Instance Pod Configuration
CloudNativePG supports to mount custom files inside the Postgres pods through
.spec.projectedVolumeTemplate, this is useful for several Postgres features and extensions
that require additional data files. In CloudNativePG,
.spec.projectedVolumeTemplate field is a
projected volume template in kubernetes,
which allows user to mount arbitrary data under
/projected folder in Postgres pods.
Here is a simple example about how to mount an existing tls Secret (named sample-secret) as files
into Postgres pods. The values for the Secret keys
tls.key in sample-secret will be mounted
as files into path
/projected/certificate/tls.key in Postgres pod.
apiVersion: postgresql.cnpg.io/v1 kind: Cluster metadata: name: cluster-example-projected-volumes spec: instances: 3 projectedVolumeTemplate: sources: - secret: name: sample-secret items: - key: tls.crt path: certificate/tls.crt - key: tls.key path: certificate/tls.key storage: size: 1Gi
You can find a complete example using projected volume template to mount Secret and Configmap in the cluster-example-projected-volume.yaml deployment manifest.
Some system behavior can be customized using environment variables. One example is
LDAPCONF variable, which may point to a custom LDAP configuration file. Another
example is the
TZ environment variable, which represents the timezone used by the
CloudNativePG allows the user to set custom environment variables via the
envFrom stanza of the cluster specification.
The following is a definition of a PostgreSQL cluster using the
timezone as the default cluster-level timezone:
apiVersion: postgresql.cnpg.io/v1 kind: Cluster metadata: name: cluster-example spec: instances: 3 env: - name: TZ value: Australia/Sydney storage: size: 1Gi
envFrom stanza can refer to ConfigMaps or Secrets to use their content
as environment variables:
apiVersion: postgresql.cnpg.io/v1 kind: Cluster metadata: name: cluster-example spec: instances: 3 envFrom: - configMapRef: name: config-map-name - secretRef: name: secret-name storage: size: 1Gi
The operator doesn't allow setting the following environment variables:
- any environment variable whose name starts with
Any change in the
env or in the
envFrom section will trigger a rolling
update of the PostgreSQL Pods.
env or the
envFrom section refers to a Secret or a ConfigMap, the
operator will not detect any changes in them and will not trigger a rollout.
The Kubelet use the same behavior with Pods, and the user is supposed to
trigger the Pod rollout manually.