Which image of the operator are you using? registry.opensource.zalan.do/acid/postgres-operator:v1.7.1
Where do you run it - cloud or metal? Kubernetes [KIND / GCP]
Are you running Postgres Operator in production? Not yet
Type of issue? Question / Feature request
We're considering switching to using Postgres Operator instead of managing Patroni instances directly.
Part of our current setup script for new Postgres instances includes the following (where is a non-superuser):
GRANT EXECUTE ON FUNCTION pg_switch_wal TO "<username>";
This allows us to call pg_switch_wal when we open a console, ensuring that a WAL has been generated (and therefore, theoretically, archived) before we go ahead with potentially dangerous console work.
In Spilo, we granted this already to admin role. But likely you are not using the teams API feature. Not sure, if the admin role is created then but I think yes. At Zalando, team members will become part of the admin role and can therefore execute pg_switch_wal in their cluster.
FxKu
commented
2 years ago
We're considering switching to using Postgres Operator instead of managing Patroni instances directly.
Part of our current setup script for new Postgres instances includes the following (where is a non-superuser):
This allows us to call
pg_switch_walwhen we open a console, ensuring that a WAL has been generated (and therefore, theoretically, archived) before we go ahead with potentially dangerous console work.Is there a way to achieve this same behaviour using
preparedDatabases? From https://postgres-operator.readthedocs.io/en/latest/user/#manifest-roles, it looks like I can only use a limited number of privilege levels?