Alauda support for PostgreSQL

Release Notes

TOC

v4.3.0New and Optimized FeaturesFixed IssuesKnown Issuesv4.2.0New and Optimized FeaturesFixed IssuesKnown Issues

v4.3.0

New and Optimized Features

  • RBAC least-privilege and role segregation. The operator no longer manages cluster-level RBAC resources, and deletecollection has been removed from all resource rules. Five new user-facing aggregated roles are introduced — admin, edit, view, backup, and restore — enabling segregation of duties. The SkipRuntimeRBACCreation configuration option was removed; the operator now always provisions the namespace-scoped ServiceAccount and RoleBinding at runtime. See RBAC Architecture and Assign PostgreSQL RBAC Roles for details.
  • Cross-Cluster Replication (XCR) stability. Added statement_timeout to XCR connections and silenced spurious error logging. Guarded XCR metadata writes when no sync replica is ready and cleaned up orphaned replication slots when standby clusters scale down. Removed aggressive slot removal from BeforeClusterSync that could disrupt healthy replicas, and eliminated unnecessary local-DB connection attempts in preReconcile for LoadBalancer-based standby clusters.
  • Reliability fixes.
    • waitForPodDeletion now polls the Kubernetes API in addition to the informer channel, eliminating 10-minute worker stalls caused by missed Delete events (observed on IPv6 / kube-ovn clusters).
    • Patroni status updates during cluster lifecycle are now non-fatal — transient Patroni API errors are logged as warnings and no longer drive the cluster to SyncFailed / AddFailed. Also fixed a defer-variable-capture bug where the Patroni error leaked into the enclosing deferred status-setting closure.
    • Fixed empty external-IP issue when a LoadBalancer Service is used for replication.
    • Fixed restore errors and CSV generation issues.
  • Build and security.
    • Renovate is integrated across release branches for automated dependency management.
    • Go toolchain bumped to v1.26; upstream Zalando components (operator, operator-ui, logical-backup) updated to v1.15.0; Spilo rebuilt with the latest security fixes.
    • Batch Go-module security patches across golang.org/x/crypto, golang.org/x/net, logrus, requests, and related dependencies.

Fixed Issues

No issues in this release.

Known Issues

No issues in this release.

v4.2.0

New and Optimized Features

  • Supported deploying a Postgres instance in PSA-restricted mode.
  • Supported using the Load Balancer Service type for hot standby cluster replication.
  • Fixed multiple CVEs.
  • Removed PostgreSQL 11 and 12 support.

Fixed Issues

No issues in this release.

Known Issues

No issues in this release.