It would be nice to be able to create read-only replicas from the operator.

I imagine there would be a "PrimaryClusterId" field in the DatabaseClusterSpec which would, during creation, create a replica.

If this field was deleted down the line, the database could promote itself to a primary.

alternatively, there could be a "DatabaseReplicaCluster". This would involve adding a field like "ReplicaClusterId" in "DatabaseClusterSpec" which would facilitate the promotion & deletion of the old replica.

When reconciling a DatabaseUser we should create events to show progress - e.g., when we request a user to be created and if any of our actions fail.

The kubebuilder docs show how to create events.

Currently when listing DatabaseCluster resources, you see only the default columns:

$ kubectl get databasecluster
NAME                    AGE
sample-mysql-database   7d4h

It would be nice to display the database engine, DO database name, and database status as well.

This can be done with kubebuilder annotations.

Hi, this seems like interesting project and I can probably help on working to support the droplets lifecycle.

Hello.

I am unable to create the cluster reference, please help.

Error from server (InternalError): error when creating "my-db-reference.yaml": Internal error occurred: failed calling webhook "vdatabaseclusterreference.kb.io": failed to call webhook: Post "https://do-operator-webhook-service.do-operator-system.svc:443/validate-databases-digitalocean-com-v1alpha1-databaseclusterreference?timeout=10s": EOF

The namespace I am pointing to is default, as I have:

$ kubectl get namespaces NAME STATUS AGE cert-manager Active 71m default Active 125m do-operator-system Active 17m kube-node-lease Active 125m kube-public Active 125m kube-system Active 125m

It's a brand new terraformed k8s cluster and database cluster.

It would be great to show some real usage examples in the docs. Ideally we would have examples for both architectures:

1. Managed architecture - the DB and app are deployed together in one manifest.
2. Referenced architecture - the DB is created via Terraform and its ID injected into the app manifest before deployment (also via Terraform).

Currently when listing DatabaseUser resources, you see only the default columns:

$ kc -n guestbook get databaseuser
NAME                AGE
guestbook-db-user   10d

It would be nice to display the database name, username, and user role as well.

This can be done with kubebuilder annotations.

Currently the connection details for databases indicate that sslmode should be required. But, as the CA certificate securing these databases is self-signed, doing so properly is not possible without the CA certificate. A user could download this certificate out-of-band from the operator, but doing so is inconvenient and cumbersome.

Where applicable, the operator should include the CA certificate data in the credentials secret.

I noticed I have some secrets in my cluster that remain after I deleted the database that created the secret.

This can be fixed by using controllerutil.SetControllerReference to mark the secret as "owned" by the database and then kubernetes will garbage collect them.

What happened?

with kubernetes v1.28.0 i am able to install do-operator successfully by running make deploy but after installation when i run make undeploy terminal stuck and need to manually exit.

And in cluster that namesapce which is created by do-operator do-operator-system stuck at Terminating state

By describing the namespace there is one condition because of which the namesapce is not able to delete is NamespaceDeletionContentFailure

Manually inspecting the cluster i didn't find any resource in do-operator-system namespace. After which i had to manually remove the finalizer from that namespace for its deletion.

Steps to reproduce

1. kubernetes v1.28
2. deploy operator using make deploy and after operator is in Running state remove the operator using make undeploy

Expected behavior
Namespace do-operator-system should not stuck in Terminating state when running make undeploy

In a Postgres database cluster we can have multiple databases, e.g. per application/service. By default a cluster is created with a single database called defaultdb, but additional databases can be created via the control panel or doctl.

When using the DatabaseClusterReference I have not found a way to specify a specific database and hence the created configmaps reference defaultdb.

Is there a way to change this?

Ensure that any cluster UUID values which can be specified by a human or operator are conformant to the UUID spec. Otherwise, follow-up operations may start to fail in hard-to-debug ways.

The motivation here was a case where a cluster UUID was copied from the cloud control panel with the a query parameter like ?=<id> appended. This would short-circuit HTTP requests to the DO API carried out by godo and not return sub-resources anymore.

Currently when listing DatabaseUserReference resources, you see only the default columns:

$ kc -n guestbook get databaseuserreference
NAME                AGE
guestbook-db-user   10d

It would be nice to display the database name, username, and user role as well.

This can be done with kubebuilder annotations.

This is the example from the readme. If you apply it, there are errors because num_nodes should be numNodes. If you then delete that object it never gets cleared out. If you manually delete the finalizers from the object using kubectl edit database example then the object clears out immediately.

I think the operator can reject the illegal object before it ever gets into the cluster so maybe this needn't be fixed directly.

apiVersion: doop.do.co/v1alpha1
kind: Database
metadata:
  name: example
spec:
  name: example
  engine: redis
  version: "5"
  size: db-s-2vcpu-4gb
  region: sfo2
  num_nodes: 2
  tags:
  - test
  - doop

In the default DB credential secret, there are fields for the uri and private_uri of the database, which is helpful to expose as env variables in containers. But these two fields are missing for additional users created via a DatabaseUser. This makes it rather more annoying to get the uri to connect to into an environment variable for a container without also exposing the admin password. (Though you can get the pieces as seperate variables but that may require code changes to our apps if they are expecting a uri.)

Currently an attempt to create a DatabaseUser when a cluster resource does not exist results in an error as such:

Error from server (Forbidden): error when creating "sample.yaml": admission webhook "vdatabaseuser.kb.io" denied the request: spec.cluster: Not found: default/my-app-db

While reasonable, it creates issues with automations such as helm/kustomize (and by extension GitOps solutions) because it creates chicken and egg problem between DatabaseCluster and DatabaseUser resource.

If the check, rather than being done during admission, was done by operator itself during resource handling it would allow for the usual Kubernetes eventually consistent workflow with resources at some point arriving at desired state.

Currently when listing DatabaseClusterReference resources, you see only the default columns:

$ kubectl get databaseclusterreference
NAME                    AGE
sample-mysql-database   7d4h

It would be nice to display the database engine, DO database name, and database status as well.

This can be done with kubebuilder annotations.

Currently a secret is created with the following content:

username: doadmin
password: ....
private_uri: ....
uri: mysql://doadmin:<pass>@<db-server-name>.db.ondigitalocean.com:25060/defaultdb?ssl-mode=REQUIRED

The URI includes the username, password, database. If I want to connect using the credentials of a DatabaseUser I only require the host (similar holds for connecting to a different database).

Suggested output (same as the connection parameters tab, including or excluding uri's):

username: doadmin
password: ...
host: <db-server-name>.db.ondigitalocean.com
private_host: private-<db-server-name>.db.ondigitalocean.com
port: <port>
sslmode: ...

When reconciling a DatabaseCluster we should create events to show progress - e.g., when we request a DO database to be created, when we check whether it's ready, and if any of our actions fail.

The kubebuilder docs show how to create events.

I'd like to also create databases similar to DatabaseUser resources.

Maybe this is confusing with the 'Database' prefix naming convention. Perhaps it should be 'DatabaseServer' instead so that we can use DatabaseServerDatabase and DatabaseServerUser.