A Custom Resource Definition for provisioning AWS RDS databases.
State: BETA - use with caution
The node running the pod should have an instance profile that allows creation and deletion of RDS databases and Subnets.
The codes will search for the first node, and take the subnets from that node. And depending on wether or not your DB should be public, then filter them on that. If any subnets left it will attach the DB to that.
go build
You can start the the controller by applying kubectl apply -f deploy/deployment.yaml
To create ClusterRole and bindings, apply the following instead:
kubectl apply -f deploy/operator-cluster-role.yaml
kubectl apply -f deploy/operator-service-account.yaml
kubectl apply -f deploy/operator-cluster-role-binding.yaml
kubectl apply -f deploy/deployment-rbac.yamlWhen the controller is running in the cluster you can deploy/create a new database by running kubectl apply on the following
file.
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
mykey: cGFzc3dvcmRvcnNvbWV0aGluZw==
---
apiVersion: k8s.io/v1
kind: Database
metadata:
name: pgsql
namespace: default
spec:
class: db.t2.medium # type of the db instance
engine: postgres # what engine to use postgres, mysql, aurora-postgresql etc.
dbname: pgsql # name of the initial created database
name: pgsql # name of the database at the provider
password: # link to database secret
key: mykey # the key in the secret
name: mysecret # the name of the secret
username: postgres # Database username
size: 10 # size in BG
backupretentionperiod: 10 # days to keep backup, 0 means diable
parametergroup: default.postgres10
encrypted: true # should the database be encrypted
iops: 1000 # number of iops
multiaz: true # multi AZ support
storagetype: gp2 # type of the underlying storageNote that backupretentionperiod may be:
- 0: backup are disabled
- unspecified: default value (1) is used
See AWS reference documentation for details.
After the deploy is done you should be able to see your database via kubectl get databases
NAME AGE
test-pgsql 11hIf you use the dbsnapshotidentifier spec, it will create the database instance from the specified snapshot.
In this case, note that:
usernamecannot be changed from snapshot original username and is not taken in accountencryptedcannot be changed from snapshot orignial encryption and is not taken in accountpasswordmay be empty (or unspecified): it will keep the password from snapshotsizemay be 0 (or unspecified): it will keep the original size from snapshotbackupretentionperiodmay be unspecified: it will keep the original retention period from snapshot
Any of following options need to be applied once database instance has been restored if specified:
passwordsizebackupretentionperiod
By default, subnets are detected automatically from cluster and a dedicated Database Subnet group is created and deleted by the operator.
You can override this by:
- specifying a list of VPC subnets (at least 2)
spec:
subnets:
- subnet-0a378a72330fea864
- subnet-0c4fb739e201fc2a3
- subnet-0739bd9fa24055c4bA dedicated Database Subnet group is still created / deleted by the operator.
- specifying directly a Database Subnet group that you manage (the operator will not try to create or delete it):
spec:
subnetgroup: rds-subnet-groupSecurity group ids are also detected automatically and you can override with the following spec:
spec:
securitygroups:
- sg-13cbg6c2And on the AWS RDS page
-
Basic RDS support
-
Basic RDS support (Restore from snapshot)
-
Cluster support
-
Google Cloud SQL for PostgreSQL support
-
Local PostgreSQL support