PostgreSQL (RDS)

Provision an RDS PostgreSQL instance and connect it to Kloudfuse.

Prerequisites

  • PostgreSQL 18

  • Instance class: db.m5.large or larger

  • Same VPC as the EKS cluster

Set the required environment variables before running the commands on this page:

export NAMESPACE=<your-namespace>
export PG_PASSWORD=<your-password>

Create Kubernetes Secret

PG_PASSWORD_ENCODED=$(python3 -c "import urllib.parse; print(urllib.parse.quote('$PG_PASSWORD', safe=''))")

kubectl create secret generic kfuse-pg-credentials \
  --namespace="$NAMESPACE" \
  --from-literal=postgres-password="$PG_PASSWORD" \
  --from-literal=postgresql-password="$PG_PASSWORD" \
  --from-literal=postgresql-password-encoded="$PG_PASSWORD_ENCODED" \
  --from-literal=postgresql-replication-password="$PG_PASSWORD"

curl -o rds-ca-bundle.pem https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
kubectl create secret generic pg-tls-ca-cert \
  --namespace="$NAMESPACE" \
  --from-file=ca.crt=rds-ca-bundle.pem

Create RDS Instance

aws rds create-db-instance \
  --db-instance-identifier "<cluster-name>-pg" \
  --db-instance-class db.m5.large \
  --engine postgres \
  --engine-version "18.3" \
  --master-username postgres \
  --master-user-password "<rds-master-password>" \
  --allocated-storage 100 \
  --storage-type gp3 \
  --no-publicly-accessible \
  --storage-encrypted

Create Application Database User

Connect to RDS using the master user and create the application user:

psql "host=<rds-endpoint> user=postgres dbname=postgres sslmode=require"
CREATE USER <your-app-username> WITH PASSWORD '$PG_PASSWORD' CREATEDB;
sql

Helm Values

Add the following to your custom-values.yaml. Use the RDS endpoint from the instance created above.

global:
  configDB:
    host: "<rds-endpoint>"
    username: "<your-app-username>"
  orchestratorDB:
    host: "<rds-endpoint>"
    username: "<your-app-username>"

installKfusePgCredentials: false
yaml