Skip to content

ConnectionPool

Prerequisites

  • A Kubernetes cluster with the operator installed using helm, kubectl or kind (for local development).
  • A Kubernetes Secret with an Aiven authentication token.

Required permissions

To create and manage this resource, you must have the appropriate roles or permissions. See the Aiven documentation for details on managing permissions.

This resource uses the following API operations, and for each operation, any of the listed permissions is sufficient:

Operation Permissions
ProjectKmsGetCA organization:projects:write
ServiceGet service:secrets:read
ServicePGBouncerCreate service:data:write
ServicePGBouncerDelete service:data:write
ServicePGBouncerUpdate service:data:write
ServiceUserGet service:configuration:write or service:users:write

Usage example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
apiVersion: aiven.io/v1alpha1
kind: ConnectionPool
metadata:
  name: my-connection-pool
spec:
  authSecretRef:
    name: aiven-token
    key: token

  project: aiven-project-name
  serviceName: my-pg
  databaseName: my-database
  username: my-service-user
  poolMode: transaction
  poolSize: 25

---

apiVersion: aiven.io/v1alpha1
kind: PostgreSQL
metadata:
  name: my-pg
spec:
  authSecretRef:
    name: aiven-token
    key: token

  project: aiven-project-name
  cloudName: google-europe-west1
  plan: startup-4

---

apiVersion: aiven.io/v1alpha1
kind: Database
metadata:
  name: my-database
spec:
  authSecretRef:
    name: aiven-token
    key: token

  project: aiven-project-name
  serviceName: my-pg

---

apiVersion: aiven.io/v1alpha1
kind: ServiceUser
metadata:
  name: my-service-user
spec:
  authSecretRef:
    name: aiven-token
    key: token

  project: aiven-project-name
  serviceName: my-pg

Apply the resource with:

kubectl apply -f example.yaml

Verify the newly created ConnectionPool:

kubectl get connectionpools my-connection-pool

The output is similar to the following: 

Name                  Service Name    Project               Database       Username           Pool Size    Pool Mode      
my-connection-pool    my-pg           aiven-project-name    my-database    my-service-user    25           transaction

ConnectionPool

ConnectionPool is the Schema for the connectionpools API.

Exposes secret keys

CONNECTIONPOOL_NAME, CONNECTIONPOOL_HOST, CONNECTIONPOOL_PORT, CONNECTIONPOOL_DATABASE, CONNECTIONPOOL_USER, CONNECTIONPOOL_PASSWORD, CONNECTIONPOOL_SSLMODE, CONNECTIONPOOL_DATABASE_URI, CONNECTIONPOOL_CA_CERT.

Required

  • apiVersion (string). Value aiven.io/v1alpha1.
  • kind (string). Value ConnectionPool.
  • metadata (object). Data that identifies the object, including a name string and optional namespace.
  • spec (object). ConnectionPoolSpec defines the desired state of ConnectionPool. See below for nested schema.

spec

Appears on ConnectionPool.

ConnectionPoolSpec defines the desired state of ConnectionPool.

Required

  • databaseName (string, MaxLength: 40). Name of the database the pool connects to.
  • project (string, Immutable, Pattern: ^[a-zA-Z0-9_-]+$, MaxLength: 63). Identifies the project this resource belongs to.
  • serviceName (string, Immutable, Pattern: ^[a-z][-a-z0-9]+$, MaxLength: 63). Specifies the name of the service that this resource belongs to.

Optional

  • authSecretRef (object). Authentication reference to Aiven token in a secret. See below for nested schema.
  • connInfoSecretTarget (object). Secret configuration. See below for nested schema.
  • connInfoSecretTargetDisabled (boolean, Immutable). When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
  • poolMode (string, Enum: session, transaction, statement). Mode the pool operates in (session, transaction, statement).
  • poolSize (integer). Number of connections the pool may create towards the backend server.
  • username (string, MaxLength: 64). Name of the service user used to connect to the database.

authSecretRef

Appears on spec.

Authentication reference to Aiven token in a secret.

Required

  • key (string, MinLength: 1).
  • name (string, MinLength: 1).

connInfoSecretTarget

Appears on spec.

Secret configuration.

Required

  • name (string, Immutable). Name of the secret resource to be created. By default, it is equal to the resource name.

Optional

  • annotations (object, AdditionalProperties: string). Annotations added to the secret.
  • labels (object, AdditionalProperties: string). Labels added to the secret.
  • prefix (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. KAFKA_, REDIS_, etc.