Skip to content

[docs] Update managed apps reference for v1.3 #523

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
github-actions wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[docs] Update managed apps reference for v1.3 #523

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion content/en/docs/v1.3/applications/clickhouse.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ aliases:
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/clickhouse.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/clickhouse/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/clickhouse/README.md
-->


Expand Down
2 changes: 1 addition & 1 deletion content/en/docs/v1.3/applications/foundationdb.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ weight: 50
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/foundationdb.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/foundationdb/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/foundationdb/README.md
-->


Expand Down
2 changes: 1 addition & 1 deletion content/en/docs/v1.3/applications/harbor.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ weight: 50
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/harbor.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/harbor/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/harbor/README.md
-->


Expand Down
42 changes: 21 additions & 21 deletions content/en/docs/v1.3/applications/kafka.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ aliases:
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/kafka.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/kafka/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/kafka/README.md
-->


Expand All @@ -36,30 +36,30 @@ source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/kafka/R

### Kafka configuration

| Name | Description | Type | Value |
| ------------------------ | -------------------------------------------------------------------------------------------------------- | ---------- | ------- |
| `kafka` | Kafka configuration. | `object` | `{}` |
| `kafka.replicas` | Number of Kafka replicas. | `int` | `3` |
| `kafka.resources` | Explicit CPU and memory configuration. When omitted, the preset defined in `resourcesPreset` is applied. | `object` | `{}` |
| `kafka.resources.cpu` | CPU available to each replica. | `quantity` | `""` |
| `kafka.resources.memory` | Memory (RAM) available to each replica. | `quantity` | `""` |
| `kafka.resourcesPreset` | Default sizing preset used when `resources` is omitted. | `string` | `small` |
| `kafka.size` | Persistent Volume size for Kafka. | `quantity` | `10Gi` |
| `kafka.storageClass` | StorageClass used to store the Kafka data. | `string` | `""` |
| Name | Description | Type | Value |
| ------------------------ | -------------------------------------------------------------------------------------------------------- | ---------- | -------- |
| `kafka` | Kafka configuration. | `object` | `{}` |
| `kafka.replicas` | Number of Kafka replicas. | `int` | `3` |
| `kafka.resources` | Explicit CPU and memory configuration. When omitted, the preset defined in `resourcesPreset` is applied. | `object` | `{}` |
| `kafka.resources.cpu` | CPU available to each replica. | `quantity` | `""` |
| `kafka.resources.memory` | Memory (RAM) available to each replica. | `quantity` | `""` |
| `kafka.resourcesPreset` | Default sizing preset used when `resources` is omitted. | `string` | `medium` |
| `kafka.size` | Persistent Volume size for Kafka. | `quantity` | `10Gi` |
| `kafka.storageClass` | StorageClass used to store the Kafka data. | `string` | `""` |


### ZooKeeper configuration

| Name | Description | Type | Value |
| ---------------------------- | -------------------------------------------------------------------------------------------------------- | ---------- | ------- |
| `zookeeper` | ZooKeeper configuration. | `object` | `{}` |
| `zookeeper.replicas` | Number of ZooKeeper replicas. | `int` | `3` |
| `zookeeper.resources` | Explicit CPU and memory configuration. When omitted, the preset defined in `resourcesPreset` is applied. | `object` | `{}` |
| `zookeeper.resources.cpu` | CPU available to each replica. | `quantity` | `""` |
| `zookeeper.resources.memory` | Memory (RAM) available to each replica. | `quantity` | `""` |
| `zookeeper.resourcesPreset` | Default sizing preset used when `resources` is omitted. | `string` | `small` |
| `zookeeper.size` | Persistent Volume size for ZooKeeper. | `quantity` | `5Gi` |
| `zookeeper.storageClass` | StorageClass used to store the ZooKeeper data. | `string` | `""` |
| Name | Description | Type | Value |
| ---------------------------- | -------------------------------------------------------------------------------------------------------- | ---------- | -------- |
| `zookeeper` | ZooKeeper configuration. | `object` | `{}` |
| `zookeeper.replicas` | Number of ZooKeeper replicas. | `int` | `3` |
| `zookeeper.resources` | Explicit CPU and memory configuration. When omitted, the preset defined in `resourcesPreset` is applied. | `object` | `{}` |
| `zookeeper.resources.cpu` | CPU available to each replica. | `quantity` | `""` |
| `zookeeper.resources.memory` | Memory (RAM) available to each replica. | `quantity` | `""` |
| `zookeeper.resourcesPreset` | Default sizing preset used when `resources` is omitted. | `string` | `medium` |
| `zookeeper.size` | Persistent Volume size for ZooKeeper. | `quantity` | `5Gi` |
| `zookeeper.storageClass` | StorageClass used to store the ZooKeeper data. | `string` | `""` |


## Parameter examples and reference
Expand Down
2 changes: 1 addition & 1 deletion content/en/docs/v1.3/applications/mariadb.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ aliases:
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/mariadb.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/mariadb/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/mariadb/README.md
-->


Expand Down
64 changes: 63 additions & 1 deletion content/en/docs/v1.3/applications/mongodb.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ aliases:
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/mongodb.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/mongodb/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/mongodb/README.md
-->


Expand Down Expand Up @@ -49,6 +49,68 @@ When `external: true` is enabled:
On first install, the credentials secret will be empty until the Percona operator initializes the cluster.
Run `helm upgrade` after MongoDB is ready to populate the credentials secret with the actual password.

### Data lifecycle

When the MongoDB release is uninstalled, the operator finalizers reclaim release-scoped resources:

**Reclaimed by the `percona.com/delete-psmdb-pvc` finalizer:**

- All PVCs backing the replica set storage. Whether the underlying PersistentVolume and on-disk data are actually deleted depends on the StorageClass `reclaimPolicy` (`Delete` removes them, `Retain` leaves them for manual cleanup).
- Operator-managed secrets:
- `<release>-percona-server-mongodb-users` — operator users credentials
- `internal-<release>` — internal operator state
- `internal-<release>-users` — operator-internal users data
- `<release>-mongodb-encryption-key` — at-rest encryption key

**Reclaimed by `helm uninstall`:**

- `<release>-credentials` — connection string for application code
- `<release>-user-<username>` — per-user passwords
- `<release>-s3-creds` — backup destination credentials (if backups are configured)

**Not reclaimed automatically:**

- TLS secrets `<release>-ssl` and `<release>-ssl-internal` (issued by cert-manager) remain in the namespace after uninstall. Delete them manually if no longer needed.

**Recovery from a stuck deletion:**

If the `psmdb-operator` is uninstalled before MongoDB CRs are deleted, the finalizers cannot run and the `PerconaServerMongoDB` CR hangs in `Terminating`. To recover, clear the finalizers manually:

```bash
kubectl --namespace <namespace> patch psmdb <release> --type merge --patch '{"metadata":{"finalizers":[]}}'
```

Note that this skips the operator-driven cleanup — PVCs and operator-managed secrets will remain orphaned and must be removed manually.

If you need to retain data, take a backup before deletion. Refer to the [Percona Operator for MongoDB documentation](https://docs.percona.com/percona-operator-for-mongodb/) for backup/restore workflows.

### Upgrading from earlier versions

Earlier versions of this chart referenced a namespace-shared system users secret (`percona-server-mongodb-users`). Upgrading to a release that scopes this secret per CR (`<release>-percona-server-mongodb-users`) triggers a password rotation for the operator-managed system users. The rotation is performed in place by the Percona operator via `db.changeUserPassword()` against the running mongod (operator log: `Secret data changed. Updating users...`); pods are not restarted and the cluster stays available.

**Rotated automatically on upgrade:**

- The five operator-managed system accounts: `databaseAdmin`, `userAdmin`, `backup`, `clusterAdmin`, `clusterMonitor`.
- Secret `<release>-percona-server-mongodb-users` (newly created, per-CR) and `internal-<release>-users` receive the new values.
- Secret `<release>-credentials` is regenerated; its `password` and `uri` keys reflect the new `databaseAdmin` password.

**Not affected:**

- Custom users defined under `users:` in chart values. Their `<release>-user-<name>` secrets are not touched.
- The at-rest encryption key (`<release>-mongodb-encryption-key`) and replica set keyfile (`<release>-mongodb-keyfile`) are unchanged, so on-disk data remains readable.

**Action required after upgrade:**

Workloads that mount `<release>-credentials` keep using the cached old password until they re-read the secret. Restart those pods, or run a controller such as [Reloader](https://github.com/stakater/Reloader) to roll them automatically. Without this, application connections fail with authentication errors once their existing sessions expire.

**Orphaned legacy secret:**

The previous namespace-shared secret `percona-server-mongodb-users` is no longer referenced by any MongoDB CR after upgrade, but the operator does not garbage-collect it. If multiple MongoDB releases in the same namespace previously shared it, all of them rotate to their own per-CR secrets — passwords are no longer shared across CRs in the namespace, which is the intended outcome. Confirm no other consumers reference it, then remove it manually:

```bash
kubectl --namespace <namespace> delete secret percona-server-mongodb-users
```

## Parameters

### Common parameters
Expand Down
2 changes: 1 addition & 1 deletion content/en/docs/v1.3/applications/nats.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ aliases:
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/nats.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/nats/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/nats/README.md
-->


Expand Down
2 changes: 1 addition & 1 deletion content/en/docs/v1.3/applications/openbao.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ weight: 50
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/openbao.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/openbao/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/openbao/README.md
-->


Expand Down
24 changes: 12 additions & 12 deletions content/en/docs/v1.3/applications/postgres.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ aliases:
<!--
Autogenerated content. Don't edit this file directly; edit sources instead.
metadata: https://github.com/cozystack/website/blob/main/content/en/docs/v1.3/applications/_include/postgres.md
source: https://github.com/cozystack/cozystack/blob/v1.3.0/packages/apps/postgres/README.md
source: https://github.com/cozystack/cozystack/blob/main/packages/apps/postgres/README.md
-->


Expand Down Expand Up @@ -95,11 +95,10 @@ See:

### Application-specific parameters

| Name | Description | Type | Value |
| --------------------------------------- | ---------------------------------------------------------------- | -------- | ----- |
| `postgresql` | PostgreSQL server configuration. | `object` | `{}` |
| `postgresql.parameters` | PostgreSQL server parameters. | `object` | `{}` |
| `postgresql.parameters.max_connections` | Maximum number of concurrent connections to the database server. | `int` | `100` |
| Name | Description | Type | Value |
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | ----- |
| `postgresql` | PostgreSQL server configuration. | `object` | `{}` |
| `postgresql.parameters` | PostgreSQL server parameters. All values must be strings (quote numbers: "100"). BLOCKED (enable arbitrary code execution): archive_command, restore_command, ssl_passphrase_command, dynamic_library_path, local_preload_libraries, session_preload_libraries, shared_preload_libraries. Do NOT override CloudNativePG-managed parameters: archive_mode, primary_conninfo, wal_level, max_replication_slots. | `map[string]string` | `{}` |


### Quorum-based synchronous replication
Expand Down Expand Up @@ -147,12 +146,13 @@ See:

### Bootstrap (recovery) parameters

| Name | Description | Type | Value |
| ------------------------ | ------------------------------------------------------------------- | -------- | ------- |
| `bootstrap` | Bootstrap configuration. | `object` | `{}` |
| `bootstrap.enabled` | Whether to restore from a backup. | `bool` | `false` |
| `bootstrap.recoveryTime` | Timestamp (RFC3339) for point-in-time recovery; empty means latest. | `string` | `""` |
| `bootstrap.oldName` | Previous cluster name before deletion. | `string` | `""` |
| Name | Description | Type | Value |
| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------- |
| `bootstrap` | Bootstrap configuration. | `object` | `{}` |
| `bootstrap.enabled` | Whether to restore from a backup. | `bool` | `false` |
| `bootstrap.recoveryTime` | Timestamp (RFC3339) for point-in-time recovery; empty means latest. | `string` | `""` |
| `bootstrap.oldName` | Previous cluster name before deletion. | `string` | `""` |
| `bootstrap.serverName` | Barman server name (S3 path prefix) used by the original cluster when writing backups. Set this only when the original cluster had an explicit barmanObjectStore.serverName that differed from its Kubernetes resource name. | `string` | `""` |


## Parameter examples and reference
Expand Down
Loading