VMware Tanzu™ SQL with Postgres for Kubernetes

This document contains pertinent release information about VMware Tanzu SQL with Postges for Kubernetes. Obtain the most recent version of the distribution from VMware Tanzu Network.

Supported Platforms

Tanzu Postgres versions 1.X are supported on the following platforms:

Additional Kubernetes environments, such as Minikube, can be used for testing or demonstration purposes.

IMPORTANT: VMware does not support deployments that have been modified by adding layers to the packaged Docker images, or deployments that reference images other than the VMware Postgres Operator. VMware does not support changing the contents of the deployed containers and pods in any way.

Release 1.1.0

Release Date: February 26, 2021

Software Components

VMware Postgres Version Component Component Version
1.1.0 PostgreSQL 11.10
pgBackRest 2.31
pg_auto_failover 1.4.0


Tanzu Postgres 1.1.0 has the following features:

  • Support for upgrading from Tanzu Postgres 1.0.0 to 1.1.0. See Upgrading the Tanzu Postgres Operator and Instances.
  • Support for Postgres 11.10.
  • Enhanced security by implementing Postgres cluster communications via SSL.
  • Improved auto-healing, when instances or services are terminated abnormally or accidentally. The Postgres operator monitors and automatically restarts any deleted or stopped instances or agents.
  • Postgres instances with the same name, in different namespaces, can now be backed up to the same S3 location.

Changed Features

  • Updated the pgbackrest sample configuration file, from pgbackrest.conf to pgbackrest.conf.template.
  • The storageSize parameter cannot be altered after Postgres instance creation. Any attempt to do so generates an error similar to: storageSize cannot be reduced after the instance is created. No changes have been made to the running instance.

Fixed Issues

  • [166560384] - Tanzu Postgres backups to an S3 location, using the parameter verifyTLS: true and a well-known Certificate Authority, would fail with an error similar to: 2020-12-18 01:01:43.460 P00 DEBUG: common/io/http/request::httpRequestProcess: retry CryptoError: unable to verify certificate presented by 's3.us-west-1.amazonaws.com:443': [20] unable to get local issuer certificate This issue has been resolved.
  • [175791284] - Fixed an issue where storageSize updates affected more than one instance, if the instances had matching names in separate namespaces.
  • [175885808] - Updated the s3-secret-example.yaml file for S3 backups, and all parameters are now specified in double quotes.
  • [175618701] - Resolved an issue with the s3 secret yaml file, where parameters marked as “optional” but not configured would cause the backup operation to fail.
  • [175602831] - When the archive_mode flag was on (in the postgresql.conf file), but the backupLocationSecret was left unconfigured in the instance configuration yaml file, backups were still attempted. This issue has been resolved.
  • [176061339] - Changed the detail level of the pgbackrest console output to info.

Release 1.0.0

Release Date: October 30, 2020

Tanzu Postgres 1.0.0 is the first release of VMware Tanzu Postgres on Kubernetes.

Software Components

VMware Postgres Version Component Component Version
1.0.0 PostgreSQL 11.9
psqlODBC 11.0-0000
pgjdbc 42.2.5
pgBackRest 2.28
pg_auto_failover 1.4.0
postGIS 2.5.4


Tanzu Postgres 1.0.0 has the following features:

Known Issues and Limitations

  • Upgrades from the Beta program releases to the Tanzu Postgres 1.0.0 release are not supported. Download and install the latest version.
  • The High Availability configuration contains only one mirror.
  • The default storage size for the Postgres instance is too limited for long term running Postgres environments. Change the storageSize to 10G, and use an expandable storage class. See Configuring a Postgres Instance.
  • During an upgrade from 1.0.0 to 1.1.0, in an HA scenario, the Postgres instances state does not show “Ready” until both the primary and the mirror nodes have restarted. This limitation stops the clients from connecting to a read-write instance during the upgrade.