{"id":19236855,"url":"https://github.com/crunchydata/pgo-osb","last_synced_at":"2025-07-03T06:06:11.906Z","repository":{"id":52600415,"uuid":"138215179","full_name":"CrunchyData/pgo-osb","owner":"CrunchyData","description":"Open Service Broker Implementation Based on the Crunchy PostgreSQL Operator","archived":false,"fork":false,"pushed_at":"2023-02-15T02:11:29.000Z","size":34683,"stargazers_count":13,"open_issues_count":5,"forks_count":14,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-06-28T12:26:48.284Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CrunchyData.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-06-21T19:50:09.000Z","updated_at":"2024-07-13T12:33:04.000Z","dependencies_parsed_at":"2024-06-19T00:19:20.424Z","dependency_job_id":"172f50e2-8882-48fc-aa10-439cb2d0e88a","html_url":"https://github.com/CrunchyData/pgo-osb","commit_stats":null,"previous_names":[],"tags_count":34,"template":false,"template_full_name":null,"purl":"pkg:github/CrunchyData/pgo-osb","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrunchyData%2Fpgo-osb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrunchyData%2Fpgo-osb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrunchyData%2Fpgo-osb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrunchyData%2Fpgo-osb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CrunchyData","download_url":"https://codeload.github.com/CrunchyData/pgo-osb/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrunchyData%2Fpgo-osb/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263271500,"owners_count":23440396,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T16:23:43.346Z","updated_at":"2025-07-03T06:06:11.886Z","avatar_url":"https://github.com/CrunchyData.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Crunchy PostgreSQL Operator Open Service Broker (pgo-osb)\n\n\u003cp align=\"center\"\u003e\n \u003cimg width=\"300\" src=\"./docs/assets/images/crunchy_logo.png?raw=true\"/\u003e\n\u003c/p\u003e\n\nLatest Release: v4.7.3, 2021-08-19\n\n## General\n\nThe **pgo-osb** project is an implementation of the Open Service Broker\nAPI. This implementation uses the Crunchy PostgreSQL Operator as\na means to provision services, in this case the service is a PostgreSQL\ndatabase cluster.\n\n**pgo-osb** allows users to also bind to a *service instance* which when\ninvoked will return PostgreSQL credentials to a user they can use\nto connect to the PostgreSQL database instance.\n\nAlso, users can *deprovision* a PostgreSQL database cluster using the\nOSB API.\n\nThe **pgo-osb** broker was developed using the *OSB Starter Pack* and\nassociated libraries.\n\n\nSee the following:\n\n * [Open Service Broker API](https://github.com/openservicebrokerapi/servicebroker)\n * [`osb-broker-lib`](https://github.com/pmorie/osb-broker-lib).\n * [`go-open-service-broker-client`](https://github.com/pmorie/go-open-service-broker-client)\n * [service-catalog](https://github.com/kubernetes-incubator/service-catalog)\n\n## Compatibility\n\nStarting with **pgo-osb** version 4.0.0, the release schedule and version number\nfor **pgo-osb** will be aligned with the release\nschedule and version number for the the\n[Crunchy PostgreSQL Operator](https://access.crunchydata.com/documentation/postgres-operator/).\nTherefore, to ensure compatibility between **pgo-osb** and the PostgreSQL\nOperator, please ensure the version number for **pgo-osb** matches the\nversion number of the PostgreSQL Operator deployed in your environment. For\ninstance, if you are using **pgo-osb** v4.7.3, please ensure the Crunchy\nPostgreSQL Operator v4.7.3 is also deployed in your environment.\n\n## Prerequisites\n\ngolang 1.9 or above is required to build this project.\n\nRunning the **pgo-osb** service broker assumes you have successfully deployed\nthe PostgreSQL Operator. See the [PostgreSQL Operator](https://access.crunchydata.com/documentation/postgres-operator/)\ndocumentation for documentation on deploying the PostgreSQL Operator:\n\n[https://access.crunchydata.com/documentation/postgres-operator/](https://access.crunchydata.com/documentation/postgres-operator/)\n\nPlease note that if **pgo-osb** is deployed to a different namespace than the\nPostgreSQL Operator, DNS must be utilized when specifying the URL for the\nPostgreSQL Operator API server. This is done using environment variable\n`PGO_APISERVER_URL` in the **pgo-osb** `deployment.yaml` file (located in\ndirectory `$OSB_ROOT/deploy`). For instance, if the PostgreSQL Operator is\ndeployed to namespace `pgo`, the `PGO_APISERVER_URL` environment variable would\nbe set in this file as follows:\n\n```yaml\n- --PGO_APISERVER_URL\n- \"https://postgres-operator.pgo.svc.cluster.local:8443\"\n\n```\n\nHowever, if **pgo-osb** is deployed to the same namespace as the PostgreSQL\nOperator, then the PostgreSQL Operator service name can simply be utilized:\n\n```yaml\n- --PGO_APISERVER_URL\n- \"https://postgres-operator:8443\"\n\n```\n\nAdditionally, **pgo-osb** must also be configured with the certificates needed\nto properly authenticate into and trust the PostgreSQL Operator API server. When\ninstalling the PostgreSQL Operator API server these certificates are\nautomatically generated, and must be copied into directory `$OSB_ROOT/deploy`\nprior to deploying **pgo-osb**. This allows the certificates to be stored in a\nsecret that can be utilized by **pgo-osb** when accessing the PostgreSQL\nOperator API server. For instance, if the PostgreSQL Operator was installed\nusing the `bash` installation method, the certificates can be copied as follows:\n\n```shell\ncp $PGOROOT/conf/postgres-operator/server.crt $PGOROOT/conf/postgres-operator/server.key $OSB_ROOT/deploy\n```\n\nOr if the PostgreSQL Operator was installed using Ansible, then the certificates\ncan be copied from your home directory as follows:\n\n```shell\ncp \"${HOME}\"/.pgo/\"${PGO_OPERATOR_NAMESPACE}\"/output/server.crt $OSB_ROOT/deploy\ncp \"${HOME}\"/.pgo/\"${PGO_OPERATOR_NAMESPACE}\"/output/server.pem $OSB_ROOT/deploy/server.key\n```\n\nThis example also assumes you have created a Kube namespace called *demo*. Adjust\nOSB_NAMESPACE to suit your specific namespace value. And lastly, the example\nassumes you are using the PostgreSQL Operator default RBAC account called\n`username` with a password of `password`. If this is not the case then you will\nneed to adjust the example service instance `service-instance.yaml`.\n\n## Operator Configuration\n\nThe standalone and ha service plans require custom storage and container\nresource configurations in the PostgreSQL Operator's `pgo.yaml` definition.\nRefer to the Operator documentation:\n\n[https://access.crunchydata.com/documentation/postgres-operator/latest/configuration/pgo-yaml-configuration/](https://access.crunchydata.com/documentation/postgres-operator/latest/configuration/pgo-yaml-configuration/)\n\nThe Open Service Broker will request custom storage and container resources\ncorresponding to the size of plan, using the names `osbsmall`, `osbmedium`,\n`osblarge`. For example, the `standalone_md` plan will use disk sizes defined by\nthe `osbmedium` custom storage definition and the memory and CPU limits defined\nby the `osbmedium` container resource definition.\n\nExample configuration descriptions:\n\n```yaml\nStorage:\n osbsmall:\n AccessMode: \u003cbased on environment\u003e\n Size: 300M\n StorageType: \u003cbased on environment\u003e\n StorageClass: \u003cbased on environment\u003e\n Fsgroup: 26\n osbmedium:\n AccessMode: \u003cbased on environment\u003e\n Size: 600M\n StorageType: \u003cbased on environment\u003e\n StorageClass: \u003cbased on environment\u003e\n Fsgroup: 26\n osblarge:\n AccessMode: \u003cbased on environment\u003e\n Size: 2G\n StorageType: \u003cbased on environment\u003e\n StorageClass: \u003cbased on environment\u003e\n Fsgroup: 26\nContainerResources:\n osbsmall:\n RequestsMemory: 512Mi\n RequestsCPU: 0.1\n LimitsMemory: 512Mi\n LimitsCPU: 1.0\n osbmedium:\n RequestsMemory: 1Gi\n RequestsCPU: 0.5\n LimitsMemory: 1Gi\n LimitsCPU: 2.0\n osblarge:\n RequestsMemory: 2Gi\n RequestsCPU: 1.0\n LimitsMemory: 2Gi\n LimitsCPU: 4.0\n```\n\n## Build\n\nTo build the **pgo-osb** broker, place these additional environment variables\ninto your `.bashrc` as they are used in the various scripts and deployment\ntemplates:\n\n```shell\nexport GOPATH=$HOME/odev\nexport GOBIN=$GOPATH/bin\nexport PATH=$GOBIN:$PATH\nexport OSB_NAMESPACE=demo\nexport OSB_CMD=kubectl\nexport OSB_ROOT=$GOPATH/src/github.com/crunchydata/pgo-osb\nexport OSB_BASEOS=centos7\nexport OSB_VERSION=4.7.3\nexport OSB_IMAGE_TAG=$OSB_BASEOS-$OSB_VERSION\nexport OSB_IMAGE_PREFIX=crunchydata\n```\n\nInstall the dep dependency tool:\n\n```shell\nmkdir $GOPATH/bin $GOPATH/src/github.com/crunchydata $GOPATH/pkg -p\ncurl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh\n```\n\nGet the code:\n\n```shell\ncd $GOPATH/src/github.com/crunchydata\ngit clone https://github.com/crunchydata/pgo-osb.git\ncd pgo-osb\n```\n\n## Deploy Service Catalog\n\nInstall the service catalog into your Kubernetes cluster by following this link:\n\n[https://svc-cat.io/docs/install/](https://svc-cat.io/docs/install/)\n\nInstructions on that link are provided to also install the\nvery useful `svcat` utility for inspecting and working\nwith the service catalog.\n\n## Deploy\n\nDeploy the **pgo-osb** broker:\n\n```shell\nmake setup\nmake image\nmake deploy\n```\n\nVerify your deployment has been successful with:\n\n```shell\nkubectl get pod --selector=app=pgo-osb\n```\n\nwhich has output similar to:\n\n```shell\nNAME READY STATUS RESTARTS AGE\npgo-osb-69c76578b9-v7s9k 1/1 Running 0 16m\n```\n\n\n## Working with the **pgo-osb**\n\nTo use the **pgo-osb** broker, please follow the following instructions.\n\nNote that if you want to specify a specific namespace for where your PostgreSQL\ncluster is deployed to, you can use the `PGO_CLUSTER_NAMESPACE` environmental\nvariable. Otherwise, **pgo-osb** will search across all namespaces to look up\nwhere the cluster exists.\n\n### Show Available Plans\n\n```shell\nsvcat marketplace\n```\n\nwhich has output similar to:\n\n```shell\n CLASS PLANS DESCRIPTION \n+-----------------+---------------+--------------+\n pgo-osb-service standalone_lg The pgo osb! \n ha_lg \n default \n ha_sm \n standalone_sm \n ha_md \n standalone_md \n```\n\n**Note**: Additional services installed in your environment may be listed as well.\n\n\n### Create a Service Instance\n\n```shell\ncd $OSB_ROOT\nmake provision\nkubectl get serviceinstance\nmake provision2\nkubectl get serviceinstance\n```\n\nPlease note the `ServiceInstance` objects created when running the\n`make provision` and `make provision2` commands above will create PostgreSQL\ncluster's in the default namespace set for the PostgreSQL Operator according to\nthe `PGO_NAMESPACE` environment variable set in your environment. If you would\nlike the clusters to be provisioned in another namespace, please set the proper\nnamespace using the `PGO_NAMESPACE` parameter in files\n`$OSB_ROOT/manifests/service-instance.yaml` and\n`$OSB_ROOT/manifests/service-instance2.yaml`.\n\nYou should see a pod with that service instance name:\n\n```shell\nkubectl get pod --selector=name=testinstance\nkubectl get pod --selector=name=testinstance2\n```\n\n### Create a Binding\n\n```shell\nmake bind\nkubectl get servicebinding\nmake bind2\nkubectl get servicebinding\n```\n\n### Display the Binding with Secrets\n\nYou can view the binding and the generated Postgres credentials\nusing this command:\n\n```shell\nsvcat describe binding testinstance-binding -n $OSB_NAMESPACE\n```\n\nwhich has output similar to:\n\n```shell\n Name: testinstance-binding\n Namespace: demo\n Status: Ready - Injected bind result @ \u003ctimestamp\u003e\n Secret: testinstance-binding\n Instance: testinstance\n\nParameters:\n No parameters defined\n\nSecret Data:\n db_host 12 bytes \n db_name 6 bytes \n db_port 4 bytes \n internal_host 12 bytes \n password 16 bytes \n uri 85 bytes \n username 30 bytes \n```\n\n### Display the Binding with Secrets\n\n```shell\nsvcat describe binding testinstance-binding --show-secrets -n $OSB_NAMESPACE\n```\n\nwhich has output simialr to:\n\n```shell\n Name: testinstance-binding\n Namespace: demo\n Status: Ready - Injected bind result @ \u003ctimestamp\u003e\n Secret: testinstance-binding\n Instance: testinstance\n\nParameters:\n No parameters defined\n\nSecret Data:\n db_host 10.96.22.114 \n db_name userdb \n db_port 5432 \n internal_host 10.96.22.114 \n password LEYtDzLOEMZTqiRH \n uri postgresql://userd4a4kthjhyi6to6vvz5vdh4die:LEYtDzLOEMZTqiRH@10.96.22.114:5432/userdb \n username userd4a4kthjhyi6to6vvz5vdh4die \n```\n\nYou can also use the `svcat` Service Catalog CLI to inspect\nthe service catalog.\n\n### View the Service Brokers\n\n```shell\nsvcat get brokers\n```\n\nwhich will have output simialr to:\n\n```shell\n NAME URL STATUS\n+---------+-------------------------------------------+--------+\n pgo-osb http://pgo-osb.demo.svc.cluster.local:443 Ready\n```\n\n### Get the Service Class\n\n```shell\nsvcat get classes\n```\n\nwhich will have output similar to:\n\n```shell\n NAME DESCRIPTION\n+-----------------+--------------+\n pgo-osb-service The pgo osb!\n```\n\nNote: Additional service classes installed in your environment may be listed as\nwell.\n\n### View the Service Class\n\n```shell\nsvcat describe class pgo-osb-service\n```\n\nwhich will have output similar to:\n\n```shell\nName: pgo-osb-service\nDescription: The pgo osb!\nUUID: 4be12541-2945-4101-8a33-79ac0ad58750\nStatus: Active\nTags:\nBroker: pgo-osb\nPlans:\n NAME DESCRIPTION\n+---------+--------------------------------+\n default The default plan for the pgo osb service\n```\n\n### View Instances in a Namespace\n\n```shell\nsvcat get instances -n $OSB_NAMESPACE\n```\n\nwhich will have output similar to:\n\n```shell\nNAME NAMESPACE CLASS PLAN STATUS\n+------------+-----------+-----------------+---------+--------+\n testinstance demo pgo-osb-service default Ready\n testinstance2 demo pgo-osb-service default Ready\n```\n\n\n### Cleanup Examples\n\nYou can remove the bindings and instances using these commands:\n\n```shell\nsvcat unbind testinstance -n $OSB_NAMESPACE\nsvcat unbind testinstance2 -n $OSB_NAMESPACE\nsvcat deprovision testinstance -n $OSB_NAMESPACE\nsvcat deprovision testinstance2 -n $OSB_NAMESPACE\n```\n\n## Contributing to the Project\n\nWant to contribute to the **pgo-osb** project? Great! We've put together as set\nof contributing guidelines that you can review here:\n\n- [Contributing Guidelines](./CONTRIBUTING.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrunchydata%2Fpgo-osb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcrunchydata%2Fpgo-osb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrunchydata%2Fpgo-osb/lists"}