Add PVC for persistent PostgreSQL storage

api/v1beta1/openstacklightspeed_types.go

@@ -19,6 +19,7 @@ package v1beta1
 import (
 	"github.com/openstack-k8s-operators/lib-common/modules/common/condition"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/util"
+	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -48,6 +49,18 @@ const (
 	MaxTokensForResponseDefault = 2048
 )
 
+// DatabaseSpec defines configuration for persistent PostgreSQL storage.
+type DatabaseSpec struct {
+	// +kubebuilder:validation:Optional
+	// Size of the PersistentVolumeClaim for PostgreSQL data. Defaults to 1Gi.
+	Size resource.Quantity `json:"size,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	// StorageClass name for the PersistentVolumeClaim. If omitted, the cluster's
+	// default StorageClass is used.
+	Class string `json:"class,omitempty"`
+}
+
 // OpenStackLightspeedSpec defines the desired state of OpenStackLightspeed
 type OpenStackLightspeedSpec struct {
 	OpenStackLightspeedCore `json:",inline"`
@@ -65,6 +78,12 @@ type OpenStackLightspeedSpec struct {
 	// Allows forcing a specific OCP version instead of auto-detection.
 	// Format should be like "4.15", "4.16", etc.
 	OCPRAGVersionOverride string `json:"ocpVersionOverride,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	// Database configures persistent storage for PostgreSQL data.
+	// When omitted, an emptyDir volume is used (data is lost on pod reschedule).
+	// When set, a PersistentVolumeClaim is created and mounted.
+	Database *DatabaseSpec `json:"database,omitempty"`
 }
 
 // OpenStackLightspeedCore defines the desired state of OpenStackLightspeed
@@ -154,6 +173,7 @@ type OpenStackLightspeedStatus struct {
 // +operator-sdk:csv:customresourcedefinitions:resources={{ServiceAccount,v1,lightspeed-app-server}}
 // +operator-sdk:csv:customresourcedefinitions:resources={{NetworkPolicy,v1,lightspeed-app-server}}
 // +operator-sdk:csv:customresourcedefinitions:resources={{NetworkPolicy,v1,lightspeed-postgres-server}}
+// +operator-sdk:csv:customresourcedefinitions:resources={{PersistentVolumeClaim,v1,openstack-lightspeed-data}}
 // +operator-sdk:csv:customresourcedefinitions:resources={{ClusterRole,v1,lightspeed-app-server-sar-role}}
 // +operator-sdk:csv:customresourcedefinitions:resources={{ClusterRoleBinding,v1,lightspeed-app-server-sar-role-binding}}
 // +operator-sdk:csv:customresourcedefinitions:resources={{Subscription,v1alpha1}}

bundle/manifests/lightspeed.openstack.org_openstacklightspeeds.yaml

@@ -49,6 +49,26 @@ spec:
           spec:
             description: OpenStackLightspeedSpec defines the desired state of OpenStackLightspeed
             properties:
+              database:
+                description: |-
+                  Database configures persistent storage for PostgreSQL data.
+                  When omitted, an emptyDir volume is used (data is lost on pod reschedule).
+                  When set, a PersistentVolumeClaim is created and mounted.
+                properties:
+                  class:
+                    description: |-
+                      StorageClass name for the PersistentVolumeClaim. If omitted, the cluster's
+                      default StorageClass is used.
+                    type: string
+                  size:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: Size of the PersistentVolumeClaim for PostgreSQL
+                      data. Defaults to 1Gi.
+                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                    x-kubernetes-int-or-string: true
+                type: object
               enableOCPRAG:
                 default: false
                 description: Enables automatic OCP documentation based on cluster

bundle/manifests/openstack-lightspeed-operator.clusterserviceversion.yaml

@@ -25,7 +25,7 @@ metadata:
       ]
     capabilities: Basic Install
     categories: AI/Machine Learning
-    createdAt: "2026-05-17T15:20:36Z"
+    createdAt: "2026-05-27T08:37:10Z"
     description: AI-powered virtual assistant for Red Hat OpenStack Services on OpenShift
     features.operators.openshift.io/cnf: "false"
     features.operators.openshift.io/cni: "false"
@@ -113,6 +113,9 @@ spec:
       - kind: Secret
         name: metrics-reader-token
         version: v1
+      - kind: PersistentVolumeClaim
+        name: openstack-lightspeed-data
+        version: v1
       specDescriptors:
       - description: |-
           Secret name containing API token for the LLMEndpoint. The secret must contain
@@ -361,11 +364,10 @@ spec:
         - apiGroups:
           - ""
           resources:
-          - secrets
+          - persistentvolumeclaims
+          - services
           verbs:
           - create
-          - delete
-          - deletecollection
           - get
           - list
           - patch
@@ -374,23 +376,25 @@ spec:
         - apiGroups:
           - ""
           resources:
-          - serviceaccounts
+          - secrets
           verbs:
           - create
+          - delete
+          - deletecollection
           - get
           - list
           - patch
+          - update
           - watch
         - apiGroups:
           - ""
           resources:
-          - services
+          - serviceaccounts
           verbs:
           - create
           - get
           - list
           - patch
-          - update
           - watch
         - apiGroups:
           - apps

config/crd/bases/lightspeed.openstack.org_openstacklightspeeds.yaml

@@ -49,6 +49,26 @@ spec:
           spec:
             description: OpenStackLightspeedSpec defines the desired state of OpenStackLightspeed
             properties:
+              database:
+                description: |-
+                  Database configures persistent storage for PostgreSQL data.
+                  When omitted, an emptyDir volume is used (data is lost on pod reschedule).
+                  When set, a PersistentVolumeClaim is created and mounted.
+                properties:
+                  class:
+                    description: |-
+                      StorageClass name for the PersistentVolumeClaim. If omitted, the cluster's
+                      default StorageClass is used.
+                    type: string
+                  size:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: Size of the PersistentVolumeClaim for PostgreSQL
+                      data. Defaults to 1Gi.
+                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                    x-kubernetes-int-or-string: true
+                type: object
               enableOCPRAG:
                 default: false
                 description: Enables automatic OCP documentation based on cluster

config/manifests/bases/openstack-lightspeed-operator.clusterserviceversion.yaml

@@ -90,6 +90,9 @@ spec:
       - kind: Secret
         name: metrics-reader-token
         version: v1
+      - kind: PersistentVolumeClaim
+        name: openstack-lightspeed-data
+        version: v1
       specDescriptors:
       - description: |-
           Secret name containing API token for the LLMEndpoint. The secret must contain

config/rbac/role.yaml

@@ -111,11 +111,10 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - secrets
+  - persistentvolumeclaims
+  - services
   verbs:
   - create
-  - delete
-  - deletecollection
   - get
   - list
   - patch
@@ -124,23 +123,25 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - serviceaccounts
+  - secrets
   verbs:
   - create
+  - delete
+  - deletecollection
   - get
   - list
   - patch
+  - update
   - watch
 - apiGroups:
   - ""
   resources:
-  - services
+  - serviceaccounts
   verbs:
   - create
   - get
   - list
   - patch
-  - update
   - watch
 - apiGroups:
   - apps

config/samples/api_v1beta1_openstacklightspeed.yaml

@@ -11,3 +11,7 @@ spec:
   llmCredentials: openstack-lightspeed-apitoken
   modelName: llama3.1:8b
   tlsCACertBundle: openstack-lightspeed-certs
+  # Uncomment to customize persistent PostgreSQL storage:
+  # database:
+  #   size: "5Gi"
+  #   class: "my-storage-class"

internal/controller/constants.go

@@ -72,6 +72,8 @@ const (
 	PostgresConfigVolumeMountPath                = "/usr/share/pgsql/postgresql.conf.sample"
 	PostgresDataVolume                           = "postgres-data"
 	PostgresDataVolumeMountPath                  = "/var/lib/pgsql"
+	PostgresDataPVCName                          = "openstack-lightspeed-data"
+	PostgresDataPVCDefaultSize                   = "1Gi"
 	PostgresVarRunVolumeName                     = "lightspeed-postgres-var-run"
 	PostgresVarRunVolumeMountPath                = "/var/run/postgresql"
 	TmpVolumeName                                = "tmp-writable-volume"

internal/controller/errors.go

@@ -59,4 +59,7 @@ var (
 	ErrCreatePostgresConfigMap       = errors.New("failed to create Postgres configmap")
 	ErrGetPostgresConfigMap          = errors.New("failed to get Postgres configmap")
 	ErrCreatePostgresNetworkPolicy   = errors.New("failed to create Postgres network policy")
+	ErrCreatePostgresPVC             = errors.New("failed to create Postgres PVC")
+	ErrGetPostgresPVC                = errors.New("failed to get Postgres PVC")
+	ErrPostgresPVCSizeMismatch       = errors.New("existing Postgres PVC size does not match requested size")
 )

internal/controller/openstacklightspeed_controller.go

@@ -73,6 +73,7 @@ func (r *OpenStackLightspeedReconciler) GetLogger(ctx context.Context) logr.Logg
 // +kubebuilder:rbac:groups="",resources=serviceaccounts,namespace=openstack-lightspeed,verbs=get;list;watch;create;patch
 // +kubebuilder:rbac:groups=console.openshift.io,resources=consoleplugins,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=operator.openshift.io,resources=consoles,verbs=watch;list;get;update
+// +kubebuilder:rbac:groups="",resources=persistentvolumeclaims,namespace=openstack-lightspeed,verbs=get;list;watch;create;patch;update
 
 func (r *OpenStackLightspeedReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	Log := r.GetLogger(ctx)
@@ -284,6 +285,11 @@ func (r *OpenStackLightspeedReconciler) SetupWithManager(mgr ctrl.Manager) error
 		Owns(&corev1.ConfigMap{}).
 		Owns(&corev1.Secret{}).
 		Owns(&consolev1.ConsolePlugin{}).
+		Watches(
+			&corev1.PersistentVolumeClaim{},
+			handler.EnqueueRequestsFromMapFunc(r.NotifyAllOpenStackLightspeeds),
+			builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
+		).
 		Watches(
 			clusterVersion,
 			handler.EnqueueRequestsFromMapFunc(r.NotifyAllOpenStackLightspeeds),

internal/controller/postgres_deployment.go

@@ -27,7 +27,6 @@ import (
 )
 
 // buildPostgresPodTemplateSpec builds the pod template spec for the Postgres deployment.
-// If configMapChanged is true, it adds a force-reload timestamp to trigger pod restart.
 func buildPostgresPodTemplateSpec() corev1.PodTemplateSpec {
 	// Build volumes and volume mounts
 	volumes := []corev1.Volume{}
@@ -85,12 +84,12 @@ func buildPostgresPodTemplateSpec() corev1.PodTemplateSpec {
 		SubPath:   PostgresConfigKey,
 	})
 
-	// TODO: CRITICAL - Replace EmptyDir with a PVC. With EmptyDir all conversation
-	// history is lost if the pod is rescheduled or the OCP control plane goes down.
 	volumes = append(volumes, corev1.Volume{
 		Name: PostgresDataVolume,
 		VolumeSource: corev1.VolumeSource{
-			EmptyDir: &corev1.EmptyDirVolumeSource{},
+			PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{
+				ClaimName: PostgresDataPVCName,
+			},
 		},
 	})
 	volumeMounts = append(volumeMounts, corev1.VolumeMount{