Skip to content

Commit

Permalink
Add support for Google Cloud (#938)
Browse files Browse the repository at this point in the history
Co-authored-by: Steven Miller <sjmiller609@gmail.com>
  • Loading branch information
nhudson and sjmiller609 authored Sep 12, 2024
1 parent 0332295 commit e5635ee
Show file tree
Hide file tree
Showing 18 changed files with 484 additions and 167 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/conductor.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
fail-fast: false
matrix:
kube_version:
- "1.25.8"
- "1.29.8"
steps:
- uses: actions/checkout@v4
- name: Install system dependencies
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,14 @@ on:
branches:
- main
paths:
- '.github/workflows/operator.yaml'
- 'tembo-operator/**'
- ".github/workflows/operator.yaml"
- "tembo-operator/**"
push:
branches:
- main
paths:
- '.github/workflows/operator.yaml'
- 'tembo-operator/**'
- ".github/workflows/operator.yaml"
- "tembo-operator/**"

jobs:
functional_test:
Expand All @@ -39,7 +39,7 @@ jobs:
# Go here for a list of versions:
# https://github.com/kubernetes-sigs/kind/releases
kube_version:
- '1.25.8'
- "1.29.8"
steps:
- uses: actions/checkout@v4
- name: Install system dependencies
Expand Down
6 changes: 3 additions & 3 deletions charts/tembo-operator/Chart.lock
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
dependencies:
- name: cloudnative-pg
repository: https://cloudnative-pg.github.io/charts
version: 0.20.1
digest: sha256:8b7ed89dc3d149784f369ed4035d79268e9348f232b5cbebd5096c2d29e9ded7
generated: "2024-02-12T14:57:18.051558882-06:00"
version: 0.21.6
digest: sha256:3922d990e9dec07c6dda1f7b8799e9cfd2ef28450357f5a3f260a3d4773e5db2
generated: "2024-09-04T09:47:10.610286988-05:00"
4 changes: 2 additions & 2 deletions charts/tembo-operator/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: tembo-operator
description: "Helm chart to deploy the tembo-operator"
type: application
icon: https://cloud.tembo.io/images/TemboElephant.png
version: 0.7.2
version: 0.7.3
home: https://tembo.io
sources:
- https://github.com/tembo-io/tembo
Expand All @@ -17,6 +17,6 @@ maintainers:
url: https://tembocommunity.slack.com
dependencies:
- name: cloudnative-pg
version: 0.20.1
version: 0.21.6
repository: https://cloudnative-pg.github.io/charts
condition: cloudnative-pg.enabled
Binary file not shown.
Binary file not shown.
48 changes: 44 additions & 4 deletions charts/tembo-operator/templates/crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1930,8 +1930,8 @@ spec:
retentionPolicy: '30'
schedule: 0 0 * * *
endpointURL: null
s3Credentials:
inheritFromIAMRole: true
s3Credentials: null
googleCredentials: null
volumeSnapshot:
enabled: false
description: |-
Expand All @@ -1953,14 +1953,33 @@ spec:
description: The S3 compatable endpoint URL
nullable: true
type: string
googleCredentials:
description: 'GoogleCredentials is the type for the credentials to be used to upload files to Google Cloud Storage. It can be provided in two alternative ways: * The secret containing the Google Cloud Storage JSON file with the credentials (applicationCredentials) * inheriting the role from the pod (GKE) environment by setting gkeEnvironment to true'
nullable: true
properties:
applicationCredentials:
description: The reference to the secret containing the Google Cloud Storage JSON file with the credentials
nullable: true
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
gkeEnvironment:
description: Use the role based authentication without providing explicitly the keys.
nullable: true
type: boolean
type: object
retentionPolicy:
default: '30'
description: The number of days to retain backups for
nullable: true
type: string
s3Credentials:
default:
inheritFromIAMRole: true
description: The S3 credentials to use for backups (if not using IAM Role)
nullable: true
properties:
Expand Down Expand Up @@ -2383,6 +2402,27 @@ spec:
description: endpointURL is the S3 compatable endpoint URL
nullable: true
type: string
googleCredentials:
description: s3Credentials is the S3 credentials to use for backups.
nullable: true
properties:
applicationCredentials:
description: The reference to the secret containing the Google Cloud Storage JSON file with the credentials
nullable: true
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
gkeEnvironment:
description: Use the role based authentication without providing explicitly the keys.
nullable: true
type: boolean
type: object
recoveryTargetTime:
description: recovery_target_time is the time base target for point-in-time recovery.
nullable: true
Expand Down
2 changes: 1 addition & 1 deletion conductor/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 2 additions & 4 deletions conductor/justfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,15 @@ NAME := "conductor"
VERSION := `git rev-parse HEAD`
SEMVER_VERSION := `grep version Cargo.toml | awk -F"\"" '{print $2}' | head -n 1`
NAMESPACE := "default"
KUBE_VERSION := env_var_or_default('KUBE_VERSION', '1.25.8')
KUBE_VERSION := env_var_or_default('KUBE_VERSION', '1.29.8')
RUST_LOG := "info"

default:
@just --list --unsorted --color=always | rg -v " default"

install-traefik:
kubectl create namespace traefik || true
helm upgrade --install --namespace=traefik --version=20.8.0 --values=./testdata/traefik-values.yaml traefik traefik/traefik
# https://github.com/traefik/traefik-helm-chart/issues/757#issuecomment-1753995542
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0.0-beta2/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
helm upgrade --install --namespace=traefik --version=29.0.1 --values=./testdata/traefik-values.yaml traefik traefik/traefik

install-operator:
just install-cert-manager
Expand Down
34 changes: 26 additions & 8 deletions conductor/testdata/traefik-values.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
image:
tag: v3.0.0-beta2
tag: v3.0.3-tembo.1
registry: quay.io/tembo
repository: traefik
logs:
general:
level: DEBUG
Expand All @@ -15,22 +17,38 @@ additionalArguments:
- "--api.debug=true"
ports:
postgresql:
expose: true
expose:
default: true
port: 5432
exposedPort: 5432
nodePort: 32432
protocol: TCP
web:
expose: true
port: 8080
exposedPort: 8080
nodePort: 32430
# web:
# expose: true
# port: 8080
# exposedPort: 8080
# nodePort: 32430
# protocol: TCP
websecure:
expose:
default: true
port: 8443
exposedPort: 8443
nodePort: 32443
protocol: TCP
traefik:
expose: true
expose:
default: true
port: 9000
exposedPort: 9000
nodePort: 32431
protocol: TCP
deployment:
replicas: 1
resources:
requests:
cpu: "200m"
memory: "100Mi"
limits:
cpu: "400m"
memory: "300Mi"
2 changes: 1 addition & 1 deletion tembo-operator/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion tembo-operator/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[package]
name = "controller"
description = "Tembo Operator for Postgres"
version = "0.49.10"
version = "0.50.0"
edition = "2021"
default-run = "controller"
license = "Apache-2.0"
Expand Down
39 changes: 38 additions & 1 deletion tembo-operator/src/apis/coredb_types.rs
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,36 @@ pub struct S3CredentialsSessionToken {
pub name: String,
}

/// GoogleCredentials is the type for the credentials to be used to upload files to Google Cloud Storage.
/// It can be provided in two alternative ways:
/// * The secret containing the Google Cloud Storage JSON file with the credentials (applicationCredentials)
/// * inheriting the role from the pod (GKE) environment by setting gkeEnvironment to true
#[derive(Serialize, Deserialize, Clone, Debug, Default, JsonSchema)]
pub struct GoogleCredentials {
/// The reference to the secret containing the Google Cloud Storage JSON file with the credentials
#[serde(
default,
skip_serializing_if = "Option::is_none",
rename = "applicationCredentials"
)]
pub application_credentials: Option<GoogleCredentialsApplicationCredentials>,

/// Use the role based authentication without providing explicitly the keys.
#[serde(
default,
skip_serializing_if = "Option::is_none",
rename = "gkeEnvironment"
)]
pub gke_environment: Option<bool>,
}

/// GoogleCredentialsApplicationCredentials is the type for the reference to the secret containing the Google Cloud Storage JSON file with the credentials
#[derive(Serialize, Deserialize, Clone, Debug, Default, JsonSchema)]
pub struct GoogleCredentialsApplicationCredentials {
pub key: String,
pub name: String,
}

/// VolumeSnapshots is the type for the configuration of the volume snapshots
/// to be used for backups instead of object storage
#[derive(Serialize, Deserialize, Clone, Debug, Default, JsonSchema, PartialEq)]
Expand Down Expand Up @@ -227,9 +257,12 @@ pub struct Backup {
pub endpoint_url: Option<String>,

/// The S3 credentials to use for backups (if not using IAM Role)
#[serde(default = "defaults::default_s3_credentials", rename = "s3Credentials")]
#[serde(rename = "s3Credentials")]
pub s3_credentials: Option<S3Credentials>,

#[serde(rename = "googleCredentials")]
pub google_credentials: Option<GoogleCredentials>,

/// Enable using Volume Snapshots for backups instead of Object Storage
#[serde(
default = "defaults::default_volume_snapshot",
Expand Down Expand Up @@ -290,6 +323,10 @@ pub struct Restore {
#[serde(rename = "s3Credentials")]
pub s3_credentials: Option<S3Credentials>,

/// s3Credentials is the S3 credentials to use for backups.
#[serde(rename = "googleCredentials")]
pub google_credentials: Option<GoogleCredentials>,

/// volumeSnapshot is a boolean to enable restoring from a Volume Snapshot
#[serde(rename = "volumeSnapshot")]
pub volume_snapshot: Option<bool>,
Expand Down
Loading

0 comments on commit e5635ee

Please sign in to comment.