Important
Potentially Breaking change: This release upgrades the database to PostgreSQL 15 and moves to using the sclorg image. Please read the release notes below carefully before upgrading. Please consider backing up by creating a GalaxyBackup prior to upgrading.
Major changes
Upgrading to PostgreSQL 15 and moving to sclorg images by @rooftopcellist in #80. Please see the PR for a full list of changes. Below are the main points.
- Use new v1.34.1 ansible-operator base image and operator_sdk.util 0.5.0 - commit
- The boolean for deleting the old Postgres PVC by default after Postgres upgrade is now fixed - commit
postgres_keep_pvc_after_upgrade: falsemeans the old PG13 PVC will be deleted after upgrade by default
- Add checksum for secrets and configmaps to deployments so containers - commit
- Set new postgres configuration secret if managed database. This means you no longer need to delete existing postgres_configuration secrets in the namespace before restoring - commit
- Add initContainer to initial Postgres data volume permissions if needed - commit
This initContainer is not needed for Openshift deployments. It is designed to make permissions changes needed when using the new sclorg postgresql image with k3s deployments that use hostMount style PVC's, as described here. If postgres_data_volume_init is true, an initContainer will run to set the permissions in the postgresql pvc.
This is aimed to easily solve the issue where some users may need to chmod or chown the postgres data volume for user 26, which is the user that is running postgres in the sclorg image.
For example, you can now set the follow on the AWX spec:
spec:
postgres_data_volume_init: true
postgres_init_container_commands: |
chown 26:0 /var/lib/pgsql/data
chmod 700 /var/lib/pgsql/data
Full Changelog: 2024.4.30...2024.5.1
Note about PostgreSQL PVC permissions
Most users will be able to upgrade without issue, but is a chance that some users may hit a permissions issue depending on the permissions of the underlying filesystem used for the PVC's.
If you use k3s with pre-created PVC's or longhorn, you may have an extra manual step to do upon upgrading if you see the following error in the postgres pod's logs upon upgrade.
$ kubectl -n galaxy logs statefulset/<deployment-name>-postgres-15
mkdir: cannot create directory '/var/lib/pgsql/data/userdata': Permission denied
Anywhere you see
<deployment-name>, replace it with your Galaxy instance's name (name of the Galaxy custom resource).
Follow these steps to remediate the issue by setting the postgres_data_volume_init parameter true and deleting the new postgres stateful set.
# Patch your Galaxy custom resource
kubectl -n galaxy patch galaxy <deployment-name> --type=merge -p '{"spec": {"postgres_data_volume_init": true}}'
# Delete the new postgres stateful set
kubectl -n galaxy delete statefulset <deployment-name>-postgres-15
This will add the postgres_data_volume_init: true parameter to your Galaxy custom resource, and trigger the operator to re-create the new postgres pod. Your PVC will be unaffected.