Create postgres tenant clusters managed by the CNPG Operator
| Name | Url | |
|---|---|---|
| cloudymax | https://github.com/cloudymax | |
| jessebot | https://github.com/jessebot |
| Key | Type | Default | Description |
|---|---|---|---|
| backup | object | {} |
if we should backup up this cluster, please see values.yaml for example |
| bootstrap | object | {} |
boostrap method. see: https://cloudnative-pg.io/documentation/1.23/bootstrap/ |
| certificates.client.clientCASecret | string | "" |
name of existing Kubernetes Secret for the postgresql client Certificate Authority cert, ignored if certificates.generate is true |
| certificates.client.enabled | bool | false |
enable using client certificates |
| certificates.client.generate | bool | false |
generate client certs using cert-manager. if true the following are ignored: certificates.clientCASecret, certificates.replicationTLSSecret |
| certificates.client.replicationTLSSecret | string | "" |
name of existing Kubernetes Secret for the postgresql replication TLS cert ignored if certificates.generate is true |
| certificates.server.enabled | bool | false |
enable using server certificates |
| certificates.server.generate | bool | false |
generate server certs using cert-manager. if true the following are ignored: certificates.serverTLSSecret, certificates.serverCASecret |
| certificates.server.serverCASecret | string | "" |
name of existing Kubernetes Secret for the postgresql server Certificate Authority cert, ignored if certificates.generate is true |
| certificates.server.serverTLSSecret | string | "" |
name of existing Kubernetes Secret for the postgresql server TLS cert, ignored if certificates.generate is true |
| certificates.user.enabled | bool | false |
create a certificate for a user to connect to postgres using CertManager requires server and client certificate generation enabled |
| certificates.user.username | list | ["app"] |
List of names of users to create a cert for, eg: the DbOwner specified earlier. This data populated into the commonName field of the certificate. |
| enableSuperuserAccess | bool | false |
CNPG disables the postgres superuser by default must be explicitly enabled |
| externalClusters | list | [] |
|
| imageName | string | "ghcr.io/cloudnative-pg/postgresql:16.0" |
image to use for all tenant pods |
| instances | int | 3 |
number of postgres replicas minimum 1 required |
| managed | object | {"roles":[]} |
See https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-RoleConfiguration for explanation of all options |
| monitoring.enablePodMonitor | bool | false |
enable monitoring via Prometheus |
| name | string | "cnpg" |
|
| postgresql.pg_hba | list | ["hostnossl all all 0.0.0.0/0 reject","hostssl all all 0.0.0.0/0 cert clientcert=verify-full"] |
records for the pg_hba.conf file. ref: https://www.postgresql.org/docs/current/auth-pg-hba-conf.html |
| primaryUpdateStrategy | string | "unsupervised" |
|
| resources | object | {} |
|
| scheduledBackup | object | {} |
schduled backups section, please see values.yaml for example |
| storage.size | string | "1Gi" |
how much storage to allocate to the postgresql cluster |
| superuserSecret | string | "" |
name of existing secret to use as superuser redentials will be randomly generated if not specified. |
| testApp.enabled | bool | false |
Autogenerated from chart metadata using helm-docs v1.13.1