A charmed operator for running PGbouncer on kubernetes.

Overview

operator-template

Description

TODO: Describe your charm in a few paragraphs of Markdown

Usage

TODO: Provide high-level usage, such as required config or relations

Relations

TODO: Provide any relations which are provided or required by your charm

OCI Images

TODO: Include a link to the default image your charm uses

Contributing

Please see the Juju SDK docs for guidelines on enhancements to this charm following best practice guidelines, and CONTRIBUTING.md for developer guidance.

Comments
  • Removed unnecessary user management

    Removed unnecessary user management

    Proposal

    The user management previously implemented in this charm is unnecessary, and has been removed. This PR is separate from the rest of the k8s charm update work to make it easier to review.

    Context

    This code was written when I had a worse understanding of the intended purpose of this charm. Postgres/pgbouncer users shouldn't be managed directly by the pgbouncer charm user; instead, they should be derived from the postgres charm relation. Therefore, this code is unnecessary.

    The failing integration tests are due to the docker image not being available on github; a future PR will fix this.

    Release Notes

    • Removed the following user management actions, as well as their associated tests:
      • change_password
      • add_user
      • remove_user
      • get_users

    Testing

    • Removed irrelevant unit & integration tests. Remaining unit & integration tests still pass.
    • Manually tested build & deploy stage
    opened by WRFitch 2
  • Added Basic Charm

    Added Basic Charm

    • Added basic pgbouncer charm based on pgbouncer container.
      • Since this container hasn't been pushed anywhere, the integration tests are failing. These should run fine once this is rectified, but in the meantime they pass locally. To run them locally, there should be instructions in contributing.md.
    • Added unit tests, coverage is now at 97%
    • added basic config file management.
      • These files are necessary for pgbouncer to run, but especially in the case of pgbouncer.ini, they can get very complex. Generating these more complex files will be updated in future PRs.
      • More encryption options for userlist.txt will be added in a future PR.
    • added user management actions.
    • Added some small amount of docs.

    Apologies for the size of this PR; future ones should be smaller and more incremental, and shouldn't have a bunch of user management stuff grafted on.

    opened by WRFitch 2
  • Configure Renovate

    Configure Renovate

    Mend Renovate

    Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

    🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.


    Detected Package Files

    • .github/workflows/ci.yaml (github-actions)
    • .github/workflows/release.yaml (github-actions)
    • requirements.txt (pip_requirements)

    Configuration Summary

    Based on the default config's presets, Renovate will:

    • Start dependency updates only once this onboarding PR is merged
    • Enable Renovate Dependency Dashboard creation.
    • If Renovate detects semantic commits, it will use semantic commit type fix for dependencies and chore for all others.
    • Ignore node_modules, bower_components, vendor and various test/tests directories.
    • Autodetect whether to pin dependencies or maintain ranges.
    • Rate limit PR creation to a maximum of two per hour.
    • Limit to maximum 10 open PRs at any time.
    • Group known monorepo packages together.
    • Use curated list of recommended non-monorepo package groupings.
    • A collection of workarounds for known problems with packages.

    🔡 Would you like to change the way Renovate is upgrading your dependencies? Simply edit the renovate.json in this branch with your custom config and the list of Pull Requests in the "What to Expect" section below will be updated the next time Renovate runs.


    What to Expect

    With your current configuration, Renovate will create 4 Pull Requests:

    Pin dependency ops to ==1.5.2
    • Schedule: ["at any time"]
    • Branch name: renovate/pin-dependencies
    • Merge into: main
    • Pin ops to ==1.5.2
    Update dependency tenacity to v8.1.0
    • Schedule: ["at any time"]
    • Branch name: renovate/tenacity-8.x
    • Merge into: main
    • Upgrade tenacity to ==8.1.0
    Update actions/checkout action to v3
    • Schedule: ["at any time"]
    • Branch name: renovate/actions-checkout-3.x
    • Merge into: main
    • Upgrade actions/checkout to v3
    Update canonical/charming-actions action to v2
    • Schedule: ["at any time"]
    • Branch name: renovate/canonical-charming-actions-2.x
    • Merge into: main
    • Upgrade canonical/charming-actions to 2.0.0

    🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or spam the project. See docs for prhourlylimit for details.


    ❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section. If you need any further assistance then you can also request help here.


    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • transferring lib ownership to k8s charm

    transferring lib ownership to k8s charm

    Proposal

    The pgbouncer charm lib previously lived on the VM charm. Since I'm planning to use the k8s charm for development moving forward, porting implementation over to the VM charm once it's fully implemented, tested, and reviewed, it makes sense to keep the charm library on the k8s charm as well.

    Context

    • I'm planning to use the k8s charm for development because it builds and deploys faster, making testing and development faster.
    • All this code has already been reviewed on the VM charm, I'm just changing the names of things and copying unit tests over.

    Release Notes

    • Rename pgb lib and copy unit tests over from VM charm.

    Testing

    • Unit and integration tests have run
    opened by WRFitch 1
  • Persist userlist and PGB config on controller restart

    Persist userlist and PGB config on controller restart

    Proposal

    When we restart the k8s controller on which a PGB operator runs, we lose our containers and therefore our config. This PR checks the peer databag for config files if they aren't available in the filesystem.

    Context

    • We can't keep logs because they aren't stored anywhere, and if they were, they should probably live in COS.

    Release Notes

    • Check peer databag for config files if they aren't available in filesystem.

    Testing

    • Added an integration test that restarts the juju controller pod.
    opened by WRFitch 0
  • DPE-781 Run integration tests for passed lint/unit tests only

    DPE-781 Run integration tests for passed lint/unit tests only

    Avoid a long-running integration test in case of failing gatekeeping tests. It will slightly increase the complete tests scope runtime but will save (a lot?) of electricity/money for Canonical as often new pull requests have some initial typos/issues to be polished.

    Proposal

    DPE-781 Run integration tests for passed lint/unit tests only

    Context

    Costs optimizations for long tests execution (c) John.

    Release Notes

    Run integration tests for passed lint/unit tests only.

    Testing

    Tested by GitHub action only.

    opened by taurus-forever 0
  • Add TLS encryption between PgBouncer and PostgreSQL

    Add TLS encryption between PgBouncer and PostgreSQL

    Proposal

    Jira issue: DPE-560 PgBouncer must use encrypted connections when PostgreSQL has TLS enabled.

    Context

    • This is the same implementation that was made on https://github.com/canonical/pgbouncer-operator/pull/22.

    • The difference is that the logs are retrieved using /charm/bin/pebble logs -n=all instead of journalctl -u patroni.service on tests/integration/relations/test_backend_database.py.

    • Also, some typing errors were fixed, similarly to https://github.com/canonical/pgbouncer-operator/pull/25.

    Release Notes

    • Enable TLS encrypted connection between PgBouncer and PostgreSQL.

    Testing

    • tests/integration/relations/test_backend_database.py contains an additional integration test that checks that TLS is being used.
    opened by marceloneppel 0
  • Add client relation

    Add client relation

    Proposal

    Add new client relations

    Context

    • This PR is huge, but ~1100 lines of it is libs, lib updates, and the integration test charm. You can skip the following files:
      • everything under lib/
      • tests/integration/relations/pgbouncer_provider/application-charm/lib/charms/data_platform_libs/v0/database_requires.py
    • Read pgbouncer_provider.py before reviewing other charm code - the changes added in this file are the reason for the changes in the other files, so reading it first should provide context for the other changes.
    • The following PRs implement the same logic in the VM charm, broken into more manageable chunks:
      • https://github.com/canonical/pgbouncer-operator/pull/32
      • https://github.com/canonical/pgbouncer-operator/pull/33
      • https://github.com/canonical/pgbouncer-operator/pull/34

    Release Notes

    • Add new fully tested client relation
    • Update CI
    • Update docs
    • Fix leader-deletion bug
    • Better backend health checks
    • General stabilisation work, including updating connection info on pretty much every hook event.
    • Brought k8s charm more in line with VM charm design.

    Testing

    • Updated CI
    • Added relevant integration tests & unit tests
      • This includes testing new relation and legacy relation simultaneously
    opened by WRFitch 0
  • Fix endpoints to point to correct units when scaling

    Fix endpoints to point to correct units when scaling

    Proposal

    Fixes endpoints to point to the correct units when scaling.

    Context

    I forgot to update how master/standby endpoints are updated when adding scaling. This PR adds that in.

    Testing

    Updated unit tests, integration tests all pass fine.

    opened by WRFitch 0
  • Scaling

    Scaling

    Proposal

    Jira issue: DPE-472 This PR allows PgBouncer to scale to multiple units.

    Context

    • We're storing everything in the peer databag for now, including usernames and passwords for the db relations. These will be removed to Juju secrets once they exist.
    • The config is stored as an ini file in the databag, rather than a json file, because it's an existing string representation of the data and it's more readable (although there's a bug in jhack that doesn't display the headers)

    Release Notes

    • added pgb_peers relation and corresponding integration test run
    • updated integration test runners to use juju version 2.9.29 to work around scale-down bug.
    • added juju get_secret interface

    Testing

    • updated unit tests
    • updated the existing db integration test to work with scaled pgbouncer
      • db-admin test has not been updated because discourse behaves weirdly
    opened by WRFitch 0
  • Implemented on-start hook

    Implemented on-start hook

    Proposal

    The install hook isn't well suited for kubernetes charms, so replace it with start.

    Release Notes

    • replace on-install with on-start
    • moved integration test helper functions to integration directory.

    Testing

    • Integration and unit tests run locally and on CI
    opened by WRFitch 0
  • Pin OS on release workflow

    Pin OS on release workflow

    Issue

    As the ubuntu-latest GH runner image (it's still being updated on other places) was updated to jammy, the step that publishes the charm broke (due to using --destructive-mode).

    We can see the issue on https://github.com/canonical/pgbouncer-k8s-operator/actions/runs/3687788578/jobs/6255386375.

    Solution

    Pin focal runner image (ubuntu-20.04) on release workflow.

    Context

    The bases on charmcraft.yaml weren't updated to jammy as there are some issues related to some python wheels that should be solved when the work to move the charm to jammy is done.

    Testing

    Tested sudo charmcraft pack --destructive-mode --quiet manually on a focal VM.

    Release Notes

    Pin focal runner image on release workflow.

    opened by marceloneppel 0
Releases(rev9)
  • rev9(Dec 1, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 15:38 UTC on 1 Dec 2022

    What's Changed

    • Persist userlist and PGB config on controller restart by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/24

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/compare/rev8...rev9

    Source code(tar.gz)
    Source code(zip)
  • rev8(Nov 22, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 10:48 UTC on 22 Nov 2022

    What's Changed

    • DPE-781 Run integration tests for passed lint/unit tests only by @taurus-forever in https://github.com/canonical/pgbouncer-k8s-operator/pull/22
    • Add group to pebble layer. by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/25

    New Contributors

    • @taurus-forever made their first contribution in https://github.com/canonical/pgbouncer-k8s-operator/pull/22

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/compare/rev7...rev8

    Source code(tar.gz)
    Source code(zip)
  • rev7(Oct 6, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 12:36 UTC on 6 Oct 2022

    What's Changed

    • Add TLS encryption between PgBouncer and PostgreSQL by @marceloneppel in https://github.com/canonical/pgbouncer-k8s-operator/pull/20

    New Contributors

    • @marceloneppel made their first contribution in https://github.com/canonical/pgbouncer-k8s-operator/pull/20

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/compare/rev6...rev7

    Source code(tar.gz)
    Source code(zip)
  • rev6(Sep 27, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 16:44 UTC on 27 Sep 2022

    What's Changed

    • Fix endpoints to point to correct units when scaling by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/18

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/compare/rev5...rev6

    Source code(tar.gz)
    Source code(zip)
  • rev5(Sep 7, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 14:55 UTC on 7 Sep 2022

    What's Changed

    • Scaling by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/16
    • fixed release CI to use correct juju version by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/17

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/compare/rev4...rev5

    Source code(tar.gz)
    Source code(zip)
  • rev4(Aug 22, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 14:15 UTC on 22 Aug 2022

    What's Changed

    • Implemented on-start hook by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/15

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/compare/rev3...rev4

    Source code(tar.gz)
    Source code(zip)
  • rev3(Aug 18, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 10:10 UTC on 18 Aug 2022

    What's Changed

    • Remove userlist by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/12

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/compare/rev2...rev3

    Source code(tar.gz)
    Source code(zip)
  • rev2(Aug 15, 2022)

    resources:

    Static resources:

    • pgbouncer-image resource-revision: 2 Released to 'latest/edge' at 17:55 UTC on 15 Aug 2022

    What's Changed

    • Added Basic Charm by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/1
    • DPE-108 Add PR template by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/2
    • Removed unnecessary user management by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/4
    • DPE-213 add build step to CI by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/3
    • DPE-102 Add Charm Library by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/5
    • Add backend-db-admin legacy relation by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/6
    • Update backend db admin relation by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/7
    • Added integration tests to backend relation by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/9
    • Add db relations by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/10
    • transferring lib ownership to k8s charm by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/11
    • add release to charmhub by @paulomach in https://github.com/canonical/pgbouncer-k8s-operator/pull/8
    • image override to pin uploaded revision by @paulomach in https://github.com/canonical/pgbouncer-k8s-operator/pull/13
    • Add lib to charmhub by @WRFitch in https://github.com/canonical/pgbouncer-k8s-operator/pull/14

    New Contributors

    • @WRFitch made their first contribution in https://github.com/canonical/pgbouncer-k8s-operator/pull/1
    • @paulomach made their first contribution in https://github.com/canonical/pgbouncer-k8s-operator/pull/8

    Full Changelog: https://github.com/canonical/pgbouncer-k8s-operator/commits/rev2

    Source code(tar.gz)
    Source code(zip)
Owner
Canonical
Canonical
MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations.

MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations. MagTape includes variable policy enforcement, notifications, and targeted metrics.

T-Mobile 143 Dec 27, 2022
Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App

Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App This example provisions a Google Kubernetes Engine

Pas Apicella 2 Feb 9, 2022
Coding For Entrepreneurs 100 Jan 1, 2023
Helperpod - A CLI tool to run a Kubernetes utility pod with pre-installed tools that can be used for debugging/testing purposes inside a Kubernetes cluster

Helperpod is a CLI tool to run a Kubernetes utility pod with pre-installed tools that can be used for debugging/testing purposes inside a Kubernetes cluster.

Atakan Tatlı 2 Feb 5, 2022
Kube kombu - Running kombu consumers with support of liveness probe for kubernetes

Setup and Running Kombu consumers Steps: Install python 3.9 or greater on your s

Anmol Porwal 5 Dec 10, 2022
This repository contains code examples and documentation for learning how applications can be developed with Kubernetes

BigBitBus KAT Components Click on the diagram to enlarge, or follow this link for detailed documentation Introduction Welcome to the BigBitBus Kuberne

null 51 Oct 16, 2022
A Blazing fast Security Auditing tool for Kubernetes

A Blazing fast Security Auditing tool for kubernetes!! Basic Overview Kubestriker performs numerous in depth checks on kubernetes infra to identify th

Vasant Chinnipilli 934 Jan 4, 2023
Official Python client library for kubernetes

Kubernetes Python Client Python client for the kubernetes API. Installation From source: git clone --recursive https://github.com/kubernetes-client/py

Kubernetes Clients 5.4k Jan 2, 2023
A Simple script to hunt unused Kubernetes resources.

K8SPurger A Simple script to hunt unused Kubernetes resources. Release History Release 0.3 Added Ingress Added Services Account Adding RoleBindding Re

Yogesh Kunjir 202 Nov 19, 2022
Run Oracle on Kubernetes with El Carro

El Carro is a new project that offers a way to run Oracle databases in Kubernetes as a portable, open source, community driven, no vendor lock-in container orchestration system. El Carro provides a powerful declarative API for comprehensive and consistent configuration and deployment as well as for real-time operations and monitoring.

Google Cloud Platform 205 Dec 30, 2022
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

Arie Bregman 35.1k Jan 2, 2023
Chartreuse: Automated Alembic migrations within kubernetes

Chartreuse: Automated Alembic SQL schema migrations within kubernetes "How to automate management of Alembic database schema migration at scale using

Wiremind 8 Oct 25, 2022
sysctl/sysfs settings on a fly for Kubernetes Cluster. No restarts are required for clusters and nodes.

SysBindings Daemon Little toolkit for control the sysctl/sysfs bindings on Kubernetes Cluster on the fly and without unnecessary restarts of cluster o

Wallarm 19 May 6, 2022
Caboto, the Kubernetes semantic analysis tool

Caboto Caboto, the Kubernetes semantic analysis toolkit. It contains a lightweight Python library for semantic analysis of plain Kubernetes manifests

Michael Schilonka 8 Nov 26, 2022
Hubble - Network, Service & Security Observability for Kubernetes using eBPF

Network, Service & Security Observability for Kubernetes What is Hubble? Getting Started Features Service Dependency Graph Metrics & Monitoring Flow V

Cilium 2.4k Jan 4, 2023
Rancher Kubernetes API compatible with RKE, RKE2 and maybe others?

kctl Rancher Kubernetes API compatible with RKE, RKE2 and maybe others? Documentation is WIP. Quickstart pip install --upgrade kctl Usage from lazycls

null 1 Dec 2, 2021
Quick & dirty controller to schedule Kubernetes Jobs later (once)

K8s Jobber Operator Quickly implemented Kubernetes controller to enable scheduling of Jobs at a later time. Usage: To schedule a Job later, Set .spec.

Jukka Väisänen 2 Feb 11, 2022
Copy a Kubernetes pod and run commands in its environment

copypod Utility for copying a running Kubernetes pod so you can run commands in a copy of its environment, without worrying about it the pod potential

Memrise 4 Apr 8, 2022
Autoscaling volumes for Kubernetes (with the help of Prometheus)

Kubernetes Volume Autoscaler (with Prometheus) This repository contains a service that automatically increases the size of a Persistent Volume Claim i

DevOps Nirvana 142 Dec 28, 2022