Installation

This tutorial goes through the steps required to get the operator up and running.

Prerequisites

  • kubectl

  • helm v3

  • yq

  • base64

  • openssl

  • A running Kubernetes cluster with cluster-admin permissions

Steps

  1. Install Crossplane

    helm repo add crossplane https://charts.crossplane.io/stable
    helm upgrade --install crossplane crossplane/crossplane \
      --create-namespace --namespace crossplane-system \
      --wait
  2. Install provider-helm

    kubectl apply -f - << EOF
    ---
    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRole
    metadata:
      name: crossplane:provider:provider-helm:deployer
    rules:
      - verbs:
          - '*'
        apiGroups:
          - ''
          - apps
          - batch
          - networking.k8s.io
          - helm.crossplane.io
        resources:
          - '*'
      - verbs:
          - '*'
        apiGroups:
          - rbac.authorization.k8s.io/v1
        resources:
          - roles
          - rolebindings
          - serviceaccounts
    ---
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: provider-helm
      namespace: crossplane-system
    ---
    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
      name: crossplane:provider:provider-helm:deployer
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: crossplane:provider:provider-helm:deployer
    subjects:
    - kind: ServiceAccount
      name: provider-helm
      namespace: crossplane-system
    EOF
    
    kubectl apply -f - << EOF
    apiVersion: pkg.crossplane.io/v1alpha1
    kind: ControllerConfig
    metadata:
      name: provider-helm
    spec:
      serviceAccountName: provider-helm
    EOF
    
    kubectl apply -f - << EOF
    apiVersion: pkg.crossplane.io/v1
    kind: Provider
    metadata:
      labels:
        name: provider-helm
      name: provider-helm
    spec:
      # https://github.com/crossplane-contrib/provider-helm
      package: crossplane/provider-helm:v0.10.0
      controllerConfigRef:
        name: provider-helm
    EOF
    
    kubectl apply -f - << EOF
    apiVersion: helm.crossplane.io/v1beta1
    kind: ProviderConfig
    metadata:
      name: provider-helm
    spec:
      credentials:
        source: InjectedIdentity
    EOF
    
    kubectl wait --for condition=Healthy provider.pkg.crossplane.io/provider-helm --timeout 60s
  3. Generate webhook certificates

    webhook_service_name="provider-postgresql.postgresql-system.svc"
    if [[ $(uname -s) == "Linux" ]]; then b64args='-w0'; fi
    openssl req -x509 -newkey rsa:4096 -nodes -keyout tls.key -out tls.crt -days 3650 -subj "/CN=${webhook_service_name}" -addext "subjectAltName = DNS:${webhook_service_name}"
    yq -n '.webhook.caBundle="'$(base64 $b64args tls.crt)'" | .webhook.certificate="'$(base64 $b64args tls.crt)'" | .webhook.privateKey="'$(base64 $b64args tls.key)'"' > webhook-values.yaml
  4. Install provider-postgresql

    helm repo add appcat-service-postgresql https://vshn.github.io/appcat-service-postgresql
    kubectl apply -f https://github.com/vshn/appcat-service-postgresql/releases/latest/download/crds.yaml
    helm upgrade --install provider-postgresql appcat-service-postgresql/provider-postgresql \
      --create-namespace --namespace postgresql-system \
      --values webhook-values.yaml \
      --wait
  5. Apply the configuration for a PostgreSQL major version.

    kubectl apply -f - << EOF
    apiVersion: postgresql.appcat.vshn.io/v1alpha1
    kind: PostgresqlStandaloneOperatorConfig
    metadata:
      labels:
        postgresql.appcat.vshn.io/major-version: v14
      name: platform-config-v14
      namespace: postgresql-system
    spec:
      backupConfigSpec:
        s3BucketSecret:
          accessKeyRef:
            key: accessKey
            name: s3-credentials
          bucketRef:
            key: bucket
            name: s3-credentials
          endpointRef:
            key: endpoint
            name: s3-credentials
          secretKeyRef:
            key: secretKey
            name: s3-credentials
      defaultDeploymentStrategy: HelmChart
      helmProviderConfigReference: provider-helm
      helmReleaseTemplate:
        chart:
          name: postgresql
          repository: https://charts.bitnami.com/bitnami
          version: 11.1.23
        values:
          key: value
      persistence:
        accessModes:
          - ReadWriteOnce
      resourceMaxima:
        memoryLimit: 6Gi
        storageCapacity: 500Gi
      resourceMinima:
        memoryLimit: 512Mi
        storageCapacity: 5Gi
    EOF

Conclusion

Now that you have the basic Operator running, it’s time to get started with deploying instances. See Tutorial: Getting Started to get started.