Postgres Operator v1.6.0

Like last Christmas, Zalando's Postgres as a Service team is closing the year 2020 with a new release of the Postgres Operator for Kubernetes. Is this a tradition now? Lets see what we have for 'ya.

Postgres 13 and in-place major version upgrade

This release includes support for the newest major version of PostgreSQL - Spilo 13 with Patroni 2.0 . With this new release and the new Spilo image we trial easy in place upgrade, currently manual execution. The upgrade has become a lot easier now. It can be initiated via changing the version number in the PostgreSQL cluster manifest and requires manually running an upgrade script on the master instance after pods are rotated. Not fully automatic yet, but still a lot faster than cloning existing clusters.

K8s-native volume resize via PVCs

So far, online volume resize (without failover) was only supported on AWS and required privileged containers to update the file system. With the new storage_resize_mode option, users can choose to update only the PersistentVolumeClaims and let Kubernetes handle the resize propagation to volumes. This is the new default and you can disable the spilo_privileged option if you still use it.

Delete protection for Postgres clusters

To avoid easy deletes of Postgres manifests which can have a big impact despite easy but timely restore from e.g. AWS S3 you can now enable delete protection. This safeguards you from unintentional deletions of the manifests. The delete is only executed if the manifest is marked for delete via annotations. Ideally you supplement this on K8s admission controller level.

Connection pooler for replicas

The connection pooler can now be enabled via the Postgres manifest for replica and master services alike, so that you can also easily scale your read workload to larger application connection counts.

More features and improvements

Many more improvements have been made since the last release in May. We are still very happy to see a lot of contributions coming from our developer and Postgres community. Among others it brought us:

• Full-spec NodeAffinity support
• Configurable ExternalTrafficPolicy for service
• Choosing alternative schedulers
• Pod environment variables sourced from secrets
• Ability to ship WAL files (wal-e) and logical backups to GCS
• scram-sha-256 hash support for password encryption

Furthermore, our team provided the following additions:

• Allow annotations to be inherited from the manifest to all major child resources
• Setting search_path for default roles of databases in the manifest
• Separate teams CRD to manage additional cluster members

Have a closer look on our detailed changelog and the docs. There are a few breaking changes to allow major version upgrades that will e.g. change your WAL backup path.

Enjoy this new release. We are happy for your feedback and further contribution!

Stay healthy!