Adds the kube-ssh-wrapper.sh script for using

kubectl in lieu of ssh with pgBackRest, and updates
various pgBackRest configuration settings to fully
disable sshd and utilize the kubectl wrapper script
instead.

Author: andrewlecuyer

bin/kube-ssh-wrapper.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+# Determine if connecting to the backrest repo or primary db
+if [[ "${PGO_BACKREST_REPO}" == "true" ]]
+then
+    source "/tmp/pod_env.sh"
+    TARGET_LABEL="role=master"
+else
+    TARGET_LABEL="pgo-backrest-repo=true"
+fi
+
+CLUSTER_LABEL="pg-cluster=${CLUSTER_NAME}"
+CONTAINER_NAME="database"
+
+opts=$(echo "$@" | grep -o "\-\-c.*")
+pod=$(kubectl get pods --selector=${CLUSTER_LABEL},${TARGET_LABEL} --field-selector=status.phase=Running -o name)
+
+exec kubectl exec -i "${pod}" -c ${CONTAINER_NAME} -- bash -c "pgbackrest ${opts}"

conf/postgres-operator/backrest-restore-job.json

@@ -82,7 +82,7 @@
                         "value": "warn"
                     }, {
                         "name": "PGBACKREST_CMD_SSH",
-                        "value": "ssh"
+                        "value": "/opt/cpm/bin/kube-ssh-wrapper.sh"
                     }, {
                         "name": "CLUSTER_NAME",
                         "valueFrom": {

conf/postgres-operator/cluster-deployment.json

@@ -113,6 +113,13 @@
                     }, {
                         "name": "PGHOST",
                         "value": "/tmp"
+                    }, {
+                        "name": "CLUSTER_NAME",
+                        "valueFrom": {
+                            "fieldRef": {
+                                "fieldPath": "metadata.labels['pg-cluster']"
+                            }
+                        }
                     }],
 
 
@@ -280,3 +287,4 @@
         }
     }
 }
+ 

conf/postgres-operator/pgbackrest-env-vars.json

@@ -7,7 +7,7 @@
                         "name": "BACKREST_SKIP_CREATE_STANZA",
                         "value": "true"
                     }, {
-                        "name": "PGBACKREST",
+                        "name": "PGHA_PGBACKREST",
                         "value": "true"
                     }, {
                         "name": "PGBACKREST_REPO1_PATH",
@@ -17,7 +17,7 @@
                         "value": "{{.PgbackrestDBPath}}"
                     }, {
                         "name": "ENABLE_SSHD",
-                        "value": "true"
+                        "value": "false"
                     }, {
                         "name": "PGBACKREST_LOG_PATH",
                         "value": "/tmp"
@@ -34,3 +34,6 @@
                         "name": "BACKREST_LOCAL_AND_S3_STORAGE",
                         "value": "{{.PgbackrestLocalAndS3Storage}}"
                     }, {
+                        "name": "PGBACKREST_CMD_SSH",
+                        "value": "/opt/cpm/bin/kube-ssh-wrapper.sh"
+                    }, {

conf/postgres-operator/pgo-backrest-repo-template.json

@@ -70,7 +70,7 @@
                         "value": "{{.PGbackrestDBHost}}"
                     }, {
                         "name": "PGBACKREST_CMD_SSH",
-                        "value": "ssh"
+                        "value": "/opt/cpm/bin/kube-ssh-wrapper.sh"
                     }, {
                         "name": "PGBACKREST_LOG_LEVEL_CONSOLE",
                         "value": "warn"
@@ -86,7 +86,7 @@
                         "value": "true"
                     }, {
                         "name": "ENABLE_SSHD",
-                        "value": "true"
+                        "value": "false"
                     }],
                     "volumeMounts": [{
                         "name": "sshd",