search

CrunchyData / postgres-operator-examples

Examples for deploying applications with PGO, the Postgres Operator from Crunchy Data
https://access.crunchydata.com/documentation/postgres-operator/v5/
Apache License 2.0
187 stars 4.63k forks source link

Example User "_crunchypgbouncer" is invalid yaml in the helmchart values for PGO. #276

Closed shrinedogg closed 1 month ago

shrinedogg commented 2 months ago

I'm finding an issue with the included user for pgbouncer in the postgres_operator_examples repo named "_crunchypgbouncer"; it appears it is not valid yaml for a user in the helmchart.

The error I get is when trying to apply the manifest:

  users:
    - name: _crunchypgbouncer
      databases:
       - "hippo-ha"

The PostgresCluster "hippo-ha" is invalid: spec.users[0].name: Invalid value: "_crunchypgbouncer": spec.users[0].name in body should match '^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'

That is invalid.

I have an init.sql configmap with this otherwise I get schema errors for using PG16

apiVersion: v1
kind: ConfigMap
metadata:
  name: hippo-init-sql
  namespace: postgres-operator
data: 
  init.sql: |-
    \c hippo-ha
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO _crunchypgbouncer;
    ALTER DEFAULT PRIVILEGES IN SCHEMA pgbouncer GRANT SELECT ON TABLES TO _crunchypgbouncer;

So when that failed, I tried adding the user to pgbouncer using the HelmChart values. Example:

  proxy:
    pgBouncer:
      config:
        global:
          pool_mode: session
          auth_type: md5
          auth_file: /etc/pgbouncer/users.txt
          admin_users: "test"
          stats_users: "test"
        databases:
          'hippo-ha': pool_size=100 reserve_pool=0 pool_mode=session port=5432 user=test host=hippo-ha-primary.postgres-operator.svc.cluster.local
        files:
          - configMap:
              name: pgbouncer-users
              items:
                - key: users.txt
                  path: users.txt
      image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.22-1
      replicas: 2
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 1
            podAffinityTerm:
              topologyKey: kubernetes.io/hostname
              labelSelector:
                matchLabels:
                  postgres-operator.crunchydata.com/cluster: hippo-ha
                  postgres-operator.crunchydata.com/role: pgbouncer

So with that I try pass in this configmap with a test user:

apiVersion: v1
kind: ConfigMap
metadata:
  namespace: postgres-operator
  name: pgbouncer-users
data:
  users.txt: |
    "test": "md5test"

But it seems to only get values from a secret named hippo-ha-pgbouncer where the only user is "_crunchypgbouncer".

I'm having trouble adding custom users to pgbouncer or using the included user to run pgbench against the example HA postgres database from the postgres_operator_examples repository.

Any advice/input greatly appreciated.

andrewlecuyer commented 1 month ago

Closing this issue since this has been a discussed and addressed via a Crunchy Discord discussion.