres-backups/
       endpointURL: http://seaweedfs-s3.apps-supporting-services.svc:9000
       s3Credentials:
         accessKeyId:
           name: opstella-postgres-s3-secret
           key: S3_ACCESS_KEY
         secretAccessKey:
           name: opstella-postgres-s3-secret
           key: S3_SECRET_KEY
       wal:
         compression: gzip
       data:
         compression: gzip
   
     # Retention policy for backups and WALs handled by the plugin
     retentionPolicy: "30d"
   
   ---
   apiVersion: postgresql.cnpg.io/v1
   kind: Cluster
   metadata:
     name: opstella-postgres
     namespace: opstella-system
     labels:
       app.kubernetes.io/name: opstella-postgres
       app.kubernetes.io/part-of: opstella-platform
   spec:
     instances: 1
   
     # Image configuration (Postgres 15)
     imageName: ghcr.io/cloudnative-pg/postgresql:15
   
     # Enable the Barman Cloud Plugin for backups
     plugins:
       - name: barman-cloud.cloudnative-pg.io
         isWALArchiver: true
         parameters:
           serverName: "opstella-postgres"
           barmanObjectName: "opstella-postgres-backup"
   
     # Storage Configuration
     storage:
       size: 5Gi
       storageClass: "${K8S_STORAGECLASS_NAME}"
   
     walStorage:
       size: 2Gi
       storageClass: "${K8S_STORAGECLASS_NAME}"
   
     # Bootstrap Configuration
     bootstrap:
       initdb:
         database: opstella_platform
         owner: opstella_platform_user
         # Secret containing password for the Application User
         secret:
           name: opstella-postgres-user
   
     # Superuser credentials (root/postgres)
     superuserSecret:
       name: opstella-postgres-superuser
   
     # Backup Configuration (Barman Cloud Plugin will automatically detect matching ObjectStore)
     backup:
       {}
   
     # Monitoring (disabled for now)
     monitoring:
       enablePodMonitor: false
   
     # Resources
     resources:
       requests:
         memory: "256Mi"
         cpu: "200m"
       limits:
         memory: "1Gi"
         cpu: "1000m"
   
   EOF

   Apply the configuration:

   kubectl apply -f opstella-postgres.yaml

   💡 Should return secret/opstella-postgres-superuser, secret/opstella-postgres-user, secret/opstella-postgres-s3-secret, objectstore.barmancloud.cnpg.io/opstella-postgres-backup, and cluster.postgresql.cnpg.io/opstella-postgres created messages.

Post-Installation

PostgreSQL for Opstella Testing

1. Get Pod Status - PostgreSQL for Opstella

   kubectl get pods -n opstella-system

   PostgreSQL for Opstella should be Running

   NAME                            READY   STATUS    RESTARTS   AGE
   ... (deducted)
   opstella-postgres-1                  1/1     Running   0          XdXh