In order to expand and collapse the table of contents, you must enable JavaScript in the browser.
(Collapse Contents)
Title Page
Preface
Chapter 1 System Requirements
1.1 Components Embedded
1.2 CPU
1.3 Supported Platform
1.4 Collaboration Tool
Chapter 2 Overview of Operator Design
2.1 Design Task
2.2 System Configuration Design
2.2.1 Server Configuration
2.2.2 User Account
2.2.3 Basic Information of the Container
2.3 Design Perspective for Each Feature
2.3.1 Deployment
2.3.2 High Availability
2.3.3 Configurable Volume per Cluster
2.3.3.1 Disk Space Management
2.3.3.1.1 Increasing Disk Space
2.3.3.1.2 Reducing Disk Usage
2.3.3.2 Configuring PVC Auto Expansion
2.3.4 Deploying Pgpool-II and Connect to FEPCluster from Operator
2.3.5 Scheduling Backup from Operator
2.3.5.1 Important Setting Items
2.3.5.2 Parameters that cannot be Set
2.3.5.3 Restricted Parameters
2.3.5.4 About Sections in the Config File
2.3.6 Perform PITR and Latest Backup Restore from Operator
2.3.7 FEP Unique Feature Enabled by Default
2.3.8 Monitoring & Alert (FEPExporter)
2.3.8.1 FEPExporter Custom Resource
2.3.8.2 Change to FEPCluster CR - metrics user
2.3.8.3 FEPExporter CR auto-create for FEPCluster
2.3.9 Collaboration with Amazon CloudWatch
2.3.10 Scaling Replicas
2.3.10.1 Change to FEPCluster CR - auto scale out
2.3.11 Disaster Recovery
2.3.12 Transparent Data Encryption Using a Key Management System
2.3.13 Database Role Management
2.3.13.1 Creating Roles Related to Database Operation
2.3.13.1.1 Quarantine SUPERUSER
2.3.13.1.2 Database Administrator Role
2.3.13.1.3 Confidential Administrator Role
2.3.13.2 Expiration Management of Database Roles with Login Privileges
2.3.13.2.1 Policy-based Password Operation
2.3.13.2.2 Password Operation with the VALID UNTIL Clause
2.3.14 User Synchronization Using ldap2pg
2.3.14.1 How to Update FEPCluster CR for ldap2pg
2.3.15 Fixed Statistics
2.3.16 Environment Variable Definition for Container
2.3.16.1 Secret Example Defining Environment Variables
2.3.16.2 Custom Resource Definition Example
2.3.16.3 Environment Variables Update
2.3.17 Multi-master Replication
Chapter 3 Operator Installation
3.1 Using the OperatorHub
3.1.1 Pre-requisite
3.1.2 Deploying Operator
3.1.3 Upgrading Operators
3.2 Using the Helm Chart
3.2.1 Deploying Operator
3.2.2 Upgrading Operators
3.3 Using the Rancher UI
3.3.1 Pre-requisite
3.3.2 Register Helm Chart Repository
3.3.3 Deploying Operator
3.3.4 Upgrading Operators
3.4 Implement Collaborative Monitoring Tools
3.4.1 Implement GAP Stack
3.4.2 Implement Elastic Cloud on Kubernetes
3.4.2.1 Deploy ECK Operator
3.4.2.2 Deploy Elasticsearch Cluster
3.4.2.3 Deploy Enterprise Search
3.4.2.4 Deploy Kibana
3.4.2.5 Expose Kibana using OpenShift Route
3.4.2.6 Login to Kibana
3.5 Implement Client
Chapter 4 Deployment Container
4.1 Deploying FEPCluster using Operator
4.2 Deploy a Highly Available FEPCluster
4.3 Deploying FEPExporter
4.4 FEPExporter in Standalone Mode
4.5 How to Collaborate with CloudWatch
4.5.1 Preparation
4.5.2 FEPCluster Configuration
4.5.3 Forwarding Custom Metrics
4.6 Deploying FEPClusters with Cloud-based Secret Management
4.6.1 Installing Secret Store CSI Driver Using Helm Charts
4.6.2 Installing and Configuring Azure Provider for Secret Store CSI Driver
4.6.2.1 Install Azure Provider drivers using helm chart
4.6.2.2 Create Secret to Access Azure Key vault
4.6.2.3 Store Secret in Azure Key Vault
4.6.2.4 Store Certificate in Azure Key Vault
4.6.3 Installing and Configuring AWS Provider for Secret Store CSI Driver
4.6.3.1 Install AWS Provider drivers using helm chart
4.6.3.2 Setup EKS cluster along with service account with necessary IAM roles and permission to access Secret Manager
4.6.3.3 Store Secret in AWS Secrets Manager
4.6.3.4 Store Cert in AWS Secrets Manager
4.6.4 Installing GCP Provider for Secret Store CSI Driver
4.6.4.1 Install GCP Provider drivers using Kubernetes
4.6.4.2 Configure GCP secret manager and IAM
4.6.4.3 Create Secret to access GCP Secret manager
4.6.4.4 Store secret in GCP Secret manager
4.6.4.5 Store Cert in GCP Secret manager
4.6.5 Installing HashiCorp Vault Provider for Secret Store CSI Driver
4.6.5.1 Install HashiCorp Provider drivers using helm chart
4.6.5.2 Configure Kubernetes Authentication for HashiCorp Vault
4.6.5.3 Store Secret in HashiCorp Vault
4.6.5.4 Store Cert in HashiCorp Vault
4.6.5.5 Create policy and role to access the secrets from HashiCorp Vault
4.6.6 Configuring FEPCluster to use Provider for Secret Store Driver
4.6.6.1 Azure Provider for Secret Store CSI Driver
4.6.6.2 AWS Provider for Secret Store CSI Driver
4.6.6.3 GCP Provider for Secret Store CSI Driver
4.6.6.4 HashiCorp Vault Provider for Secret Store CSI Driver
4.7 Deploying a customized FEP server container image
4.7.1 Requirements
4.7.2 Build custom FEP image with extension
4.7.3 Adding SQLite Foreign Data Wrapper to FEP Server Container
4.7.4 Create FEP Cluster with custom image
4.8 Configuration FEP to Perform MTLS
4.8.1 When Using an Automatically Generated Certificate
4.8.1.1 How to Create a Certificate
4.8.1.2 How to Create a Client Certificate
4.8.2 When Using Your Own Certificate
4.8.2.1 Manual Certificate Management
4.8.2.2 Automatic Certificate Management
4.8.2.3 Deploy FEPCluster with MTLS support
4.8.2.4 Configurable Parameters
4.9 Replication Slots
4.9.1 Setting Up Logical Replication using MTLS
4.10 FEP Logging
4.10.1 FEPLogging Configuration
4.10.1.1 FEPLogging Custom Resources - spec
4.10.1.1.1 Define fepLogging image
4.10.1.1.2 Define fepLogging mcSpec
4.10.1.1.3 Define fepLogging restartRequired
4.10.1.1.4 Define fepLogging scrapeInterval and scrapeTimeout
4.10.1.1.5 Define fepLogging elastic
4.10.1.1.6 Define authSecret for elastic
4.10.1.1.7 Define fepLogging TLS
4.10.1.1.8 Define Prometheus TLS
4.10.2 Configuring FEPCluster Remote Logging
4.10.2.1 FEP Custom Resources - spec.fep.remoteLogging
4.10.2.1.1 Define remoteLogging enable and fluentdName
4.10.2.1.2 Define remoteLogging tls
4.10.2.1.3 Define remoteLogging image
4.10.2.1.4 Define remoteLogging fluentbitConfigSecretRef
4.10.2.1.5 Define remoteLogging awsCredentialSecretRef
4.10.3 FEPLogging Operations
4.10.3.1 Log Forwarding to Elasticsearch
4.10.3.2 Log severity based Alarms/Metrics
4.10.3.3 Forwarding auditlog to Elasticsearch
4.10.4 Limitations
4.11 Configuring pgBadger
4.11.1 FEP Custom Resources - spec.fep.pgBadger
4.11.2 Define pgBadger Schedules
4.11.3 Define pgBadger Options
4.11.4 Define Endpoint for Uploading Report
4.11.5 Uploaded File on Web Server
4.12 Automating Audit Log Operations
4.12.1 Simplifies Parameter Setting
4.12.2 Alerting
4.12.3 Store in Cloud Storage
4.13 Transparent Data Encryption Using a Key Management System
4.13.1 Registration of Authentication Information
4.13.1.1 When Using a KMIP Server
4.13.1.2 When Using AWS Key Management Service
4.13.1.3 When using Azure Key Management Service
4.13.2 Configuring FEPCluster Custom Resources
4.13.2.1 Define spec.fepChildCrVal.customPgParams
4.13.2.2 Define spec.fepChildCrVal.sysTde
4.14 Disaster Recovery in Hot Standby Configuration
4.14.1 Continuous Recovery Method
4.14.2 Streaming Replication Method
4.14.3 Defining a Hot Standby Configuration
4.14.3.1 Defining a Continuous Recovery Method
4.14.3.2 Defining a Streaming Replication Method
4.14.3.3 Defining FEPCluster Custom Resources
4.15 Enabling Client Authentication with scram-sha-256 Authentication
4.15.1 Enabling Client Authentication Using scram-sha-256 Authentication in the FEP Server Container
4.15.1.1 Define spec.fepChildCrVal.customPgParams
4.15.1.2 Define spec.fepChildCrVal.customPgHba
4.15.2 Enabling Client Authentication Using scram-sha-256 Authentication in the FEPpgpool2 Container
4.15.2.1 Creating the Resources Required to Enable scram-sha-256 Authentication
4.15.2.2 Editing FEPPgpool2 Custom Resources
4.15.3 Enabling Client Authentication Using scram-sha-256 Authentication on Existing FEP Server and FEPpgpool2 Containers
4.16 Backing Up Statistics
4.17 Model Management in the Database
4.17.1 New Setup
4.17.2 Creating an Inference Server Pod
4.17.2.1 Inference Server
4.17.2.2 Inference Server Pod Storage
4.18 Multi-master Replication
4.18.1 Configuration
4.18.2 Setup Procedure
4.18.2.1 Storing Credentials
4.18.2.2 Creating a Service
4.18.2.3 Definition of Multi-master Replication Configuration File
4.18.2.3.1 Multi-master Replication Definition
4.18.2.4 FEPCluster Custom Resource Definition
Chapter 5 Post-Deployment Operations
5.1 How to Connect to a FEP Cluster
5.2 Configuration Change
5.3 FEPCluster Resource Change
5.3.1 Changing CPU and Memory Allocation Resources
5.3.2 Resizing PVCs
5.4 FEPPGPool2 Configuration Change
5.5 Scheduling Backup from Operator
5.6 Configure MTLS Setting
5.6.1 Certification Rotation
5.7 Monitoring
5.7.1 Monitoring FEP Operator and Operands
5.7.2 Monitoring FEP Server
5.7.2.1 Architecture
5.7.2.2 Default Server Metrics Monitoring
5.7.2.3 Default Alerts
5.7.2.4 Graphical user interface
5.7.2.5 Metrics Collected by CloudWatch
5.7.3 Monitoring FEP Backup
5.7.3.1 pgbackrest_info_backup view
5.7.4 Monitoring FEP PGPool2
5.7.4.1 pgpool2_stat_load_balance view
5.7.4.2 pgpool2_stat_conn_pool view
5.7.4.3 pgpool2_stat_sql_command view
5.7.5 Monitoring Multi-master Replication
5.7.5.1 Metrics to Collect
5.7.5.2 Method of Collecting Metrics
5.7.5.2.1 Monitoring via FEPExporter
5.8 Event Notification
5.8.1 Events raised
5.8.2 Events that Occur when Custom Resources are Updated
5.8.3 Viewing the Custom Events
5.9 Scaling Replicas
5.9.1 Automatic Scale Out
5.9.2 Manual Scale In/Out
5.10 Backing Up to Object Storage
5.10.1 Pre-creation of Resources
5.10.1.1 Storing CA Files (Root Certificates)
5.10.1.2 Storing Repository Key
5.10.2 Defining a FEPCluster Custom Resource
5.11 Disaster Recovery
5.11.1 Disaster Recovery by Backup/Restore Method
5.11.1.1 Disaster Recovery Prerequisites
5.11.1.2 Performing Disaster Recovery
5.11.1.2.1 Pre-creation of Resources
5.11.1.2.2 Defining a FEPCluster Custom Resource
5.11.2 Disaster Recovery with Continuous Recovery Method
5.11.2.1 Disaster Recovery Prerequisites
5.11.2.2 Performing Disaster Recovery
5.11.3 Disaster Recovery Using Velero
5.11.3.1 Disaster Recovery Prerequisites
5.11.3.2 Performing Disaster Recovery
5.11.3.2.1 Configuring FEPCluster Custom Resources
5.11.3.2.2 Velero Backup
5.11.3.2.3 Database Backup
5.11.3.2.4 Velero Restore
5.11.3.2.5 Return from Disaster Recovery Environment to Production Environment
5.11.4 Disaster Recovery with Streaming Replication Method
5.11.4.1 Disaster Recovery Prerequisites
5.11.4.2 Performing Disaster Recovery
5.11.5 Parameter Change in Disaster Recovery Environment
5.12 Operation of Transparent Data Encryption Using Key Management System
5.12.1 Updating Custom Resource Parameters
5.12.2 Update Credentials
5.12.3 Encrypting a Tablespace
5.12.4 Backup/Restore
5.12.5 Changing Key Management System Definitions
5.13 Confidentiality Management Feature
5.13.1 Enabling Confidentiality Management Feature
5.13.2 Monitoring Confidentiality Management Feature
5.14 Operation of Fixed Statistics
5.14.1 Preparing for Object Storage Connections
5.14.1.1 Using S3
5.14.1.2 Using AzureBlob
5.14.1.3 Using Google Cloud Storage
5.14.2 Storing validation environment statistics in object storage
5.14.3 Schedule for Fixed Statistics
5.14.4 Using Local Storage
5.14.4.1 Exporting Statistics Files to FEPCluster in a Validation Environment
5.14.4.2 Deploying Statistics Files to FEPCluster in a Production Environment
5.14.4.3 Specify File Names for FEPCluster Custom Resources
5.15 Scheduling of an Aggressive Freeze for Tuples (VACUUM FREEZE)
5.16 Setup of Knowledge Data Management
5.16.1 Setting up Vector Data Management
5.16.1.1 pgvector Setup
5.16.1.2 pgvectorscale Setup
5.16.1.3 Setting Up Vector Database Recall Measurement
5.16.1.3.1 Example of defining an FEPCluster Custom Resource
5.16.1.3.2 vector_database_recall_summary Table
5.16.1.3.3 Monitoring and notifying Vector Database Recall
5.16.2 Semantic Text Search and Automatic Vectorization
5.16.2.1 Setting up Semantic Text Search and Automatic Vectorization
5.16.2.2 Setting up Hybrid Search Feature
5.16.3 Setting up Graph Management Feature
5.16.4 Setting up Model Management in the Database
5.17 Setup of Job Scheduler
5.18 Operation of Multi-master Replication
5.18.1 Verifying the Creation Status of Multi-master Replication
5.18.1.1 preparation_multi_master_replication table
5.18.2 Add/Remove Multi-master Replication
5.18.2.1 Modifying Multi-master Replication Definition Files
5.18.2.2 Creating a Database
5.18.2.3 Updating Multi-master Replication Using FEPAction Custom Resources
Chapter 6 Maintenance Operations
6.1 Minor Version Upgrade
6.2 Cluster Master Switchover
6.3 Perform PITR and the Latest Backup Restore from Operator
6.3.1 Setting Item
6.3.2 After Restore
6.4 Restoring a Multi-Master Replication Database Cluster
6.4.1 When Continuation is Possible Within the Region
6.4.2 When switching between regions
6.4.3 When the Database Stops in All Regions
6.5 Major Version Upgrade
6.5.1 Pre-work on the Data Source FEP Cluster
6.5.2 Operator Upgrade
6.5.2.1 Uninstalling the Old Operator
6.5.2.2 Installing a New Version of the Operator
6.5.3 Major Version Upgrade of FEP
6.5.3.1 Creating a New FEPCluster CR
6.5.3.2 Verifying FEP Major Upgrade Complete
6.5.4 Updating Each Custom Resource
6.5.4.1 Removing a FEPClusterCR for a Data Source
6.5.4.2 FEPPgpool2
6.5.4.3 FEPExporter Built in Standalone Mode
6.6 Assigned Resources for Operator Containers
6.6.1 How to Change Assigned Resources
6.6.1.1 When installing using OperatorHub
6.6.1.2 When installing using Helm Chart or RancherUI
6.7 Using SUPERUSER Privilege
6.7.1 CREATE EXTENSION
6.7.2 ALTER EXTENSION
6.7.3 Change Password of SUPERUSER
6.7.4 Using SUPERUSER
Chapter 7 Abnormality
7.1 Handling of Data Abnormalities
7.2 Handling when the Capacity of the Data Storage Destination or Transaction Log Storage Destination is Insufficient
7.3 What to do when the Capacity of the Backup Data Storage Area is Insufficient
7.4 Handling Access Abnormalities When Instance Shutdown Fails
7.5 Collection of Failure Investigation Information
7.6 Log Collection Tool
7.6.1 Logs Collected
7.6.2 Location and Dependencies
7.6.3 User Interface
7.6.3.1 Command-Line Syntax
7.6.4 Log Collection Directory
7.6.4.1 Command-Line Specification
7.6.4.2 Directory Structure
Appendix A Quantitative Values and Limitations
A.1 Quantitative Values
A.2 Limitations
Appendix B Adding Custom Annotations to FEPCluster Pods using Operator
Appendix C Utilize Shared Storage
C.1 Creating a StorageClass
C.2 Creating a PersistentVolume
C.3 Creating FEPCluster
Appendix D Key Management System Available for Transparent Data Encryption
D.1 KMIP Server
D.2 AWS Key Management Service
D.2.1 Available Services
D.2.2 Available AWS KMS Keys
D.2.3 Required Privileges
D.2.4 Key ID
D.3 Azure Key Management Service
D.3.1 Available Services
D.3.2 Available Keys
D.3.3 Available Algorithms
D.3.4 Key Operation
D.3.5 Key ID
D.3.6 Sign In
Appendix E Fluent Bit Integration Using Custom Secret
E.1 Create Custom Secret
E.1.1 Sample fluent-bit.yaml template
E.1.2 Sample parsers.conf template
E.1.3 Encode the fluent-bit.yaml content
E.1.4 Encode the parsers.conf content
E.1.5 Create the custom secret
E.2 Reference to the secret in FEPClusterCR
E.2.1 Reload Fluent Bit Configuration
E.2.2 Confirm Log Ingestion in Azure Blob
E.2.3 Confirm Log Ingestion in Elasticsearch
E.3 Fluent Bit configuration for Prometheus exporter
E.3.1 Create a Service
E.3.2 Create a ServiceMonitor
E.3.3 Confirm Log Ingestion in Prometheus
E.4 Fluent Bit configuration for AWS CloudWatch
E.4.1 Create AWS credentials Secret
E.4.2 Encode the config file content
E.4.3 Encode the credentials content
E.4.4 Create a secret using base64 encoded content
E.4.5 Reference the Secrets in FEPClusterCR
Top
(Collapse Contents)
Title Page
