Gracious Iguanas

This is a bugfix release to the 1.8 version of the Postrges Operator. Thanks to everyone who gave feedback, raised issues or fixed bugs.

Fixes and enhancements

• Not changing case of defined environment variables (breaking change in v1.8.0) (#1889)
• Bring back 8080 operator port for spilo containers (#1864)
• Avoid writing on a closed channel during switchovers (#1876)
• additional_owner_roles are granted to database owners, not vice versa (operator will repair false membership) (#1869)
• Use uint64 type for fetching replication lag calling Patroni members endpoint (#1893)
• Use right number of WaitGroups when PostgresTeam informer is enabled (#1876)
• Sync CRD manifests with internal go representation (#1869)
• Raising apiVersion of helm charts to only support helm3+ (#1884)
• [UI] correct cost calculation and added tooltip to cluster list explaining the formula (#1872)
• [UI] when fetching cluster logs use default when no team is found for user (#1872)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.8.1
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.8.1
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.8.1
Default Spilo image: registry.opensource.zalan.do/acid/spilo-14:2.1-p5

Thanks to our contributors: @FxKu, @idanovinda, @jopadi, @sdudoladov, @Jan-M, @CyberDem0n,
@dmvolod, @mujx, @stephan2012, @danlenar, @chitoku-k, @AllexVeldman, @rocket357

Gracious Iguana

We are excited to announce a new release of the Postgres Operator. Thanks to everyone who contributed with PRs, feedback, raising issues or providing ideas.

New features

• Individual environment variables per cluster (#1794, #1848)
• Support standby clusters from remote primary and GCS WAL backup location (#1544, #1446)
• Optional user and password rotation inside K8s secrets (#1749, #1796)
• Operator can create CRDs for streaming change data capture into Nakadi (#1570)
• Define extra roles granted to database owners (e.g. cron_admin) (#1805)
• Define annotations to be ignored on sync (#1823, #1485, #1482)
• Enable auto major version upgrade only for clusters of specified teams (#1699)
• Support for Patroni's synchronous_node_count option (#1484)
• [UI] added IOPS and throughput options for volume settings (useful for AWS gp3 volumes) (#1824)
• [Logical-Backup] Introduce configurable retention time for logical backups on S3 (#1337)

Enhancements

• Choose switchover target based on lag and role (#1700, #1724)
• Added ReadinessProbe on the stateful set (#1825)
• Pooler services can now be turned into type LoadBalancer, too (#943, #1799)
• Toleration changes will now be reflected on cluster sync (#1729)
• Node readiness label can now be evaluated together with specfied nodeAffinities (#1729)
• Major version upgrades can be executed by rootless user (#1770)
• Inherited labels and annotations are passed to PVCs, too (#1784)
• CRD registration by the operator can now be skipped (#1733)
• Empty resources in manifest will now pass validation with go-client (#1589, #1822)
• Removed required fields of cluster resources from CRD schema. (#1822)
• Removed required fields of tolerations from CRD schema (#1797)
• Improve comparison of container ports on sync (#1755)
• Retry and timeout options for Patroni API calls (#1803)
• Adding retry logic when fetching the pod_environment_secret (#1777)
• Categories in CRDs are now configurable (#1781)
• Manifest example for minimal master/replica ServiceMonitor (#1452)
• Added doc chapter about restoring a cluster in place (#1833)
• move from Go 1.16.9 to 1.17.4 + updating dependencies (#1717)
• [pooler] bump to pgBouncer 1.17.0 and allow for scram secrets (#1837)
• [UI] postgres version and cluster resources can be changed in edit mode (#1824)
• [UI] ingresClassName option in helm chart (#1787)
• [Logical-Backup] Added IPv6 support for dump script (#1405)
• [helm] Added user-facing cluster roles (#1675)

Fixes

• Replace instances on rolling update only when all instances are healthy (#1767)
• Make sure major version upgrade script runs on the master (#1715)
• When kubernetes_use_configmaps is true, do not try to create endpoints (#1760)
• Fixed nil pointer while syncing pooler deployment (#1701)
• Skip EBS migration when no volumes are found to not block cluster from healing itself (#1851)
• Return only a warning instead of error if teams API returns a 404 Not Found (#1842)
• Removed CRD validation toggle from go code to avoid errors when operator registers CRDs (#1697)
• Code generation uses correct target folder again (#1713)
• [UI] fix fetching logs when teamId contains hyphens (#1859)

Breaking changes

• variables from pod_environment_secret take precedence over pod_environment_configmap (#1848)
• deprecated CRD validation toggle because schema must be present in apiextensions.k8s.io/v1 (#1781)
• dropped support for helm2 charts (#1679)
• dropped v1.5.0.tgz from helm chart folders (#1852)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.8.0
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.8.0
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.8.0
Default Spilo image: registry.opensource.zalan.do/acid/spilo-14:2.1-p5

Thanks to our contributors: @FxKu, @jopadi, @sdudoladov, @Jan-M, @CyberDem0n,
@dmvolod, @machine424, @evsasha, @uzzz, @neelasha-09, @dpeckett, @Menzorg,
@stoewer, @jamesmcdonald, @Cellebyte, @jgillich, @preved911, @snarlysodboxer,
@ermajn, @Prototik, @moshloop, @spohner, @OlleLarsson, @Aisuko, @Lxrdknows77,
@Wikiwix, @Mattes83, @mujx, @RafiaSabih, @ebostijancic, @bleleve, @apeschel,
@sdressler, @kien-truong

Obedient Tarsier

This is a new minor release to the 1.7 version of the Postrges Operator. Thanks to everyone who gave feedback, raised issues or fixed bugs.

New features

• Postgres 14 support (#1636)

Enhancements

• choose correct restart order of master and replica(s) when decreasing certain config options like max_connections (#1655)
• restart instances with a pending_restart flag on later syncing (#1655)
• fixing issues around comparison between effective Postgres config vs. patroni + postgresql.parameters manifest sections (#1635)
• fix configuring PodToleraton via OperatorConfiguration CRD (#1647)
• move from Go 1.15.6 to 1.16.9 + updating dependencies (#1645)
• documentation fixes (#1594, #1631, #1650)

Breaking changes

• support for Postgres 9.5 is dropped from the new default Spilo image (#1636)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.7.1
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.7.1
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.7.1
Default Spilo image: registry.opensource.zalan.do/acid/spilo-14:2.1-p3

Thanks to our contributors: @FxKu, @Jan-M, @CyberDem0n,
@yajo, @elmehdisaniss, @wlritchi, @Lebvanih

Obedient Loris

We are excited to announce a new release of the Postgres Operator.

New features

• Allow secrets in namespaces different from cluster (#1490, #1540, #1569, #1581)
• Selector for pre-provisioned volumes (#1385)
• Add support for backups on Azure (#1537)

Enhancements

• Changes under Patroni section will be reflected, e.g. replication slots (#1535)
• Avoid rolling updates if only restart is needed, e.g. parameters changed under postgresql section (#1103)
• For preparedDatabases, define default access privileges for default LOGIN roles, too (#1512)
• Improved connection pooler sync fixes missing pooler schema for new databases (#1593)
• Node affinities and tolerations are reused for pooler pods (#1464)
• Add basic retry around switchover (#1510)
• Do not modify volumes when below gp3 minimum throughput (#1543)
• Extended admin docs on operator upgrades and restoring backups (#1592)
• [UI, helm] improve manifest templates (#1514, #1575, #1582)

Breaking changes

• new bootstrap parameter blacklist moves fields between parameters and DCS sections in SPILO_CONFIGURATION env variable -> rolling update (#1103)
• [helm] Both configuration options are served from the same values.yaml file (#1224, #1603)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.7.0
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.7.0
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.7.0
Default Spilo image: registry.opensource.zalan.do/acid/spilo-13:2.1-p1

Thanks to our contributors: @FxKu, @RafiaSabih, @sdudoladov, @Jan-M, @erthalion, @CyberDem0n,
@apeschel, @yanchenko-igor, @jcrood, @dalbani, @cucxabong, @frankconrad,
@flyinggecko, @golgoth31, @markus-codes, @yelhouti, @ssinger, @stromvirvel

Splendid Caribou

This is a new minor release to the 1.6 version of the Postrges Operator. Thanks to everyone who gave feedback, raised issues or fixed bugs.

New features

• New option to automatically deny login for team members removed from Teams API or CRD (#1457)

Enhancements

• Bump Spilo image with latest Postgres minor releases (#1503)
• Get postgres container by name, use index 0 only as fallback (#1504, #1505, #1381)
• Replace statefulsets on annotation diff to avoid updates on each sync (#1449)
• Fix updates of pooler deployment on each sync (#1448)
• Trigger rolling update if number of volumes in statefulset differs (#1474)
• Mount additional volumes to postgres container if targetContainers is empty (#1475)
• Fix configuring spilo_runasuser and spilo_runasgroup from ConfigMap (#1503)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.6.3
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.6.3
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.6.3
Default Spilo image: registry.opensource.zalan.do/acid/spilo-13:2.0-p7

Thanks to our contributors: @FxKu, @sdudoladov, @erthalion, @Jan-M, @CyberDem0n,
@cucxabong, @guicholeo

Splendid Deer

This is a new minor release to the 1.6 version of the Postrges Operator. Thanks to everyone who gave feedback, raised issues or fixed bugs.

New features

• Support major version upgrade via manifest (#1372)
• Control global upgrades via min major version (#1372, #1386)
• Add option to configure AllowPrivilegeEscalation for pods (true by default) (#1412, #1433)

Enhancements and bugfixes

• Moved rolling update flag from statefulset to pods (#1341)
• Prevent rolling updates on empty additional_pod_capabilities (#1380)
• Create global default privileges in the appropriate prepared databases (#1421)
• Not logging failed queries for CREATE / ALTER USER commands (#1433)
• [UI] parameterize team settings (#1375)
• [Pooler] improve monitoring capabilities of pgbouncer

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.6.2
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.6.2
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.6.2
Default Spilo image: registry.opensource.zalan.do/acid/spilo-13:2.0-p6

Thanks to our contributors: @Jan-M, @FxKu, @erthalion, @sdudoladov, @CyberDem0n,
@machine424, @neelasha-09, @caiconkhicon, @holyhope, @ssinger

Splendid Moose

This is a new minor release to the 1.6 version of the Postrges Operator. Thanks to everyone who gave feedback, raised issues or fixed bugs.

⚠️ Note, this release contains a bug which leads to rolling updates on each SYNC event. You have to either configure additional_pod_capabilities (e.g. SYS_NICE what is beneficial for Spilo) to something what is allowed in your environment or keep on using the v1.6.0.

New features

• New options to define additional container capabilities for database pods (#1336)
• Configurable prefix and name trimming for logical backup cron job name (#1287, #1208)
• Enable AWS gp3 support in manifest, allowing configuration of IOPS and throughput (#1261, #1340)

Enhancements

• Use defaulting in CRD validation (#1283)
• Retry logic for fetching Patroni state (#1293)
• Sync volumes on update (#1330)
• Sync connection pooler only when configuration changed (#1274)
• Improved docs on physical vs. logical backups (#1367)
• Updated to trusted Docker base images (#1302)
• Updated dependencies of operator, UI and logical backup (#1302, #1329, #1264, #1357)
• Updated default Spilo docker image to latest 2.0-p4 release (#1367)

Fixes

• [UI] Fix reading correct number of master pods when connection pooler is enabled (#1297)
• PostgresTeam CRD: New additional teams and users will not be ignored on sync (#1349, #1314)
• Fix typos and add missing options in helm charts (#1333, #1282, #1305)
• Fix configured spilo_runasuser and spilo_runasgroup being ignored (#1361)
• Fix compiler errors in kubectl pg plugin due to outdated Go version (#1264)
• Fix typo in environment variable for connection pooler (#1294)
• Fix CRD validation for nodeAffintiy (#1368)

Breaking Change

• Removed PodSecurityPolicy privilege from RBAC and set AllowPrivilegeEscalation based on spilo_privileged setting (#1326, #1328)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.6.1
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.6.1
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.6.1
Default Spilo image: registry.opensource.zalan.do/acid/spilo-13:2.0-p4

Thanks to our contributors: @Jan-M, @FxKu, @sdudoladov, @RafiaSabih, @erthalion, @CyberDem0n,
@tommasopozzetti, @batazor, @mseiwald, @apeschel, @georgebarbarosie @zvier, @balibebas,
@dervoeti, @sagor999, @polarclair

Splendid Elk

We are very excited to announce a new release of the Postgres Operator in 2020! 🎄 🐘
This is the first release using the Spilo 13 image, incl. Patroni v2.0 and the newest PostgreSQL.
Please, read about the breaking changes when switching to PG13.
Update your CRDs to have manifest validation and field presevation up-to-date for newer Kubernetes versions (1.19+).

New features

• In-place major version upgrade (#1160, zalando/spilo#488)
• NodeAffinity support (#1166, #1263)
• pgBouncer support for replicas (#1159)
• PostgresTeam CRD to define custom team mappings (#1165)
• Specify alternative scheduler (#1226)
• Inherited annotations for all major objects (#1236)
• Delete protection for Postgres manifests via annotations (#1069)
• Allow pod environment variables to be sourced from a secret (#946, #1177)
• Support wal-e backups to GCS (#620)
• Support migration to AWS gp3 volumes (#1242)
• Enable JSON logging (#1158)

Enhancements and fixes

• New storage_resize_mode option to resize volumes via updating PVCs (#958)
• ExternalTrafficPolicy of services can now be configured (#1136)
• Extend logical backup support to GCS (#1173)
• Set search_path for default roles in PreparedDatabases (#1065)
• Support scram-sha-256 hash for password encryption (#995)
• Include diffs on securityContext when clusters are synced (#1007, #1255)
• Deletion of secrets on cluster deletion (#974, #1054, #1091)
• More flexibility when referencing an existing infrastructure roles secret (#1064, #1090)
• Improved visibility of events on failed cluster setups (#1013)
• Fixes and improvements on pgBouncer support (#960, #1169, #1171, #1213)
• Fixed configuring CRD via go-client (#1020, #1223)
• Fixed case where no NodeReadinessLabel is defined, but node is unscheduable (#1162)
• Fixed changing order of sidecar env variables (#980)
• Fixed syncing PreparedSchemas (#1139)
• Fixed cloning from GCS (#1176)
• Make setup on OpenShift easier when using helm charts (#1037)
• Increase speed of e2e test and update kind version (#1180, #1185, #1121, #1156)
• UI: Now display cluster status if setup failed (#1260)
• UI: Add support for custom S3 endpoints (#1152)
• UI: Add imagePullSecret to deployment in helm chart (#1211)
• UI: Add Kustomization manifest (#1086)

Breaking changes

• Manifest entries for pg_hba will overwrite the configuration and not append to it!
• Variables in pod environment config map / secret will overwrite AWS/GCP setting in operator config (#1177)
• Enable PGVERSION env variable for Postgres 13 image (#1172, #1160, #1254, #1260)
• Change default volume resize strategy to update PVCs instead of AWS API call (#1257)
• Migrate CRDs to apiVersion v1 (#746, #1212, #1228, #1248)
• Make volume section in Postgres manifest a required field (#1016)
• Update to Go 1.15 (#1122, #1242)
• Switch public builds from Travis to GitHub Actions (#1215)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.6.0
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.6.0
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:v1.6.0

Many thanks to the committers @Jan-M, @FxKu, @erthalion, @RafiaSabih, @sdudoladov
special thanks to @CyberDem0n for his continuous work on Patroni and Spilo,
and a loud applause to our external contributors @yanchenko-igor, @sagor999
@frittentheke, @Thunderbolt32, @spohner, @neelasha-09, @hlihhovac, @alfredw33,
@arminfelder, @bbsbb, @lxgege, @preved911, @dajudge, @lalbers, @hoangelos,
@programmer04, @Gottox, @mcoletti, @arichardet, @sonaysevik, @dalbani, @abh,
@SanjeevChoubey, @toonsevrin, @kupson

Furious Hedgehog

We are excited to announce yet another release of the Postgres Operator. It's a big one! 🐘

New features

• Database-side connection pooling with pgBouncer (#799, #883, #906)
• Global sidecars supporting full container spec (#890)
• Specify additional volumes per Postgres cluster manifest (#736, #933)
• Support for custom TLS certificates (#798, #920)
• Let operator create databases with pre-defined roles and privileges (#843)
• Add database schemas and extensions via manifest (#843)
• Additional synchronous replication modes available via Patroni (#869)
• Optional lazy update of spilo image to save up rolling updates for node rotations (#859)
• New option to propagate annotations from CRD to statefulset / deployment (#932)
• New ownership annotation to run multiple operators next to each other (#802)
• UI: Add toggle for connection pooler (#953)
• UI: Add option for NodePort services (#928)

Enhancements and fixes

• New Spilo image can run with a rootless user
• Better compatibility with OpenShift (#885, #887, #921)
• Emit K8s events to the Postgresql CR for better user feedback (#896, #952)
• Recreate pods only if all replicas are running (#903)
• Allow custom pod environment configmap in separate namespaces (#870)
• Use cryptographically secure password generation (#854)
• Changing the PostgreSQL version in the manifest is simply omitted (#860)
• Clearer logging when exceeding MasterPodMoveTimeout (#846)
• Make postgres-pod cluster role dynamic in helm chart (#802)
• UI: List individual S3 wal files in backups view (#880)

Breaking changes

• Update your postgres-operator cluster role (deployments and events added) (#799, #952)
• Passing ClusterLabels as JSON to Spilo (#877)
• Switching to Go 1.14 (#882)
• Scalyr sidecar deprecated (#945, #890)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.5.0
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.5.0-dirty
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup:master-58
Connection pooler image: registry.opensource.zalan.do/acid/pgbouncer:master-7

Shipped with latest Patroni v1.6.5 and Spilo 12:1.6-p3 releases

Many thanks to the committers @erthalion, @FxKu, @sdudoladov, @RafiaSabih, @Jan-M,
special thanks to @CyberDem0n for his continuous work on Patroni and Spilo,
and kudos to our external contributors @ReSearchITEng, @seuf, @zimbatm, @fischerman,
@frittentheke, @lalbers, @Prototik, @siku4, @f2cognite, @PetrBarborka, @marcusportmann,
@hengchu, @grantlanglois, @hzliangbin, Jonher937, @boopathykpm

Elated Barracuda

We are happy to announce yet another release of the Postgres Operator 🐘
We have also updated the UI and improved its setup and documentation to make local testing easier:

New features

• New cluster manifest option to specify custom service annotations (#803)
• New options to configure minimum CPU and memory limits (#808)
• Added service example for exposing operator REST API (#794)
• Logical Backup: New option logical_backup_s3_region (#813)
• UI: New column to show monthly cloud costs per cluster (can be configured) (#796)
• UI: Cluster name label is now configurable (cluster-name by default) (#796)
• UI: Added helm chart for the Postgres Operator UI (special thanks to @siku4) (#795)

Enhancements and fixes

• Bump Spilo version with latest minors of all supported PostgreSQL versions (#836)
• Update services when their annotations have changed (#818)
• Toggling load balancer services now only patches/updates the resource (#818)
• Standby clusters can have one instance (recommended) even if min_instances is set higher (#797, #842)
• Fixed unmarshalling of MasterPodMoveTimeout (#816)
• Change error computation on JSON unmarshal accross different Go versions (#801)
• Logical Backup: Reduce tracing of dumps and include postgresql-client-12 (#813)
• UI: Now works with stateful sets from K8s 1.16+ (#675)
• UI: Reordered columns and additional status step for cluster manifest (#796)
• UI: Updated dependencies (#796, #835)
• UI: Align build tag with operator (#844)
• UI: Improved documentation (#796)

Breaking changes

• The operator will now enforce minimum CPU and memory limits if specified below configured minimum (#808)
• New default cluster role postgres-pod dedicated for database pods and Patroni (#832)
• Switch rbac.authorization.k8s.io to v1. Update pod_service_account_role_binding_definition configuration if you are using it. (#829)
• Use cluster-name as default for cluster name label everywhere (#782)

Docker image: registry.opensource.zalan.do/acid/postgres-operator:v1.4.0
UI Docker image: registry.opensource.zalan.do/acid/postgres-operator-ui:v1.4.0
Sample logical backup image: registry.opensource.zalan.do/acid/logical-backup

Shipped with Patroni v1.6.4 and Spilo 1.6-p2

Many thanks to the committers @FxKu, @Jan-M, @erthalion, @RafiaSabih, @sdudoladov, @hjacobs,
special thanks to @CyberDem0n for his continuous work on Patroni and Spilo,
and applause to our contributors @jonathanbeber, @siku4, @vitobotta, @f2cognite