Installation
This tutorial goes through the steps required to get the operator up and running.
Prerequisites
-
kubectl -
helmv3 -
yq -
base64 -
openssl -
A running Kubernetes cluster with cluster-admin permissions
Steps
-
Install Crossplane
helm repo add crossplane https://charts.crossplane.io/stable helm upgrade --install crossplane crossplane/crossplane \ --create-namespace --namespace crossplane-system \ --wait -
Install provider-helm
kubectl apply -f - << EOF --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: crossplane:provider:provider-helm:deployer rules: - verbs: - '*' apiGroups: - '' - apps - batch - networking.k8s.io - helm.crossplane.io resources: - '*' - verbs: - '*' apiGroups: - rbac.authorization.k8s.io/v1 resources: - roles - rolebindings - serviceaccounts --- apiVersion: v1 kind: ServiceAccount metadata: name: provider-helm namespace: crossplane-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: crossplane:provider:provider-helm:deployer roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: crossplane:provider:provider-helm:deployer subjects: - kind: ServiceAccount name: provider-helm namespace: crossplane-system EOF kubectl apply -f - << EOF apiVersion: pkg.crossplane.io/v1alpha1 kind: ControllerConfig metadata: name: provider-helm spec: serviceAccountName: provider-helm EOF kubectl apply -f - << EOF apiVersion: pkg.crossplane.io/v1 kind: Provider metadata: labels: name: provider-helm name: provider-helm spec: # https://github.com/crossplane-contrib/provider-helm package: crossplane/provider-helm:v0.10.0 controllerConfigRef: name: provider-helm EOF kubectl apply -f - << EOF apiVersion: helm.crossplane.io/v1beta1 kind: ProviderConfig metadata: name: provider-helm spec: credentials: source: InjectedIdentity EOF kubectl wait --for condition=Healthy provider.pkg.crossplane.io/provider-helm --timeout 60s -
Generate webhook certificates
webhook_service_name="provider-postgresql.postgresql-system.svc" if [[ $(uname -s) == "Linux" ]]; then b64args='-w0'; fi openssl req -x509 -newkey rsa:4096 -nodes -keyout tls.key -out tls.crt -days 3650 -subj "/CN=${webhook_service_name}" -addext "subjectAltName = DNS:${webhook_service_name}" yq -n '.webhook.caBundle="'$(base64 $b64args tls.crt)'" | .webhook.certificate="'$(base64 $b64args tls.crt)'" | .webhook.privateKey="'$(base64 $b64args tls.key)'"' > webhook-values.yaml -
Install provider-postgresql
helm repo add appcat-service-postgresql https://vshn.github.io/appcat-service-postgresql kubectl apply -f https://github.com/vshn/appcat-service-postgresql/releases/latest/download/crds.yaml helm upgrade --install provider-postgresql appcat-service-postgresql/provider-postgresql \ --create-namespace --namespace postgresql-system \ --values webhook-values.yaml \ --wait -
Apply the configuration for a PostgreSQL major version.
kubectl apply -f - << EOF apiVersion: postgresql.appcat.vshn.io/v1alpha1 kind: PostgresqlStandaloneOperatorConfig metadata: labels: postgresql.appcat.vshn.io/major-version: v14 name: platform-config-v14 namespace: postgresql-system spec: backupConfigSpec: s3BucketSecret: accessKeyRef: key: accessKey name: s3-credentials bucketRef: key: bucket name: s3-credentials endpointRef: key: endpoint name: s3-credentials secretKeyRef: key: secretKey name: s3-credentials defaultDeploymentStrategy: HelmChart helmProviderConfigReference: provider-helm helmReleaseTemplate: chart: name: postgresql repository: https://charts.bitnami.com/bitnami version: 11.1.23 values: key: value persistence: accessModes: - ReadWriteOnce resourceMaxima: memoryLimit: 6Gi storageCapacity: 500Gi resourceMinima: memoryLimit: 512Mi storageCapacity: 5Gi EOF
Conclusion
Now that you have the basic Operator running, it’s time to get started with deploying instances. See Tutorial: Getting Started to get started.