postgres-operator icon indicating copy to clipboard operation
postgres-operator copied to clipboard

Published 20 hours ago verified publisher icon zalando

Running the operator in namespace scoped mode

Open achanda opened this issue 2 years ago • 1 comments

  • Which image of the operator are you using? registry.opensource.zalan.do/acid/postgres-operator:v1.8.2-17-gb48034d7-dev
  • Where do you run it - cloud or metal? Kubernetes or OpenShift? minikube, using run_operator_locally.sh
  • Are you running Postgres Operator in production? [yes | no] no
  • Type of issue? [Bug report, question, feature request, etc.] Question

Is there a way to run this operator in a single namespace mode so that it does not require cluster-wide permissions? I am aware of the watched_namespace setting. I tried setting that to a namespace that I created and ran the operator using the script as described above. But it still created a bunch of clusterrole and clusterrolebindings. I am looking for a k8s manifest that sets up the operator only with namespace scoped role and rolebindings.

achanda avatar Oct 07 '22 16:10 achanda

Have a look at my open PR #786 . There’s one open ToDo about syncing the roles and bindings. Maybe you want to give it a try.

FxKu avatar Oct 08 '22 10:10 FxKu

How long till we get this, @FxKu? It is a very useful feature when we are operating within our own namespace in a shared cluster.

I am asking because it is absent from any of the milestones.

caniko avatar Jan 29 '23 13:01 caniko

We are also really interested in this, it is blocking in order to use Zalando's operator in a managed and shared cluster.

vfauth avatar Mar 31 '23 12:03 vfauth