This commit adds support for the DefaultAzureCredential authentication
mechanism in Azure Blob Storage. Users can now use the
`useDefaultAzureCredentials` option to enable Azure's default credential
chain, which automatically discovers and uses available credentials in
the following order
1. Environment Variables (Service Principal)
2. Managed Identity
3. Azure CLI
4. Azure PowerShell
This is particularly useful when running on Azure Kubernetes Service
(AKS) with Workload Identity, eliminating the need to explicitly store
credentials in Kubernetes Secrets.
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Logging the full environment of the plugin container can potentially
result in an unnecessarily long log line, but perhaps more importantly
the credentials are visible as well.
Signed-off-by: Andreas Mårtensson <andreas.martensson@svt.se>
Enable the LeaderElectionReleaseOnCancel option in the controller
manager to fix a deadlock issue during RollingUpdate deployments with
leader election enabled.
Without this setting, the old pod holds the leader lease during
shutdown, preventing the new pod from becoming ready. This creates a
deadlock where Kubernetes won't terminate the old pod because the new
pod isn't ready, and the new pod can't become ready because it can't
acquire the lease.
With LeaderElectionReleaseOnCancel enabled, the old pod voluntarily
releases the lease when it receives a shutdown signal, allowing the new
pod to acquire leadership immediately and become ready, enabling smooth
rolling updates.
Closes#419
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
When the end of the WAL stream is reached, the parallel WAL restore
feature attempts to predict the names of subsequent WAL files to restore
and records the first missing WAL file.
On high-availability (HA) replicas, if PostgreSQL requests the first
missing WAL file, the code returns an error status that prompts
PostgreSQL to switch to streaming replication.
Currently, the code assumes a `wal_segment_size` of 16MB for predicting
the next WAL file names. If the configured WAL segment size exceeds
16MB, it may request non-existent WAL files. For instance, with 16MB
segments, the names would range from `000000010000000100000000` to
`0000000100000001000000FF` before moving to the next segment. For 1GB
segments, they would range from `000000010000000100000000` to
`000000010000000100000003`.
With the assumption of a 16MB segment size, the code will not find the
WALs from `000000010000000100000004` to `0000000100000001000000FF`.
While this assumption does not affect HA replicas - which can shift to
streaming mode - it's problematic for a PostgreSQL instance seeking
consistency after a restore, as the restore process will fail.
This patch disables end-of-wal file marker management during
replication, addressing restore issues for backups that were:
1. using a custom WAL file segment size
2. utilizing parallel WAL recovery
3. initiated on one WAL segment and concluded on a different one
Fixes: #603
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
The plugin now returns a 404 status code when a requested WAL file does
not exist in the object store.
This prevents misleading log entries such as "Error while handling gRPC
request" for expected missing-file scenarios.
The `ErrEndOfWALStreamReached` now returns `OutOfRange` error.
The `ErrMissingPermissions` now returns `FailedPrecondition` error.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
This commit adds a new `logLevel` field to the plugin configuration,
allowing users to select the desired log verbosity for the instances
(e.g. error, warning, info, debug, trace).
Closes#514
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Introduce the `additionalContainerArgs` field in the `ObjectStore` resource.
It allows specifying an optional list of command-line arguments appended to
the Barman Cloud sidecar container at startup.
Closes#501
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
* make sure objects expire after DefaultTTLSeconds
* make cached objects have GKV information
* fix cache retrieval and removal logic
Closes#502
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Add the required missing permission to operate in k8s
environments where the Admission Controller
Plugin "OwnerReferencesPermissionEnforcement"
is enabled.
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Introduce two new Prometheus metrics sourced from the Barman Cloud plugin:
- `barman_cloud_cloudnative_pg_io_first_recoverability_point`
- `barman_cloud_cloudnative_pg_io_last_available_backup_timestamp`
These metrics supersede the following deprecated CNPG metrics:
- `cnpg_collector_first_recoverability_point`
- `cnpg_collector_last_available_backup_timestamp`
Depends on: https://github.com/cloudnative-pg/cloudnative-pg/pull/8033
Relates to: #380
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
In the in-tree barman-cloud implementation, the check for an empty WAL
archive is performed both immediately after the restore process and when the
first WAL file is archived.
Previously, the plugin-based implementation only performed this check after
restore, skipping it during archiving of the first WAL. This patch restores
parity with the in-tree behavior by ensuring the check is also performed
during WAL archiving.
Closes: #457
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
There was mistake on the object used to compare the ObjectStore, we were
using a type Secret instead of ObjectStore.
Also, make it more clear the logic to retrieve the cached objects by getting
the cached objects when are cached.
Signed-off-by: Jonathan Gonzalez V. <jonathan.gonzalez@enterprisedb.com>
When referring to the same ObjectStore with custom TLS certificates
multiple times, the plugin was adding the same volume projection two
times. This lead to a wrong Job definition.
This patch makes the plugin add a sidecar to replica cluster Pods that
are using the plugin to get WALs, even if the plugin itself is not used
for WAL archiving.
Closes: #329
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Fix the release-please configuration to update the version defined in
the code.
Closes#226
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
This patch allows the plugin trigger a rolling deployment on existing
clusters, enabling seamless migration between the in-tree barman cloud
support and the plugin.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Upgrade Barman to 3.13.0 and adjust the argument order in
`barman-cloud-restore` to work around the regression described in
cloudnative-pg/cloudnative-pg#6932.
Closes#208
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
This commit makes the Barman cloud plugin support the enforcement of
retention policy as provided by the barman-cloud tool suite.
The first recoverability point and the last successful backup are
shown in the status of the ObjectStore resource for each involved
server name.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
This patch enables the barman-cloud plugin to function with an operator
that is structurally identical to CNPG but works with a different API group.
It achieves this through lenient decoding of the provided CNPG resources
and injecting the detected GVK into the sidecar, enabling it to correctly
encode and decode the Kubernetes resources.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
This patch enables the use of custom CA certificates when connecting
to the object store in the barman-cloud plugin. The certificates are
injected into the sidecar via a projected volume and used by the
barman-cloud tool suite.
If the barman object name or the key name changes, users must trigger
a Pod rollout to apply the new values.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
