New to KubeDB? Please start here.

Rotate Authentication of Pgpool

This guide will give an overview on how KubeDB Ops-manager operator Rotate Authentication configuration.

Before You Begin

You should be familiar with the following KubeDB concepts:
- Pgpool
- PgpoolOpsRequest

How Rotate Pgpool Authentication Configuration Process Works

The authentication rotation process for Pgpool using KubeDB involves the following steps:

A user first creates a Pgpool Custom Resource Object (CRO).
The KubeDB Provisioner operator continuously watches for Pgpool CROs.
When the operator detects a Pgpool CR, it provisions the required PetSets, along with related resources such as secrets, services, and other dependencies.
To initiate authentication rotation, the user creates a PgpoolOpsRequest CR with the desired configuration.
The KubeDB Ops-manager operator watches for PgpoolOpsRequest CRs.
Upon detecting a PgpoolOpsRequest, the operator pauses the referenced Pgpool object, ensuring that the Provisioner operator does not perform any operations during the authentication rotation process.
The Ops-manager operator then updates the necessary configuration (such as credentials) based on the provided PgpoolOpsRequest specification.
After applying the updated configuration, the operator restarts all Pgpool Pods so they come up with the new authentication environment variables and settings.
Once the authentication rotation is completed successfully, the operator resumes the Pgpool object, allowing the Provisioner operator to continue its usual operations.

In the next section, we will walk you through a step-by-step guide to rotating Pgpool authentication using the PgpoolOpsRequest CRD.

KubeDB

KubeStash New

Stash

KubeVault

Voyager

ConfigSyncer

Guard

RESOURCES

Cassandra

ClickHouse

Druid

Elasticsearch

FerretDB

Ignite

Kafka

MariaDB

Memcached

Microsoft SQL Server

MongoDB

MySQL

OpenSearch

PerconaXtraDB

PgBouncer

Pgpool

PostgreSQL

ProxySQL

RabbitMQ

Redis

SingleStore

Solr

Valkey

ZooKeeper