err fixed in postgres rotateauth

Signed-off-by: Bonusree <[email protected]>

Author: Bonusree

docs/guides/pgbouncer/initialization/gitsync.md

@@ -2,7 +2,7 @@
 title: Initialize PgBouncer From Git Repository
 menu:
   docs_{{ .version }}:
-    identifier: guides-mysql-gitsync
+    identifier: guides-PgBouncer -gitsync
     name: Git Repository
     parent: pb-initialization-pgbouncer
     weight: 20
@@ -15,67 +15,89 @@ section_menu_id: guides
 # Initialization PgBouncer from a Git Repository
 This guide demonstrates how to use KubeDB to initialize a PgBouncer database with initialization scripts (.sql, .sh, .js and/or .sql.gz) stored in a public or private Git repository.
 To fetch the repository contents, KubeDB uses a sidecar container called [git-sync](https://github.com/kubernetes/git-sync).
-In this example, we will initialize PgBouncer using a `.sql` script from the GitHub repository [kubedb/mysql-init-scripts](https://github.com/kubedb/mysql-init-scripts).
+In this example, we will initialize PgBouncer using a `.sql` script from the GitHub repository [kubedb/PgBouncer -init-scripts](https://github.com/kubedb/PgBouncer -init-scripts).
 
 ## Before You Begin
 
 - At first, you need to have a Kubernetes cluster, and the `kubectl` command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using [kind](https://kind.sigs.k8s.io/docs/user/quick-start/).
 
-- Now, install KubeDB operator in your cluster by following the steps [here](/docs/setup/README.md).
+- Install `KubeDB` Provisioner and Ops-manager operator in your cluster following the steps [here](/docs/setup/README.md).
+
+- You should be familiar with the following `KubeDB` concepts:
+    - [PgBouncer](/docs/guides/pgbouncer/concepts/pgbouncer.md)
+    - [PgBouncerOpsRequest](/docs/guides/pgbouncer/concepts/opsrequest.md)
+    - [Updating Overview](/docs/guides/pgbouncer/update-version/overview.md)
 
 To keep everything isolated, we are going to use a separate namespace called `demo` throughout this tutorial.
+
 ```bash
 $ kubectl create ns demo
 namespace/demo created
 ```
 
+> **Note:** YAML files used in this tutorial are stored in [docs/examples/pgbouncer](/docs/examples/pgbouncer) directory of [kubedb/docs](https://github.com/kubedb/docs) repository.
+
+### Prepare Postgres
+Prepare a KubeDB Postgres cluster using this [tutorial](/docs/guides/postgres/clustering/streaming_replication.md), or you can use any externally managed postgres but in that case you need to create an [appbinding](/docs/guides/pgbouncer/concepts/appbinding.md) yourself. In this tutorial we will use 3 node Postgres cluster named `ha-postgres`.
+
+### Prepare PgBouncer
+
+Now, we are going to deploy a `PgBouncer` with version `1.24.0`.
+
 ## From Public Git Repository
 
-KubeDB implements a `MySQL` Custom Resource Definition (CRD) to define the specification of a PgBouncer database.
+KubeDB implements a `PgBouncer ` Custom Resource Definition (CRD) to define the specification of a PgBouncer database.
 To initialize the database from a public Git repository, you need to specify the required arguments for the `git-sync` sidecar container within the PgBouncer resource specification.
-The following YAML manifest shows an example `MySQL` object configured with `git-sync`:
+The following YAML manifest shows an example `PgBouncer ` object configured with `git-sync`:
 
 ```yaml
 apiVersion: kubedb.com/v1
-kind: MySQL
+kind: PgBouncer
 metadata:
-  name: sample-mysql
+  name: pb-demo
   namespace: demo
 spec:
+  version: "1.24.0"
+  replicas: 1
+  database:
+    syncUsers: true
+    databaseName: "postgres"
+    databaseRef:
+      name: "postgres-demo"
+      namespace: demo
+  connectionPool:
+    maxClientConnections: 20
+    reservePoolSize: 5
   init:
     script:
-      scriptPath: "current"
+      scriptPath: "sync-test"
       git:
         args:
-          - --repo=https://github.com/kubedb/mysql-init-scripts
-          - --link=current
-          - --root=/git
-          # terminate after one successful sync
+          - --repo=<desired repo>
+          - --depth=1
+          - --add-user=true
+          - --period=60s
           - --one-time
-  version: "9.1.0"
-  storage:
-    accessModes:
-      - ReadWriteOnce
-    resources:
-      requests:
-        storage: 1Gi
-  deletionPolicy: WipeOut
+        securityContext:
+          runAsUser: 999
 ```
 ```bash
-kubectl create -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/mysql/initialization/yamls/git-sync-public.yaml
-MySQL.kubedb.com/sample-PgBouncer created
+kubectl create -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/PgBouncer /initialization/yamls/git-sync-public.yaml
+PgBouncer .kubedb.com/sample-PgBouncer created
 ```
+Here,
 
-The `git-sync` container has two required flags:
+-`.spec.init.git.securityContext.runAsUser` the init container git_sync runs with user 999.
+- `.spec.init.script.git.args` specifies the arguments for the `git-sync` container.
+The `git-sync` container has one required flags:
 - `--repo`  – specifies the remote Git repository to sync.
-- `--root`  – specifies the working directory where the repository will be cloned.Here name `/git`is fixed
 
 Here, the value of the `--link` argument must match the value of `spec.init.script.scriptPath`.
 The `--link` argument creates a symlink that always points to the latest synced data.
 
 > To know more about `git-sync` configuration visit this [link](https://github.com/kubernetes/git-sync).
 
-Now, wait until `sample-mysql` has status `Ready`. i.e,
+Now, wait until `sample-PgBouncer ` has status `Ready`. i.e,
 
 ```bash
 $ kubectl get PgBouncer -n demo 
@@ -86,14 +108,14 @@ sample-PgBouncer   9.1.0     Ready    42m
 Next, we will connect to the PgBouncer database and verify the data inserted from the `*.sql` script stored in the Git repository.
 
 ```bash
-$  kubectl get secrets -n demo sample-mysql-auth -o jsonpath='{.data.\username}' | base64 -d
+$  kubectl get secrets -n demo sample-PgBouncer -auth -o jsonpath='{.data.\username}' | base64 -d
 root⏎  
-$ kubectl get secrets -n demo sample-mysql-auth -o jsonpath='{.data.\password}' | base64 -d
+$ kubectl get secrets -n demo sample-PgBouncer -auth -o jsonpath='{.data.\password}' | base64 -d
 lYeFGCL~mklFUN1b⏎ 
-$  kubectl exec -it -n demo sample-mysql-0 -- bash
-Defaulted container "mysql" out of: mysql, mysql-init (init), git-sync (init)
+$  kubectl exec -it -n demo sample-PgBouncer -0 -- bash
+Defaulted container "PgBouncer " out of: PgBouncer , PgBouncer -init (init), git-sync (init)
 bash-5.1$ PgBouncer -uroot -p"lYeFGCL~mklFUN1b"  
-mysql: [Warning] Using a password on the command line interface can be insecure.
+PgBouncer : [Warning] Using a password on the command line interface can be insecure.
 Welcome to the PgBouncer monitor.  Commands end with ; or \g.
 Your PgBouncer connection id is 156
 Server version: 9.1.0 PgBouncer Community Server - GPL
@@ -106,7 +128,7 @@ owners.
 
 Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
-mysql> show databases;
+PgBouncer > show databases;
 +--------------------+
 | Database           |
 +--------------------+
@@ -118,13 +140,13 @@ mysql> show databases;
 +--------------------+
 5 rows in set (0.02 sec)
 
-mysql> use mysql;
+PgBouncer > use PgBouncer ;
 Reading table information for completion of table and column names
 You can turn off this feature to get a quicker startup with -A
 
 Database changed
 
-mysql> select * from kubedb_table;
+PgBouncer > select * from kubedb_table;
 +----+-------+
 | id | name  |
 +----+-------+
@@ -133,7 +155,7 @@ mysql> select * from kubedb_table;
 |  3 | name3 |
 +----+-------+
 3 rows in set (0.00 sec)
-mysql> select * from kubedb_table;
+PgBouncer > select * from kubedb_table;
 +----+-------+
 | id | name  |
 +----+-------+
@@ -172,13 +194,13 @@ $ kubectl create secret generic -n demo git-creds \
     --from-file=known_hosts=/tmp/known_hosts
 ```
 
-The following YAML manifest provides an example of a `MySQL` resource configured to use `git-sync` with a private Git repository:
+The following YAML manifest provides an example of a `PgBouncer ` resource configured to use `git-sync` with a private Git repository:
 
 ```yaml
 apiVersion: kubedb.com/v1
-kind: MySQL
+kind: PgBouncer 
 metadata:
-  name: sample-mysql
+  name: sample-PgBouncer 
   namespace: demo
 spec:
   init:
@@ -209,8 +231,8 @@ spec:
 ```
 
 ```bash
-kubectl create -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/mysql/initialization/yamls/git-sync-ssh.yaml
-MySQL.kubedb.com/sample-PgBouncer created
+kubectl create -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/PgBouncer /initialization/yamls/git-sync-ssh.yaml
+PgBouncer .kubedb.com/sample-PgBouncer created
 ```
 
 Here,
@@ -229,14 +251,14 @@ $ kubectl create secret generic -n demo git-pat \
     --from-literal=github-pat=<ghp_yourpersonalaccesstoken>
 ```
 
-Now, create a `MySQL` resource that references the secret created above.
+Now, create a `PgBouncer ` resource that references the secret created above.
 The following YAML manifest shows an example:
 
 ```yaml
 apiVersion: kubedb.com/v1
-kind: MySQL
+kind: PgBouncer 
 metadata:
-  name: sample-mysql
+  name: sample-PgBouncer 
   namespace: demo
 spec:
   init:
@@ -268,8 +290,8 @@ spec:
 ```
 
 ```bash
-kubectl create -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/mysql/initialization/yamls/git-sync-pat.yaml
-MySQL.kubedb.com/sample-PgBouncer created
+kubectl create -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/guides/PgBouncer /initialization/yamls/git-sync-pat.yaml
+PgBouncer .kubedb.com/sample-PgBouncer created
 ```
 
 Once the database reaches the `Ready` state, you can verify the data using the method described above.
@@ -280,6 +302,6 @@ Once the database reaches the `Ready` state, you can verify the data using the m
 To clean up the Kubernetes resources created by this tutorial, run:
 
 ```bash
-$ kubectl delete PgBouncer -n demo sample-mysql
+$ kubectl delete PgBouncer -n demo sample-PgBouncer 
 $ kubectl delete ns demo
 ```

docs/guides/postgres/rotate-authentication/rotateauth.md

@@ -14,7 +14,7 @@ section_menu_id: guides
 **Rotate Authentication** is a feature of the KubeDB Ops-Manager that allows you to rotate a `Postgres` user's authentication credentials using a `PostgresOpsRequest`. There are two ways to perform this rotation.
 
 1. **Operator Generated:** The KubeDB operator automatically generates a random credential, updates the existing secret with the new credential The KubeDB operator automatically generates a random credential and updates the existing secret with the new credential..
-2. **User Defined:** The user can create their own credentials by defining a secret of type `kubernetes.io/basic-auth` containing the desired `username` and `password` and then reference this secret in the `PostgresOpsRequest`.
+2. **User Defined:** The user can create their own credentials by defining a secret of type `kubernetes.io/basic-auth` containing the desired `password` and then reference this secret in the `PostgresOpsRequest`.
 
 ## Before You Begin 
 
@@ -245,11 +245,12 @@ The above output shows that the password has been changed successfully. The prev
 #### 2. Using user created credentials
 
 At first, we need to create a secret with kubernetes.io/basic-auth type using custom username and password. Below is the command to create a secret with kubernetes.io/basic-auth type,
+> **Note:** Can not change the username while rotating authentication. The username must be same as 'postgres' which is the current username of the database.
 
 ```shell
 $ kubectl create secret generic quick-postgres-user-auth -n demo \
                                                 --type=kubernetes.io/basic-auth \
-                                                --from-literal=username=admin \
+                                                --from-literal=username=postgres \
                                                 --from-literal=password=postgres-secret
  secret/quick-postgres-user-auth created
 ```
@@ -386,7 +387,7 @@ Events:
 $ kubectl get pg -n demo quick-postgres -ojson | jq .spec.authSecret.name
 "quick-postgres-user-auth"
 $ kubectl get secret -n demo quick-postgres-user-auth-new -o=jsonpath='{.data.username}' | base64 -d
-admin                                        
+postgres                                        
 $ kubectl get secret -n demo quick-postgres-user-auth-new -o=jsonpath='{.data.password}' | base64 -d
 postgres-secret                                                                
 ```