diff --git a/charts/kubezero-auth/Chart.yaml b/charts/kubezero-auth/Chart.yaml index 3efa6a6..daae6f9 100644 --- a/charts/kubezero-auth/Chart.yaml +++ b/charts/kubezero-auth/Chart.yaml @@ -3,7 +3,7 @@ name: kubezero-auth description: KubeZero umbrella chart for all things Authentication and Identity management type: application version: 0.4.3 -appVersion: 22.0.1 +appVersion: 22.0.5 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: diff --git a/charts/kubezero-auth/README.md b/charts/kubezero-auth/README.md index 11b4e10..f65cecb 100644 --- a/charts/kubezero-auth/README.md +++ b/charts/kubezero-auth/README.md @@ -1,6 +1,6 @@ # kubezero-auth -![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.1](https://img.shields.io/badge/AppVersion-22.0.1-informational?style=flat-square) +![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.1](https://img.shields.io/badge/AppVersion-22.0.1-informational?style=flat-square) KubeZero umbrella chart for all things Authentication and Identity management @@ -19,7 +19,7 @@ Kubernetes: `>= 1.26.0` | Repository | Name | Version | |------------|------|---------| | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | -| oci://registry-1.docker.io/bitnamicharts | keycloak | 16.1.2 | +| oci://registry-1.docker.io/bitnamicharts | keycloak | 17.3.0 | # Keycloak @@ -41,9 +41,12 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc | keycloak.auth.existingSecret | string | `"kubezero-auth"` | | | keycloak.auth.passwordSecretKey | string | `"admin-password"` | | | keycloak.enabled | bool | `false` | | -| keycloak.istio.enabled | bool | `false` | | -| keycloak.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | -| keycloak.istio.url | string | `""` | | +| keycloak.istio.admin.enabled | bool | `false` | | +| keycloak.istio.admin.gateway | string | `"istio-ingress/private-ingressgateway"` | | +| keycloak.istio.admin.url | string | `""` | | +| keycloak.istio.auth.enabled | bool | `false` | | +| keycloak.istio.auth.gateway | string | `"istio-ingress/ingressgateway"` | | +| keycloak.istio.auth.url | string | `""` | | | keycloak.metrics.enabled | bool | `false` | | | keycloak.metrics.serviceMonitor.enabled | bool | `true` | | | keycloak.pdb.create | bool | `false` | | @@ -56,3 +59,5 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc | keycloak.production | bool | `true` | | | keycloak.proxy | string | `"edge"` | | | keycloak.replicaCount | int | `1` | | +| keycloak.resources.requests.cpu | string | `"100m"` | | +| keycloak.resources.requests.memory | string | `"512Mi"` | | diff --git a/charts/kubezero-auth/docs/postgres.md b/charts/kubezero-auth/docs/postgres.md new file mode 100644 index 0000000..bbe9157 --- /dev/null +++ b/charts/kubezero-auth/docs/postgres.md @@ -0,0 +1,48 @@ +# Upgrade Postgres major version + +## backup + +- shell into running posgres-auth pod +``` +export PGPASSWORD="" +cd /bitnami/posgres +pg_dumpall > backup +``` + +- store backup off-site +``` +kubectl cp keycloak/kubezero-auth-postgresql-0:/bitnami/postgresql/backup postgres-backup +``` + +## upgrade + +- upgrade auth chart + +- delete postgres-auth PVC and POD to flush old DB + +## restore + +- copy backup to new PVC +``` +kubectl cp postgres-backup keycloak/kubezero-auth-postgresql-0:/bitnami/postgresql/backup +``` + +- log into psql as admin ( shell on running pod ) +``` +psql -U postgres +``` + +- drop database `keycloak` +``` +DROP database keycloak +``` +if keycloak is running and postgres complains about connected users simply kill the keycloak and retry + +- actual restore +``` +psql -U postgres -d postgres -f backup +``` + +- restart keycloak once more + +success.