Keylcoak major version bump of postgres

This commit is contained in:
Stefan Reimer 2023-11-07 15:13:26 +00:00
parent a131e0811a
commit 76c373ff41
3 changed files with 59 additions and 6 deletions

View File

@ -3,7 +3,7 @@ name: kubezero-auth
description: KubeZero umbrella chart for all things Authentication and Identity management description: KubeZero umbrella chart for all things Authentication and Identity management
type: application type: application
version: 0.4.3 version: 0.4.3
appVersion: 22.0.1 appVersion: 22.0.5
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:

View File

@ -1,6 +1,6 @@
# kubezero-auth # kubezero-auth
![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.1](https://img.shields.io/badge/AppVersion-22.0.1-informational?style=flat-square) ![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.1](https://img.shields.io/badge/AppVersion-22.0.1-informational?style=flat-square)
KubeZero umbrella chart for all things Authentication and Identity management KubeZero umbrella chart for all things Authentication and Identity management
@ -19,7 +19,7 @@ Kubernetes: `>= 1.26.0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| oci://registry-1.docker.io/bitnamicharts | keycloak | 16.1.2 | | oci://registry-1.docker.io/bitnamicharts | keycloak | 17.3.0 |
# Keycloak # Keycloak
@ -41,9 +41,12 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc
| keycloak.auth.existingSecret | string | `"kubezero-auth"` | | | keycloak.auth.existingSecret | string | `"kubezero-auth"` | |
| keycloak.auth.passwordSecretKey | string | `"admin-password"` | | | keycloak.auth.passwordSecretKey | string | `"admin-password"` | |
| keycloak.enabled | bool | `false` | | | keycloak.enabled | bool | `false` | |
| keycloak.istio.enabled | bool | `false` | | | keycloak.istio.admin.enabled | bool | `false` | |
| keycloak.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | | keycloak.istio.admin.gateway | string | `"istio-ingress/private-ingressgateway"` | |
| keycloak.istio.url | string | `""` | | | keycloak.istio.admin.url | string | `""` | |
| keycloak.istio.auth.enabled | bool | `false` | |
| keycloak.istio.auth.gateway | string | `"istio-ingress/ingressgateway"` | |
| keycloak.istio.auth.url | string | `""` | |
| keycloak.metrics.enabled | bool | `false` | | | keycloak.metrics.enabled | bool | `false` | |
| keycloak.metrics.serviceMonitor.enabled | bool | `true` | | | keycloak.metrics.serviceMonitor.enabled | bool | `true` | |
| keycloak.pdb.create | bool | `false` | | | keycloak.pdb.create | bool | `false` | |
@ -56,3 +59,5 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc
| keycloak.production | bool | `true` | | | keycloak.production | bool | `true` | |
| keycloak.proxy | string | `"edge"` | | | keycloak.proxy | string | `"edge"` | |
| keycloak.replicaCount | int | `1` | | | keycloak.replicaCount | int | `1` | |
| keycloak.resources.requests.cpu | string | `"100m"` | |
| keycloak.resources.requests.memory | string | `"512Mi"` | |

View File

@ -0,0 +1,48 @@
# Upgrade Postgres major version
## backup
- shell into running posgres-auth pod
```
export PGPASSWORD="<postgres_password from secret>"
cd /bitnami/posgres
pg_dumpall > backup
```
- store backup off-site
```
kubectl cp keycloak/kubezero-auth-postgresql-0:/bitnami/postgresql/backup postgres-backup
```
## upgrade
- upgrade auth chart
- delete postgres-auth PVC and POD to flush old DB
## restore
- copy backup to new PVC
```
kubectl cp postgres-backup keycloak/kubezero-auth-postgresql-0:/bitnami/postgresql/backup
```
- log into psql as admin ( shell on running pod )
```
psql -U postgres
```
- drop database `keycloak`
```
DROP database keycloak
```
if keycloak is running and postgres complains about connected users simply kill the keycloak and retry
- actual restore
```
psql -U postgres -d postgres -f backup
```
- restart keycloak once more
success.