This section describes the steps for a basic installation of an instance of PostgreSQL (a Deployment with persistent volumes) along with a Kanister Blueprint and a Profile via a Kanister-enabled Helm chart. In particular, this chart uses WAL-E for continuous archiving of PostgreSQL WAL files and base backups.
$ helm repo add kanister https://charts.kanister.io/
Then install the sample PostgreSQL application in its own namespace.
# Install Kanister-enabled PostgreSQL $ helm install kanister/kanister-postgresql -n postgresql \ --namespace postgresql-test \ --set profile.create='true' \ --set profile.profileName='postgres-test-profile' \ --set profile.location.type='s3Compliant' \ --set profile.location.bucket='kanister-bucket' \ --set profile.location.endpoint='https://my-custom-s3-provider:9000' \ --set profile.aws.accessKey='AKIAIOSFODNN7EXAMPLE' \ --set profile.aws.secretKey='wJalrXUtnFEMI%K7MDENG%bPxRfiCYEXAMPLEKEY' \ --set kanister.controller_namespace="kanister"
The settings in the command above represent the minimum recommended set for your installation.
This chart is still in alpha and has known limitations including:
- Fetching logs and applying them has a timeout value of 10 hours. If all logs haven't been fetched and applied in that time frame, it is possible for the database to restart with only a partial restore.
- More hardening and error-checking is being implemented
The command will also configure a location where artifacts resulting
from Kanister data operations such as backup should go. This is stored as a
profiles.cr.kanister.io CustomResource (CR) which is then referenced in
Kanister ActionSets. Every ActionSet requires a Profile reference whether one
created as part of the application install or not. Support for creating a
Profile as part of install is simply for convenience. This CR can be shared
between Kanister-enabled application instances so one option is to only
create as part of the first instance.
Prior to creating the Profile CR, you will need to do the following:
- Create a bucket for artifacts on your S3 store. This will be your
location.bucketparameter to the command.
aws.secretKeycredentials for an account with access to the bucket that you will use.
- Configure the permissions on the bucket to allow the account to list, put, get, and delete.
- Make sure that your retention policy allows deletions so that artifacts can be reclaimed based on your intended data backup retention.
location.endpoint parameter is only required if you are using an
S3-compatible provider different from AWS.
If you are using an on-premises s3 provider, the endpoint specified needs be accessible from within your Kubernetes cluster.
If, in your environment, the endpoint has a self-signed SSL certificate,
--set verifySSL=false in the above command to disable SSL
verification for the S3 operations in the blueprint.
If not creating a Profile CR, it is possible to use an even simpler command.
# Install Kanister-enabled PostgreSQL $ helm install kanister/kanister-postgresql -n postgresql \ --namespace postgresql-test
The above command will attempt to use dynamic storage provisioning
based on the the default storage class for your cluster. You will to need to
designate a default storage class
or, use a specific storage class by providing a value with the
--set persistence.storageClass option.