API Reference

Packages

postgresql.cnpg.io/v1

postgresql.cnpg.io/v1

Package v1 contains API Schema definitions for the postgresql v1 API group

Resource Types

AffinityConfiguration

AffinityConfiguration contains the info we need to create the affinity rules for Pods

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
enablePodAntiAffinity _boolean_	Activates anti-affinity for the pods. The operator will define pods　anti-affinity unless this field is explicitly set to false
topologyKey _string_	TopologyKey to use for anti-affinity configuration. See k8s documentation　for more info on that
nodeSelector _object (keys:string, values:string)_	NodeSelector is map of key-value pairs used to define the nodes on which　the pods can run.　More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
nodeAffinity _ NodeAffinity _	NodeAffinity describes node affinity scheduling rules for the pod.　More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
tolerations _ Tolerations array_	Tolerations is a list of Tolerations that should be set for all the pods, in order to allow them to run　on tainted nodes.　More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
podAntiAffinityType _string_	PodAntiAffinityType allows the user to decide whether pod anti-affinity between cluster instance has to be　considered a strong requirement during scheduling or not. Allowed values are: "preferred" (default if empty) or　"required". Setting it to "required", could lead to instances remaining pending until new kubernetes nodes are　added if all the existing nodes don't match the required pod anti-affinity rule.　More info:　https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
additionalPodAntiAffinity _ PodAntiAffinity _	AdditionalPodAntiAffinity allows to specify pod anti-affinity terms to be added to the ones generated　by the operator if EnablePodAntiAffinity is set to true (default) or to be used exclusively if set to false.
additionalPodAffinity _ PodAffinity _	AdditionalPodAffinity allows to specify pod affinity terms to be passed to all the cluster's pods.

AvailableArchitecture

AvailableArchitecture represents the state of a cluster’s architecture

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
goArch _string_	GoArch is the name of the executable architecture	True
hash _string_	Hash is the hash of the executable	True

Backup

A Backup resource is a request for a PostgreSQL backup by the user.

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	Backup	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ BackupSpec _	Specification of the desired behavior of the backup.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status	True
status _ BackupStatus _	Most recently observed status of the backup. This data may not be up to　date. Populated by the system. Read-only.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

BackupConfiguration

BackupConfiguration defines how the backup of the cluster are taken. The supported backup methods are BarmanObjectStore and VolumeSnapshot. For details and examples refer to the Backup and Recovery section of the documentation

Appears in:

ClusterSpec

Field	Description	Default	Validation
volumeSnapshot _ VolumeSnapshotConfiguration _	VolumeSnapshot provides the configuration for the execution of volume snapshot backups.
barmanObjectStore _ BarmanObjectStoreConfiguration _	The configuration for the barman-cloud tool suite
retentionPolicy _string_	RetentionPolicy is the retention policy to be used for backups　and WALs (i.e. '60d'). The retention policy is expressed in the form　of XXu where XX is a positive integer and u is in [dwm] -　days, weeks, months.　It's currently only applicable when using the BarmanObjectStore method.		Pattern: ^[1-9][0-9]*[dwm]$
target _ BackupTarget _	The policy to decide which instance should perform backups. Available　options are empty string, which will default to prefer-standby policy,　primary to have backups run always on primary instances, prefer-standby　to have backups run preferably on the most updated standby, if available.	prefer-standby	Enum: [primary prefer-standby]

BackupMethod

Underlying type: string

BackupMethod defines the way of executing the physical base backups of the selected PostgreSQL instance

Appears in:

BackupSpec
BackupStatus
ClusterStatus
ScheduledBackupSpec

Field	Description
volumeSnapshot	BackupMethodVolumeSnapshot means using the volume snapshot　Kubernetes feature
barmanObjectStore	BackupMethodBarmanObjectStore means using barman to backup the　PostgreSQL cluster
plugin	BackupMethodPlugin means that this backup should be handled by　a plugin

BackupPhase

Underlying type: string

BackupPhase is the phase of the backup

Appears in:

BackupStatus

BackupPluginConfiguration

BackupPluginConfiguration contains the backup configuration used by the backup plugin

Appears in:

BackupSpec
ScheduledBackupSpec

Field	Description	Required	Default	Validation
name _string_	Name is the name of the plugin managing this backup	True
parameters _object (keys:string, values:string)_	Parameters are the configuration parameters passed to the backup　plugin for this backup

BackupSnapshotElementStatus

BackupSnapshotElementStatus is a volume snapshot that is part of a volume snapshot method backup

Appears in:

BackupSnapshotStatus

Field	Description	Required
name _string_	Name is the snapshot resource name	True
type _string_	Type is tho role of the snapshot in the cluster, such as PG_DATA, PG_WAL and PG_TABLESPACE	True
tablespaceName _string_	TablespaceName is the name of the snapshotted tablespace. Only set　when type is PG_TABLESPACE

BackupSnapshotStatus

BackupSnapshotStatus the fields exclusive to the volumeSnapshot method backup

Appears in:

BackupStatus

Field	Description	Required	Default	Validation
elements _ BackupSnapshotElementStatus array_	The elements list, populated with the gathered volume snapshots

BackupSource

BackupSource contains the backup we need to restore from, plus some information that could be needed to correctly restore it.

Appears in:

BootstrapRecovery

Field	Description	Required	Default	Validation
name _string_	Name of the referent.	True
endpointCA _ SecretKeySelector _	EndpointCA store the CA bundle of the barman endpoint.　Useful when using self-signed certificates to avoid　errors with certificate issuer and barman-cloud-wal-archive.

BackupSpec

BackupSpec defines the desired state of Backup

Appears in:

Appendix B - Backup on object stores

Field	Description	Required	Default	Validation
cluster _ LocalObjectReference _	The cluster to backup	True
target _ BackupTarget _	The policy to decide which instance should perform this backup. If empty,　it defaults to cluster.spec.backup.target.　Available options are empty string, primary and prefer-standby.　primary to have backups run always on primary instances,　prefer-standby to have backups run preferably on the most updated　standby, if available.			Enum: [primary prefer-standby]
method _ BackupMethod _	The backup method to be used, possible options are barmanObjectStore,　volumeSnapshot or plugin. Defaults to: barmanObjectStore.		barmanObjectStore	Enum: [barmanObjectStore volumeSnapshot plugin]
pluginConfiguration _ BackupPluginConfiguration _	Configuration parameters passed to the plugin managing this backup
online _boolean_	Whether the default type of backup with volume snapshots is　online/hot (true, default) or offline/cold (false)　Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'
onlineConfiguration _ OnlineConfiguration _	Configuration parameters to control the online/hot backup with volume snapshots　Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza

BackupStatus

BackupStatus defines the observed state of Backup

Appears in:

Appendix B - Backup on object stores

Field	Description	Required
googleCredentials _ GoogleCredentials _	The credentials to use to upload data to Google Cloud Storage
s3Credentials _ S3Credentials _	The credentials to use to upload data to S3
azureCredentials _ AzureCredentials _	The credentials to use to upload data to Azure Blob Storage
majorVersion _integer_	The PostgreSQL major version that was running when the　backup was taken.	True
endpointCA _ SecretKeySelector _	EndpointCA store the CA bundle of the barman endpoint.　Useful when using self-signed certificates to avoid　errors with certificate issuer and barman-cloud-wal-archive.
endpointURL _string_	Endpoint to be used to upload data to the cloud,　overriding the automatic endpoint discovery
destinationPath _string_	The path where to store the backup (i.e. s3://bucket/path/to/folder)　this path, with different destination folders, will be used for WALs　and for data. This may not be populated in case of errors.
serverName _string_	The server name on S3, the cluster name is used if this　parameter is omitted
encryption _string_	Encryption method required to S3 API
backupId _string_	The ID of the Barman backup
backupName _string_	The Name of the Barman backup
phase _ BackupPhase _	The last backup status
startedAt _ Point-in-time recovery (PITR) from a backup _	When the backup was started
stoppedAt _ Point-in-time recovery (PITR) from a backup _	When the backup was terminated
beginWal _string_	The starting WAL
endWal _string_	The ending WAL
beginLSN _string_	The starting xlog
endLSN _string_	The ending xlog
error _string_	The detected error
commandOutput _string_	Unused. Retained for compatibility with old versions.
commandError _string_	The backup command output in case of error
backupLabelFile _integer array_	Backup label file content as returned by Postgres in case of online (hot) backups
tablespaceMapFile _integer array_	Tablespace map file content as returned by Postgres in case of online (hot) backups
instanceID _ InstanceID _	Information to identify the instance where the backup has been taken from
snapshotBackupStatus _ BackupSnapshotStatus _	Status of the volumeSnapshot backup
method _ BackupMethod _	The backup method being used
online _boolean_	Whether the backup was online/hot (true) or offline/cold (false)
pluginMetadata _object (keys:string, values:string)_	A map containing the plugin metadata

BackupTarget

Underlying type: string

BackupTarget describes the preferred targets for a backup

Appears in:

BackupConfiguration
BackupSpec
ScheduledBackupSpec

BootstrapConfiguration

BootstrapConfiguration contains information about how to create the PostgreSQL cluster. Only a single bootstrap method can be defined among the supported ones. initdb will be used as the bootstrap method if left unspecified. Refer to the Bootstrap page of the documentation for more information.

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
initdb _ BootstrapInitDB _	Bootstrap the cluster via initdb
recovery _ BootstrapRecovery _	Bootstrap the cluster from a backup
pg_basebackup _ BootstrapPgBaseBackup _	Bootstrap the cluster taking a physical backup of another compatible　PostgreSQL instance

BootstrapInitDB

BootstrapInitDB is the configuration of the bootstrap process when initdb is used Refer to the Bootstrap page of the documentation for more information.

Appears in:

BootstrapConfiguration

Field	Description	Validation
database _string_	Name of the database used by the application. Default: app.
owner _string_	Name of the owner of the database in the instance to be used　by applications. Defaults to the value of the database key.
secret _ LocalObjectReference _	Name of the secret containing the initial credentials for the　owner of the user database. If empty a new secret will be　created from scratch
options _string array_	The list of options that must be passed to initdb when creating the cluster.　Deprecated: This could lead to inconsistent configurations,　please use the explicit provided parameters instead.　If defined, explicit values will be ignored.
dataChecksums _boolean_	Whether the -k option should be passed to initdb,　enabling checksums on data pages (default: false)
encoding _string_	The value to be passed as option --encoding for initdb (default:UTF8)
localeCollate _string_	The value to be passed as option --lc-collate for initdb (default:C)
localeCType _string_	The value to be passed as option --lc-ctype for initdb (default:C)
locale _string_	Sets the default collation order and character classification in the new database.
localeProvider _string_	This option sets the locale provider for databases created in the new cluster.　Available from PostgreSQL 16.
icuLocale _string_	Specifies the ICU locale when the ICU provider is used.　This option requires localeProvider to be set to icu.　Available from PostgreSQL 15.
icuRules _string_	Specifies additional collation rules to customize the behavior of the default collation.　This option requires localeProvider to be set to icu.　Available from PostgreSQL 16.
builtinLocale _string_	Specifies the locale name when the builtin provider is used.　This option requires localeProvider to be set to builtin.　Available from PostgreSQL 17.
walSegmentSize _integer_	The value in megabytes (1 to 1024) to be passed to the --wal-segsize　option for initdb (default: empty, resulting in PostgreSQL default: 16MB)	Maximum: 1024 　Minimum: 1
postInitSQL _string array_	List of SQL queries to be executed as a superuser in the postgres　database right after the cluster has been created - to be used with extreme care　(by default empty)
postInitApplicationSQL _string array_	List of SQL queries to be executed as a superuser in the application　database right after the cluster has been created - to be used with extreme care　(by default empty)
postInitTemplateSQL _string array_	List of SQL queries to be executed as a superuser in the template1　database right after the cluster has been created - to be used with extreme care　(by default empty)
import _ Import _	Bootstraps the new cluster by importing data from an existing PostgreSQL　instance using logical backup (pg_dump and pg_restore)
postInitApplicationSQLRefs _ SQLRefs _	List of references to ConfigMaps or Secrets containing SQL files　to be executed as a superuser in the application database right after　the cluster has been created. The references are processed in a specific order:　first, all Secrets are processed, followed by all ConfigMaps.　Within each group, the processing order follows the sequence specified　in their respective arrays.　(by default empty)
postInitTemplateSQLRefs _ SQLRefs _	List of references to ConfigMaps or Secrets containing SQL files　to be executed as a superuser in the template1 database right after　the cluster has been created. The references are processed in a specific order:　first, all Secrets are processed, followed by all ConfigMaps.　Within each group, the processing order follows the sequence specified　in their respective arrays.　(by default empty)
postInitSQLRefs _ SQLRefs _	List of references to ConfigMaps or Secrets containing SQL files　to be executed as a superuser in the postgres database right after　the cluster has been created. The references are processed in a specific order:　first, all Secrets are processed, followed by all ConfigMaps.　Within each group, the processing order follows the sequence specified　in their respective arrays.　(by default empty)

BootstrapPgBaseBackup

BootstrapPgBaseBackup contains the configuration required to take a physical backup of an existing PostgreSQL cluster

Appears in:

BootstrapConfiguration

Field	Description	Required	Validation
source _string_	The name of the server of which we need to take a physical backup	True	MinLength: 1
database _string_	Name of the database used by the application. Default: app.
owner _string_	Name of the owner of the database in the instance to be used　by applications. Defaults to the value of the database key.
secret _ LocalObjectReference _	Name of the secret containing the initial credentials for the　owner of the user database. If empty a new secret will be　created from scratch

BootstrapRecovery

BootstrapRecovery contains the configuration required to restore from an existing cluster using 3 methodologies: external cluster, volume snapshots or backup objects. Full recovery and Point-In-Time Recovery are supported. The method can be also be used to create clusters in continuous recovery (replica clusters), also supporting cascading replication when instances >

Once the cluster exits recovery, the password for the superuser will be changed through the provided secret. Refer to the Bootstrap page of the documentation for more information.

Appears in:

BootstrapConfiguration

Field	Description	Required	Default	Validation
backup _ BackupSource _	The backup object containing the physical base backup from which to　initiate the recovery procedure.　Mutually exclusive with source and volumeSnapshots.
source _string_	The external cluster whose backup we will restore. This is also　used as the name of the folder under which the backup is stored,　so it must be set to the name of the source cluster　Mutually exclusive with backup.
volumeSnapshots _ DataSource _	The static PVC data source(s) from which to initiate the　recovery procedure. Currently supporting VolumeSnapshot　and PersistentVolumeClaim resources that map an existing　PVC group, compatible with CloudNativePG, and taken with　a cold backup copy on a fenced Postgres instance (limitation　which will be removed in the future when online backup　will be implemented).　Mutually exclusive with backup.
recoveryTarget _ RecoveryTarget _	By default, the recovery process applies all the available　WAL files in the archive (full recovery). However, you can also　end the recovery as soon as a consistent state is reached or　recover to a point-in-time (PITR) by specifying a RecoveryTarget object,　as expected by PostgreSQL (i.e., timestamp, transaction Id, LSN, ...).　More info: https://www.postgresql.org/docs/current/runtime-config-wal.html#RUNTIME-CONFIG-WAL-RECOVERY-TARGET
database _string_	Name of the database used by the application. Default: app.
owner _string_	Name of the owner of the database in the instance to be used　by applications. Defaults to the value of the database key.
secret _ LocalObjectReference _	Name of the secret containing the initial credentials for the　owner of the user database. If empty a new secret will be　created from scratch

CatalogImage

CatalogImage defines the image and major version

Appears in:

ImageCatalogSpec

Field	Description	Required	Default	Validation
image _string_	The image reference	True
major _integer_	The PostgreSQL major version of the image. Must be unique within the catalog.	True		Minimum: 10

CertificatesConfiguration

CertificatesConfiguration contains the needed configurations to handle server certificates.

Appears in:

CertificatesStatus
ClusterSpec

Field	Description	Required	Default	Validation
serverCASecret _string_	The secret containing the Server CA certificate. If not defined, a new secret will be created　with a self-signed CA and will be used to generate the TLS certificate ServerTLSSecret.　　Contains:　　- ca.crt: CA that should be used to validate the server certificate,　used as sslrootcert in client connection strings.　- ca.key: key used to generate Server SSL certs, if ServerTLSSecret is provided,　this can be omitted.
serverTLSSecret _string_	The secret of type kubernetes.io/tls containing the server TLS certificate and key that will be set as　ssl_cert_file and ssl_key_file so that clients can connect to postgres securely.　If not defined, ServerCASecret must provide also ca.key and a new secret will be　created using the provided CA.
replicationTLSSecret _string_	The secret of type kubernetes.io/tls containing the client certificate to authenticate as　the streaming_replica user.　If not defined, ClientCASecret must provide also ca.key, and a new secret will be　created using the provided CA.
clientCASecret _string_	The secret containing the Client CA certificate. If not defined, a new secret will be created　with a self-signed CA and will be used to generate all the client certificates.　　Contains:　　- ca.crt: CA that should be used to validate the client certificates,　used as ssl_ca_file of all the instances.　- ca.key: key used to generate client certificates, if ReplicationTLSSecret is provided,　this can be omitted.
serverAltDNSNames _string array_	The list of the server alternative DNS names to be added to the generated server TLS certificates, when required.

CertificatesStatus

CertificatesStatus contains configuration certificates and related expiration dates.

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
serverCASecret _string_	The secret containing the Server CA certificate. If not defined, a new secret will be created　with a self-signed CA and will be used to generate the TLS certificate ServerTLSSecret.　　Contains:　　- ca.crt: CA that should be used to validate the server certificate,　used as sslrootcert in client connection strings.　- ca.key: key used to generate Server SSL certs, if ServerTLSSecret is provided,　this can be omitted.
serverTLSSecret _string_	The secret of type kubernetes.io/tls containing the server TLS certificate and key that will be set as　ssl_cert_file and ssl_key_file so that clients can connect to postgres securely.　If not defined, ServerCASecret must provide also ca.key and a new secret will be　created using the provided CA.
replicationTLSSecret _string_	The secret of type kubernetes.io/tls containing the client certificate to authenticate as　the streaming_replica user.　If not defined, ClientCASecret must provide also ca.key, and a new secret will be　created using the provided CA.
clientCASecret _string_	The secret containing the Client CA certificate. If not defined, a new secret will be created　with a self-signed CA and will be used to generate all the client certificates.　　Contains:　　- ca.crt: CA that should be used to validate the client certificates,　used as ssl_ca_file of all the instances.　- ca.key: key used to generate client certificates, if ReplicationTLSSecret is provided,　this can be omitted.
serverAltDNSNames _string array_	The list of the server alternative DNS names to be added to the generated server TLS certificates, when required.
expirations _object (keys:string, values:string)_	Expiration dates for all certificates.

Cluster

Cluster defines the API schema for a highly available PostgreSQL database cluster managed by CloudNativePG.

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	Cluster	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ ClusterSpec _	Specification of the desired behavior of the cluster.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status	True
status _ ClusterStatus _	Most recently observed status of the cluster. This data may not be up　to date. Populated by the system. Read-only.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

ClusterImageCatalog

ClusterImageCatalog is the Schema for the clusterimagecatalogs API

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	ClusterImageCatalog	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ ImageCatalogSpec _	Specification of the desired behavior of the ClusterImageCatalog.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status	True

ClusterMonitoringTLSConfiguration

ClusterMonitoringTLSConfiguration is the type containing the TLS configuration for the cluster’s monitoring

Appears in:

MonitoringConfiguration

Field	Description	Required	Default	Validation
enabled _boolean_	Enable TLS for the monitoring endpoint.　Changing this option will force a rollout of all instances.		false

ClusterSpec

ClusterSpec defines the desired state of a PostgreSQL cluster managed by CloudNativePG.

Appears in:

Multi-availability zone Kubernetes clusters

Field	Description	Required	Default	Validation
description _string_	Description of this PostgreSQL cluster
inheritedMetadata _ EmbeddedObjectMetadata _	Metadata that will be inherited by all objects related to the Cluster
imageName _string_	Name of the container image, supporting both tags (<image>:<tag>)　and digests for deterministic and repeatable deployments　(<image>:<tag>@sha256:<digestValue>)
imageCatalogRef _ ImageCatalogRef _	Defines the major PostgreSQL version we want to use within an ImageCatalog
imagePullPolicy _ PullPolicy _	Image pull policy.　One of Always, Never or IfNotPresent.　If not defined, it defaults to IfNotPresent.　Cannot be updated.　More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
schedulerName _string_	If specified, the pod will be dispatched by specified Kubernetes　scheduler. If not specified, the pod will be dispatched by the default　scheduler. More info:　https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/
postgresUID _integer_	The UID of the postgres user inside the image, defaults to 26		26
postgresGID _integer_	The GID of the postgres user inside the image, defaults to 26		26
instances _integer_	Number of instances required in the cluster	True	1	Minimum: 1
minSyncReplicas _integer_	Minimum number of instances required in synchronous replication with the　primary. Undefined or 0 allow writes to complete when no standby is　available.		0	Minimum: 0
maxSyncReplicas _integer_	The target value for the synchronous replication quorum, that can be　decreased if the number of ready standbys is lower than this.　Undefined or 0 disable synchronous replication.		0	Minimum: 0
postgresql _ PostgresConfiguration _	Configuration of the PostgreSQL server
replicationSlots _ ReplicationSlotsConfiguration _	Replication slots management configuration		{ highAvailability:map[enabled:true] }
bootstrap _ BootstrapConfiguration _	Instructions to bootstrap this cluster
replica _ ReplicaClusterConfiguration _	Replica cluster configuration
superuserSecret _ LocalObjectReference _	The secret containing the superuser password. If not defined a new　secret will be created with a randomly generated password
enableSuperuserAccess _boolean_	When this option is enabled, the operator will use the SuperuserSecret　to update the postgres user password (if the secret is　not present, the operator will automatically create one). When this　option is disabled, the operator will ignore the SuperuserSecret content, delete　it when automatically created, and then blank the password of the postgres　user by setting it to NULL. Disabled by default.		false
certificates _ CertificatesConfiguration _	The configuration for the CA and related certificates
imagePullSecrets _ LocalObjectReference array_	The list of pull secrets to be used to pull the images
storage _ StorageConfiguration _	Configuration of the storage of the instances
serviceAccountTemplate _ ServiceAccountTemplate _	Configure the generation of the service account
walStorage _ StorageConfiguration _	Configuration of the storage for PostgreSQL WAL (Write-Ahead Log)
ephemeralVolumeSource _ EphemeralVolumeSource _	EphemeralVolumeSource allows the user to configure the source of ephemeral volumes.
startDelay _integer_	The time in seconds that is allowed for a PostgreSQL instance to　successfully start up (default 3600).　The startup probe failure threshold is derived from this value using the formula:　ceiling(startDelay / 10).		3600
stopDelay _integer_	The time in seconds that is allowed for a PostgreSQL instance to　gracefully shutdown (default 1800)		1800
smartShutdownTimeout _integer_	The time in seconds that controls the window of time reserved for the smart shutdown of Postgres to complete.　Make sure you reserve enough time for the operator to request a fast shutdown of Postgres　(that is: stopDelay - smartShutdownTimeout). Default is 180 seconds.		180
switchoverDelay _integer_	The time in seconds that is allowed for a primary PostgreSQL instance　to gracefully shutdown during a switchover.　Default value is 3600 seconds (1 hour).		3600
failoverDelay _integer_	The amount of time (in seconds) to wait before triggering a failover　after the primary PostgreSQL instance in the cluster was detected　to be unhealthy		0
livenessProbeTimeout _integer_	LivenessProbeTimeout is the time (in seconds) that is allowed for a PostgreSQL instance　to successfully respond to the liveness probe (default 30).　The Liveness probe failure threshold is derived from this value using the formula:　ceiling(livenessProbe / 10).
affinity _ AffinityConfiguration _	Affinity/Anti-affinity rules for Pods
topologySpreadConstraints _ TopologySpreadConstraint array_	TopologySpreadConstraints specifies how to spread matching pods among the given topology.　More info:　https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/
resources _ ResourceRequirements _	Resources requirements of every generated Pod. Please refer to　https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/　for more information.
ephemeralVolumesSizeLimit _ EphemeralVolumesSizeLimitConfiguration _	EphemeralVolumesSizeLimit allows the user to set the limits for the ephemeral　volumes
priorityClassName _string_	Name of the priority class which will be used in every generated Pod, if the PriorityClass　specified does not exist, the pod will not be able to schedule. Please refer to　https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass　for more information
primaryUpdateStrategy _ PrimaryUpdateStrategy _	Deployment strategy to follow to upgrade the primary server during a rolling　update procedure, after all replicas have been successfully updated:　it can be automated (unsupervised - default) or manual (supervised)		unsupervised	Enum: [unsupervised supervised]
primaryUpdateMethod _ PrimaryUpdateMethod _	Method to follow to upgrade the primary server during a rolling　update procedure, after all replicas have been successfully updated:　it can be with a switchover (switchover) or in-place (restart - default).　Note: when using switchover, the operator will reject updates that change both　the image name and PostgreSQL configuration parameters simultaneously to avoid　configuration mismatches during the switchover process.		restart	Enum: [switchover restart]
backup _ BackupConfiguration _	The configuration to be used for backups
nodeMaintenanceWindow _ NodeMaintenanceWindow _	Define a maintenance window for the Kubernetes nodes
monitoring _ MonitoringConfiguration _	The configuration of the monitoring infrastructure of this cluster
externalClusters _ The `externalClusters section<The externalClusters section>` array_	The list of external clusters which are used in the configuration
logLevel _string_	The instances' log level, one of the following values: error, warning, info (default), debug, trace		info	Enum: [error warning info debug trace]
projectedVolumeTemplate _ ProjectedVolumeSource _	Template to be used to define projected volumes, projected volumes will be mounted　under /projected base folder
env _ EnvVar array_	Env follows the Env format to pass environment variables　to the pods created in the cluster
envFrom _ EnvFromSource array_	EnvFrom follows the EnvFrom format to pass environment variables　sources to the pods to be used by Env
managed _ ManagedConfiguration _	The configuration that is used by the portions of PostgreSQL that are managed by the instance manager
seccompProfile _ SeccompProfile _	The SeccompProfile applied to every Pod and Container.　Defaults to: RuntimeDefault
podSecurityContext _ archive_timeout _	Override the PodSecurityContext applied to every Pod of the cluster.　When set, this overrides the operator's default PodSecurityContext for the cluster.　If omitted, the operator defaults are used.　This field doesn't have any effect if SecurityContextConstraints are present.
securityContext _ archive_timeout _	Override the SecurityContext applied to every Container in the Pod of the cluster.　When set, this overrides the operator's default Container SecurityContext.　If omitted, the operator defaults are used.
tablespaces _ TablespaceConfiguration array_	The tablespaces configuration
enablePDB _boolean_	Manage the PodDisruptionBudget resources within the cluster. When　configured as true (default setting), the pod disruption budgets　will safeguard the primary node from being terminated. Conversely,　setting it to false will result in the absence of any　PodDisruptionBudget resource, permitting the shutdown of all nodes　hosting the PostgreSQL cluster. This latter configuration is　advisable for any PostgreSQL cluster employed for　development/staging purposes.		true
plugins _ BackupPluginConfiguration array_	The plugins configuration, containing　any plugin to be loaded with the corresponding configuration
probes _ ProbesConfiguration _	The configuration of the probes to be injected　in the PostgreSQL Pods.

ClusterStatus

ClusterStatus defines the observed state of a PostgreSQL cluster managed by CloudNativePG.

Appears in:

Multi-availability zone Kubernetes clusters

Field	Description	Required	Default	Validation
instances _integer_	The total number of PVC Groups detected in the cluster. It may differ from the number of existing instance pods.
readyInstances _integer_	The total number of ready instances in the cluster. It is equal to the number of ready instance pods.
instancesStatus _object (keys: PodStatus , values:string array)_	InstancesStatus indicates in which status the instances are
instancesReportedState _object (keys: PodName , values: InstanceReportedState )_	The reported state of the instances during the last reconciliation loop
managedRolesStatus _ ManagedRoles _	ManagedRolesStatus reports the state of the managed roles in the cluster
tablespacesStatus _ TablespaceState array_	TablespacesStatus reports the state of the declarative tablespaces in the cluster
timelineID _integer_	The timeline of the Postgres cluster
topology _ PodTopologyLabels _	Instances topology.
latestGeneratedNode _integer_	ID of the latest generated node (used to avoid node name clashing)
currentPrimary _string_	Current primary instance
targetPrimary _string_	Target primary instance, this is different from the previous one　during a switchover or a failover
lastPromotionToken _string_	LastPromotionToken is the last verified promotion token that　was used to promote a replica cluster
pvcCount _integer_	How many PVCs have been created by this cluster
jobCount _integer_	How many Jobs have been created by this cluster
danglingPVC _string array_	List of all the PVCs created by this cluster and still available　which are not attached to a Pod
resizingPVC _string array_	List of all the PVCs that have ResizingPVC condition.
initializingPVC _string array_	List of all the PVCs that are being initialized by this cluster
healthyPVC _string array_	List of all the PVCs not dangling nor initializing
unusablePVC _string array_	List of all the PVCs that are unusable because another PVC is missing
writeService _string_	Current write pod
readService _string_	Current list of read pods
phase _string_	Current phase of the cluster
phaseReason _string_	Reason for the current phase
secretsResourceVersion _ SecretsResourceVersion _	The list of resource versions of the secrets　managed by the operator. Every change here is done in the　interest of the instance manager, which will refresh the　secret data
configMapResourceVersion _ ConfigMapResourceVersion _	The list of resource versions of the configmaps,　managed by the operator. Every change here is done in the　interest of the instance manager, which will refresh the　configmap data
certificates _ CertificatesStatus _	The configuration for the CA and related certificates, initialized with defaults.
firstRecoverabilityPoint _string_	The first recoverability point, stored as a date in RFC3339 format.　This field is calculated from the content of FirstRecoverabilityPointByMethod.　Deprecated: the field is not set for backup plugins.
firstRecoverabilityPointByMethod _object (keys: BackupMethod , values: Point-in-time recovery (PITR) from a backup )_	The first recoverability point, stored as a date in RFC3339 format, per backup method type.　Deprecated: the field is not set for backup plugins.
lastSuccessfulBackup _string_	Last successful backup, stored as a date in RFC3339 format.　This field is calculated from the content of LastSuccessfulBackupByMethod.　Deprecated: the field is not set for backup plugins.
lastSuccessfulBackupByMethod _object (keys: BackupMethod , values: Point-in-time recovery (PITR) from a backup )_	Last successful backup, stored as a date in RFC3339 format, per backup method type.　Deprecated: the field is not set for backup plugins.
lastFailedBackup _string_	Last failed backup, stored as a date in RFC3339 format.　Deprecated: the field is not set for backup plugins.
cloudNativePGCommitHash _string_	The commit hash number of which this operator running
currentPrimaryTimestamp _string_	The timestamp when the last actual promotion to primary has occurred
currentPrimaryFailingSinceTimestamp _string_	The timestamp when the primary was detected to be unhealthy　This field is reported when .spec.failoverDelay is populated or during online upgrades
targetPrimaryTimestamp _string_	The timestamp when the last request for a new primary has occurred
poolerIntegrations _ PoolerIntegrations _	The integration needed by poolers referencing the cluster
cloudNativePGOperatorHash _string_	The hash of the binary of the operator
availableArchitectures _ AvailableArchitecture array_	AvailableArchitectures reports the available architectures of a cluster
conditions _ Conditions array_	Conditions for cluster object
instanceNames _string array_	List of instance names in the cluster
onlineUpdateEnabled _boolean_	OnlineUpdateEnabled shows if the online upgrade is enabled inside the cluster
image _string_	Image contains the image name used by the pods
pgDataImageInfo _ ImageInfo _	PGDataImageInfo contains the details of the latest image that has run on the current data directory.
pluginStatus _ PluginStatus array_	PluginStatus is the status of the loaded plugins
switchReplicaClusterStatus _ SwitchReplicaClusterStatus _	SwitchReplicaClusterStatus is the status of the switch to replica cluster
demotionToken _string_	DemotionToken is a JSON token containing the information　from pg_controldata such as Database system identifier, Latest checkpoint's　TimeLineID, Latest checkpoint's REDO location, Latest checkpoint's REDO　WAL file, and Time of latest checkpoint
systemID _string_	SystemID is the latest detected PostgreSQL SystemID

ConfigMapResourceVersion

ConfigMapResourceVersion is the resource versions of the secrets managed by the operator

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
metrics _object (keys:string, values:string)_	A map with the versions of all the config maps used to pass metrics.　Map keys are the config map names, map values are the versions

DataDurabilityLevel

Underlying type: string

DataDurabilityLevel specifies how strictly to enforce synchronous replication when cluster instances are unavailable. Options are required or preferred .

Appears in:

SynchronousReplicaConfiguration

Field	Description
required	DataDurabilityLevelRequired means that data durability is strictly enforced
preferred	DataDurabilityLevelPreferred means that data durability is enforced　only when healthy replicas are available

DataSource

DataSource contains the configuration required to bootstrap a PostgreSQL cluster from an existing storage

Appears in:

BootstrapRecovery

Field	Description	Required
storage _ TypedLocalObjectReference _	Configuration of the storage of the instances	True
walStorage _ TypedLocalObjectReference _	Configuration of the storage for PostgreSQL WAL (Write-Ahead Log)
tablespaceStorage _object (keys:string, values: TypedLocalObjectReference )_	Configuration of the storage for PostgreSQL tablespaces

Database

Database is the Schema for the databases API

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	Database	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ DatabaseSpec _	Specification of the desired Database.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status	True
status _ DatabaseStatus _	Most recently observed status of the Database. This data may not be up to　date. Populated by the system. Read-only.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

DatabaseObjectSpec

DatabaseObjectSpec contains the fields which are common to every database object

Appears in:

ExtensionSpec
FDWSpec
SchemaSpec
ServerSpec

Field	Description	Required	Default	Validation
name _string_	Name of the object (extension, schema, FDW, server)	True
ensure _ EnsureOption _	Specifies whether an object (e.g schema) should be present or absent　in the database. If set to present, the object will be created if　it does not exist. If set to absent, the extension/schema will be　removed if it exists.		present	Enum: [present absent]

DatabaseObjectStatus

DatabaseObjectStatus is the status of the managed database objects

Appears in:

DatabaseStatus

Field	Description	Required
name _string_	The name of the object	True
applied _boolean_	True of the object has been installed successfully in　the database	True
message _string_	Message is the object reconciliation message

DatabaseReclaimPolicy

Underlying type: string

DatabaseReclaimPolicy describes a policy for end-of-life maintenance of databases.

Appears in:

DatabaseSpec

Field	Description
delete	DatabaseReclaimDelete means the database will be deleted from its PostgreSQL Cluster on release　from its claim.
retain	DatabaseReclaimRetain means the database will be left in its current phase for manual　reclamation by the administrator. The default policy is Retain.

DatabaseRoleRef

DatabaseRoleRef is a reference an a role available inside PostgreSQL

Appears in:

TablespaceConfiguration

Field	Description	Required	Default	Validation
name _string_

DatabaseSpec

DatabaseSpec is the specification of a Postgresql Database, built around the CREATE DATABASE , ALTER DATABASE , and DROP DATABASE SQL commands of PostgreSQL.

Appears in:

Configure the application database

Field	Description	Required	Default	Validation
cluster _ LocalObjectReference _	The name of the PostgreSQL cluster hosting the database.	True
ensure _ EnsureOption _	Ensure the PostgreSQL database is present or absent - defaults to "present".		present	Enum: [present absent]
name _string_	The name of the database to create inside PostgreSQL. This setting cannot be changed.	True
owner _string_	Maps to the OWNER parameter of CREATE DATABASE.　Maps to the OWNER TO command of ALTER DATABASE.　The role name of the user who owns the database inside PostgreSQL.	True
template _string_	Maps to the TEMPLATE parameter of CREATE DATABASE. This setting　cannot be changed. The name of the template from which to create　this database.
encoding _string_	Maps to the ENCODING parameter of CREATE DATABASE. This setting　cannot be changed. Character set encoding to use in the database.
locale _string_	Maps to the LOCALE parameter of CREATE DATABASE. This setting　cannot be changed. Sets the default collation order and character　classification in the new database.
localeProvider _string_	Maps to the LOCALE_PROVIDER parameter of CREATE DATABASE. This　setting cannot be changed. This option sets the locale provider for　databases created in the new cluster. Available from PostgreSQL 16.
localeCollate _string_	Maps to the LC_COLLATE parameter of CREATE DATABASE. This　setting cannot be changed.
localeCType _string_	Maps to the LC_CTYPE parameter of CREATE DATABASE. This setting　cannot be changed.
icuLocale _string_	Maps to the ICU_LOCALE parameter of CREATE DATABASE. This　setting cannot be changed. Specifies the ICU locale when the ICU　provider is used. This option requires localeProvider to be set to　icu. Available from PostgreSQL 15.
icuRules _string_	Maps to the ICU_RULES parameter of CREATE DATABASE. This setting　cannot be changed. Specifies additional collation rules to customize　the behavior of the default collation. This option requires　localeProvider to be set to icu. Available from PostgreSQL 16.
builtinLocale _string_	Maps to the BUILTIN_LOCALE parameter of CREATE DATABASE. This　setting cannot be changed. Specifies the locale name when the　builtin provider is used. This option requires localeProvider to　be set to builtin. Available from PostgreSQL 17.
collationVersion _string_	Maps to the COLLATION_VERSION parameter of CREATE DATABASE. This　setting cannot be changed.
isTemplate _boolean_	Maps to the IS_TEMPLATE parameter of CREATE DATABASE and ALTER　DATABASE. If true, this database is considered a template and can　be cloned by any user with CREATEDB privileges.
allowConnections _boolean_	Maps to the ALLOW_CONNECTIONS parameter of CREATE DATABASE and　ALTER DATABASE. If false then no one can connect to this database.
connectionLimit _integer_	Maps to the CONNECTION LIMIT clause of CREATE DATABASE and　ALTER DATABASE. How many concurrent connections can be made to　this database. -1 (the default) means no limit.
tablespace _string_	Maps to the TABLESPACE parameter of CREATE DATABASE.　Maps to the SET TABLESPACE command of ALTER DATABASE.　The name of the tablespace (in PostgreSQL) that will be associated　with the new database. This tablespace will be the default　tablespace used for objects created in this database.
databaseReclaimPolicy _ DatabaseReclaimPolicy _	The policy for end-of-life maintenance of this database.		retain	Enum: [delete retain]
schemas _ SchemaSpec array_	The list of schemas to be managed in the database
extensions _ ExtensionSpec array_	The list of extensions to be managed in the database
fdws _ FDWSpec array_	The list of foreign data wrappers to be managed in the database
servers _ ServerSpec array_	The list of foreign servers to be managed in the database

DatabaseStatus

DatabaseStatus defines the observed state of Database

Appears in:

Configure the application database

Field	Description	Required	Default	Validation
observedGeneration _integer_	A sequence number representing the latest　desired state that was synchronized
applied _boolean_	Applied is true if the database was reconciled correctly
message _string_	Message is the reconciliation output message
schemas _ DatabaseObjectStatus array_	Schemas is the status of the managed schemas
extensions _ DatabaseObjectStatus array_	Extensions is the status of the managed extensions
fdws _ DatabaseObjectStatus array_	FDWs is the status of the managed FDWs
servers _ DatabaseObjectStatus array_	Servers is the status of the managed servers

EmbeddedObjectMetadata

EmbeddedObjectMetadata contains metadata to be inherited by all resources related to a Cluster

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
labels _object (keys:string, values:string)_
annotations _object (keys:string, values:string)_

EnsureOption

Underlying type: string

EnsureOption represents whether we should enforce the presence or absence of a Role in a PostgreSQL instance

Appears in:

DatabaseObjectSpec
DatabaseSpec
ExtensionSpec
FDWSpec
OptionSpec
RoleConfiguration
SchemaSpec
ServerSpec

Field	Description
present
absent

EphemeralVolumesSizeLimitConfiguration

EphemeralVolumesSizeLimitConfiguration contains the configuration of the ephemeral storage

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
shm _ Quantity _	Shm is the size limit of the shared memory volume
temporaryData _ Quantity _	TemporaryData is the size limit of the temporary data volume

ExtensionConfiguration

ExtensionConfiguration is the configuration used to add PostgreSQL extensions to the Cluster.

Appears in:

PostgresConfiguration

Field	Description	Required	Validation
name _string_	The name of the extension, required	True	MinLength: 1 　Pattern: ^ :ref:`a-z0-9 <[-a-z0-9]*[a-z0-9]> ?$`
image _ ImageVolumeSource _	The image containing the extension, required	True
extension_control_path _string array_	The list of directories inside the image which should be added to extension_control_path.　If not defined, defaults to "/share".
dynamic_library_path _string array_	The list of directories inside the image which should be added to dynamic_library_path.　If not defined, defaults to "/lib".
ld_library_path _string array_	The list of directories inside the image which should be added to ld_library_path.

ExtensionSpec

ExtensionSpec configures an extension in a database

Appears in:

DatabaseSpec

Field	Description	Required	Default	Validation
name _string_	Name of the object (extension, schema, FDW, server)	True
ensure _ EnsureOption _	Specifies whether an object (e.g schema) should be present or absent　in the database. If set to present, the object will be created if　it does not exist. If set to absent, the extension/schema will be　removed if it exists.		present	Enum: [present absent]
version _string_	The version of the extension to install. If empty, the operator will　install the default version (whatever is specified in the　extension's control file)	True
schema _string_	The name of the schema in which to install the extension's objects,　in case the extension allows its contents to be relocated. If not　specified (default), and the extension's control file does not　specify a schema either, the current default object creation schema　is used.	True

ExternalCluster

ExternalCluster represents the connection parameters to an external cluster which is used in the other sections of the configuration

Appears in:

ClusterSpec

Field	Description	Required
name _string_	The server name, required	True
connectionParameters _object (keys:string, values:string)_	The list of connection parameters, such as dbname, host, username, etc
sslCert _ SecretKeySelector _	The reference to an SSL certificate to be used to connect to this　instance
sslKey _ SecretKeySelector _	The reference to an SSL private key to be used to connect to this　instance
sslRootCert _ SecretKeySelector _	The reference to an SSL CA public key to be used to connect to this　instance
password _ SecretKeySelector _	The reference to the password to be used to connect to the server.　If a password is provided, CloudNativePG creates a PostgreSQL　passfile at /controller/external/NAME/pass (where "NAME" is the　cluster's name). This passfile is automatically referenced in the　connection string when establishing a connection to the remote　PostgreSQL server from the current PostgreSQL Cluster. This ensures　secure and efficient password management for external clusters.
barmanObjectStore _ BarmanObjectStoreConfiguration _	The configuration for the barman-cloud tool suite
plugin _ BackupPluginConfiguration _	The configuration of the plugin that is taking care　of WAL archiving and backups for this external cluster	True

FDWSpec

FDWSpec configures an Foreign Data Wrapper in a database

Appears in:

DatabaseSpec

Field	Description	Required	Default	Validation
name _string_	Name of the object (extension, schema, FDW, server)	True
ensure _ EnsureOption _	Specifies whether an object (e.g schema) should be present or absent　in the database. If set to present, the object will be created if　it does not exist. If set to absent, the extension/schema will be　removed if it exists.		present	Enum: [present absent]
handler _string_	Name of the handler function (e.g., "postgres_fdw_handler").　This will be empty if no handler is specified. In that case,　the default handler is registered when the FDW extension is created.
validator _string_	Name of the validator function (e.g., "postgres_fdw_validator").　This will be empty if no validator is specified. In that case,　the default validator is registered when the FDW extension is created.
owner _string_	Owner specifies the database role that will own the Foreign Data Wrapper.　The role must have superuser privileges in the target database.
options _ OptionSpec array_	Options specifies the configuration options for the FDW.
usage _ UsageSpec array_	List of roles for which USAGE privileges on the FDW are granted or revoked.

FailoverQuorum

FailoverQuorum contains the information about the current failover quorum status of a PG cluster. It is updated by the instance manager of the primary node and reset to zero by the operator to trigger an update.

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	FailoverQuorum	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
status _ FailoverQuorumStatus _	Most recently observed status of the failover quorum.

FailoverQuorumStatus

FailoverQuorumStatus is the latest observed status of the failover quorum of the PG cluster.

Appears in:

FailoverQuorum

Field	Description	Required	Default	Validation
method _string_	Contains the latest reported Method value.
standbyNames _string array_	StandbyNames is the list of potentially synchronous　instance names.
standbyNumber _integer_	StandbyNumber is the number of synchronous standbys that transactions　need to wait for replies from.
primary _string_	Primary is the name of the primary instance that updated　this object the latest time.

ImageCatalog

ImageCatalog is the Schema for the imagecatalogs API

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	ImageCatalog	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ ImageCatalogSpec _	Specification of the desired behavior of the ImageCatalog.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status	True

ImageCatalogRef

ImageCatalogRef defines the reference to a major version in an ImageCatalog

Appears in:

ClusterSpec

Field	Description	Required
apiGroup _string_	APIGroup is the group for the resource being referenced.　If APIGroup is not specified, the specified Kind must be in the core API group.　For any other third-party types, APIGroup is required.
kind _string_	Kind is the type of resource being referenced	True
name _string_	Name is the name of resource being referenced	True
major _integer_	The major version of PostgreSQL we want to use from the ImageCatalog	True

ImageCatalogSpec

ImageCatalogSpec defines the desired ImageCatalog

Appears in:

ClusterImageCatalog
ClusterImageCatalog

Field	Description	Required	Default	Validation
images _ CatalogImage array_	List of CatalogImages available in the catalog	True		MaxItems: 8 　MinItems: 1

ImageInfo

ImageInfo contains the information about a PostgreSQL image

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
image _string_	Image is the image name	True
majorVersion _integer_	MajorVersion is the major version of the image	True

Import

Import contains the configuration to init a database from a logic snapshot of an externalCluster

Appears in:

BootstrapInitDB

Field	Description	Required	Validation
source _ ImportSource _	The source of the import	True
type _ SnapshotType _	The import type. Can be microservice or monolith.	True	Enum: [microservice monolith]
databases _string array_	The databases to import	True
roles _string array_	The roles to import
postImportApplicationSQL _string array_	List of SQL queries to be executed as a superuser in the application　database right after is imported - to be used with extreme care　(by default empty). Only available in microservice type.
schemaOnly _boolean_	When set to true, only the pre-data and post-data sections of　pg_restore are invoked, avoiding data import. Default: false.
pgDumpExtraOptions _string array_	List of custom options to pass to the pg_dump command.　IMPORTANT: Use with caution. The operator does not validate these options,　and certain flags may interfere with its intended functionality or design.　You are responsible for ensuring that the provided options are compatible　with your environment and desired behavior.
pgRestoreExtraOptions _string array_	List of custom options to pass to the pg_restore command.　IMPORTANT: Use with caution. The operator does not validate these options,　and certain flags may interfere with its intended functionality or design.　You are responsible for ensuring that the provided options are compatible　with your environment and desired behavior.
pgRestorePredataOptions _string array_	Custom options to pass to the pg_restore command during the pre-data　section. This setting overrides the generic pgRestoreExtraOptions value.　IMPORTANT: Use with caution. The operator does not validate these options,　and certain flags may interfere with its intended functionality or design.　You are responsible for ensuring that the provided options are compatible　with your environment and desired behavior.
pgRestoreDataOptions _string array_	Custom options to pass to the pg_restore command during the data　section. This setting overrides the generic pgRestoreExtraOptions value.　IMPORTANT: Use with caution. The operator does not validate these options,　and certain flags may interfere with its intended functionality or design.　You are responsible for ensuring that the provided options are compatible　with your environment and desired behavior.
pgRestorePostdataOptions _string array_	Custom options to pass to the pg_restore command during the post-data　section. This setting overrides the generic pgRestoreExtraOptions value.　IMPORTANT: Use with caution. The operator does not validate these options,　and certain flags may interfere with its intended functionality or design.　You are responsible for ensuring that the provided options are compatible　with your environment and desired behavior.

ImportSource

ImportSource describes the source for the logical snapshot

Appears in:

Import

Field	Description	Required	Default	Validation
externalCluster _string_	The name of the externalCluster used for import	True

InstanceID

InstanceID contains the information to identify an instance

Appears in:

BackupStatus

Field	Description	Required	Default	Validation
podName _string_	The pod name
ContainerID _string_	The container ID

InstanceReportedState

InstanceReportedState describes the last reported state of an instance during a reconciliation loop

Appears in:

ClusterStatus

Field	Description	Required
isPrimary _boolean_	indicates if an instance is the primary one	True
timeLineID _integer_	indicates on which TimelineId the instance is
ip _string_	IP address of the instance	True

IsolationCheckConfiguration

IsolationCheckConfiguration contains the configuration for the isolation check functionality in the liveness probe

Appears in:

LivenessProbe

Field	Description	Default
enabled _boolean_	Whether primary isolation checking is enabled for the liveness probe	true
requestTimeout _integer_	Timeout in milliseconds for requests during the primary isolation check	1000
connectionTimeout _integer_	Timeout in milliseconds for connections during the primary isolation check	1000

LDAPBindAsAuth

LDAPBindAsAuth provides the required fields to use the bind authentication for LDAP

Appears in:

LDAPConfig

Field	Description	Required	Default	Validation
prefix _string_	Prefix for the bind authentication option
suffix _string_	Suffix for the bind authentication option

LDAPBindSearchAuth

LDAPBindSearchAuth provides the required fields to use the bind+search LDAP authentication process

Appears in:

LDAPConfig

Field	Description	Required	Default	Validation
baseDN _string_	Root DN to begin the user search
bindDN _string_	DN of the user to bind to the directory
bindPassword _ SecretKeySelector _	Secret with the password for the user to bind to the directory
searchAttribute _string_	Attribute to match against the username
searchFilter _string_	Search filter to use when doing the search+bind authentication

LDAPConfig

LDAPConfig contains the parameters needed for LDAP authentication

Appears in:

PostgresConfiguration

Field	Description	Validation
server _string_	LDAP hostname or IP address
port _integer_	LDAP server port
scheme _ LDAPScheme _	LDAP schema to be used, possible options are ldap and ldaps	Enum: [ldap ldaps]
bindAsAuth _ LDAPBindAsAuth _	Bind as authentication configuration
bindSearchAuth _ LDAPBindSearchAuth _	Bind+Search authentication configuration
tls _boolean_	Set to 'true' to enable LDAP over TLS. 'false' is default

LDAPScheme

Underlying type: string

LDAPScheme defines the possible schemes for LDAP

Appears in:

LDAPConfig

Field	Description
ldap
ldaps

LivenessProbe

LivenessProbe is the configuration of the liveness probe

Appears in:

ProbesConfiguration

Field	Description	Required	Default	Validation
initialDelaySeconds _integer_	Number of seconds after the container has started before liveness probes are initiated.　More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
timeoutSeconds _integer_	Number of seconds after which the probe times out.　Defaults to 1 second. Minimum value is 1.　More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
periodSeconds _integer_	How often (in seconds) to perform the probe.　Default to 10 seconds. Minimum value is 1.
successThreshold _integer_	Minimum consecutive successes for the probe to be considered successful after having failed.　Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
failureThreshold _integer_	Minimum consecutive failures for the probe to be considered failed after having succeeded.　Defaults to 3. Minimum value is 1.
terminationGracePeriodSeconds _integer_	Optional duration in seconds the pod needs to terminate gracefully upon probe failure.　The grace period is the duration in seconds after the processes running in the pod are sent　a termination signal and the time when the processes are forcibly halted with a kill signal.　Set this value longer than the expected cleanup time for your process.　If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this　value overrides the value provided by the pod spec.　Value must be non-negative integer. The value zero indicates stop immediately via　the kill signal (no opportunity to shut down).　This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.　Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
isolationCheck _ IsolationCheckConfiguration _	Configure the feature that extends the liveness probe for a primary　instance. In addition to the basic checks, this verifies whether the　primary is isolated from the Kubernetes API server and from its　replicas, ensuring that it can be safely shut down if network　partition or API unavailability is detected. Enabled by default.

ManagedConfiguration

ManagedConfiguration represents the portions of PostgreSQL that are managed by the instance manager

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
roles _ RoleConfiguration array_	Database roles managed by the Cluster
services _ ManagedServices _	Services roles managed by the Cluster

ManagedRoles

ManagedRoles tracks the status of a cluster’s managed roles

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
byStatus _object (keys: RoleStatus , values:string array)_	ByStatus gives the list of roles in each state
cannotReconcile _object (keys:string, values:string array)_	CannotReconcile lists roles that cannot be reconciled in PostgreSQL,　with an explanation of the cause
passwordStatus _object (keys:string, values: PasswordState )_	PasswordStatus gives the last transaction id and password secret version for each managed role

ManagedService

ManagedService represents a specific service managed by the cluster. It includes the type of service and its associated template specification.

Appears in:

ManagedServices

Field	Description	Required	Default	Validation
selectorType _ ServiceSelectorType _	SelectorType specifies the type of selectors that the service will have.　Valid values are "rw", "r", and "ro", representing read-write, read, and read-only services.	True		Enum: [rw r ro]
updateStrategy _ ServiceUpdateStrategy _	UpdateStrategy describes how the service differences should be reconciled		patch	Enum: [patch replace]
serviceTemplate _ ServiceTemplateSpec _	ServiceTemplate is the template specification for the service.	True

ManagedServices

ManagedServices represents the services managed by the cluster.

Appears in:

ManagedConfiguration

Field	Description	Required	Default	Validation
disabledDefaultServices _ ServiceSelectorType array_	DisabledDefaultServices is a list of service types that are disabled by default.　Valid values are "r", and "ro", representing read, and read-only services.			Enum: [rw r ro]
additional _ ManagedService array_	Additional is a list of additional managed services specified by the user.

Metadata

Metadata is a structure similar to the metav1.ObjectMeta, but still parseable by controller-gen to create a suitable CRD for the user. The comment of PodTemplateSpec has an explanation of why we are not using the core data types.

Appears in:

PodTemplateSpec
ServiceAccountTemplate
ServiceTemplateSpec

Field	Description	Required	Default	Validation
name _string_	The name of the resource. Only supported for certain types
labels _object (keys:string, values:string)_	Map of string keys and values that can be used to organize and categorize　(scope and select) objects. May match selectors of replication controllers　and services.　More info: http://kubernetes.io/docs/user-guide/labels
annotations _object (keys:string, values:string)_	Annotations is an unstructured key value map stored with a resource that may be　set by external tools to store and retrieve arbitrary metadata. They are not　queryable and should be preserved when modifying objects.　More info: http://kubernetes.io/docs/user-guide/annotations

MonitoringConfiguration

MonitoringConfiguration is the type containing all the monitoring configuration for a certain cluster

Appears in:

ClusterSpec

Field	Description	Default
disableDefaultQueries _boolean_	Whether the default queries should be injected.　Set it to true if you don't want to inject default queries into the cluster.　Default: false.	false
customQueriesConfigMap _ ConfigMapKeySelector array_	The list of config maps containing the custom queries
customQueriesSecret _ SecretKeySelector array_	The list of secrets containing the custom queries
enablePodMonitor _boolean_	Enable or disable the PodMonitor　Deprecated: This feature will be removed in an upcoming release. If　you need this functionality, you can create a PodMonitor manually.	false
tls _ ClusterMonitoringTLSConfiguration _	Configure TLS communication for the metrics endpoint.　Changing tls.enabled option will force a rollout of all instances.
podMonitorMetricRelabelings _ archive_timeout array_	The list of metric relabelings for the PodMonitor. Applied to samples before ingestion.　Deprecated: This feature will be removed in an upcoming release. If　you need this functionality, you can create a PodMonitor manually.
podMonitorRelabelings _ archive_timeout array_	The list of relabelings for the PodMonitor. Applied to samples before scraping.　Deprecated: This feature will be removed in an upcoming release. If　you need this functionality, you can create a PodMonitor manually.
metricsQueriesTTL _ Duration _	The interval during which metrics computed from queries are considered current.　Once it is exceeded, a new scrape will trigger a rerun　of the queries.　If not set, defaults to 30 seconds, in line with Prometheus scraping defaults.　Setting this to zero disables the caching mechanism and can cause heavy load on the PostgreSQL server.

NodeMaintenanceWindow

NodeMaintenanceWindow contains information that the operator will use while upgrading the underlying node.

This option is only useful when the chosen storage prevents the Pods from being freely moved across nodes.

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
reusePVC _boolean_	Reuse the existing PVC (wait for the node to come　up again) or not (recreate it elsewhere - when instances >1)		true
inProgress _boolean_	Is there a node maintenance activity in progress?		false

OnlineConfiguration

OnlineConfiguration contains the configuration parameters for the online volume snapshot

Appears in:

BackupSpec
ScheduledBackupSpec
VolumeSnapshotConfiguration

Field	Description	Required	Default	Validation
waitForArchive _boolean_	If false, the function will return immediately after the backup is completed,　without waiting for WAL to be archived.　This behavior is only useful with backup software that independently monitors WAL archiving.　Otherwise, WAL required to make the backup consistent might be missing and make the backup useless.　By default, or when this parameter is true, pg_backup_stop will wait for WAL to be archived when archiving is　enabled.　On a standby, this means that it will wait only when archive_mode = always.　If write activity on the primary is low, it may be useful to run pg_switch_wal on the primary in order to trigger　an immediate segment switch.		true
immediateCheckpoint _boolean_	Control whether the I/O workload for the backup initial checkpoint will　be limited, according to the checkpoint_completion_target setting on　the PostgreSQL server. If set to true, an immediate checkpoint will be　used, meaning PostgreSQL will complete the checkpoint as soon as　possible. false by default.

OptionSpec

OptionSpec holds the name, value and the ensure field for an option

Appears in:

FDWSpec
ServerSpec

Field	Description	Required	Default	Validation
name _string_	Name of the option	True
value _string_	Value of the option	True
ensure _ EnsureOption _	Specifies whether an option should be present or absent in　the database. If set to present, the option will be　created if it does not exist. If set to absent, the　option will be removed if it exists.		present	Enum: [present absent]

PasswordState

PasswordState represents the state of the password of a managed RoleConfiguration

Appears in:

ManagedRoles

Field	Description	Required	Default	Validation
transactionID _integer_	the last transaction ID to affect the role definition in PostgreSQL
resourceVersion _string_	the resource version of the password secret

PgBouncerIntegrationStatus

PgBouncerIntegrationStatus encapsulates the needed integration for the pgbouncer poolers referencing the cluster

Appears in:

PoolerIntegrations

Field	Description	Required	Default	Validation
secrets _string array_

PgBouncerPoolMode

Underlying type: string

PgBouncerPoolMode is the mode of PgBouncer

Validation:

Enum: [session transaction]

Appears in:

PgBouncerSpec

PgBouncerSecrets

PgBouncerSecrets contains the versions of the secrets used by pgbouncer

Appears in:

PoolerSecrets

Field	Description	Required	Default	Validation
authQuery _ SecretVersion _	The auth query secret version

PgBouncerSpec

PgBouncerSpec defines how to configure PgBouncer

Appears in:

PoolerSpec

Field	Description	Default	Validation
poolMode _ PgBouncerPoolMode _	The pool mode. Default: session.	session	Enum: [session transaction]
serverTLSSecret _ LocalObjectReference _	ServerTLSSecret, when pointing to a TLS secret, provides pgbouncer's　server_tls_key_file and server_tls_cert_file, used when　authenticating against PostgreSQL.
serverCASecret _ LocalObjectReference _	ServerCASecret provides PgBouncer’s server_tls_ca_file, the root　CA for validating PostgreSQL certificates
clientCASecret _ LocalObjectReference _	ClientCASecret provides PgBouncer’s client_tls_ca_file, the root　CA for validating client certificates
clientTLSSecret _ LocalObjectReference _	ClientTLSSecret provides PgBouncer’s client_tls_key_file (private key)　and client_tls_cert_file (certificate) used to accept client connections
authQuerySecret _ LocalObjectReference _	The credentials of the user that need to be used for the authentication　query. In case it is specified, also an AuthQuery　(e.g. "SELECT usename, passwd FROM pg_catalog.pg_shadow WHERE usename=$1")　has to be specified and no automatic CNPG Cluster integration will be triggered.　Deprecated.
authQuery _string_	The query that will be used to download the hash of the password　of a certain user. Default: "SELECT usename, passwd FROM public.user_search($1)".　In case it is specified, also an AuthQuerySecret has to be specified and　no automatic CNPG Cluster integration will be triggered.
parameters _object (keys:string, values:string)_	Additional parameters to be passed to PgBouncer - please check　the CNPG documentation for a list of options you can configure
pg_hba _string array_	PostgreSQL Host Based Authentication rules (lines to be appended　to the pg_hba.conf file)
paused _boolean_	When set to true, PgBouncer will disconnect from the PostgreSQL　server, first waiting for all queries to complete, and pause all new　client connections until this value is set to false (default). Internally,　the operator calls PgBouncer's PAUSE and RESUME commands.	false

PluginConfiguration

PluginConfiguration specifies a plugin that need to be loaded for this cluster to be reconciled

Appears in:

ClusterSpec
The `externalClusters section <The externalClusters section>`

Field	Description	Required	Default
name _string_	Name is the plugin name	True
enabled _boolean_	Enabled is true if this plugin will be used		true
isWALArchiver _boolean_	Marks the plugin as the WAL archiver. At most one plugin can be　designated as a WAL archiver. This cannot be enabled if the　.spec.backup.barmanObjectStore configuration is present.		false
parameters _object (keys:string, values:string)_	Parameters is the configuration of the plugin

PluginStatus

PluginStatus is the status of a loaded plugin

Appears in:

ClusterStatus

Field	Description	Required
name _string_	Name is the name of the plugin	True
version _string_	Version is the version of the plugin loaded by the　latest reconciliation loop	True
capabilities _string array_	Capabilities are the list of capabilities of the　plugin
operatorCapabilities _string array_	OperatorCapabilities are the list of capabilities of the　plugin regarding the reconciler
walCapabilities _string array_	WALCapabilities are the list of capabilities of the　plugin regarding the WAL management
backupCapabilities _string array_	BackupCapabilities are the list of capabilities of the　plugin regarding the Backup management
restoreJobHookCapabilities _string array_	RestoreJobHookCapabilities are the list of capabilities of the　plugin regarding the RestoreJobHook management
status _string_	Status contain the status reported by the plugin through the SetStatusInCluster interface

PodName

Underlying type: string

PodName is the name of a Pod

Appears in:

ClusterStatus
PodTopologyLabels

PodStatus

Underlying type: string

PodStatus represent the possible status of pods

Appears in:

ClusterStatus

PodTemplateSpec

PodTemplateSpec is a structure allowing the user to set a template for Pod generation.

Unfortunately we can’t use the corev1.PodTemplateSpec type because the generated CRD won’t have the field for the metadata section.

References: https://github.com/kubernetes-sigs/controller-tools/issues/385 https://github.com/kubernetes-sigs/controller-tools/issues/448 https://github.com/prometheus-operator/prometheus-operator/issues/3041

Appears in:

PoolerSpec

Field	Description	Required	Default	Validation
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.
spec _ PodSpec _	Specification of the desired behavior of the pod.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

PodTopologyLabels

Underlying type: object

PodTopologyLabels represent the topology of a Pod. map[labelName]labelValue

Appears in:

PodTopologyLabels

Pooler

Pooler is the Schema for the poolers API

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	Pooler	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ PoolerSpec _	Specification of the desired behavior of the Pooler.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status	True
status _ PoolerStatus _	Most recently observed status of the Pooler. This data may not be up to　date. Populated by the system. Read-only.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

PoolerIntegrations

PoolerIntegrations encapsulates the needed integration for the poolers referencing the cluster

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
pgBouncerIntegration _ PgBouncerIntegrationStatus _

PoolerMonitoringConfiguration

PoolerMonitoringConfiguration is the type containing all the monitoring configuration for a certain Pooler.

Mirrors the Cluster’s MonitoringConfiguration but without the custom queries part for now.

Appears in:

PoolerSpec

Field	Description	Default
enablePodMonitor _boolean_	Enable or disable the PodMonitor	false
podMonitorMetricRelabelings _ archive_timeout array_	The list of metric relabelings for the PodMonitor. Applied to samples before ingestion.
podMonitorRelabelings _ archive_timeout array_	The list of relabelings for the PodMonitor. Applied to samples before scraping.

PoolerSecrets

PoolerSecrets contains the versions of all the secrets used

Appears in:

PoolerStatus

Field	Description	Required	Default	Validation
clientTLS _ SecretVersion _	The client TLS secret version
serverTLS _ SecretVersion _	The server TLS secret version
serverCA _ SecretVersion _	The server CA secret version
clientCA _ SecretVersion _	The client CA secret version
pgBouncerSecrets _ PgBouncerSecrets _	The version of the secrets used by PgBouncer

PoolerSpec

PoolerSpec defines the desired state of Pooler

Appears in:

Pooler

Field	Description	Required	Default	Validation
cluster _ LocalObjectReference _	This is the cluster reference on which the Pooler will work.　Pooler name should never match with any cluster name within the same namespace.	True
type _ PoolerType _	Type of service to forward traffic to. Default: rw.		rw	Enum: [rw ro r]
instances _integer_	The number of replicas we want. Default: 1.		1
template _ PodTemplateSpec _	The template of the Pod to be created
pgbouncer _ PgBouncerSpec _	The PgBouncer configuration	True
deploymentStrategy _ DeploymentStrategy _	The deployment strategy to use for pgbouncer to replace existing pods with new ones
monitoring _ PoolerMonitoringConfiguration _	The configuration of the monitoring infrastructure of this pooler.　Deprecated: This feature will be removed in an upcoming release. If　you need this functionality, you can create a PodMonitor manually.
serviceTemplate _ ServiceTemplateSpec _	Template for the Service to be created

PoolerStatus

PoolerStatus defines the observed state of Pooler

Appears in:

Pooler

Field	Description	Required	Default	Validation
secrets _ PoolerSecrets _	The resource version of the config object
instances _integer_	The number of pods trying to be scheduled

PoolerType

Underlying type: string

PoolerType is the type of the connection pool, meaning the service we are targeting. Allowed values are rw and ro .

Validation:

Enum: [rw ro r]

Appears in:

PoolerSpec

PostgresConfiguration

PostgresConfiguration defines the PostgreSQL configuration

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
parameters _object (keys:string, values:string)_	PostgreSQL configuration options (postgresql.conf)
synchronous _ SynchronousReplicaConfiguration _	Configuration of the PostgreSQL synchronous replication feature
pg_hba _string array_	PostgreSQL Host Based Authentication rules (lines to be appended　to the pg_hba.conf file)
pg_ident _string array_	PostgreSQL User Name Maps rules (lines to be appended　to the pg_ident.conf file)
syncReplicaElectionConstraint _ SyncReplicaElectionConstraints _	Requirements to be met by sync replicas. This will affect how the "synchronous_standby_names" parameter will be　set up.
shared_preload_libraries _string array_	Lists of shared preload libraries to add to the default ones
ldap _ LDAPConfig _	Options to specify LDAP configuration
promotionTimeout _integer_	Specifies the maximum number of seconds to wait when promoting an instance to primary.　Default value is 40000000, greater than one year in seconds,　big enough to simulate an infinite timeout
enableAlterSystem _boolean_	If this parameter is true, the user will be able to invoke ALTER SYSTEM　on this CloudNativePG Cluster.　This should only be used for debugging and troubleshooting.　Defaults to false.
extensions _ ExtensionConfiguration array_	The configuration of the extensions to be added

PrimaryUpdateMethod

Underlying type: string

PrimaryUpdateMethod contains the method to use when upgrading the primary server of the cluster as part of rolling updates

Appears in:

ClusterSpec

Field	Description
switchover	PrimaryUpdateMethodSwitchover means that the operator will switchover to another updated　replica when it needs to upgrade the primary instance.　Note: when using this method, the operator will reject updates that change both　the image name and PostgreSQL configuration parameters simultaneously to avoid　configuration mismatches during the switchover process.
restart	PrimaryUpdateMethodRestart means that the operator will restart the primary instance in-place　when it needs to upgrade it

PrimaryUpdateStrategy

Underlying type: string

PrimaryUpdateStrategy contains the strategy to follow when upgrading the primary server of the cluster as part of rolling updates

Appears in:

ClusterSpec

Field	Description
supervised	PrimaryUpdateStrategySupervised means that the operator need to wait for the　user to manually issue a switchover request before updating the primary　server (supervised)
unsupervised	PrimaryUpdateStrategyUnsupervised means that the operator will proceed with the　selected PrimaryUpdateMethod to another updated replica and then automatically update　the primary server (unsupervised, default)

Probe

Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.

Appears in:

LivenessProbe
ProbeWithStrategy

Field	Description	Required	Default	Validation
initialDelaySeconds _integer_	Number of seconds after the container has started before liveness probes are initiated.　More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
timeoutSeconds _integer_	Number of seconds after which the probe times out.　Defaults to 1 second. Minimum value is 1.　More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
periodSeconds _integer_	How often (in seconds) to perform the probe.　Default to 10 seconds. Minimum value is 1.
successThreshold _integer_	Minimum consecutive successes for the probe to be considered successful after having failed.　Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
failureThreshold _integer_	Minimum consecutive failures for the probe to be considered failed after having succeeded.　Defaults to 3. Minimum value is 1.
terminationGracePeriodSeconds _integer_	Optional duration in seconds the pod needs to terminate gracefully upon probe failure.　The grace period is the duration in seconds after the processes running in the pod are sent　a termination signal and the time when the processes are forcibly halted with a kill signal.　Set this value longer than the expected cleanup time for your process.　If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this　value overrides the value provided by the pod spec.　Value must be non-negative integer. The value zero indicates stop immediately via　the kill signal (no opportunity to shut down).　This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.　Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

ProbeStrategyType

Underlying type: string

ProbeStrategyType is the type of the strategy used to declare a PostgreSQL instance ready

Appears in:

ProbeWithStrategy

Field	Description
pg_isready	ProbeStrategyPgIsReady means that the pg_isready tool is used to determine　whether PostgreSQL is started up
streaming	ProbeStrategyStreaming means that pg_isready is positive and the replica is　connected via streaming replication to the current primary and the lag is, if specified,　within the limit.
query	ProbeStrategyQuery means that the server is able to connect to the superuser database　and able to execute a simple query like "-- ping"

ProbeWithStrategy

ProbeWithStrategy is the configuration of the startup probe

Appears in:

ProbesConfiguration

Field	Description	Validation
initialDelaySeconds _integer_	Number of seconds after the container has started before liveness probes are initiated.　More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
timeoutSeconds _integer_	Number of seconds after which the probe times out.　Defaults to 1 second. Minimum value is 1.　More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
periodSeconds _integer_	How often (in seconds) to perform the probe.　Default to 10 seconds. Minimum value is 1.
successThreshold _integer_	Minimum consecutive successes for the probe to be considered successful after having failed.　Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
failureThreshold _integer_	Minimum consecutive failures for the probe to be considered failed after having succeeded.　Defaults to 3. Minimum value is 1.
terminationGracePeriodSeconds _integer_	Optional duration in seconds the pod needs to terminate gracefully upon probe failure.　The grace period is the duration in seconds after the processes running in the pod are sent　a termination signal and the time when the processes are forcibly halted with a kill signal.　Set this value longer than the expected cleanup time for your process.　If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this　value overrides the value provided by the pod spec.　Value must be non-negative integer. The value zero indicates stop immediately via　the kill signal (no opportunity to shut down).　This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.　Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
type _ ProbeStrategyType _	The probe strategy	Enum: [pg_isready streaming query]
maximumLag _ Quantity _	Lag limit. Used only for streaming strategy

ProbesConfiguration

ProbesConfiguration represent the configuration for the probes to be injected in the PostgreSQL Pods

Appears in:

ClusterSpec

Field	Description	Required
startup _ ProbeWithStrategy _	The startup probe configuration	True
liveness _ LivenessProbe _	The liveness probe configuration	True
readiness _ ProbeWithStrategy _	The readiness probe configuration	True

Publication

Publication is the Schema for the publications API

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	Publication	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ PublicationSpec _		True
status _ PublicationStatus _		True

PublicationReclaimPolicy

Underlying type: string

PublicationReclaimPolicy defines a policy for end-of-life maintenance of Publications.

Appears in:

PublicationSpec

Field	Description
delete	PublicationReclaimDelete means the publication will be deleted from Kubernetes on release　from its claim.
retain	PublicationReclaimRetain means the publication will be left in its current phase for manual　reclamation by the administrator. The default policy is Retain.

PublicationSpec

PublicationSpec defines the desired state of Publication

Appears in:

Publication

Field	Description	Required	Default	Validation
cluster _ LocalObjectReference _	The name of the PostgreSQL cluster that identifies the "publisher"	True
name _string_	The name of the publication inside PostgreSQL	True
dbname _string_	The name of the database where the publication will be installed in　the "publisher" cluster	True
parameters _object (keys:string, values:string)_	Publication parameters part of the WITH clause as expected by　PostgreSQL CREATE PUBLICATION command
target _ PublicationTarget _	Target of the publication as expected by PostgreSQL CREATE PUBLICATION command	True
publicationReclaimPolicy _ PublicationReclaimPolicy _	The policy for end-of-life maintenance of this publication		retain	Enum: [delete retain]

PublicationStatus

PublicationStatus defines the observed state of Publication

Appears in:

Publication

Field	Description	Required	Default	Validation
observedGeneration _integer_	A sequence number representing the latest　desired state that was synchronized
applied _boolean_	Applied is true if the publication was reconciled correctly
message _string_	Message is the reconciliation output message

PublicationTarget

PublicationTarget is what this publication should publish

Appears in:

PublicationSpec

Field	Description	Required	Default	Validation
allTables _boolean_	Marks the publication as one that replicates changes for all tables　in the database, including tables created in the future.　Corresponding to FOR ALL TABLES in PostgreSQL.
objects _ PublicationTargetObject array_	Just the following schema objects			MaxItems: 100000

PublicationTargetObject

PublicationTargetObject is an object to publish

Appears in:

PublicationTarget

Field	Description	Required	Default	Validation
tablesInSchema _string_	Marks the publication as one that replicates changes for all tables　in the specified list of schemas, including tables created in the　future. Corresponding to FOR TABLES IN SCHEMA in PostgreSQL.
table _ PublicationTargetTable _	Specifies a list of tables to add to the publication. Corresponding　to FOR TABLE in PostgreSQL.

PublicationTargetTable

PublicationTargetTable is a table to publish

Appears in:

PublicationTargetObject

Field	Description	Required
only _boolean_	Whether to limit to the table only or include all its descendants
name _string_	The table name	True
schema _string_	The schema name
columns _string array_	The columns to publish

RecoveryTarget

RecoveryTarget allows to configure the moment where the recovery process will stop. All the target options except TargetTLI are mutually exclusive.

Appears in:

BootstrapRecovery

Field	Description	Required	Default	Validation
backupID _string_	The ID of the backup from which to start the recovery process.　If empty (default) the operator will automatically detect the backup　based on targetTime or targetLSN if specified. Otherwise use the　latest available backup in chronological order.
targetTLI _string_	The target timeline ("latest" or a positive integer)
targetXID _string_	The target transaction ID
targetName _string_	The target name (to be previously created　with pg_create_restore_point)
targetLSN _string_	The target LSN (Log Sequence Number)
targetTime _string_	The target time as a timestamp in the RFC3339 standard
targetImmediate _boolean_	End recovery as soon as a consistent state is reached
exclusive _boolean_	Set the target to be exclusive. If omitted, defaults to false, so that　in Postgres, recovery_target_inclusive will be true

ReplicaClusterConfiguration

ReplicaClusterConfiguration encapsulates the configuration of a replica cluster

Appears in:

ClusterSpec

Field	Description	Required	Validation
self _string_	Self defines the name of this cluster. It is used to determine if this is a primary　or a replica cluster, comparing it with primary
primary _string_	Primary defines which Cluster is defined to be the primary in the distributed PostgreSQL cluster, based on the　topology specified in externalClusters
source _string_	The name of the external cluster which is the replication origin	True	MinLength: 1
enabled _boolean_	If replica mode is enabled, this cluster will be a replica of an　existing cluster. Replica cluster can be created from a recovery　object store or via streaming through pg_basebackup.　Refer to the Replica clusters page of the documentation for more information.
promotionToken _string_	A demotion token generated by an external cluster used to　check if the promotion requirements are met.
minApplyDelay _ Duration _	When replica mode is enabled, this parameter allows you to replay　transactions only when the system time is at least the configured　time past the commit time. This provides an opportunity to correct　data loss errors. Note that when this parameter is set, a promotion　token cannot be used.

ReplicationSlotsConfiguration

ReplicationSlotsConfiguration encapsulates the configuration of replication slots

Appears in:

ClusterSpec

Field	Description	Default	Validation
highAvailability _ ReplicationSlotsHAConfiguration _	Replication slots for high availability configuration	{ enabled:true }
updateInterval _integer_	Standby will update the status of the local replication slots　every updateInterval seconds (default 30).	30	Minimum: 1
synchronizeReplicas _ SynchronizeReplicasConfiguration _	Configures the synchronization of the user defined physical replication slots

ReplicationSlotsHAConfiguration

ReplicationSlotsHAConfiguration encapsulates the configuration of the replication slots that are automatically managed by the operator to control the streaming replication connections with the standby instances for high availability (HA) purposes. Replication slots are a PostgreSQL feature that makes sure that PostgreSQL automatically keeps WAL files in the primary when a streaming client (in this specific case a replica that is part of the HA cluster) gets disconnected.

Appears in:

ReplicationSlotsConfiguration

Field	Description	Default	Validation
enabled _boolean_	If enabled (default), the operator will automatically manage replication slots　on the primary instance and use them in streaming replication　connections with all the standby instances that are part of the HA　cluster. If disabled, the operator will not take advantage　of replication slots in streaming connections with the replicas.　This feature also controls replication slots in replica cluster,　from the designated primary to its cascading replicas.	true
slotPrefix _string_	Prefix for replication slots managed by the operator for HA.　It may only contain lower case letters, numbers, and the underscore character.　This can only be set at creation time. By default set to _cnpg_.	_cnpg_	Pattern: ^[0-9a-z_]*$
synchronizeLogicalDecoding _boolean_	When enabled, the operator automatically manages synchronization of logical　decoding (replication) slots across high-availability clusters.　Requires one of the following conditions:　- PostgreSQL version 17 or later　- PostgreSQL version < 17 with pg_failover_slots extension enabled

RoleConfiguration

RoleConfiguration is the representation, in Kubernetes, of a PostgreSQL role with the additional field Ensure specifying whether to ensure the presence or absence of the role in the database

The defaults of the CREATE ROLE command are applied Reference: https://www.postgresql.org/docs/current/sql-createrole.html

Appears in:

ManagedConfiguration

Field	Description	Required	Default	Validation
name _string_	Name of the role	True
comment _string_	Description of the role
ensure _ EnsureOption _	Ensure the role is present or absent - defaults to "present"		present	Enum: [present absent]
passwordSecret _ LocalObjectReference _	Secret containing the password of the role (if present)　If null, the password will be ignored unless DisablePassword is set
connectionLimit _integer_	If the role can log in, this specifies how many concurrent　connections the role can make. -1 (the default) means no limit.		-1
validUntil _ Point-in-time recovery (PITR) from a backup _	Date and time after which the role's password is no longer valid.　When omitted, the password will never expire (default).
inRoles _string array_	List of one or more existing roles to which this role will be　immediately added as a new member. Default empty.
inherit _boolean_	Whether a role "inherits" the privileges of roles it is a member of.　Defaults is true.		true
disablePassword _boolean_	DisablePassword indicates that a role's password should be set to NULL in Postgres
superuser _boolean_	Whether the role is a superuser who can override all access　restrictions within the database - superuser status is dangerous and　should be used only when really needed. You must yourself be a　superuser to create a new superuser. Defaults is false.
createdb _boolean_	When set to true, the role being defined will be allowed to create　new databases. Specifying false (default) will deny a role the　ability to create databases.
createrole _boolean_	Whether the role will be permitted to create, alter, drop, comment　on, change the security label for, and grant or revoke membership in　other roles. Default is false.
login _boolean_	Whether the role is allowed to log in. A role having the login　attribute can be thought of as a user. Roles without this attribute　are useful for managing database privileges, but are not users in　the usual sense of the word. Default is false.
replication _boolean_	Whether a role is a replication role. A role must have this　attribute (or be a superuser) in order to be able to connect to the　server in replication mode (physical or logical replication) and in　order to be able to create or drop replication slots. A role having　the replication attribute is a very highly privileged role, and　should only be used on roles actually used for replication. Default　is false.
bypassrls _boolean_	Whether a role bypasses every row-level security (RLS) policy.　Default is false.

RoleStatus

Underlying type: string

RoleStatus represents the status of a managed role in the cluster

Appears in:

ManagedRoles

Field	Description
reconciled	RoleStatusReconciled indicates the role in DB matches the Spec
not-managed	RoleStatusNotManaged indicates the role is not in the Spec, therefore not managed
pending-reconciliation	RoleStatusPendingReconciliation indicates the role in Spec requires updated/creation in DB
reserved	RoleStatusReserved indicates this is one of the roles reserved by the operator. E.g. postgres

SQLRefs

SQLRefs holds references to ConfigMaps or Secrets containing SQL files. The references are processed in a specific order: first, all Secrets are processed, followed by all ConfigMaps. Within each group, the processing order follows the sequence specified in their respective arrays.

Appears in:

BootstrapInitDB

Field	Description	Required	Default	Validation
secretRefs _ SecretKeySelector array_	SecretRefs holds a list of references to Secrets
configMapRefs _ ConfigMapKeySelector array_	ConfigMapRefs holds a list of references to ConfigMaps

ScheduledBackup

ScheduledBackup is the Schema for the scheduledbackups API

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	ScheduledBackup	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ ScheduledBackupSpec _	Specification of the desired behavior of the ScheduledBackup.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status	True
status _ ScheduledBackupStatus _	Most recently observed status of the ScheduledBackup. This data may not be up　to date. Populated by the system. Read-only.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

ScheduledBackupSpec

ScheduledBackupSpec defines the desired state of ScheduledBackup

Appears in:

ScheduledBackup

Field	Description	Required	Default	Validation
suspend _boolean_	If this backup is suspended or not
immediate _boolean_	If the first backup has to be immediately start after creation or not
schedule _string_	The schedule does not follow the same format used in Kubernetes CronJobs　as it includes an additional seconds specifier,　see https://pkg.go.dev/github.com/robfig/cron#hdr-CRON_Expression_Format	True
cluster _ LocalObjectReference _	The cluster to backup	True
backupOwnerReference _string_	Indicates which ownerReference should be put inside the created backup resources.　- none: no owner reference for created backup objects (same behavior as before the field was introduced)　- self: sets the Scheduled backup object as owner of the backup　- cluster: set the cluster as owner of the backup		none	Enum: [none self cluster]
target _ BackupTarget _	The policy to decide which instance should perform this backup. If empty,　it defaults to cluster.spec.backup.target.　Available options are empty string, primary and prefer-standby.　primary to have backups run always on primary instances,　prefer-standby to have backups run preferably on the most updated　standby, if available.			Enum: [primary prefer-standby]
method _ BackupMethod _	The backup method to be used, possible options are barmanObjectStore,　volumeSnapshot or plugin. Defaults to: barmanObjectStore.		barmanObjectStore	Enum: [barmanObjectStore volumeSnapshot plugin]
pluginConfiguration _ BackupPluginConfiguration _	Configuration parameters passed to the plugin managing this backup
online _boolean_	Whether the default type of backup with volume snapshots is　online/hot (true, default) or offline/cold (false)　Overrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'
onlineConfiguration _ OnlineConfiguration _	Configuration parameters to control the online/hot backup with volume snapshots　Overrides the default settings specified in the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza

ScheduledBackupStatus

ScheduledBackupStatus defines the observed state of ScheduledBackup

Appears in:

ScheduledBackup

Field	Description	Required	Default	Validation
lastCheckTime _ Point-in-time recovery (PITR) from a backup _	The latest time the schedule
lastScheduleTime _ Point-in-time recovery (PITR) from a backup _	Information when was the last time that backup was successfully scheduled.
nextScheduleTime _ Point-in-time recovery (PITR) from a backup _	Next time we will run a backup

SchemaSpec

SchemaSpec configures a schema in a database

Appears in:

DatabaseSpec

Field	Description	Required	Default	Validation
name _string_	Name of the object (extension, schema, FDW, server)	True
ensure _ EnsureOption _	Specifies whether an object (e.g schema) should be present or absent　in the database. If set to present, the object will be created if　it does not exist. If set to absent, the extension/schema will be　removed if it exists.		present	Enum: [present absent]
owner _string_	The role name of the user who owns the schema inside PostgreSQL.　It maps to the AUTHORIZATION parameter of CREATE SCHEMA and the　OWNER TO command of ALTER SCHEMA.	True

SecretVersion

SecretVersion contains a secret name and its ResourceVersion

Appears in:

PgBouncerSecrets
PoolerSecrets

Field	Description	Required	Default	Validation
name _string_	The name of the secret
version _string_	The ResourceVersion of the secret

SecretsResourceVersion

SecretsResourceVersion is the resource versions of the secrets managed by the operator

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
superuserSecretVersion _string_	The resource version of the "postgres" user secret
replicationSecretVersion _string_	The resource version of the "streaming_replica" user secret
applicationSecretVersion _string_	The resource version of the "app" user secret
managedRoleSecretVersion _object (keys:string, values:string)_	The resource versions of the managed roles secrets
caSecretVersion _string_	Unused. Retained for compatibility with old versions.
clientCaSecretVersion _string_	The resource version of the PostgreSQL client-side CA secret version
serverCaSecretVersion _string_	The resource version of the PostgreSQL server-side CA secret version
serverSecretVersion _string_	The resource version of the PostgreSQL server-side secret version
barmanEndpointCA _string_	The resource version of the Barman Endpoint CA if provided
externalClusterSecretVersion _object (keys:string, values:string)_	The resource versions of the external cluster secrets
metrics _object (keys:string, values:string)_	A map with the versions of all the secrets used to pass metrics.　Map keys are the secret names, map values are the versions

ServerSpec

ServerSpec configures a server of a foreign data wrapper

Appears in:

DatabaseSpec

Field	Description	Required	Default	Validation
name _string_	Name of the object (extension, schema, FDW, server)	True
ensure _ EnsureOption _	Specifies whether an object (e.g schema) should be present or absent　in the database. If set to present, the object will be created if　it does not exist. If set to absent, the extension/schema will be　removed if it exists.		present	Enum: [present absent]
fdw _string_	The name of the Foreign Data Wrapper (FDW)	True
options _ OptionSpec array_	Options specifies the configuration options for the server　(key is the option name, value is the option value).
usage _ UsageSpec array_	List of roles for which USAGE privileges on the server are granted or revoked.

ServiceAccountTemplate

ServiceAccountTemplate contains the template needed to generate the service accounts

Appears in:

ClusterSpec

Field	Description	Required	Default	Validation
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True

ServiceSelectorType

Underlying type: string

ServiceSelectorType describes a valid value for generating the service selectors. It indicates which type of service the selector applies to, such as read-write, read, or read-only

Validation:

Enum: [rw r ro]

Appears in:

ManagedService
ManagedServices

Field	Description
rw	ServiceSelectorTypeRW selects the read-write service.
r	ServiceSelectorTypeR selects the read service.
ro	ServiceSelectorTypeRO selects the read-only service.

ServiceTemplateSpec

ServiceTemplateSpec is a structure allowing the user to set a template for Service generation.

Appears in:

ManagedService
PoolerSpec

Field	Description	Required	Default	Validation
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.
spec _ ServiceSpec _	Specification of the desired behavior of the service.　More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

ServiceUpdateStrategy

Underlying type: string

ServiceUpdateStrategy describes how the changes to the managed service should be handled

Validation:

Enum: [patch replace]

Appears in:

ManagedService

SnapshotOwnerReference

Underlying type: string

SnapshotOwnerReference defines the reference type for the owner of the snapshot. This specifies which owner the processed resources should relate to.

Appears in:

VolumeSnapshotConfiguration

Field	Description
none	SnapshotOwnerReferenceNone indicates that the snapshot does not have any owner reference.
backup	SnapshotOwnerReferenceBackup indicates that the snapshot is owned by the backup resource.
cluster	SnapshotOwnerReferenceCluster indicates that the snapshot is owned by the cluster resource.

SnapshotType

Underlying type: string

SnapshotType is a type of allowed import

Appears in:

Import

Field	Description
monolith	MonolithSnapshotType indicates to execute the monolith clone typology
microservice	MicroserviceSnapshotType indicates to execute the microservice clone typology

StorageConfiguration

StorageConfiguration is the configuration used to create and reconcile PVCs, usable for WAL volumes, PGDATA volumes, or tablespaces

Appears in:

ClusterSpec
TablespaceConfiguration

Field	Description	Default
storageClass _string_	StorageClass to use for PVCs. Applied after　evaluating the PVC template, if available.　If not specified, the generated PVCs will use the　default storage class
size _string_	Size of the storage. Required if not already specified in the PVC template.　Changes to this field are automatically reapplied to the created PVCs.　Size cannot be decreased.
resizeInUseVolumes _boolean_	Resize existent PVCs, defaults to true	true
pvcTemplate _ PersistentVolumeClaimSpec _	Template to be used to generate the Persistent Volume Claim

Subscription

Subscription is the Schema for the subscriptions API

Field	Description	Required
apiVersion _string_	postgresql.cnpg.io/v1	True
kind _string_	Subscription	True
metadata _ EmbeddedObjectMetadata _	Refer to Kubernetes API documentation for fields of metadata.	True
spec _ SubscriptionSpec _		True
status _ SubscriptionStatus _		True

SubscriptionReclaimPolicy

Underlying type: string

SubscriptionReclaimPolicy describes a policy for end-of-life maintenance of Subscriptions.

Appears in:

SubscriptionSpec

Field	Description
delete	SubscriptionReclaimDelete means the subscription will be deleted from Kubernetes on release　from its claim.
retain	SubscriptionReclaimRetain means the subscription will be left in its current phase for manual　reclamation by the administrator. The default policy is Retain.

SubscriptionSpec

SubscriptionSpec defines the desired state of Subscription

Appears in:

Subscription

Field	Description	Required	Default	Validation
cluster _ LocalObjectReference _	The name of the PostgreSQL cluster that identifies the "subscriber"	True
name _string_	The name of the subscription inside PostgreSQL	True
dbname _string_	The name of the database where the publication will be installed in　the "subscriber" cluster	True
parameters _object (keys:string, values:string)_	Subscription parameters included in the WITH clause of the PostgreSQL　CREATE SUBSCRIPTION command. Most parameters cannot be changed　after the subscription is created and will be ignored if modified　later, except for a limited set documented at:　https://www.postgresql.org/docs/current/sql-altersubscription.html#SQL-ALTERSUBSCRIPTION-PARAMS-SET
publicationName _string_	The name of the publication inside the PostgreSQL database in the　"publisher"	True
publicationDBName _string_	The name of the database containing the publication on the external　cluster. Defaults to the one in the external cluster definition.
externalClusterName _string_	The name of the external cluster with the publication ("publisher")	True
subscriptionReclaimPolicy _ SubscriptionReclaimPolicy _	The policy for end-of-life maintenance of this subscription		retain	Enum: [delete retain]

SubscriptionStatus

SubscriptionStatus defines the observed state of Subscription

Appears in:

Subscription

Field	Description	Required	Default	Validation
observedGeneration _integer_	A sequence number representing the latest　desired state that was synchronized
applied _boolean_	Applied is true if the subscription was reconciled correctly
message _string_	Message is the reconciliation output message

SwitchReplicaClusterStatus

SwitchReplicaClusterStatus contains all the statuses regarding the switch of a cluster to a replica cluster

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
inProgress _boolean_	InProgress indicates if there is an ongoing procedure of switching a cluster to a replica cluster.

SyncReplicaElectionConstraints

SyncReplicaElectionConstraints contains the constraints for sync replicas election.

For anti-affinity parameters two instances are considered in the same location if all the labels values match.

In future synchronous replica election restriction by name will be supported.

Appears in:

PostgresConfiguration

Field	Description	Required	Default	Validation
nodeLabelsAntiAffinity _string array_	A list of node labels values to extract and compare to evaluate if the pods reside in the same topology or not
enabled _boolean_	This flag enables the constraints for sync replicas	True

SynchronizeReplicasConfiguration

SynchronizeReplicasConfiguration contains the configuration for the synchronization of user defined physical replication slots

Appears in:

ReplicationSlotsConfiguration

Field	Description	Required	Default	Validation
enabled _boolean_	When set to true, every replication slot that is on the primary is synchronized on each standby	True	true
excludePatterns _string array_	List of regular expression patterns to match the names of replication slots to be excluded (by default empty)

SynchronousReplicaConfiguration

SynchronousReplicaConfiguration contains the configuration of the PostgreSQL synchronous replication feature. Important: at this moment, also .spec.minSyncReplicas and .spec.maxSyncReplicas need to be considered.

Appears in:

PostgresConfiguration

Field	Description	Required	Validation
method _ SynchronousReplicaConfigurationMethod _	Method to select synchronous replication standbys from the listed　servers, accepting 'any' (quorum-based synchronous replication) or　'first' (priority-based synchronous replication) as values.	True	Enum: [any first]
number _integer_	Specifies the number of synchronous standby servers that　transactions must wait for responses from.	True
maxStandbyNamesFromCluster _integer_	Specifies the maximum number of local cluster pods that can be　automatically included in the synchronous_standby_names option in　PostgreSQL.
standbyNamesPre _string array_	A user-defined list of application names to be added to　synchronous_standby_names before local cluster pods (the order is　only useful for priority-based synchronous replication).
standbyNamesPost _string array_	A user-defined list of application names to be added to　synchronous_standby_names after local cluster pods (the order is　only useful for priority-based synchronous replication).
dataDurability _ DataDurabilityLevel _	If set to "required", data durability is strictly enforced. Write operations　with synchronous commit settings (on, remote_write, or remote_apply) will　block if there are insufficient healthy replicas, ensuring data persistence.　If set to "preferred", data durability is maintained when healthy replicas　are available, but the required number of instances will adjust dynamically　if replicas become unavailable. This setting relaxes strict durability enforcement　to allow for operational continuity. This setting is only applicable if both　standbyNamesPre and standbyNamesPost are unset (empty).		Enum: [required preferred]
failoverQuorum _boolean_	FailoverQuorum enables a quorum-based check before failover, improving　data durability and safety during failover events in CloudNativePG-managed　PostgreSQL clusters.

SynchronousReplicaConfigurationMethod

Underlying type: string

SynchronousReplicaConfigurationMethod configures whether to use quorum based replication or a priority list

Appears in:

SynchronousReplicaConfiguration

TablespaceConfiguration

TablespaceConfiguration is the configuration of a tablespace, and includes the storage specification for the tablespace

Appears in:

ClusterSpec

Field	Description	Required	Default
name _string_	The name of the tablespace	True
storage _ StorageConfiguration _	The storage configuration for the tablespace	True
owner _ DatabaseRoleRef _	Owner is the PostgreSQL user owning the tablespace
temporary _boolean_	When set to true, the tablespace will be added as a temp_tablespaces　entry in PostgreSQL, and will be available to automatically house temp　database objects, or other temporary files. Please refer to PostgreSQL　documentation for more information on the temp_tablespaces GUC.		false

TablespaceState

TablespaceState represents the state of a tablespace in a cluster

Appears in:

ClusterStatus

Field	Description	Required
name _string_	Name is the name of the tablespace	True
owner _string_	Owner is the PostgreSQL user owning the tablespace
state _ TablespaceStatus _	State is the latest reconciliation state	True
error _string_	Error is the reconciliation error, if any

TablespaceStatus

Underlying type: string

TablespaceStatus represents the status of a tablespace in the cluster

Appears in:

TablespaceState

Field	Description
reconciled	TablespaceStatusReconciled indicates the tablespace in DB matches the Spec
pending	TablespaceStatusPendingReconciliation indicates the tablespace in Spec requires creation in the DB

Topology

Topology contains the cluster topology

Appears in:

ClusterStatus

Field	Description	Required	Default	Validation
instances _object (keys: PodName , values: PodTopologyLabels )_	Instances contains the pod topology of the instances
nodesUsed _integer_	NodesUsed represents the count of distinct nodes accommodating the instances.　A value of '1' suggests that all instances are hosted on a single node,　implying the absence of High Availability (HA). Ideally, this value should　be the same as the number of instances in the Postgres HA cluster, implying　shared nothing architecture on the compute side.
successfullyExtracted _boolean_	SuccessfullyExtracted indicates if the topology data was extract. It is useful to enact fallback behaviors　in synchronous replica election in case of failures

UsageSpec

UsageSpec configures a usage for a foreign data wrapper

Appears in:

FDWSpec
ServerSpec

Field	Description	Required	Default	Validation
name _string_	Name of the usage	True
type _ UsageSpecType _	The type of usage		grant	Enum: [grant revoke]

UsageSpecType

Underlying type: string

UsageSpecType describes the type of usage specified in the usage field of the Database object.

Appears in:

UsageSpec

Field	Description
grant	GrantUsageSpecType indicates a grant usage permission.　The default usage permission is grant.
revoke	RevokeUsageSpecType indicates a revoke usage permission.

VolumeSnapshotConfiguration

VolumeSnapshotConfiguration represents the configuration for the execution of snapshot backups.

Appears in:

BackupConfiguration

Field	Description	Default	Validation
labels _object (keys:string, values:string)_	Labels are key-value pairs that will be added to .metadata.labels snapshot resources.
annotations _object (keys:string, values:string)_	Annotations key-value pairs that will be added to .metadata.annotations snapshot resources.
className _string_	ClassName specifies the Snapshot Class to be used for PG_DATA PersistentVolumeClaim.　It is the default class for the other types if no specific class is present
walClassName _string_	WalClassName specifies the Snapshot Class to be used for the PG_WAL PersistentVolumeClaim.
tablespaceClassName _object (keys:string, values:string)_	TablespaceClassName specifies the Snapshot Class to be used for the tablespaces.　defaults to the PGDATA Snapshot Class, if set
snapshotOwnerReference _ SnapshotOwnerReference _	SnapshotOwnerReference indicates the type of owner reference the snapshot should have	none	Enum: [none cluster backup]
online _boolean_	Whether the default type of backup with volume snapshots is　online/hot (true, default) or offline/cold (false)	true
onlineConfiguration _ OnlineConfiguration _	Configuration parameters to control the online/hot backup with volume snapshots	{ immediateCheckpoint:false waitForArchive:true }