Merge branch 'master' into reconcile_cbc_roles

Author: dsessler7

CONTRIBUTING.md

@@ -86,7 +86,7 @@ possible as to what the changes are. Good things to include:
 understand.
 ```
 
-If you wish to tag a Github issue or another project management tracker, please
+If you wish to tag a GitHub issue or another project management tracker, please
 do so at the bottom of the commit message, and make it clearly labeled like so:
 
 ```

README.md

@@ -22,7 +22,9 @@ Have questions or looking for help? [Join our Discord group](https://discord.gg/
 
 # Installation
 
-We recommend following our [Quickstart](https://access.crunchydata.com/documentation/postgres-operator/v5/quickstart/) for how to install and get up and running with PGO, the Postgres Operator from Crunchy Data. However, if you can't wait to try it out, here are some instructions to get Postgres up and running on Kubernetes:
+Crunchy Data makes PGO available as the orchestration behind Crunchy Postgres for Kubernetes. Crunchy Postgres for Kubernetes is the integrated product that includes PostgreSQL, PGO and a collection of PostgreSQL tools and extensions that includes the various [open source components listed in the documentation](https://access.crunchydata.com/documentation/postgres-operator/latest/references/components).
+
+We recommend following our [Quickstart](https://access.crunchydata.com/documentation/postgres-operator/v5/quickstart/) for how to install and get up and running. However, if you can't wait to try it out, here are some instructions to get Postgres up and running on Kubernetes:
 
 1. [Fork the Postgres Operator examples repository](https://github.com/CrunchyData/postgres-operator-examples/fork) and clone it to your host machine. For example:
 
@@ -41,6 +43,8 @@ kubectl apply --server-side -k kustomize/install/default
 
 For more information please read the [Quickstart](https://access.crunchydata.com/documentation/postgres-operator/v5/quickstart/) and [Tutorial](https://access.crunchydata.com/documentation/postgres-operator/v5/tutorials/).
 
+These installation instructions provide the steps necessary to install PGO along with Crunchy Data's Postgres distribution, Crunchy Postgres, as Crunchy Postgres for Kubernetes. In doing so the installation downloads a series of container images from Crunchy Data's Developer Portal. For more information on the use of container images downloaded from the Crunchy Data Developer Portal or other third party sources, please see 'License and Terms' below. The installation and use of PGO outside of the use of Crunchy Postgres for Kubernetes will require modifications of these installation instructions and creation of the necessary PostgreSQL and related containers.  
+
 # Cloud Native Postgres for Kubernetes
 
 PGO, the Postgres Operator from Crunchy Data, comes with all of the features you need for a complete cloud native Postgres experience on Kubernetes!
@@ -244,4 +248,10 @@ The image rollout can occur over the course of several days.
 
 To stay up-to-date on when releases are made available in the [Crunchy Data Developer Portal](https://www.crunchydata.com/developers), please sign up for the [Crunchy Data Developer Program Newsletter](https://www.crunchydata.com/developers#email). You can also [join the PGO project community discord](https://discord.gg/a7vWKG8Ec9)
 
+# FAQs, License and Terms
+
+For more information regarding PGO, the Postgres Operator project from Crunchy Data, and Crunchy Postgres for Kubernetes, please see the [frequently asked questions](https://access.crunchydata.com/documentation/postgres-operator/latest/faq). 
+
+The installation instructions provided in this repo are designed for the use of PGO along with Crunchy Data's Postgres distribution, Crunchy Postgres, as Crunchy Postgres for Kubernetes. The unmodified use of these installation instructions will result in downloading container images from Crunchy Data repositories - specifically the Crunchy Data Developer Portal. The use of container images downloaded from the Crunchy Data Developer Portal are subject to the [Crunchy Data Developer Program terms](https://www.crunchydata.com/developers/terms-of-use).  
+
 The PGO Postgres Operator project source code is available subject to the [Apache 2.0 license](LICENSE.md) with the PGO logo and branding assets covered by [our trademark guidelines](docs/static/logos/TRADEMARKS.md).

config/crd/bases/postgres-operator.crunchydata.com_postgresclusters.yaml

@@ -2695,7 +2695,7 @@ spec:
                               - bucket
                               type: object
                             name:
-                              description: The name of the the repository
+                              description: The name of the repository
                               pattern: ^repo[1-4]
                               type: string
                             s3:
@@ -4438,10 +4438,10 @@ spec:
                 properties:
                   pgbackrest:
                     description: 'Defines a pgBackRest cloud-based data source that
-                      can be used to pre-populate the the PostgreSQL data directory
-                      for a new PostgreSQL cluster using a pgBackRest restore. The
-                      PGBackRest field is incompatible with the PostgresCluster field:
-                      only one data source can be used for pre-populating a new PostgreSQL
+                      can be used to pre-populate the PostgreSQL data directory for
+                      a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest
+                      field is incompatible with the PostgresCluster field: only one
+                      data source can be used for pre-populating a new PostgreSQL
                       cluster'
                     properties:
                       affinity:
@@ -5615,7 +5615,7 @@ spec:
                             - bucket
                             type: object
                           name:
-                            description: The name of the the repository
+                            description: The name of the repository
                             pattern: ^repo[1-4]
                             type: string
                           s3:
@@ -13319,6 +13319,38 @@ spec:
                 required:
                 - pgBouncer
                 type: object
+              replicaService:
+                description: Specification of the service that exposes PostgreSQL
+                  replica instances
+                properties:
+                  metadata:
+                    description: Metadata contains metadata for custom resources
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  nodePort:
+                    description: The port on which this service is exposed when type
+                      is NodePort or LoadBalancer. Value must be in-range and not
+                      in use or the operation will fail. If unspecified, a port will
+                      be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+                    format: int32
+                    type: integer
+                  type:
+                    default: ClusterIP
+                    description: 'More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types'
+                    enum:
+                    - ClusterIP
+                    - NodePort
+                    - LoadBalancer
+                    type: string
+                type: object
               service:
                 description: Specification of the service that exposes the PostgreSQL
                   primary instance.
@@ -15291,7 +15323,7 @@ spec:
                           type: boolean
                         repoOptionsHash:
                           description: A hash of the required fields in the spec for
-                            defining an Azure, GCS or S3 repository, Utilizd to detect
+                            defining an Azure, GCS or S3 repository, Utilized to detect
                             changes to these fields and then execute pgBackRest stanza-create
                             commands accordingly.
                           type: string

installers/olm/Makefile

@@ -66,7 +66,7 @@ tools: ## Download tools needed to build bundles
 tools: tools/$(SYSTEM)/jq
 tools/$(SYSTEM)/jq:
 	install -d '$(dir $@)'
-	curl -fSL -o '$@' "https://github.com/stedolan/jq/releases/download/jq-1.6/jq-$$(SYSTEM='$(SYSTEM)'; \
+	curl -fSL -o '$@' "https://github.com/jqlang/jq/releases/download/jq-1.6/jq-$$(SYSTEM='$(SYSTEM)'; \
 		case "$$SYSTEM" in \
 			(linux-*) echo "$${SYSTEM/-amd/}";; (darwin-*) echo "$${SYSTEM/darwin/osx}";; (*) echo '$(SYSTEM)';; \
 		esac)"

installers/olm/README.md

@@ -55,7 +55,7 @@ Marketplace: https://github.com/redhat-openshift-ecosystem/redhat-marketplace-op
 
 We hit various issues with 5.1.0 where the 'replaces' name, set in the clusterserviceversion.yaml, didn't match the
 expected names found for all indexes. Previously, we set the 'com.redhat.openshift.versions' annotation to "v4.6-v4.9".
-The goal for this setting was to limit the upper bound of supported versions for a particulary PGO release.
+The goal for this setting was to limit the upper bound of supported versions for a particularly PGO release.
 The problem with this was, at the time of the 5.1.0 release, OCP 4.10 had been just been released. This meant that the
 5.0.5 bundle did not exist in the OCP 4.10 index. The solution presented by Red Hat was to use the 'skips' clause for
 the 5.1.0 release to remedy the immediate problem, but then go back to using an unbounded setting for subsequent

internal/bridge/client_test.go

@@ -304,7 +304,7 @@ func TestClientDoWithRetry(t *testing.T) {
 		assert.Assert(t, requests[1].Header.Get("Idempotency-Key") != prior,
 			"expected a new idempotency key")
 
-		// Requests are delayed according the the server's response.
+		// Requests are delayed according the server's response.
 		// TODO: Mock the clock for faster tests.
 		assert.Assert(t, times[0].Add(time.Second).Before(times[1]),
 			"expected the second request over 1sec after the first")

internal/config/config.go

@@ -65,7 +65,7 @@ func RegistrationRequiredBy(cluster *v1beta1.PostgresCluster) string {
 // Red Hat Marketplace requires operators to use environment variables be used
 // for any image other than the operator itself. Those variables must start with
 // "RELATED_IMAGE_" so that OSBS can transform their tag values into digests
-// for a "disconncted" OLM CSV.
+// for a "disconnected" OLM CSV.
 
 // - https://redhat-connect.gitbook.io/certified-operator-guide/troubleshooting-and-resources/offline-enabled-operators
 // - https://osbs.readthedocs.io/en/latest/users.html#pullspec-locations

internal/controller/pgupgrade/jobs.go

@@ -69,7 +69,7 @@ func upgradeCommand(upgrade *v1beta1.PGUpgrade, fetchKeyCommand string) []string
 		`echo "postgres:x:${gid%% *}:") > "${NSS_WRAPPER_GROUP}"`,
 
 		// Create a copy of the system user definitions, but remove the "postgres"
-		// user or any user with the currrent UID. Replace them with our own that
+		// user or any user with the current UID. Replace them with our own that
 		// has the current UID and GID.
 		`uid=$(id -u); NSS_WRAPPER_PASSWD=$(mktemp)`,
 		`(sed "/^postgres:x:/ d; /^[^:]*:x:${uid}:/ d" /etc/passwd`,
@@ -80,7 +80,7 @@ func upgradeCommand(upgrade *v1beta1.PGUpgrade, fetchKeyCommand string) []string
 		`export LD_PRELOAD='libnss_wrapper.so' NSS_WRAPPER_GROUP NSS_WRAPPER_PASSWD`,
 
 		// Below is the pg_upgrade script used to upgrade a PostgresCluster from
-		// one major verson to another. Additional information concerning the
+		// one major version to another. Additional information concerning the
 		// steps used and command flag specifics can be found in the documentation:
 		// - https://www.postgresql.org/docs/current/pgupgrade.html
 

internal/controller/postgrescluster/cluster.go

@@ -17,6 +17,7 @@ package postgrescluster
 
 import (
 	"context"
+	"fmt"
 	"io"
 
 	"github.com/pkg/errors"
@@ -199,33 +200,64 @@ func (r *Reconciler) generateClusterReplicaService(
 	service := &corev1.Service{ObjectMeta: naming.ClusterReplicaService(cluster)}
 	service.SetGroupVersionKind(corev1.SchemeGroupVersion.WithKind("Service"))
 
-	service.Annotations = naming.Merge(
-		cluster.Spec.Metadata.GetAnnotationsOrNil())
+	service.Annotations = cluster.Spec.Metadata.GetAnnotationsOrNil()
+	service.Labels = cluster.Spec.Metadata.GetLabelsOrNil()
+
+	if spec := cluster.Spec.ReplicaService; spec != nil {
+		service.Annotations = naming.Merge(service.Annotations,
+			spec.Metadata.GetAnnotationsOrNil())
+		service.Labels = naming.Merge(service.Labels,
+			spec.Metadata.GetLabelsOrNil())
+	}
+
+	// add our labels last so they aren't overwritten
 	service.Labels = naming.Merge(
-		cluster.Spec.Metadata.GetLabelsOrNil(),
+		service.Labels,
 		map[string]string{
 			naming.LabelCluster: cluster.Name,
 			naming.LabelRole:    naming.RoleReplica,
 		})
 
-	// Allocate an IP address and let Kubernetes manage the Endpoints by
-	// selecting Pods with the Patroni replica role.
-	// - https://docs.k8s.io/concepts/services-networking/service/#defining-a-service
-	service.Spec.Type = corev1.ServiceTypeClusterIP
-	service.Spec.Selector = map[string]string{
-		naming.LabelCluster: cluster.Name,
-		naming.LabelRole:    naming.RolePatroniReplica,
-	}
-
 	// The TargetPort must be the name (not the number) of the PostgreSQL
 	// ContainerPort. This name allows the port number to differ between Pods,
 	// which can happen during a rolling update.
-	service.Spec.Ports = []corev1.ServicePort{{
+	servicePort := corev1.ServicePort{
 		Name:       naming.PortPostgreSQL,
 		Port:       *cluster.Spec.Port,
 		Protocol:   corev1.ProtocolTCP,
 		TargetPort: intstr.FromString(naming.PortPostgreSQL),
-	}}
+	}
+
+	// Default to a service type of ClusterIP
+	service.Spec.Type = corev1.ServiceTypeClusterIP
+
+	// Check user provided spec for a specified type
+	if spec := cluster.Spec.ReplicaService; spec != nil {
+		service.Spec.Type = corev1.ServiceType(spec.Type)
+		if spec.NodePort != nil {
+			if service.Spec.Type == corev1.ServiceTypeClusterIP {
+				// The NodePort can only be set when the Service type is NodePort or
+				// LoadBalancer. However, due to a known issue prior to Kubernetes
+				// 1.20, we clear these errors during our apply. To preserve the
+				// appropriate behavior, we log an Event and return an error.
+				// TODO(tjmoore4): Once Validation Rules are available, this check
+				// and event could potentially be removed in favor of that validation
+				r.Recorder.Eventf(cluster, corev1.EventTypeWarning, "MisconfiguredClusterIP",
+					"NodePort cannot be set with type ClusterIP on Service %q", service.Name)
+				return nil, fmt.Errorf("NodePort cannot be set with type ClusterIP on Service %q", service.Name)
+			}
+			servicePort.NodePort = *spec.NodePort
+		}
+	}
+	service.Spec.Ports = []corev1.ServicePort{servicePort}
+
+	// Allocate an IP address and let Kubernetes manage the Endpoints by
+	// selecting Pods with the Patroni replica role.
+	// - https://docs.k8s.io/concepts/services-networking/service/#defining-a-service
+	service.Spec.Selector = map[string]string{
+		naming.LabelCluster: cluster.Name,
+		naming.LabelRole:    naming.RolePatroniReplica,
+	}
 
 	err := errors.WithStack(r.setControllerReference(cluster, service))
 

internal/controller/postgrescluster/cluster_test.go

@@ -732,11 +732,12 @@ func TestGenerateClusterReplicaServiceIntent(t *testing.T) {
 	service, err := reconciler.generateClusterReplicaService(cluster)
 	assert.NilError(t, err)
 
-	assert.Assert(t, marshalMatches(service.TypeMeta, `
+	alwaysExpect := func(t testing.TB, service *corev1.Service) {
+		assert.Assert(t, marshalMatches(service.TypeMeta, `
 apiVersion: v1
 kind: Service
-	`))
-	assert.Assert(t, marshalMatches(service.ObjectMeta, `
+		`))
+		assert.Assert(t, marshalMatches(service.ObjectMeta, `
 creationTimestamp: null
 labels:
   postgres-operator.crunchydata.com/cluster: pg2
@@ -750,7 +751,10 @@ ownerReferences:
   kind: PostgresCluster
   name: pg2
   uid: ""
-	`))
+		`))
+	}
+
+	alwaysExpect(t, service)
 	assert.Assert(t, marshalMatches(service.Spec, `
 ports:
 - name: postgres
@@ -763,6 +767,39 @@ selector:
 type: ClusterIP
 	`))
 
+	types := []struct {
+		Type   string
+		Expect func(testing.TB, *corev1.Service)
+	}{
+		{Type: "ClusterIP", Expect: func(t testing.TB, service *corev1.Service) {
+			assert.Equal(t, service.Spec.Type, corev1.ServiceTypeClusterIP)
+		}},
+		{Type: "NodePort", Expect: func(t testing.TB, service *corev1.Service) {
+			assert.Equal(t, service.Spec.Type, corev1.ServiceTypeNodePort)
+		}},
+		{Type: "LoadBalancer", Expect: func(t testing.TB, service *corev1.Service) {
+			assert.Equal(t, service.Spec.Type, corev1.ServiceTypeLoadBalancer)
+		}},
+	}
+
+	for _, test := range types {
+		t.Run(test.Type, func(t *testing.T) {
+			cluster := cluster.DeepCopy()
+			cluster.Spec.ReplicaService = &v1beta1.ServiceSpec{Type: test.Type}
+
+			service, err := reconciler.generateClusterReplicaService(cluster)
+			assert.NilError(t, err)
+			alwaysExpect(t, service)
+			test.Expect(t, service)
+			assert.Assert(t, marshalMatches(service.Spec.Ports, `
+- name: postgres
+  port: 9876
+  protocol: TCP
+  targetPort: postgres
+	`))
+		})
+	}
+
 	t.Run("AnnotationsLabels", func(t *testing.T) {
 		cluster := cluster.DeepCopy()
 		cluster.Spec.Metadata = &v1beta1.Metadata{

internal/controller/postgrescluster/controller_ref_manager_test.go

@@ -67,7 +67,7 @@ func TestManageControllerRefs(t *testing.T) {
 	t.Run("adopt Object", func(t *testing.T) {
 
 		obj := objBase.DeepCopy()
-		obj.Name = "adpot"
+		obj.Name = "adopt"
 		obj.Labels = map[string]string{naming.LabelCluster: clusterName}
 
 		if err := r.Client.Create(ctx, obj); err != nil {
@@ -155,7 +155,7 @@ func TestManageControllerRefs(t *testing.T) {
 
 		obj := objBase.DeepCopy()
 		obj.Name = "ignore-no-postgrescluster"
-		obj.Labels = map[string]string{naming.LabelCluster: "noexist"}
+		obj.Labels = map[string]string{naming.LabelCluster: "nonexistent"}
 
 		if err := r.Client.Create(ctx, obj); err != nil {
 			t.Error(err)

internal/controller/postgrescluster/helpers_test.go

@@ -210,14 +210,14 @@ func testCluster() *v1beta1.PostgresCluster {
 
 // setupManager creates the runtime manager used during controller testing
 func setupManager(t *testing.T, cfg *rest.Config,
-	contollerSetup func(mgr manager.Manager)) (context.Context, context.CancelFunc) {
+	controllerSetup func(mgr manager.Manager)) (context.Context, context.CancelFunc) {
 
 	mgr, err := runtime.CreateRuntimeManager("", cfg, true)
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	contollerSetup(mgr)
+	controllerSetup(mgr)
 
 	ctx, cancel := context.WithCancel(context.Background())
 	go func() {

internal/controller/postgrescluster/instance.md

@@ -69,7 +69,7 @@ instance name or set to blank ("")
 ### Logic Map
 
 With this, the grid below shows the expected replica count value, depending on
-the the values. Below, the letters represent the following:
+the values. Below, the letters represent the following:
 
 M = StartupInstance matches the instance name