commit
31397c9a85
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,5 +1,11 @@
|
|||
annotations:
|
||||
app.aquarist-labs.io/name: s3gw
|
||||
artifacthub.io/category: storage
|
||||
artifacthub.io/links: |
|
||||
- name: homepage
|
||||
url: https://s3gw.io/
|
||||
- name: support
|
||||
url: https://github.com/aquarist-labs/s3gw/issues
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: S3 Gateway
|
||||
catalog.cattle.io/experimental: "true"
|
||||
|
@ -26,4 +32,4 @@ sources:
|
|||
- https://github.com/aquarist-labs/s3gw
|
||||
- https://github.com/aquarist-labs/ceph
|
||||
type: application
|
||||
version: 0.14.0
|
||||
version: 0.15.0
|
||||
|
|
|
@ -2,97 +2,6 @@
|
|||
questions:
|
||||
# General settings
|
||||
|
||||
- variable: useCertManager
|
||||
label: Use cert-manager
|
||||
default: "true"
|
||||
description: "Use cert-manager to provision TLS certificates"
|
||||
type: boolean
|
||||
group: "General"
|
||||
|
||||
- variable: tls.publicDomain.crt
|
||||
show_if: "useCertManager=false"
|
||||
description: "S3 TLS certificate (Public Domain)"
|
||||
label: "S3 TLS certificate (Public Domain)"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: tls.publicDomain.key
|
||||
show_if: "useCertManager=false"
|
||||
description: "S3 TLS key (Public Domain)"
|
||||
label: "S3 TLS key (Public Domain)"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: tls.privateDomain.crt
|
||||
show_if: "useCertManager=false"
|
||||
description: "S3 TLS certificate (Private Domain)"
|
||||
label: "S3 TLS certificate (Private Domain)"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: tls.privateDomain.key
|
||||
show_if: "useCertManager=false"
|
||||
description: "S3 TLS key (Private Domain)"
|
||||
label: "S3 TLS key (Private Domain)"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: tls.ui.publicDomain.crt
|
||||
show_if: "useCertManager=false"
|
||||
description: "UI TLS certificate"
|
||||
label: "UI TLS certificate"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: tls.ui.publicDomain.key
|
||||
show_if: "useCertManager=false"
|
||||
description: "UI TLS key"
|
||||
label: "UI TLS key"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: certManagerNamespace
|
||||
show_if: "useCertManager=true"
|
||||
label: cert-manager's namespace
|
||||
default: "cert-manager"
|
||||
description: "cert-manager's namespace"
|
||||
type: string
|
||||
required: false
|
||||
|
||||
- variable: useCustomTlsIssuer
|
||||
show_if: "useCertManager=true"
|
||||
label: Use your own TLS issuer
|
||||
default: "false"
|
||||
description: "Use your own TLS issuer"
|
||||
type: boolean
|
||||
group: "General"
|
||||
show_subquestion_if: true
|
||||
subquestions:
|
||||
- variable: customTlsIssuer
|
||||
label: Custom TLS issuer
|
||||
description: "Name of the custom TLS issuer to use"
|
||||
type: string
|
||||
required: false
|
||||
|
||||
- variable: tlsIssuer
|
||||
show_if: "useCertManager=true&&useCustomTlsIssuer=false"
|
||||
label: TLS issuer
|
||||
description: "Name of the predefined TLS issuer to use"
|
||||
type: enum
|
||||
required: false
|
||||
group: "General"
|
||||
options:
|
||||
- "s3gw-issuer"
|
||||
- "s3gw-letsencrypt-issuer"
|
||||
|
||||
- variable: email
|
||||
show_if: "useCertManager=true&&tlsIssuer=s3gw-letsencrypt-issuer"
|
||||
label: email address to use with s3gw-letsencrypt-issuer
|
||||
description: "email address to use with s3gw-letsencrypt-issuer"
|
||||
type: string
|
||||
required: false
|
||||
group: "General"
|
||||
|
||||
- variable: serviceName
|
||||
default: s3gw
|
||||
description: "S3 Service Name"
|
||||
|
@ -101,42 +10,6 @@ questions:
|
|||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: defaultUserCredentialsSecret
|
||||
default: s3gw-creds
|
||||
description: |
|
||||
"The name of the secret containing the
|
||||
S3 credentials for the default user"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: useExistingSecret
|
||||
default: false
|
||||
description: |
|
||||
"Check this to use a preexisting secret
|
||||
containing the S3 credentials for the default user"
|
||||
type: boolean
|
||||
group: "General"
|
||||
|
||||
- variable: accessKey
|
||||
show_if: "useExistingSecret=false"
|
||||
default: test
|
||||
description: |
|
||||
"Set this as the empty string to make the Chart
|
||||
to compute a random alphanumeric value"
|
||||
label: "S3 Access Key"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: secretKey
|
||||
show_if: "useExistingSecret=false"
|
||||
default: test
|
||||
description: |
|
||||
"Set this as the empty string to make the Chart
|
||||
to compute a random alphanumeric value"
|
||||
label: "S3 Secret Key"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: ingress.enabled
|
||||
default: true
|
||||
description: "Deploy an Ingress (Required for TLS and UI)"
|
||||
|
@ -147,7 +20,7 @@ questions:
|
|||
|
||||
- variable: publicDomain
|
||||
show_if: ingress.enabled=true
|
||||
default: be.127.0.0.1.omg.howdoi.website
|
||||
default: ""
|
||||
description: "Public domain of the S3 Service used by the Ingress"
|
||||
label: "Public Domain"
|
||||
required: true
|
||||
|
@ -156,13 +29,15 @@ questions:
|
|||
|
||||
- variable: privateDomain
|
||||
default: svc.cluster.local
|
||||
description: "Private domain of the S3 Service used inside the Kubernetes cluster"
|
||||
description: |
|
||||
"Private domain of the S3 Service used inside the Kubernetes cluster"
|
||||
label: "Private Domain"
|
||||
required: true
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: ui.enabled
|
||||
show_if: ingress.enabled=true
|
||||
default: false
|
||||
description: "UI Enabled"
|
||||
label: "UI Enabled"
|
||||
|
@ -171,6 +46,7 @@ questions:
|
|||
group: "General"
|
||||
|
||||
- variable: ui.serviceName
|
||||
show_if: ingress.enabled=true
|
||||
default: s3gw-ui
|
||||
description: "UI Service Name"
|
||||
label: "UI Service Name"
|
||||
|
@ -180,29 +56,160 @@ questions:
|
|||
|
||||
- variable: ui.publicDomain
|
||||
show_if: ingress.enabled=true
|
||||
default: fe.127.0.0.1.omg.howdoi.website
|
||||
default: ""
|
||||
description: "Public domain of the UI Service used by the Ingress"
|
||||
label: "UI Public Domain"
|
||||
required: true
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: useExistingSecret
|
||||
default: false
|
||||
description: |
|
||||
"Check this to use a preexisting secret
|
||||
containing the S3 credentials for the default user"
|
||||
type: boolean
|
||||
group: "General"
|
||||
|
||||
- variable: defaultUserCredentialsSecret
|
||||
show_if: useExistingSecret=true
|
||||
default: s3gw-creds
|
||||
description: |
|
||||
"The name of the secret containing the
|
||||
S3 credentials for the default user"
|
||||
type: secret
|
||||
group: "General"
|
||||
|
||||
- variable: accessKey
|
||||
show_if: useExistingSecret=false
|
||||
default: test
|
||||
description: |
|
||||
"Set this as the empty string to make the Chart
|
||||
to compute a random alphanumeric value"
|
||||
label: "S3 Access Key"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
- variable: secretKey
|
||||
show_if: useExistingSecret=false
|
||||
default: test
|
||||
description: |
|
||||
"Set this as the empty string to make the Chart
|
||||
to compute a random alphanumeric value"
|
||||
label: "S3 Secret Key"
|
||||
type: string
|
||||
group: "General"
|
||||
|
||||
# TLS / Certificate Management
|
||||
- variable: useCertManager
|
||||
label: Use cert-manager
|
||||
default: "true"
|
||||
description: "Use cert-manager to provision TLS certificates"
|
||||
type: boolean
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: certManagerNamespace
|
||||
show_if: "useCertManager=true"
|
||||
label: cert-manager's namespace
|
||||
default: "cert-manager"
|
||||
description: "cert-manager's namespace"
|
||||
type: string
|
||||
required: false
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: useCustomTlsIssuer
|
||||
show_if: "useCertManager=true"
|
||||
label: Use your own TLS issuer
|
||||
default: "false"
|
||||
description: "Use your own TLS issuer"
|
||||
type: boolean
|
||||
group: "TLS / Certificate Management"
|
||||
show_subquestions_if: true
|
||||
subquestions:
|
||||
- variable: customTlsIssuer
|
||||
label: Custom TLS issuer
|
||||
description: "Name of the custom TLS issuer to use"
|
||||
type: string
|
||||
required: false
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tlsIssuer
|
||||
show_if: "useCertManager=true&&useCustomTlsIssuer=false"
|
||||
label: TLS issuer
|
||||
description: "Name of the predefined TLS issuer to use"
|
||||
type: enum
|
||||
required: false
|
||||
options:
|
||||
- "s3gw-issuer"
|
||||
- "s3gw-letsencrypt-issuer"
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: email
|
||||
show_if: "useCertManager=true&&useCustomTlsIssuer=false"
|
||||
label: email address to use with s3gw-letsencrypt-issuer
|
||||
description: "email address to use with s3gw-letsencrypt-issuer"
|
||||
type: string
|
||||
required: false
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.useExistingSecret
|
||||
show_if: useCertManager=false
|
||||
description: "Use the TLS certificates provided within an existing secret"
|
||||
label: "Use Existing Secret"
|
||||
type: boolean
|
||||
default: false
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.secretName
|
||||
show_if: useCertManager=false&&tls.useExistingSecret=true
|
||||
description: "Secret providing TLS certificates"
|
||||
label: "Secret Name"
|
||||
type: secret
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.publicDomain.crt
|
||||
show_if: "useCertManager=false&&tls.useExistingSecret=false"
|
||||
description: "S3 TLS certificate (Public Domain)"
|
||||
label: "S3 TLS certificate (Public Domain)"
|
||||
type: string
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.publicDomain.key
|
||||
show_if: "useCertManager=false&&tls.useExistingSecret=false"
|
||||
description: "S3 TLS key (Public Domain)"
|
||||
label: "S3 TLS key (Public Domain)"
|
||||
type: string
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.privateDomain.crt
|
||||
show_if: "useCertManager=false&&tls.useExistingSecret=false"
|
||||
description: "S3 TLS certificate (Private Domain)"
|
||||
label: "S3 TLS certificate (Private Domain)"
|
||||
type: string
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.privateDomain.key
|
||||
show_if: "useCertManager=false&&tls.useExistingSecret=false"
|
||||
description: "S3 TLS key (Private Domain)"
|
||||
label: "S3 TLS key (Private Domain)"
|
||||
type: string
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.ui.publicDomain.crt
|
||||
show_if: "useCertManager=false&&tls.useExistingSecret=false"
|
||||
description: "UI TLS certificate"
|
||||
label: "UI TLS certificate"
|
||||
type: string
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
- variable: tls.ui.publicDomain.key
|
||||
show_if: "useCertManager=false&&tls.useExistingSecret=false"
|
||||
description: "UI TLS key"
|
||||
label: "UI TLS key"
|
||||
type: string
|
||||
group: "TLS / Certificate Management"
|
||||
|
||||
# Storage
|
||||
- variable: storageSize
|
||||
description: "Storage Size"
|
||||
type: string
|
||||
default: 10Gi
|
||||
label: "Storage Size"
|
||||
group: "Storage"
|
||||
|
||||
- variable: storageClass.name
|
||||
description: "Storage Class Name"
|
||||
type: string
|
||||
default: "longhorn-single"
|
||||
required: true
|
||||
label: "Storage Class"
|
||||
group: "Storage"
|
||||
|
||||
- variable: storageClass.create
|
||||
description: |
|
||||
Create a new opinionated storage class backed by longhorn.io
|
||||
|
@ -211,77 +218,114 @@ questions:
|
|||
label: "Create Storage Class"
|
||||
group: "Storage"
|
||||
|
||||
- variable: storageClass.name
|
||||
show_if: storageClass.create=false
|
||||
type: storageclass
|
||||
required: true
|
||||
label: "Storage Class"
|
||||
group: "Storage"
|
||||
|
||||
- variable: storageClass.name
|
||||
show_if: storageClass.create=true
|
||||
description: "New Storage Class Name"
|
||||
type: string
|
||||
valid_chars: "[0-9a-zA-Z_-]*"
|
||||
default: "longhorn-single"
|
||||
required: true
|
||||
label: "Storage Class"
|
||||
group: "Storage"
|
||||
|
||||
- variable: storageSize
|
||||
description: "Volume Size"
|
||||
type: string
|
||||
default: 10Gi
|
||||
label: "Volume Claim Size"
|
||||
group: "Storage"
|
||||
|
||||
# Advanced Options
|
||||
- variable: imageRegistry
|
||||
default:
|
||||
description: "Image Registry"
|
||||
label: "Image Registry"
|
||||
required: false
|
||||
type: string
|
||||
- variable: useCustomImages
|
||||
default: false
|
||||
type: boolean
|
||||
description: "Use custom container images"
|
||||
required: true
|
||||
group: "Advanced"
|
||||
show_subquestion_if: true
|
||||
subquestions:
|
||||
|
||||
- variable: imageCredentials.username
|
||||
default:
|
||||
description: "Registry Username"
|
||||
label: "Username"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
- variable: imageRegistry
|
||||
default:
|
||||
description: "Image Registry"
|
||||
label: "Registry (e.g. quay.io)"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imageCredentials.password
|
||||
default:
|
||||
description: "Registry Password"
|
||||
label: "Password"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
- variable: imageCredentials.username
|
||||
default:
|
||||
description: "Registry Username"
|
||||
label: "Username"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imageCredentials.email
|
||||
default:
|
||||
description: "Registry Email"
|
||||
label: "Email"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
- variable: imageCredentials.password
|
||||
default:
|
||||
description: "Registry Password"
|
||||
label: "Password"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imageCredentials.email
|
||||
default:
|
||||
description: "Registry Email"
|
||||
label: "Email"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imageName
|
||||
default:
|
||||
description: "Gateway Image Name"
|
||||
label: "Image (e.g. s3gw/s3gw)"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imageTag
|
||||
default:
|
||||
description: "Image Tag"
|
||||
label: "Tag (e.g. latest)"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: ui.imageName
|
||||
default:
|
||||
description: "UI Image Name"
|
||||
label: "Image (e.g. s3gw/s3gw-ui)"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: ui.imageTag
|
||||
default:
|
||||
description: "UI Image Tag"
|
||||
label: "Tag (e.g. latest)"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imagePullPolicy
|
||||
default:
|
||||
default: IfNotPresent
|
||||
description: "Image Pull Policy"
|
||||
label: "Image Pull Policy"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imageName
|
||||
default:
|
||||
description: "Gateway Image Name"
|
||||
label: "Image Name"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: imageTag
|
||||
default:
|
||||
description: "Image Tag"
|
||||
label: "Image Tag"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: ui.imageName
|
||||
default:
|
||||
description: "UI Image Name"
|
||||
label: "UI Image Name"
|
||||
required: false
|
||||
type: string
|
||||
group: "Advanced"
|
||||
|
||||
- variable: ui.imageTag
|
||||
default:
|
||||
description: "UI Image Tag"
|
||||
label: "UI Image Tag"
|
||||
required: false
|
||||
type: string
|
||||
type: enum
|
||||
options:
|
||||
- IfNotPresent
|
||||
- Always
|
||||
- Never
|
||||
group: "Advanced"
|
||||
|
||||
- variable: logLevel
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
{{- if (empty .Values.publicDomain) }}
|
||||
{{- fail "Please provide a value for `.Values.publicDomain`." }}
|
||||
{{- end }}
|
||||
|
||||
{{- if (and .Values.ui.enabled (empty .Values.ui.publicDomain)) }}
|
||||
{{- fail "Please provide a value for `.Values.ui.publicDomain`." }}
|
||||
{{- end }}
|
||||
|
||||
{{- if (and .Values.useExistingSecret (empty .Values.defaultUserCredentialsSecret)) }}
|
||||
{{- fail "Please provide a secret name for `.Values.defaultUserCredentialSecret`" }}
|
||||
{{- end }}
|
|
@ -8,6 +8,9 @@ metadata:
|
|||
{{ include "s3gw.labels" . | indent 4}}
|
||||
data:
|
||||
{{- if .Values.ui.enabled }}
|
||||
{{- if or .Values.useCertManager .Values.tls.publicDomain.crt }}
|
||||
RGW_SERVICE_URL: 'https://{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
|
||||
{{- else}}
|
||||
RGW_SERVICE_URL: 'http://{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
RGW_DEFAULT_USER_SYSTEM: "1"
|
||||
|
|
|
@ -39,14 +39,35 @@ spec:
|
|||
- "--debug-rgw"
|
||||
- '{{ .Values.logLevel }}'
|
||||
- "--rgw_frontends"
|
||||
{{- if or .Values.useCertManager .Values.tls.publicDomain.crt }}
|
||||
- "beast port=7480 ssl_port=7481
|
||||
ssl_certificate=/s3gw-cluster-ip-tls/tls.crt
|
||||
ssl_private_key=/s3gw-cluster-ip-tls/tls.key"
|
||||
{{ else }}
|
||||
- "beast port=7480"
|
||||
{{ end }}
|
||||
{{- range $.Values.rgwCustomArgs }}
|
||||
- {{ . | quote}}
|
||||
{{- end }}
|
||||
env:
|
||||
{{- range $.Values.rgwCustomEnvs }}
|
||||
{{- if (regexMatch "[^=]+=[^=]+" .) }}
|
||||
{{- $tokens := split "=" . }}
|
||||
- name: {{ $tokens._0 }}
|
||||
value: {{ $tokens._1 | quote}}
|
||||
{{- else if (regexMatch "^[^=]" .) }}
|
||||
- name: {{ . }}
|
||||
{{- else }}
|
||||
{{- fail (print ".Values.rgwCustomEnvs contains an invalid entry: " .) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- containerPort: 7480
|
||||
name: s3
|
||||
{{- if or .Values.useCertManager .Values.tls.publicDomain.crt }}
|
||||
- containerPort: 7481
|
||||
name: s3-tls
|
||||
{{ end }}
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: {{ .Values.defaultUserCredentialsSecret }}
|
||||
|
|
|
@ -8,10 +8,12 @@ ingress:
|
|||
useCertManager: true
|
||||
# cert-manager namespace
|
||||
certManagerNamespace: cert-manager
|
||||
# The name of the predefined TLS issuer to use (s3gw-issuer, s3gw-letsencrypt-issuer).
|
||||
# The name of the predefined TLS issuer to use (s3gw-issuer,
|
||||
# s3gw-letsencrypt-issuer).
|
||||
tlsIssuer: "s3gw-issuer"
|
||||
# The email address you are planning to use for getting notifications
|
||||
# about your certificates. Fill this if you are using the 's3gw-letsencrypt-issuer'.
|
||||
# about your certificates. Fill this if you are using the
|
||||
# 's3gw-letsencrypt-issuer'.
|
||||
email: "mail@example.com"
|
||||
|
||||
# When not using cert-manager you have to manually specify
|
||||
|
@ -45,7 +47,7 @@ ui:
|
|||
# 'serviceName' is the service name of the S3GW user interface.
|
||||
serviceName: "s3gw-ui"
|
||||
# 'publicDomain' is the public domain of the UI Service used by the Ingress.
|
||||
publicDomain: "fe.127.0.0.1.omg.howdoi.website"
|
||||
publicDomain: ""
|
||||
|
||||
# --- Developer Options ---
|
||||
# imageName: "aquarist-labs/s3gw-ui"
|
||||
|
@ -61,15 +63,20 @@ useExistingSecret: false
|
|||
# 'defaultUserCredentialsSecret' the name of the secret containing
|
||||
# the S3 Access Key and the S3 Secret Key for the default user.
|
||||
defaultUserCredentialsSecret: "s3gw-creds"
|
||||
# 'accessKey' is the S3 Access Key; the value is used when useExistingSecret: false.
|
||||
# Set this as the empty string to make the Chart to compute a random alphanumeric value.
|
||||
# 'accessKey' is the S3 Access Key; the value is used when
|
||||
# `useExistingSecret: false`.
|
||||
# Set this as the empty string to make the Chart to compute a random
|
||||
# alphanumeric value.
|
||||
accessKey: "test"
|
||||
# 'secretKey' is the S3 Secret Key; the value is used when useExistingSecret: false
|
||||
# Set this as the empty string to make the Chart to compute a random alphanumeric value.
|
||||
# 'secretKey' is the S3 Secret Key; the value is used when
|
||||
# `useExistingSecret: false`.
|
||||
# Set this as the empty string to make the Chart to compute a random
|
||||
# alphanumeric value.
|
||||
secretKey: "test"
|
||||
# 'publicDomain' is the public domain of S3GW used by the Ingress
|
||||
publicDomain: "be.127.0.0.1.omg.howdoi.website"
|
||||
# 'privateDomain' is the private domain of S3GW used inside the Kubernetes cluster
|
||||
publicDomain: ""
|
||||
# 'privateDomain' is the private domain of S3GW used inside the Kubernetes
|
||||
# cluster
|
||||
privateDomain: "svc.cluster.local"
|
||||
|
||||
# Backing storage.
|
||||
|
@ -99,3 +106,43 @@ storageClass:
|
|||
# Valid values are positive integers starting from 0.
|
||||
# Higher values are more verbose.
|
||||
logLevel: "1"
|
||||
|
||||
# --- Advanced Configuration ---
|
||||
|
||||
# radosgw's custom arguments for the s3gw pod
|
||||
#
|
||||
# With 'helm install/update' you can specify custom arguments
|
||||
# for the radosgw process using the '--set' option:
|
||||
#
|
||||
# --set "rgwCustomArgs={--foo,bar,--color,green,--org,SUSE,--flag-param-foo}"
|
||||
#
|
||||
# The same effect could be obtained modifying rgwCustomArgs
|
||||
# directly in the values.yaml:
|
||||
#
|
||||
# rgwCustomArgs:
|
||||
# - --foo
|
||||
# - bar
|
||||
# - --color
|
||||
# - green
|
||||
# - --org
|
||||
# - SUSE
|
||||
# - --flag-param-foo
|
||||
#
|
||||
rgwCustomArgs: []
|
||||
|
||||
# radosgw's custom environment variables for the s3gw pod
|
||||
#
|
||||
# With 'helm install/update' you can specify custom environment variables
|
||||
# for the radosgw process using the '--set' option:
|
||||
#
|
||||
# --set "rgwCustomEnvs={ENV_1=ON,ENV_2=OFF,ENV_3}"
|
||||
#
|
||||
# The same effect could be obtained modifying rgwCustomEnvs
|
||||
# directly in the values.yaml:
|
||||
#
|
||||
# rgwCustomEnvs:
|
||||
# - ENV_1=ON
|
||||
# - ENV_2=OFF
|
||||
# - ENV_3
|
||||
#
|
||||
rgwCustomEnvs: []
|
||||
|
|
|
@ -35,4 +35,4 @@ name: kafka
|
|||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/kafka
|
||||
- https://kafka.apache.org/
|
||||
version: 22.0.0
|
||||
version: 22.0.1
|
||||
|
|
|
@ -64,7 +64,7 @@ type: servicebinding.io/kafka
|
|||
data:
|
||||
provider: {{ print "bitnami" | b64enc | quote }}
|
||||
type: {{ print "kafka" | b64enc | quote }}
|
||||
user: {{ index $clientUsers $i | b64enc | quote }}
|
||||
username: {{ index $clientUsers $i | b64enc | quote }}
|
||||
password: {{ index $clientPasswords $i | b64enc | quote }}
|
||||
host: {{ join "," $host | b64enc | quote }}
|
||||
port: {{ print $port | b64enc | quote }}
|
||||
|
|
|
@ -32,4 +32,4 @@ sources:
|
|||
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
|
||||
- https://github.com/prometheus/mysqld_exporter
|
||||
- https://mariadb.org
|
||||
version: 12.1.1
|
||||
version: 12.1.3
|
||||
|
|
|
@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
|
||||
| `image.registry` | MariaDB image registry | `docker.io` |
|
||||
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
|
||||
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.2-debian-11-r20` |
|
||||
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.2-debian-11-r21` |
|
||||
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
@ -306,7 +306,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
|
||||
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r109` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r110` |
|
||||
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
@ -320,7 +320,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | Exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r111` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r112` |
|
||||
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
|
|
@ -58,7 +58,7 @@ data:
|
|||
type: {{ print "mysql" | b64enc | quote }}
|
||||
host: {{ print $host | b64enc | quote }}
|
||||
port: {{ print $port | b64enc | quote }}
|
||||
user: {{ print "root" | b64enc | quote }}
|
||||
username: {{ print "root" | b64enc | quote }}
|
||||
password: {{ print $rootPassword | b64enc | quote }}
|
||||
uri: {{ printf "mysql://root:%s@%s:%s" $rootPassword $host $port | b64enc | quote }}
|
||||
|
||||
|
@ -83,7 +83,7 @@ data:
|
|||
type: {{ print "mysql" | b64enc | quote }}
|
||||
host: {{ print $host | b64enc | quote }}
|
||||
port: {{ print $port | b64enc | quote }}
|
||||
user: {{ print .Values.auth.username | b64enc | quote }}
|
||||
username: {{ print .Values.auth.username | b64enc | quote }}
|
||||
{{- if $database }}
|
||||
database: {{ print $database | b64enc | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -87,7 +87,7 @@ serviceBindings:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mariadb
|
||||
tag: 10.11.2-debian-11-r20
|
||||
tag: 10.11.2-debian-11-r21
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
@ -1001,7 +1001,7 @@ volumePermissions:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/bitnami-shell
|
||||
tag: 11-debian-11-r109
|
||||
tag: 11-debian-11-r110
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
||||
|
@ -1037,7 +1037,7 @@ metrics:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mysqld-exporter
|
||||
tag: 0.14.0-debian-11-r111
|
||||
tag: 0.14.0-debian-11-r112
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 2.2.4
|
||||
digest: sha256:634d19e9b7f6e4c07d7c04a0161ab96b3f83335ebdd70b35b952319ef0a2586b
|
||||
generated: "2023-04-01T13:13:50.11325071Z"
|
||||
digest: sha256:829fc25cbbb396161e735c83d152d74a8b3a82d07f08866b885b812d30b920df
|
||||
generated: "2023-04-20T09:34:54.353267+02:00"
|
||||
|
|
|
@ -30,4 +30,4 @@ name: mysql
|
|||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/mysql
|
||||
- https://mysql.com
|
||||
version: 9.7.2
|
||||
version: 9.8.2
|
||||
|
|
|
@ -11,8 +11,7 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
|
|||
## TL;DR
|
||||
|
||||
```console
|
||||
helm repo add my-repo https://charts.bitnami.com/bitnami
|
||||
helm install my-release my-repo/mysql
|
||||
helm install my-release oci://registry-1.docker.io/bitnamicharts/mysql
|
||||
```
|
||||
|
||||
## Introduction
|
||||
|
@ -32,8 +31,7 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
|
|||
To install the chart with the release name `my-release`:
|
||||
|
||||
```console
|
||||
helm repo add my-repo https://charts.bitnami.com/bitnami
|
||||
helm install my-release my-repo/mysql
|
||||
helm install my-release oci://registry-1.docker.io/bitnamicharts/mysql
|
||||
```
|
||||
|
||||
These commands deploy MySQL on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
|
||||
|
@ -83,7 +81,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- |
|
||||
| `image.registry` | MySQL image registry | `docker.io` |
|
||||
| `image.repository` | MySQL image repository | `bitnami/mysql` |
|
||||
| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.33-debian-11-r0` |
|
||||
| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.33-debian-11-r3` |
|
||||
| `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
@ -307,7 +305,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
|
||||
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r108` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r110` |
|
||||
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
@ -320,7 +318,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | Exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r109` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r112` |
|
||||
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
@ -369,7 +367,7 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm
|
|||
```console
|
||||
helm install my-release \
|
||||
--set auth.rootPassword=secretpassword,auth.database=app_database \
|
||||
my-repo/mysql
|
||||
oci://registry-1.docker.io/bitnamicharts/mysql
|
||||
```
|
||||
|
||||
The above command sets the MySQL `root` account password to `secretpassword`. Additionally it creates a database named `app_database`.
|
||||
|
@ -379,7 +377,7 @@ The above command sets the MySQL `root` account password to `secretpassword`. Ad
|
|||
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
|
||||
|
||||
```console
|
||||
helm install my-release -f values.yaml my-repo/mysql
|
||||
helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mysql
|
||||
```
|
||||
|
||||
> **Tip**: You can use the default [values.yaml](values.yaml)
|
||||
|
@ -470,7 +468,7 @@ Find more information about how to deal with common errors related to Bitnami's
|
|||
It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart:
|
||||
|
||||
```console
|
||||
helm upgrade my-release my-repo/mysql --set auth.rootPassword=[ROOT_PASSWORD]
|
||||
helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/mysql --set auth.rootPassword=[ROOT_PASSWORD]
|
||||
```
|
||||
|
||||
| Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes.
|
||||
|
@ -513,7 +511,7 @@ Consequences:
|
|||
- Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mysql`:
|
||||
|
||||
```console
|
||||
helm install mysql my-repo/mysql --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
|
||||
helm install mysql oci://registry-1.docker.io/bitnamicharts/mysql --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
|
||||
```
|
||||
|
||||
| Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release.
|
||||
|
|
|
@ -43,7 +43,7 @@ data:
|
|||
type: {{ print "mysql" | b64enc | quote }}
|
||||
host: {{ print $host | b64enc | quote }}
|
||||
port: {{ print $port | b64enc | quote }}
|
||||
user: {{ print "root" | b64enc | quote }}
|
||||
username: {{ print "root" | b64enc | quote }}
|
||||
password: {{ print $rootPassword | b64enc | quote }}
|
||||
uri: {{ printf "mysql://root:%s@%s:%s" $rootPassword $host $port | b64enc | quote }}
|
||||
|
||||
|
@ -68,7 +68,7 @@ data:
|
|||
type: {{ print "mysql" | b64enc | quote }}
|
||||
host: {{ print $host | b64enc | quote }}
|
||||
port: {{ print $port | b64enc | quote }}
|
||||
user: {{ print .Values.auth.username | b64enc | quote }}
|
||||
username: {{ print .Values.auth.username | b64enc | quote }}
|
||||
{{- if $database }}
|
||||
database: {{ print $database | b64enc | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -82,7 +82,7 @@ diagnosticMode:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mysql
|
||||
tag: 8.0.33-debian-11-r0
|
||||
tag: 8.0.33-debian-11-r3
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
@ -1008,7 +1008,7 @@ volumePermissions:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/bitnami-shell
|
||||
tag: 11-debian-11-r108
|
||||
tag: 11-debian-11-r110
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
@ -1042,7 +1042,7 @@ metrics:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mysqld-exporter
|
||||
tag: 0.14.0-debian-11-r109
|
||||
tag: 0.14.0-debian-11-r112
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
|
|
@ -32,4 +32,4 @@ name: postgresql
|
|||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/postgresql
|
||||
- https://www.postgresql.org/
|
||||
version: 12.4.1
|
||||
version: 12.4.2
|
||||
|
|
|
@ -68,7 +68,7 @@ data:
|
|||
type: {{ print "postgresql" | b64enc | quote }}
|
||||
host: {{ $host | b64enc | quote }}
|
||||
port: {{ $port | b64enc | quote }}
|
||||
user: {{ print "postgres" | b64enc | quote }}
|
||||
username: {{ print "postgres" | b64enc | quote }}
|
||||
database: {{ print "postgres" | b64enc | quote }}
|
||||
password: {{ $postgresPassword | b64enc | quote }}
|
||||
uri: {{ printf "postgresql://postgres:%s@%s:%s/postgres" $postgresPassword $host $port | b64enc | quote }}
|
||||
|
@ -93,7 +93,7 @@ data:
|
|||
type: {{ print "postgresql" | b64enc | quote }}
|
||||
host: {{ $host | b64enc | quote }}
|
||||
port: {{ $port | b64enc | quote }}
|
||||
user: {{ $customUser | b64enc | quote }}
|
||||
username: {{ $customUser | b64enc | quote }}
|
||||
password: {{ $password | b64enc | quote }}
|
||||
{{- if $database }}
|
||||
database: {{ $database | b64enc | quote }}
|
||||
|
|
|
@ -6,10 +6,10 @@ apiVersion: v2
|
|||
appVersion: 0.2.1
|
||||
dependencies:
|
||||
- name: standard-defs
|
||||
repository: file://./charts/standard-defs
|
||||
repository: https://btp-charts-stable.s3.amazonaws.com/charts/
|
||||
version: ~0.1.0
|
||||
- name: sawtooth
|
||||
repository: file://./charts/sawtooth
|
||||
repository: https://btp-charts-stable.s3.amazonaws.com/charts/
|
||||
version: ~0.2.0
|
||||
description: 'Chronicle is an open-source, blockchain-backed, domain-agnostic provenance
|
||||
product. Chronicle makes it easy for users to record and query immutable provenance
|
||||
|
@ -22,4 +22,4 @@ keywords:
|
|||
- blockchain
|
||||
name: chronicle
|
||||
type: application
|
||||
version: 0.1.6
|
||||
version: 0.1.7
|
||||
|
|
|
@ -19,6 +19,18 @@ spec:
|
|||
serviceAccountName: {{ include "lib.serviceAccountName" . }}
|
||||
affinity: {{ include "lib.safeToYaml" .Values.affinity | nindent 8 }}
|
||||
initContainers:
|
||||
- name: chronicle-permissions
|
||||
image: busybox:1.36
|
||||
command: [ "sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
chown -R 999:999 /var/lib/chronicle || true
|
||||
volumeMounts:
|
||||
- name: chronicle-config
|
||||
mountPath: /etc/chronicle/config/
|
||||
- name: chronicle-secrets
|
||||
mountPath: /var/lib/chronicle/secrets/
|
||||
readOnly: false
|
||||
- name: chronicle-keystore
|
||||
{{- include "lib.image" (dict "imageRoot" .Values.image "global" .Values.global ) | nindent 10 }}
|
||||
command: [ "bash", "-c"]
|
||||
|
@ -72,7 +84,7 @@ spec:
|
|||
-c /etc/chronicle/config/config.toml \
|
||||
--console-logging json \
|
||||
--sawtooth tcp://{{ include "chronicle.sawtooth.service" . }}:{{ include "chronicle.sawtooth.sawcomp" . }} \
|
||||
serve-graphql --interface 0.0.0.0:{{ .Values.port}} {{ if .Values.webUi }} --open {{ end }}
|
||||
serve-api --interface 0.0.0.0:{{ .Values.port}} {{ if .Values.webUi }} --open {{ end }}
|
||||
env: {{ include "lib.safeToYaml" .Values.env | nindent 12 }}
|
||||
- name: RUST_LOG
|
||||
value: {{ .Values.logLevel }}
|
||||
|
|
|
@ -4,7 +4,7 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>=1.15-0'
|
||||
catalog.cattle.io/release-name: confluent-for-kubernetes
|
||||
apiVersion: v1
|
||||
appVersion: 2.5.2
|
||||
appVersion: 2.6.0
|
||||
description: A Helm chart to deploy Confluent for Kubernetes
|
||||
home: https://www.confluent.io/
|
||||
icon: https://cdn.confluent.io/wp-content/uploads/seo-logo-meadow.png
|
||||
|
@ -19,4 +19,4 @@ maintainers:
|
|||
name: confluent-for-kubernetes
|
||||
sources:
|
||||
- https://docs.confluent.io/current/index.html
|
||||
version: 0.581.55
|
||||
version: 0.771.13
|
||||
|
|
|
@ -1482,19 +1482,22 @@ spec:
|
|||
where podId starts from `0` to `replicaCount -1`. This is
|
||||
only recommended if you cannot add internal SANs to the
|
||||
TLS certificates for MDS and the external DNS must be resolved
|
||||
inside the Kubernetes cluster.'
|
||||
inside the Kubernetes cluster. This configuration will not
|
||||
take effect if MDS enabled dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
@ -1653,14 +1656,16 @@ spec:
|
|||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
|
|
@ -968,19 +968,22 @@ spec:
|
|||
where podId starts from `0` to `replicaCount -1`. This is
|
||||
only recommended if you cannot add internal SANs to the
|
||||
TLS certificates for MDS and the external DNS must be resolved
|
||||
inside the Kubernetes cluster.'
|
||||
inside the Kubernetes cluster. This configuration will not
|
||||
take effect if MDS enabled dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
@ -1139,14 +1142,16 @@ spec:
|
|||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
|
|
@ -876,19 +876,22 @@ spec:
|
|||
where podId starts from `0` to `replicaCount -1`. This is
|
||||
only recommended if you cannot add internal SANs to the
|
||||
TLS certificates for MDS and the external DNS must be resolved
|
||||
inside the Kubernetes cluster.'
|
||||
inside the Kubernetes cluster. This configuration will not
|
||||
take effect if MDS enabled dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
@ -1047,14 +1050,16 @@ spec:
|
|||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -981,6 +981,9 @@ spec:
|
|||
externalAccess:
|
||||
description: externalAccess specifies the configurations for the endpoints
|
||||
and services to make the ksqlDB accessible from outside the cluster.
|
||||
When `spec.listeners` is configured, configuring `spec.externalAccess`
|
||||
is not allowed. Please configure `spec.listeners.external.externalAccess`
|
||||
instead".
|
||||
properties:
|
||||
loadBalancer:
|
||||
description: loadBalancer specifies the configuration to create
|
||||
|
@ -995,19 +998,22 @@ spec:
|
|||
where podId starts from `0` to `replicaCount -1`. This is
|
||||
only recommended if you cannot add internal SANs to the
|
||||
TLS certificates for MDS and the external DNS must be resolved
|
||||
inside the Kubernetes cluster.'
|
||||
inside the Kubernetes cluster. This configuration will not
|
||||
take effect if MDS enabled dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
@ -1166,14 +1172,16 @@ spec:
|
|||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
@ -1472,6 +1480,542 @@ spec:
|
|||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
type: object
|
||||
listeners:
|
||||
description: listeners specify the listeners configurations.
|
||||
properties:
|
||||
external:
|
||||
description: external specifies the Confluent component external
|
||||
listener.
|
||||
properties:
|
||||
externalAccess:
|
||||
description: externalAccess defines the external access configuration
|
||||
for the Confluent component.
|
||||
properties:
|
||||
loadBalancer:
|
||||
description: loadBalancer specifies the configuration
|
||||
to create a Kubernetes load balancer service.
|
||||
properties:
|
||||
advertisedURL:
|
||||
description: 'advertisedURL specifies the configuration
|
||||
for advertised listener per pod. It is only supported
|
||||
for MDS currently. If it is enabled, instead of
|
||||
using internal endpoint, the MDS advertised listener
|
||||
for each broker will be set to: `<httpSchema>://<advertisedUrl.prefix><podId>.<domain>`
|
||||
where podId starts from `0` to `replicaCount -1`.
|
||||
This is only recommended if you cannot add internal
|
||||
SANs to the TLS certificates for MDS and the external
|
||||
DNS must be resolved inside the Kubernetes cluster.
|
||||
This configuration will not take effect if MDS enabled
|
||||
dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set
|
||||
the MDS advertised listener url with external
|
||||
endpoint for each broker. Has no effect with
|
||||
Zookeeper, which will always create a listener
|
||||
per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix
|
||||
for MDS/Zookeeper advertised endpoint. If not
|
||||
configured, it uses `b` as default prefix for
|
||||
MDS, such as `b#.domain` where `#` will start
|
||||
from `0` to `replicaCount -1`. It uses 'zookeeper'
|
||||
as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and
|
||||
value pairs. It specifies Kubernetes annotations
|
||||
for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
domain:
|
||||
description: domain is the domain name of the component
|
||||
cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
externalTrafficPolicy:
|
||||
description: externalTrafficPolicy specifies the external
|
||||
traffic policy for the service. Valid options are
|
||||
`Local` and `Cluster`.
|
||||
enum:
|
||||
- Local
|
||||
- Cluster
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value
|
||||
pairs. It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
loadBalancerSourceRanges:
|
||||
description: loadBalancerSourceRanges specify the
|
||||
source ranges.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
port:
|
||||
description: port specifies the external port for
|
||||
the client consumption. If not configured, the same
|
||||
internal/external port is configured for the component.
|
||||
Information about the port can be retrieved through
|
||||
the status API.
|
||||
format: int32
|
||||
type: integer
|
||||
prefix:
|
||||
description: prefix specify the prefix for the given
|
||||
domain. The default value is the name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
servicePorts:
|
||||
description: servicePorts specify the user-provided
|
||||
service port(s).
|
||||
items:
|
||||
description: ServicePort contains information on
|
||||
service's port.
|
||||
properties:
|
||||
appProtocol:
|
||||
description: The application protocol for this
|
||||
port. This field follows standard Kubernetes
|
||||
label syntax. Un-prefixed names are reserved
|
||||
for IANA standard service names (as per RFC-6335
|
||||
and http://www.iana.org/assignments/service-names).
|
||||
Non-standard protocols should use prefixed
|
||||
names such as mycompany.com/my-custom-protocol.
|
||||
type: string
|
||||
name:
|
||||
description: The name of this port within the
|
||||
service. This must be a DNS_LABEL. All ports
|
||||
within a ServiceSpec must have unique names.
|
||||
When considering the endpoints for a Service,
|
||||
this must match the 'name' field in the EndpointPort.
|
||||
Optional if only one ServicePort is defined
|
||||
on this service.
|
||||
type: string
|
||||
nodePort:
|
||||
description: 'The port on each node on which
|
||||
this service is exposed when type is NodePort
|
||||
or LoadBalancer. Usually assigned by the
|
||||
system. If a value is specified, in-range,
|
||||
and not in use it will be used, otherwise
|
||||
the operation will fail. If not specified,
|
||||
a port will be allocated if this Service requires
|
||||
one. If this field is specified when creating
|
||||
a Service which does not need it, creation
|
||||
will fail. This field will be wiped when updating
|
||||
a Service to no longer need it (e.g. changing
|
||||
type from NodePort to ClusterIP). More info:
|
||||
https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport'
|
||||
format: int32
|
||||
type: integer
|
||||
port:
|
||||
description: The port that will be exposed by
|
||||
this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port.
|
||||
Supports "TCP", "UDP", and "SCTP". Default
|
||||
is TCP.
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: 'Number or name of the port to
|
||||
access on the pods targeted by the service.
|
||||
Number must be in the range 1 to 65535. Name
|
||||
must be an IANA_SVC_NAME. If this is a string,
|
||||
it will be looked up as a named port in the
|
||||
target Pod''s container ports. If this is
|
||||
not specified, the value of the ''port'' field
|
||||
is used (an identity map). This field is ignored
|
||||
for services with clusterIP=None, and should
|
||||
be omitted or set equal to the ''port'' field.
|
||||
More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service'
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- port
|
||||
type: object
|
||||
type: array
|
||||
sessionAffinity:
|
||||
description: 'sessionAffinity defines the Kubernetes
|
||||
session affinity. The valid options are `ClientIP`
|
||||
and `None`. `ClientIP` enables the client IP-based
|
||||
session affinity. The default value is `None`. More
|
||||
info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies.'
|
||||
enum:
|
||||
- ClientIP
|
||||
- None
|
||||
type: string
|
||||
sessionAffinityConfig:
|
||||
description: SessionAffinityConfig contains the configurations
|
||||
of the session affinity.
|
||||
properties:
|
||||
clientIP:
|
||||
description: clientIP contains the configurations
|
||||
of Client IP based session affinity.
|
||||
properties:
|
||||
timeoutSeconds:
|
||||
description: timeoutSeconds specifies the
|
||||
seconds of ClientIP type session sticky
|
||||
time. The value must be >0 && <=86400(for
|
||||
1 day) if ServiceAffinity == "ClientIP".
|
||||
Default value is 10800(for 3 hours).
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- domain
|
||||
type: object
|
||||
nodePort:
|
||||
description: nodePort specifies the configuration to create
|
||||
a Kubernetes node port service.
|
||||
properties:
|
||||
advertisedURL:
|
||||
description: advertisedURL specifies the configuration
|
||||
for advertised listener per pod. It is only supported
|
||||
for MDS currently. If it is enabled, instead of
|
||||
using internal endpoint, the MDS advertised listener
|
||||
for each broker will be set to `<httpSchema>://<host>:<nodePortOffset
|
||||
+ podId + 1>, where`podId` starts from `0` to `replicaCount
|
||||
- 1`. This is only recommended if you cannot add
|
||||
internal SANs to the TLS certificates for MDS and
|
||||
the external DNS must be resolved inside the Kubernetes
|
||||
cluster.
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set
|
||||
the MDS advertised listener url with external
|
||||
endpoint for each broker. Has no effect with
|
||||
Zookeeper, which will always create a listener
|
||||
per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix
|
||||
for MDS/Zookeeper advertised endpoint. If not
|
||||
configured, it uses `b` as default prefix for
|
||||
MDS, such as `b#.domain` where `#` will start
|
||||
from `0` to `replicaCount -1`. It uses 'zookeeper'
|
||||
as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and
|
||||
value pairs. It specifies Kubernetes annotations
|
||||
for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
externalTrafficPolicy:
|
||||
description: externalTrafficPolicy specifies the external
|
||||
traffic policy for the service. Valid options are
|
||||
`Local` and `Cluster`.
|
||||
enum:
|
||||
- Local
|
||||
- Cluster
|
||||
type: string
|
||||
host:
|
||||
description: host defines the host name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value
|
||||
pairs. It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
nodePortOffset:
|
||||
description: nodePortOffset specifies the starting
|
||||
offset of the node ports. The port numbers go in
|
||||
ascending order with respect to the replicas count.
|
||||
NodePort service creation fails if the node port
|
||||
is not in the range supported by the Kubernetes
|
||||
API server. The default Kubernetes Node Port range
|
||||
is `30000` - `32762`.
|
||||
format: int32
|
||||
minimum: 0
|
||||
type: integer
|
||||
servicePorts:
|
||||
description: servicePorts specify user-provided service
|
||||
port(s). For Kafka with the nodePort type, this
|
||||
setting is only applied to Kafka bootstrap service.
|
||||
items:
|
||||
description: ServicePort contains information on
|
||||
service's port.
|
||||
properties:
|
||||
appProtocol:
|
||||
description: The application protocol for this
|
||||
port. This field follows standard Kubernetes
|
||||
label syntax. Un-prefixed names are reserved
|
||||
for IANA standard service names (as per RFC-6335
|
||||
and http://www.iana.org/assignments/service-names).
|
||||
Non-standard protocols should use prefixed
|
||||
names such as mycompany.com/my-custom-protocol.
|
||||
type: string
|
||||
name:
|
||||
description: The name of this port within the
|
||||
service. This must be a DNS_LABEL. All ports
|
||||
within a ServiceSpec must have unique names.
|
||||
When considering the endpoints for a Service,
|
||||
this must match the 'name' field in the EndpointPort.
|
||||
Optional if only one ServicePort is defined
|
||||
on this service.
|
||||
type: string
|
||||
nodePort:
|
||||
description: 'The port on each node on which
|
||||
this service is exposed when type is NodePort
|
||||
or LoadBalancer. Usually assigned by the
|
||||
system. If a value is specified, in-range,
|
||||
and not in use it will be used, otherwise
|
||||
the operation will fail. If not specified,
|
||||
a port will be allocated if this Service requires
|
||||
one. If this field is specified when creating
|
||||
a Service which does not need it, creation
|
||||
will fail. This field will be wiped when updating
|
||||
a Service to no longer need it (e.g. changing
|
||||
type from NodePort to ClusterIP). More info:
|
||||
https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport'
|
||||
format: int32
|
||||
type: integer
|
||||
port:
|
||||
description: The port that will be exposed by
|
||||
this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port.
|
||||
Supports "TCP", "UDP", and "SCTP". Default
|
||||
is TCP.
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: 'Number or name of the port to
|
||||
access on the pods targeted by the service.
|
||||
Number must be in the range 1 to 65535. Name
|
||||
must be an IANA_SVC_NAME. If this is a string,
|
||||
it will be looked up as a named port in the
|
||||
target Pod''s container ports. If this is
|
||||
not specified, the value of the ''port'' field
|
||||
is used (an identity map). This field is ignored
|
||||
for services with clusterIP=None, and should
|
||||
be omitted or set equal to the ''port'' field.
|
||||
More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service'
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- port
|
||||
type: object
|
||||
type: array
|
||||
sessionAffinity:
|
||||
description: 'sessionAffinity defines the Kubernetes
|
||||
session affinity. The valid options are `ClientIP`
|
||||
and `None`. `ClientIP` enables the client IP-based
|
||||
session affinity. The default value is `None`. More
|
||||
info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies.'
|
||||
enum:
|
||||
- ClientIP
|
||||
- None
|
||||
type: string
|
||||
sessionAffinityConfig:
|
||||
description: SessionAffinityConfig contains the configurations
|
||||
of the session affinity.
|
||||
properties:
|
||||
clientIP:
|
||||
description: clientIP contains the configurations
|
||||
of Client IP based session affinity.
|
||||
properties:
|
||||
timeoutSeconds:
|
||||
description: timeoutSeconds specifies the
|
||||
seconds of ClientIP type session sticky
|
||||
time. The value must be >0 && <=86400(for
|
||||
1 day) if ServiceAffinity == "ClientIP".
|
||||
Default value is 10800(for 3 hours).
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- host
|
||||
- nodePortOffset
|
||||
type: object
|
||||
route:
|
||||
description: route specifies the configuration to create
|
||||
a route service in OpenShift.
|
||||
properties:
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and
|
||||
value pairs. It specifies Kubernetes annotations
|
||||
for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
domain:
|
||||
description: domain specifies the domain name of the
|
||||
Confluent component cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value
|
||||
pairs. It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
prefix:
|
||||
description: prefix specifies the component prefix
|
||||
when configured for the domain. The default value
|
||||
is the name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
wildcardPolicy:
|
||||
description: wildcardPolicy allows you to define a
|
||||
route that covers all hosts within a domain. Valid
|
||||
options are `Subdomain` and `None`. The default
|
||||
value is `None`.
|
||||
enum:
|
||||
- Subdomain
|
||||
- None
|
||||
type: string
|
||||
required:
|
||||
- domain
|
||||
type: object
|
||||
type:
|
||||
description: type specifies the Kubernetes external service
|
||||
for the component. Valid options are `loadBalancer`,
|
||||
`nodePort`, and `route`.
|
||||
enum:
|
||||
- loadBalancer
|
||||
- nodePort
|
||||
- route
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- type
|
||||
type: object
|
||||
tls:
|
||||
description: tls specifies the TLS configuration for the listener.
|
||||
properties:
|
||||
directoryPathInContainer:
|
||||
description: directoryPathInContainer specifies the directory
|
||||
path in the container where `keystore.jks`, `truststore.jks`,
|
||||
and `jksPassword.txt` keys are mounted. `truststore.jks`
|
||||
is not configured and can be ignored when the `ignoreTrustStoreConfig`
|
||||
field is set to `true`.
|
||||
minLength: 1
|
||||
type: string
|
||||
enabled:
|
||||
description: enabled specifies to enable the TLS configuration
|
||||
for the Confluent component.
|
||||
type: boolean
|
||||
ignoreTrustStoreConfig:
|
||||
description: ignoreTrustStoreConfig indicates whether
|
||||
to ignore the truststore configuration for the Confluent
|
||||
component.
|
||||
type: boolean
|
||||
jksPassword:
|
||||
description: jksPassword references the secret containing
|
||||
the JKS password.
|
||||
properties:
|
||||
secretRef:
|
||||
description: 'secretRef references the name of the
|
||||
secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- secretRef
|
||||
type: object
|
||||
secretRef:
|
||||
description: 'secretRef references the secret containing
|
||||
the certificates. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
type: object
|
||||
internal:
|
||||
description: internal specifies the Confluent component's internal
|
||||
listener. This internal listener is for intra-communication
|
||||
between the pods.
|
||||
properties:
|
||||
port:
|
||||
description: port binds the given port to the internal listener.
|
||||
If not configured, it will be defaulted to the component-specific
|
||||
internal port. Port numbers lower than `9093` are reserved
|
||||
by CFK.
|
||||
format: int32
|
||||
minimum: 9093
|
||||
type: integer
|
||||
tls:
|
||||
description: tls specifies the TLS configuration for the listener.
|
||||
properties:
|
||||
directoryPathInContainer:
|
||||
description: directoryPathInContainer specifies the directory
|
||||
path in the container where `keystore.jks`, `truststore.jks`,
|
||||
and `jksPassword.txt` keys are mounted. `truststore.jks`
|
||||
is not configured and can be ignored when the `ignoreTrustStoreConfig`
|
||||
field is set to `true`.
|
||||
minLength: 1
|
||||
type: string
|
||||
enabled:
|
||||
description: enabled specifies to enable the TLS configuration
|
||||
for the Confluent component.
|
||||
type: boolean
|
||||
ignoreTrustStoreConfig:
|
||||
description: ignoreTrustStoreConfig indicates whether
|
||||
to ignore the truststore configuration for the Confluent
|
||||
component.
|
||||
type: boolean
|
||||
jksPassword:
|
||||
description: jksPassword references the secret containing
|
||||
the JKS password.
|
||||
properties:
|
||||
secretRef:
|
||||
description: 'secretRef references the name of the
|
||||
secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- secretRef
|
||||
type: object
|
||||
secretRef:
|
||||
description: 'secretRef references the secret containing
|
||||
the certificates. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
type: object
|
||||
type: object
|
||||
metrics:
|
||||
description: metrics specify the security settings for the metric
|
||||
services.
|
||||
|
@ -4910,7 +5454,8 @@ spec:
|
|||
type: boolean
|
||||
type: object
|
||||
tls:
|
||||
description: tls specifies the TLS configurations for the ksqlDB cluster.
|
||||
description: tls specifies the global TLS configurations for the ksqlDB
|
||||
cluster.
|
||||
properties:
|
||||
autoGeneratedCerts:
|
||||
description: autoGeneratedCerts specifies that the certificates
|
||||
|
@ -5040,6 +5585,41 @@ spec:
|
|||
dependency.
|
||||
type: boolean
|
||||
type: object
|
||||
listeners:
|
||||
additionalProperties:
|
||||
description: ListenerStatus describes general information about
|
||||
the listeners.
|
||||
properties:
|
||||
advertisedExternalEndpoints:
|
||||
description: advertisedExternalEndpoints specifies other advertised
|
||||
endpoints used, especially for Kafka.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
authenticationType:
|
||||
description: authenticationType shows the authentication type
|
||||
configured by the listener.
|
||||
type: string
|
||||
externalAccessType:
|
||||
description: externalAccessType shows the external access type
|
||||
used for the listener.
|
||||
type: string
|
||||
externalEndpoint:
|
||||
description: externalEndpoint specifies the external endpoint
|
||||
to connect to the Confluent component cluster.
|
||||
type: string
|
||||
internalEndpoint:
|
||||
description: internalEndpoint specifies the internal endpoint
|
||||
to connect to the Confluent component cluster.
|
||||
type: string
|
||||
tls:
|
||||
description: tls shows whether TLS is configured for the listener.
|
||||
type: boolean
|
||||
type: object
|
||||
description: listeners is a map of listener type and the status of
|
||||
KsqlDB Listeners.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
observedGeneration:
|
||||
description: observedGeneration is the most recent generation observed
|
||||
for this Confluent component.
|
||||
|
|
|
@ -430,6 +430,9 @@ spec:
|
|||
type: boolean
|
||||
externalAccess:
|
||||
description: externalAccess specifies the external access configuration.
|
||||
When `spec.listeners` is configured, configuring `spec.externalAccess`
|
||||
is not allowed. Please configure `spec.listeners.external.externalAccess`
|
||||
instead".
|
||||
properties:
|
||||
loadBalancer:
|
||||
description: loadBalancer specifies the configuration to create
|
||||
|
@ -444,19 +447,22 @@ spec:
|
|||
where podId starts from `0` to `replicaCount -1`. This is
|
||||
only recommended if you cannot add internal SANs to the
|
||||
TLS certificates for MDS and the external DNS must be resolved
|
||||
inside the Kubernetes cluster.'
|
||||
inside the Kubernetes cluster. This configuration will not
|
||||
take effect if MDS enabled dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
@ -615,14 +621,16 @@ spec:
|
|||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker.
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS
|
||||
advertised endpoint if using loadBalancer external access.
|
||||
If not configured, it uses `b` as default prefix, such
|
||||
as `b#.domain` where `#` will start from `0` to `replicaCount
|
||||
-1`.
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
|
@ -922,6 +930,542 @@ spec:
|
|||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
type: object
|
||||
listeners:
|
||||
description: listeners specify the listeners configurations.
|
||||
properties:
|
||||
external:
|
||||
description: external specifies the Confluent component external
|
||||
listener.
|
||||
properties:
|
||||
externalAccess:
|
||||
description: externalAccess defines the external access configuration
|
||||
for the Confluent component.
|
||||
properties:
|
||||
loadBalancer:
|
||||
description: loadBalancer specifies the configuration
|
||||
to create a Kubernetes load balancer service.
|
||||
properties:
|
||||
advertisedURL:
|
||||
description: 'advertisedURL specifies the configuration
|
||||
for advertised listener per pod. It is only supported
|
||||
for MDS currently. If it is enabled, instead of
|
||||
using internal endpoint, the MDS advertised listener
|
||||
for each broker will be set to: `<httpSchema>://<advertisedUrl.prefix><podId>.<domain>`
|
||||
where podId starts from `0` to `replicaCount -1`.
|
||||
This is only recommended if you cannot add internal
|
||||
SANs to the TLS certificates for MDS and the external
|
||||
DNS must be resolved inside the Kubernetes cluster.
|
||||
This configuration will not take effect if MDS enabled
|
||||
dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set
|
||||
the MDS advertised listener url with external
|
||||
endpoint for each broker. Has no effect with
|
||||
Zookeeper, which will always create a listener
|
||||
per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix
|
||||
for MDS/Zookeeper advertised endpoint. If not
|
||||
configured, it uses `b` as default prefix for
|
||||
MDS, such as `b#.domain` where `#` will start
|
||||
from `0` to `replicaCount -1`. It uses 'zookeeper'
|
||||
as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and
|
||||
value pairs. It specifies Kubernetes annotations
|
||||
for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
domain:
|
||||
description: domain is the domain name of the component
|
||||
cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
externalTrafficPolicy:
|
||||
description: externalTrafficPolicy specifies the external
|
||||
traffic policy for the service. Valid options are
|
||||
`Local` and `Cluster`.
|
||||
enum:
|
||||
- Local
|
||||
- Cluster
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value
|
||||
pairs. It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
loadBalancerSourceRanges:
|
||||
description: loadBalancerSourceRanges specify the
|
||||
source ranges.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
port:
|
||||
description: port specifies the external port for
|
||||
the client consumption. If not configured, the same
|
||||
internal/external port is configured for the component.
|
||||
Information about the port can be retrieved through
|
||||
the status API.
|
||||
format: int32
|
||||
type: integer
|
||||
prefix:
|
||||
description: prefix specify the prefix for the given
|
||||
domain. The default value is the name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
servicePorts:
|
||||
description: servicePorts specify the user-provided
|
||||
service port(s).
|
||||
items:
|
||||
description: ServicePort contains information on
|
||||
service's port.
|
||||
properties:
|
||||
appProtocol:
|
||||
description: The application protocol for this
|
||||
port. This field follows standard Kubernetes
|
||||
label syntax. Un-prefixed names are reserved
|
||||
for IANA standard service names (as per RFC-6335
|
||||
and http://www.iana.org/assignments/service-names).
|
||||
Non-standard protocols should use prefixed
|
||||
names such as mycompany.com/my-custom-protocol.
|
||||
type: string
|
||||
name:
|
||||
description: The name of this port within the
|
||||
service. This must be a DNS_LABEL. All ports
|
||||
within a ServiceSpec must have unique names.
|
||||
When considering the endpoints for a Service,
|
||||
this must match the 'name' field in the EndpointPort.
|
||||
Optional if only one ServicePort is defined
|
||||
on this service.
|
||||
type: string
|
||||
nodePort:
|
||||
description: 'The port on each node on which
|
||||
this service is exposed when type is NodePort
|
||||
or LoadBalancer. Usually assigned by the
|
||||
system. If a value is specified, in-range,
|
||||
and not in use it will be used, otherwise
|
||||
the operation will fail. If not specified,
|
||||
a port will be allocated if this Service requires
|
||||
one. If this field is specified when creating
|
||||
a Service which does not need it, creation
|
||||
will fail. This field will be wiped when updating
|
||||
a Service to no longer need it (e.g. changing
|
||||
type from NodePort to ClusterIP). More info:
|
||||
https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport'
|
||||
format: int32
|
||||
type: integer
|
||||
port:
|
||||
description: The port that will be exposed by
|
||||
this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port.
|
||||
Supports "TCP", "UDP", and "SCTP". Default
|
||||
is TCP.
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: 'Number or name of the port to
|
||||
access on the pods targeted by the service.
|
||||
Number must be in the range 1 to 65535. Name
|
||||
must be an IANA_SVC_NAME. If this is a string,
|
||||
it will be looked up as a named port in the
|
||||
target Pod''s container ports. If this is
|
||||
not specified, the value of the ''port'' field
|
||||
is used (an identity map). This field is ignored
|
||||
for services with clusterIP=None, and should
|
||||
be omitted or set equal to the ''port'' field.
|
||||
More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service'
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- port
|
||||
type: object
|
||||
type: array
|
||||
sessionAffinity:
|
||||
description: 'sessionAffinity defines the Kubernetes
|
||||
session affinity. The valid options are `ClientIP`
|
||||
and `None`. `ClientIP` enables the client IP-based
|
||||
session affinity. The default value is `None`. More
|
||||
info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies.'
|
||||
enum:
|
||||
- ClientIP
|
||||
- None
|
||||
type: string
|
||||
sessionAffinityConfig:
|
||||
description: SessionAffinityConfig contains the configurations
|
||||
of the session affinity.
|
||||
properties:
|
||||
clientIP:
|
||||
description: clientIP contains the configurations
|
||||
of Client IP based session affinity.
|
||||
properties:
|
||||
timeoutSeconds:
|
||||
description: timeoutSeconds specifies the
|
||||
seconds of ClientIP type session sticky
|
||||
time. The value must be >0 && <=86400(for
|
||||
1 day) if ServiceAffinity == "ClientIP".
|
||||
Default value is 10800(for 3 hours).
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- domain
|
||||
type: object
|
||||
nodePort:
|
||||
description: nodePort specifies the configuration to create
|
||||
a Kubernetes node port service.
|
||||
properties:
|
||||
advertisedURL:
|
||||
description: advertisedURL specifies the configuration
|
||||
for advertised listener per pod. It is only supported
|
||||
for MDS currently. If it is enabled, instead of
|
||||
using internal endpoint, the MDS advertised listener
|
||||
for each broker will be set to `<httpSchema>://<host>:<nodePortOffset
|
||||
+ podId + 1>, where`podId` starts from `0` to `replicaCount
|
||||
- 1`. This is only recommended if you cannot add
|
||||
internal SANs to the TLS certificates for MDS and
|
||||
the external DNS must be resolved inside the Kubernetes
|
||||
cluster.
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set
|
||||
the MDS advertised listener url with external
|
||||
endpoint for each broker. Has no effect with
|
||||
Zookeeper, which will always create a listener
|
||||
per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix
|
||||
for MDS/Zookeeper advertised endpoint. If not
|
||||
configured, it uses `b` as default prefix for
|
||||
MDS, such as `b#.domain` where `#` will start
|
||||
from `0` to `replicaCount -1`. It uses 'zookeeper'
|
||||
as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and
|
||||
value pairs. It specifies Kubernetes annotations
|
||||
for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
externalTrafficPolicy:
|
||||
description: externalTrafficPolicy specifies the external
|
||||
traffic policy for the service. Valid options are
|
||||
`Local` and `Cluster`.
|
||||
enum:
|
||||
- Local
|
||||
- Cluster
|
||||
type: string
|
||||
host:
|
||||
description: host defines the host name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value
|
||||
pairs. It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
nodePortOffset:
|
||||
description: nodePortOffset specifies the starting
|
||||
offset of the node ports. The port numbers go in
|
||||
ascending order with respect to the replicas count.
|
||||
NodePort service creation fails if the node port
|
||||
is not in the range supported by the Kubernetes
|
||||
API server. The default Kubernetes Node Port range
|
||||
is `30000` - `32762`.
|
||||
format: int32
|
||||
minimum: 0
|
||||
type: integer
|
||||
servicePorts:
|
||||
description: servicePorts specify user-provided service
|
||||
port(s). For Kafka with the nodePort type, this
|
||||
setting is only applied to Kafka bootstrap service.
|
||||
items:
|
||||
description: ServicePort contains information on
|
||||
service's port.
|
||||
properties:
|
||||
appProtocol:
|
||||
description: The application protocol for this
|
||||
port. This field follows standard Kubernetes
|
||||
label syntax. Un-prefixed names are reserved
|
||||
for IANA standard service names (as per RFC-6335
|
||||
and http://www.iana.org/assignments/service-names).
|
||||
Non-standard protocols should use prefixed
|
||||
names such as mycompany.com/my-custom-protocol.
|
||||
type: string
|
||||
name:
|
||||
description: The name of this port within the
|
||||
service. This must be a DNS_LABEL. All ports
|
||||
within a ServiceSpec must have unique names.
|
||||
When considering the endpoints for a Service,
|
||||
this must match the 'name' field in the EndpointPort.
|
||||
Optional if only one ServicePort is defined
|
||||
on this service.
|
||||
type: string
|
||||
nodePort:
|
||||
description: 'The port on each node on which
|
||||
this service is exposed when type is NodePort
|
||||
or LoadBalancer. Usually assigned by the
|
||||
system. If a value is specified, in-range,
|
||||
and not in use it will be used, otherwise
|
||||
the operation will fail. If not specified,
|
||||
a port will be allocated if this Service requires
|
||||
one. If this field is specified when creating
|
||||
a Service which does not need it, creation
|
||||
will fail. This field will be wiped when updating
|
||||
a Service to no longer need it (e.g. changing
|
||||
type from NodePort to ClusterIP). More info:
|
||||
https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport'
|
||||
format: int32
|
||||
type: integer
|
||||
port:
|
||||
description: The port that will be exposed by
|
||||
this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port.
|
||||
Supports "TCP", "UDP", and "SCTP". Default
|
||||
is TCP.
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: 'Number or name of the port to
|
||||
access on the pods targeted by the service.
|
||||
Number must be in the range 1 to 65535. Name
|
||||
must be an IANA_SVC_NAME. If this is a string,
|
||||
it will be looked up as a named port in the
|
||||
target Pod''s container ports. If this is
|
||||
not specified, the value of the ''port'' field
|
||||
is used (an identity map). This field is ignored
|
||||
for services with clusterIP=None, and should
|
||||
be omitted or set equal to the ''port'' field.
|
||||
More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service'
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- port
|
||||
type: object
|
||||
type: array
|
||||
sessionAffinity:
|
||||
description: 'sessionAffinity defines the Kubernetes
|
||||
session affinity. The valid options are `ClientIP`
|
||||
and `None`. `ClientIP` enables the client IP-based
|
||||
session affinity. The default value is `None`. More
|
||||
info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies.'
|
||||
enum:
|
||||
- ClientIP
|
||||
- None
|
||||
type: string
|
||||
sessionAffinityConfig:
|
||||
description: SessionAffinityConfig contains the configurations
|
||||
of the session affinity.
|
||||
properties:
|
||||
clientIP:
|
||||
description: clientIP contains the configurations
|
||||
of Client IP based session affinity.
|
||||
properties:
|
||||
timeoutSeconds:
|
||||
description: timeoutSeconds specifies the
|
||||
seconds of ClientIP type session sticky
|
||||
time. The value must be >0 && <=86400(for
|
||||
1 day) if ServiceAffinity == "ClientIP".
|
||||
Default value is 10800(for 3 hours).
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- host
|
||||
- nodePortOffset
|
||||
type: object
|
||||
route:
|
||||
description: route specifies the configuration to create
|
||||
a route service in OpenShift.
|
||||
properties:
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and
|
||||
value pairs. It specifies Kubernetes annotations
|
||||
for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
domain:
|
||||
description: domain specifies the domain name of the
|
||||
Confluent component cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value
|
||||
pairs. It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
prefix:
|
||||
description: prefix specifies the component prefix
|
||||
when configured for the domain. The default value
|
||||
is the name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
wildcardPolicy:
|
||||
description: wildcardPolicy allows you to define a
|
||||
route that covers all hosts within a domain. Valid
|
||||
options are `Subdomain` and `None`. The default
|
||||
value is `None`.
|
||||
enum:
|
||||
- Subdomain
|
||||
- None
|
||||
type: string
|
||||
required:
|
||||
- domain
|
||||
type: object
|
||||
type:
|
||||
description: type specifies the Kubernetes external service
|
||||
for the component. Valid options are `loadBalancer`,
|
||||
`nodePort`, and `route`.
|
||||
enum:
|
||||
- loadBalancer
|
||||
- nodePort
|
||||
- route
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- type
|
||||
type: object
|
||||
tls:
|
||||
description: tls specifies the TLS configuration for the listener.
|
||||
properties:
|
||||
directoryPathInContainer:
|
||||
description: directoryPathInContainer specifies the directory
|
||||
path in the container where `keystore.jks`, `truststore.jks`,
|
||||
and `jksPassword.txt` keys are mounted. `truststore.jks`
|
||||
is not configured and can be ignored when the `ignoreTrustStoreConfig`
|
||||
field is set to `true`.
|
||||
minLength: 1
|
||||
type: string
|
||||
enabled:
|
||||
description: enabled specifies to enable the TLS configuration
|
||||
for the Confluent component.
|
||||
type: boolean
|
||||
ignoreTrustStoreConfig:
|
||||
description: ignoreTrustStoreConfig indicates whether
|
||||
to ignore the truststore configuration for the Confluent
|
||||
component.
|
||||
type: boolean
|
||||
jksPassword:
|
||||
description: jksPassword references the secret containing
|
||||
the JKS password.
|
||||
properties:
|
||||
secretRef:
|
||||
description: 'secretRef references the name of the
|
||||
secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- secretRef
|
||||
type: object
|
||||
secretRef:
|
||||
description: 'secretRef references the secret containing
|
||||
the certificates. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
type: object
|
||||
internal:
|
||||
description: internal specifies the Confluent component's internal
|
||||
listener. This internal listener is for intra-communication
|
||||
between the pods.
|
||||
properties:
|
||||
port:
|
||||
description: port binds the given port to the internal listener.
|
||||
If not configured, it will be defaulted to the component-specific
|
||||
internal port. Port numbers lower than `9093` are reserved
|
||||
by CFK.
|
||||
format: int32
|
||||
minimum: 9093
|
||||
type: integer
|
||||
tls:
|
||||
description: tls specifies the TLS configuration for the listener.
|
||||
properties:
|
||||
directoryPathInContainer:
|
||||
description: directoryPathInContainer specifies the directory
|
||||
path in the container where `keystore.jks`, `truststore.jks`,
|
||||
and `jksPassword.txt` keys are mounted. `truststore.jks`
|
||||
is not configured and can be ignored when the `ignoreTrustStoreConfig`
|
||||
field is set to `true`.
|
||||
minLength: 1
|
||||
type: string
|
||||
enabled:
|
||||
description: enabled specifies to enable the TLS configuration
|
||||
for the Confluent component.
|
||||
type: boolean
|
||||
ignoreTrustStoreConfig:
|
||||
description: ignoreTrustStoreConfig indicates whether
|
||||
to ignore the truststore configuration for the Confluent
|
||||
component.
|
||||
type: boolean
|
||||
jksPassword:
|
||||
description: jksPassword references the secret containing
|
||||
the JKS password.
|
||||
properties:
|
||||
secretRef:
|
||||
description: 'secretRef references the name of the
|
||||
secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- secretRef
|
||||
type: object
|
||||
secretRef:
|
||||
description: 'secretRef references the secret containing
|
||||
the certificates. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
||||
maxLength: 30
|
||||
minLength: 1
|
||||
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
type: object
|
||||
type: object
|
||||
metrics:
|
||||
description: metrics specify the security settings for the metric
|
||||
services.
|
||||
|
@ -4369,8 +4913,8 @@ spec:
|
|||
type: boolean
|
||||
type: object
|
||||
tls:
|
||||
description: tls specifies the TLS configurations for the REST API
|
||||
endpoint.
|
||||
description: tls specifies the global TLS configurations for the REST
|
||||
API endpoint.
|
||||
properties:
|
||||
autoGeneratedCerts:
|
||||
description: autoGeneratedCerts specifies that the certificates
|
||||
|
@ -4503,6 +5047,41 @@ spec:
|
|||
dependency.
|
||||
type: boolean
|
||||
type: object
|
||||
listeners:
|
||||
additionalProperties:
|
||||
description: ListenerStatus describes general information about
|
||||
the listeners.
|
||||
properties:
|
||||
advertisedExternalEndpoints:
|
||||
description: advertisedExternalEndpoints specifies other advertised
|
||||
endpoints used, especially for Kafka.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
authenticationType:
|
||||
description: authenticationType shows the authentication type
|
||||
configured by the listener.
|
||||
type: string
|
||||
externalAccessType:
|
||||
description: externalAccessType shows the external access type
|
||||
used for the listener.
|
||||
type: string
|
||||
externalEndpoint:
|
||||
description: externalEndpoint specifies the external endpoint
|
||||
to connect to the Confluent component cluster.
|
||||
type: string
|
||||
internalEndpoint:
|
||||
description: internalEndpoint specifies the internal endpoint
|
||||
to connect to the Confluent component cluster.
|
||||
type: string
|
||||
tls:
|
||||
description: tls shows whether TLS is configured for the listener.
|
||||
type: boolean
|
||||
type: object
|
||||
description: listeners is a map of listener type and the status of
|
||||
Schema Registry Listeners.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
metricPrefix:
|
||||
description: metricPrefix is the prefix for the JMX metric of the
|
||||
Schema Registry cluster.
|
||||
|
|
|
@ -153,6 +153,394 @@ spec:
|
|||
description: dataVolumeCapacity specifies the data volume size.
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
externalAccess:
|
||||
description: externalAccess specifies the external access configuration.
|
||||
Should only be specified when Zookeeper peers are on another network.
|
||||
properties:
|
||||
loadBalancer:
|
||||
description: loadBalancer specifies the configuration to create
|
||||
a Kubernetes load balancer service.
|
||||
properties:
|
||||
advertisedURL:
|
||||
description: 'advertisedURL specifies the configuration for
|
||||
advertised listener per pod. It is only supported for MDS
|
||||
currently. If it is enabled, instead of using internal endpoint,
|
||||
the MDS advertised listener for each broker will be set
|
||||
to: `<httpSchema>://<advertisedUrl.prefix><podId>.<domain>`
|
||||
where podId starts from `0` to `replicaCount -1`. This is
|
||||
only recommended if you cannot add internal SANs to the
|
||||
TLS certificates for MDS and the external DNS must be resolved
|
||||
inside the Kubernetes cluster. This configuration will not
|
||||
take effect if MDS enabled dual listener setup.'
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and value
|
||||
pairs. It specifies Kubernetes annotations for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
domain:
|
||||
description: domain is the domain name of the component cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
externalTrafficPolicy:
|
||||
description: externalTrafficPolicy specifies the external
|
||||
traffic policy for the service. Valid options are `Local`
|
||||
and `Cluster`.
|
||||
enum:
|
||||
- Local
|
||||
- Cluster
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value pairs.
|
||||
It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
loadBalancerSourceRanges:
|
||||
description: loadBalancerSourceRanges specify the source ranges.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
port:
|
||||
description: port specifies the external port for the client
|
||||
consumption. If not configured, the same internal/external
|
||||
port is configured for the component. Information about
|
||||
the port can be retrieved through the status API.
|
||||
format: int32
|
||||
type: integer
|
||||
prefix:
|
||||
description: prefix specify the prefix for the given domain.
|
||||
The default value is the name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
servicePorts:
|
||||
description: servicePorts specify the user-provided service
|
||||
port(s).
|
||||
items:
|
||||
description: ServicePort contains information on service's
|
||||
port.
|
||||
properties:
|
||||
appProtocol:
|
||||
description: The application protocol for this port.
|
||||
This field follows standard Kubernetes label syntax.
|
||||
Un-prefixed names are reserved for IANA standard service
|
||||
names (as per RFC-6335 and http://www.iana.org/assignments/service-names).
|
||||
Non-standard protocols should use prefixed names such
|
||||
as mycompany.com/my-custom-protocol.
|
||||
type: string
|
||||
name:
|
||||
description: The name of this port within the service.
|
||||
This must be a DNS_LABEL. All ports within a ServiceSpec
|
||||
must have unique names. When considering the endpoints
|
||||
for a Service, this must match the 'name' field in
|
||||
the EndpointPort. Optional if only one ServicePort
|
||||
is defined on this service.
|
||||
type: string
|
||||
nodePort:
|
||||
description: 'The port on each node on which this service
|
||||
is exposed when type is NodePort or LoadBalancer. Usually
|
||||
assigned by the system. If a value is specified, in-range,
|
||||
and not in use it will be used, otherwise the operation
|
||||
will fail. If not specified, a port will be allocated
|
||||
if this Service requires one. If this field is specified
|
||||
when creating a Service which does not need it, creation
|
||||
will fail. This field will be wiped when updating
|
||||
a Service to no longer need it (e.g. changing type
|
||||
from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport'
|
||||
format: int32
|
||||
type: integer
|
||||
port:
|
||||
description: The port that will be exposed by this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port. Supports
|
||||
"TCP", "UDP", and "SCTP". Default is TCP.
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: 'Number or name of the port to access on
|
||||
the pods targeted by the service. Number must be in
|
||||
the range 1 to 65535. Name must be an IANA_SVC_NAME.
|
||||
If this is a string, it will be looked up as a named
|
||||
port in the target Pod''s container ports. If this
|
||||
is not specified, the value of the ''port'' field
|
||||
is used (an identity map). This field is ignored for
|
||||
services with clusterIP=None, and should be omitted
|
||||
or set equal to the ''port'' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service'
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- port
|
||||
type: object
|
||||
type: array
|
||||
sessionAffinity:
|
||||
description: 'sessionAffinity defines the Kubernetes session
|
||||
affinity. The valid options are `ClientIP` and `None`. `ClientIP`
|
||||
enables the client IP-based session affinity. The default
|
||||
value is `None`. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies.'
|
||||
enum:
|
||||
- ClientIP
|
||||
- None
|
||||
type: string
|
||||
sessionAffinityConfig:
|
||||
description: SessionAffinityConfig contains the configurations
|
||||
of the session affinity.
|
||||
properties:
|
||||
clientIP:
|
||||
description: clientIP contains the configurations of Client
|
||||
IP based session affinity.
|
||||
properties:
|
||||
timeoutSeconds:
|
||||
description: timeoutSeconds specifies the seconds
|
||||
of ClientIP type session sticky time. The value
|
||||
must be >0 && <=86400(for 1 day) if ServiceAffinity
|
||||
== "ClientIP". Default value is 10800(for 3 hours).
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- domain
|
||||
type: object
|
||||
nodePort:
|
||||
description: nodePort specifies the configuration to create a
|
||||
Kubernetes node port service.
|
||||
properties:
|
||||
advertisedURL:
|
||||
description: advertisedURL specifies the configuration for
|
||||
advertised listener per pod. It is only supported for MDS
|
||||
currently. If it is enabled, instead of using internal endpoint,
|
||||
the MDS advertised listener for each broker will be set
|
||||
to `<httpSchema>://<host>:<nodePortOffset + podId + 1>,
|
||||
where`podId` starts from `0` to `replicaCount - 1`. This
|
||||
is only recommended if you cannot add internal SANs to the
|
||||
TLS certificates for MDS and the external DNS must be resolved
|
||||
inside the Kubernetes cluster.
|
||||
properties:
|
||||
enabled:
|
||||
description: enabled indicates whether to set the MDS
|
||||
advertised listener url with external endpoint for each
|
||||
broker. Has no effect with Zookeeper, which will always
|
||||
create a listener per pod.
|
||||
type: boolean
|
||||
prefix:
|
||||
description: prefix specifies the broker prefix for MDS/Zookeeper
|
||||
advertised endpoint. If not configured, it uses `b`
|
||||
as default prefix for MDS, such as `b#.domain` where
|
||||
`#` will start from `0` to `replicaCount -1`. It uses
|
||||
'zookeeper' as default prefix for Zookeeper in the same
|
||||
way.
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- enabled
|
||||
type: object
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and value
|
||||
pairs. It specifies Kubernetes annotations for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
externalTrafficPolicy:
|
||||
description: externalTrafficPolicy specifies the external
|
||||
traffic policy for the service. Valid options are `Local`
|
||||
and `Cluster`.
|
||||
enum:
|
||||
- Local
|
||||
- Cluster
|
||||
type: string
|
||||
host:
|
||||
description: host defines the host name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value pairs.
|
||||
It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
nodePortOffset:
|
||||
description: nodePortOffset specifies the starting offset
|
||||
of the node ports. The port numbers go in ascending order
|
||||
with respect to the replicas count. NodePort service creation
|
||||
fails if the node port is not in the range supported by
|
||||
the Kubernetes API server. The default Kubernetes Node Port
|
||||
range is `30000` - `32762`.
|
||||
format: int32
|
||||
minimum: 0
|
||||
type: integer
|
||||
servicePorts:
|
||||
description: servicePorts specify user-provided service port(s).
|
||||
For Kafka with the nodePort type, this setting is only applied
|
||||
to Kafka bootstrap service.
|
||||
items:
|
||||
description: ServicePort contains information on service's
|
||||
port.
|
||||
properties:
|
||||
appProtocol:
|
||||
description: The application protocol for this port.
|
||||
This field follows standard Kubernetes label syntax.
|
||||
Un-prefixed names are reserved for IANA standard service
|
||||
names (as per RFC-6335 and http://www.iana.org/assignments/service-names).
|
||||
Non-standard protocols should use prefixed names such
|
||||
as mycompany.com/my-custom-protocol.
|
||||
type: string
|
||||
name:
|
||||
description: The name of this port within the service.
|
||||
This must be a DNS_LABEL. All ports within a ServiceSpec
|
||||
must have unique names. When considering the endpoints
|
||||
for a Service, this must match the 'name' field in
|
||||
the EndpointPort. Optional if only one ServicePort
|
||||
is defined on this service.
|
||||
type: string
|
||||
nodePort:
|
||||
description: 'The port on each node on which this service
|
||||
is exposed when type is NodePort or LoadBalancer. Usually
|
||||
assigned by the system. If a value is specified, in-range,
|
||||
and not in use it will be used, otherwise the operation
|
||||
will fail. If not specified, a port will be allocated
|
||||
if this Service requires one. If this field is specified
|
||||
when creating a Service which does not need it, creation
|
||||
will fail. This field will be wiped when updating
|
||||
a Service to no longer need it (e.g. changing type
|
||||
from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport'
|
||||
format: int32
|
||||
type: integer
|
||||
port:
|
||||
description: The port that will be exposed by this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port. Supports
|
||||
"TCP", "UDP", and "SCTP". Default is TCP.
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: 'Number or name of the port to access on
|
||||
the pods targeted by the service. Number must be in
|
||||
the range 1 to 65535. Name must be an IANA_SVC_NAME.
|
||||
If this is a string, it will be looked up as a named
|
||||
port in the target Pod''s container ports. If this
|
||||
is not specified, the value of the ''port'' field
|
||||
is used (an identity map). This field is ignored for
|
||||
services with clusterIP=None, and should be omitted
|
||||
or set equal to the ''port'' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service'
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- port
|
||||
type: object
|
||||
type: array
|
||||
sessionAffinity:
|
||||
description: 'sessionAffinity defines the Kubernetes session
|
||||
affinity. The valid options are `ClientIP` and `None`. `ClientIP`
|
||||
enables the client IP-based session affinity. The default
|
||||
value is `None`. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies.'
|
||||
enum:
|
||||
- ClientIP
|
||||
- None
|
||||
type: string
|
||||
sessionAffinityConfig:
|
||||
description: SessionAffinityConfig contains the configurations
|
||||
of the session affinity.
|
||||
properties:
|
||||
clientIP:
|
||||
description: clientIP contains the configurations of Client
|
||||
IP based session affinity.
|
||||
properties:
|
||||
timeoutSeconds:
|
||||
description: timeoutSeconds specifies the seconds
|
||||
of ClientIP type session sticky time. The value
|
||||
must be >0 && <=86400(for 1 day) if ServiceAffinity
|
||||
== "ClientIP". Default value is 10800(for 3 hours).
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- host
|
||||
- nodePortOffset
|
||||
type: object
|
||||
route:
|
||||
description: route specifies the configuration to create a route
|
||||
service in OpenShift.
|
||||
properties:
|
||||
annotations:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: annotations is a map of string key and value
|
||||
pairs. It specifies Kubernetes annotations for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
domain:
|
||||
description: domain specifies the domain name of the Confluent
|
||||
component cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: labels is a map of string key and value pairs.
|
||||
It specifies Kubernetes labels for this service.
|
||||
type: object
|
||||
x-kubernetes-map-type: granular
|
||||
prefix:
|
||||
description: prefix specifies the component prefix when configured
|
||||
for the domain. The default value is the name of the cluster.
|
||||
minLength: 1
|
||||
type: string
|
||||
wildcardPolicy:
|
||||
description: wildcardPolicy allows you to define a route that
|
||||
covers all hosts within a domain. Valid options are `Subdomain`
|
||||
and `None`. The default value is `None`.
|
||||
enum:
|
||||
- Subdomain
|
||||
- None
|
||||
type: string
|
||||
required:
|
||||
- domain
|
||||
type: object
|
||||
type:
|
||||
description: type specifies the Kubernetes external service for
|
||||
the component. Valid options are `loadBalancer`, `nodePort`,
|
||||
and `route`.
|
||||
enum:
|
||||
- loadBalancer
|
||||
- nodePort
|
||||
- route
|
||||
minLength: 1
|
||||
type: string
|
||||
required:
|
||||
- type
|
||||
type: object
|
||||
headlessService:
|
||||
description: headlessService specifies the configuration of the Kubernetes
|
||||
headless service.
|
||||
|
@ -2036,6 +2424,15 @@ spec:
|
|||
using the pod anti-affinity capability. Enabling this configuration
|
||||
in an existing cluster will roll the cluster.
|
||||
type: boolean
|
||||
peers:
|
||||
description: peers specify a list of dynamic peer configurations for
|
||||
the Zookeeper cluster. This is only required when deploying stretch
|
||||
Zookeeper for MRC deployments and should include all the Zookeeper
|
||||
peers in other DCs that form the ensemble. This will either add
|
||||
or update the existing configuration.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
podTemplate:
|
||||
description: podTemplate specifies the statefulset pod template configuration.
|
||||
properties:
|
||||
|
@ -3746,10 +4143,6 @@ spec:
|
|||
description: arbitraryData is the map for any arbitrary data associated
|
||||
with this Confluent component.
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
authenticationType:
|
||||
description: authenticationType is the authentication method for the
|
||||
Zookeeper cluster.
|
||||
type: string
|
||||
authorizationType:
|
||||
description: authorizationType is the authorization type for this
|
||||
Confluent component.
|
||||
|
@ -3800,9 +4193,6 @@ spec:
|
|||
description: currentReplicas is the number of currently running replicas.
|
||||
format: int32
|
||||
type: integer
|
||||
endpoint:
|
||||
description: endpoint is the Zookeeper cluster endpoint.
|
||||
type: string
|
||||
internalSecrets:
|
||||
description: internalSecrets are internal secrets created by CFK for
|
||||
this Confluent component.
|
||||
|
@ -3842,15 +4232,41 @@ spec:
|
|||
description: replicas is the number of replicas.
|
||||
format: int32
|
||||
type: integer
|
||||
restConfig:
|
||||
description: restConfig is the REST API configuration of the Zookeeper
|
||||
cluster.
|
||||
properties:
|
||||
advertisedExternalEndpoints:
|
||||
description: advertisedExternalEndpoints specifies other advertised
|
||||
endpoints used, especially for Kafka.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
authenticationType:
|
||||
description: authenticationType shows the authentication type
|
||||
configured by the listener.
|
||||
type: string
|
||||
externalAccessType:
|
||||
description: externalAccessType shows the external access type
|
||||
used for the listener.
|
||||
type: string
|
||||
externalEndpoint:
|
||||
description: externalEndpoint specifies the external endpoint
|
||||
to connect to the Confluent component cluster.
|
||||
type: string
|
||||
internalEndpoint:
|
||||
description: internalEndpoint specifies the internal endpoint
|
||||
to connect to the Confluent component cluster.
|
||||
type: string
|
||||
tls:
|
||||
description: tls shows whether TLS is configured for the listener.
|
||||
type: boolean
|
||||
type: object
|
||||
selector:
|
||||
description: selector gets the label selector of the child pod. The
|
||||
Horizontal Pod Autoscaler(HPA) will scale using the label selector
|
||||
of the child pod.
|
||||
type: string
|
||||
tls:
|
||||
description: tls shows whether TLS is configured for the Zookeeper
|
||||
cluster.
|
||||
type: boolean
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if .Values.rbac }}
|
||||
{{- $clusterRole := or (not .Values.namespaced) (gt (len .Values.namespaceList) 0)}}
|
||||
{{- $clusterRole := or (not .Values.namespaced) (.Values.kRaftEnabled) (gt (len .Values.namespaceList) 0)}}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- if not $clusterRole }}
|
||||
kind: Role
|
||||
|
@ -66,11 +66,18 @@ rules:
|
|||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- apps
|
||||
resources:
|
||||
- deployments
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- configmaps
|
||||
- persistentvolumeclaims
|
||||
- persistentvolumes
|
||||
- secrets
|
||||
- secrets/finalizers
|
||||
- pods
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{{- if .Values.rbac }}
|
||||
{{- $clusterRoleBinding := or (not .Values.namespaced) (gt (len .Values.namespaceList) 0)}}
|
||||
{{- $clusterRoleBinding := or (not .Values.namespaced) (.Values.kRaftEnabled) (gt (len .Values.namespaceList) 0)}}
|
||||
{{- if not $clusterRoleBinding }}
|
||||
kind: RoleBinding
|
||||
{{- else }}
|
||||
|
|
|
@ -97,6 +97,8 @@ spec:
|
|||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.uid
|
||||
- name: DEPLOYMENT_NAME
|
||||
value: {{ .Values.name }}
|
||||
{{- if .Values.managedCerts.enabled }}
|
||||
{{- if and (empty .Values.managedCerts.caCertificate.secretRef) (empty .Values.managedCerts.caCertificate.directoryPathInContainer) }}
|
||||
{{- $_ := required "secretRef or directoryPathInContainer must be configured when managedCerts is enabled" .Values.managedCerts.secretRef }}
|
||||
|
@ -139,10 +141,14 @@ spec:
|
|||
- name: CONFLUENT_LICENSE_DIRECTORY_PATH
|
||||
value: {{ .Values.license.directoryPathInContainer }}
|
||||
{{- end }}
|
||||
{{- if .Values.telemetry.enabled }}
|
||||
{{- if or (.Values.telemetry.enabled) (.Values.telemetry.operator.enabled) }}
|
||||
{{- if and (empty .Values.telemetry.secretRef) (empty .Values.telemetry.directoryPathInContainer) }}
|
||||
{{- $_ := required "secretRef or directoryPathInContainer must be configured when telemetry is enabled" .Values.telemetry.secretRef }}
|
||||
{{- end }}
|
||||
- name: CP_TELEMETRY_ENABLED
|
||||
value: {{ quote .Values.telemetry.enabled }}
|
||||
- name: OPERATOR_TELEMETRY_ENABLED
|
||||
value: {{ quote .Values.telemetry.operator.enabled }}
|
||||
{{- if .Values.telemetry.secretRef }}
|
||||
- name: CONFLUENT_TELEMETRY_SECRET_NAME
|
||||
value: {{ .Values.telemetry.secretRef }}
|
||||
|
|
|
@ -53,6 +53,7 @@ webhooks:
|
|||
resources:
|
||||
- zookeepers
|
||||
- kafkas
|
||||
- kraftcontrollers
|
||||
- ksqldbs
|
||||
- controlcenters
|
||||
scope: Namespaced
|
||||
|
|
|
@ -81,7 +81,7 @@ image:
|
|||
registry: docker.io
|
||||
repository: confluentinc/confluent-operator
|
||||
pullPolicy: IfNotPresent
|
||||
tag: "0.581.55"
|
||||
tag: "0.771.13"
|
||||
|
||||
###
|
||||
## Priority class for Confluent Operator pod
|
||||
|
@ -196,6 +196,8 @@ clusterRole:
|
|||
## proxy.password=<proxy_password>
|
||||
##
|
||||
telemetry:
|
||||
operator:
|
||||
enabled: false
|
||||
enabled: false
|
||||
proxy:
|
||||
enabled: false
|
||||
|
@ -205,6 +207,11 @@ telemetry:
|
|||
## you mount telemetry.txt in the path you provided here in each pod
|
||||
directoryPathInContainer: ""
|
||||
|
||||
## In case of KRaft, we need to preserve the KRaft ClusterID in PV annotation
|
||||
## for disaster recovery case. Enabling this ensures we create proper ClusterRoles
|
||||
## to be able to set this annotation in PersistentVolumes.
|
||||
kRaftEnabled: false
|
||||
|
||||
###
|
||||
### Webhooks configuration
|
||||
## To enable webhooks, it requires TLS certificates to set up webhook server,
|
||||
|
|
|
@ -1,5 +1,21 @@
|
|||
# Datadog changelog
|
||||
|
||||
## 3.27.0
|
||||
|
||||
* Default `Agent` and `Cluster-Agent` to `7.44.0` version.
|
||||
|
||||
## 3.26.2
|
||||
|
||||
* Adds statx syscall to seccomp for system-probe
|
||||
|
||||
## 3.26.1
|
||||
|
||||
* Add support for `topologySpreadConstraints` in pod templates
|
||||
|
||||
## 3.26.0
|
||||
|
||||
* Default `Agent` and `Cluster-Agent` to `7.43.2` version.
|
||||
|
||||
## 3.25.5
|
||||
|
||||
* Adds securityContext and resource annotations for initContainers in cluster agent
|
||||
|
|
|
@ -19,4 +19,4 @@ name: datadog
|
|||
sources:
|
||||
- https://app.datadoghq.com/account/settings#agent/kubernetes
|
||||
- https://github.com/DataDog/datadog-agent
|
||||
version: 3.25.5
|
||||
version: 3.27.0
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Datadog
|
||||
|
||||
![Version: 3.25.5](https://img.shields.io/badge/Version-3.25.5-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square)
|
||||
![Version: 3.27.0](https://img.shields.io/badge/Version-3.27.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square)
|
||||
|
||||
[Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/).
|
||||
|
||||
|
@ -449,7 +449,7 @@ helm install <RELEASE_NAME> \
|
|||
| agents.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy |
|
||||
| agents.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) |
|
||||
| agents.image.repository | string | `nil` | Override default registry + image.name for Agent |
|
||||
| agents.image.tag | string | `"7.43.1"` | Define the Agent version to use |
|
||||
| agents.image.tag | string | `"7.44.0"` | Define the Agent version to use |
|
||||
| agents.image.tagSuffix | string | `""` | Suffix to append to Agent tag |
|
||||
| agents.localService.forceLocalServiceEnabled | bool | `false` | Force the creation of the internal traffic policy service to target the agent running on the local node. By default, the internal traffic service is created only on Kubernetes 1.22+ where the feature became beta and enabled by default. This option allows to force the creation of the internal traffic service on kubernetes 1.21 where the feature was alpha and required a feature gate to be explicitly enabled. |
|
||||
| agents.localService.overrideName | string | `""` | Name of the internal traffic service to target the agent running on the local node |
|
||||
|
@ -511,7 +511,7 @@ helm install <RELEASE_NAME> \
|
|||
| clusterAgent.image.pullPolicy | string | `"IfNotPresent"` | Cluster Agent image pullPolicy |
|
||||
| clusterAgent.image.pullSecrets | list | `[]` | Cluster Agent repository pullSecret (ex: specify docker registry credentials) |
|
||||
| clusterAgent.image.repository | string | `nil` | Override default registry + image.name for Cluster Agent |
|
||||
| clusterAgent.image.tag | string | `"7.43.1"` | Cluster Agent image tag to use |
|
||||
| clusterAgent.image.tag | string | `"7.44.0"` | Cluster Agent image tag to use |
|
||||
| clusterAgent.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default Cluster Agent liveness probe settings |
|
||||
| clusterAgent.metricsProvider.aggregator | string | `"avg"` | Define the aggregator the cluster agent will use to process the metrics. The options are (avg, min, max, sum) |
|
||||
| clusterAgent.metricsProvider.createReaderRbac | bool | `true` | Create `external-metrics-reader` RBAC automatically (to allow HPA to read data from Cluster Agent) |
|
||||
|
@ -542,6 +542,7 @@ helm install <RELEASE_NAME> \
|
|||
| clusterAgent.token | string | `""` | Cluster Agent token is a preshared key between node agents and cluster agent (autogenerated if empty, needs to be at least 32 characters a-zA-z) |
|
||||
| clusterAgent.tokenExistingSecret | string | `""` | Existing secret name to use for Cluster Agent token. Put the Cluster Agent token in a key named `token` inside the Secret |
|
||||
| clusterAgent.tolerations | list | `[]` | Allow the Cluster Agent Deployment to schedule on tainted nodes ((requires Kubernetes >= 1.6)) |
|
||||
| clusterAgent.topologySpreadConstraints | list | `[]` | Allow the Cluster Agent Deployment to schedule using pod topology spreading |
|
||||
| clusterAgent.useHostNetwork | bool | `false` | Bind ports on the hostNetwork |
|
||||
| clusterAgent.volumeMounts | list | `[]` | Specify additional volumes to mount in the cluster-agent container |
|
||||
| clusterAgent.volumes | list | `[]` | Specify additional volumes to mount in the cluster-agent container |
|
||||
|
@ -560,7 +561,7 @@ helm install <RELEASE_NAME> \
|
|||
| clusterChecksRunner.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy |
|
||||
| clusterChecksRunner.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) |
|
||||
| clusterChecksRunner.image.repository | string | `nil` | Override default registry + image.name for Cluster Check Runners |
|
||||
| clusterChecksRunner.image.tag | string | `"7.43.1"` | Define the Agent version to use |
|
||||
| clusterChecksRunner.image.tag | string | `"7.44.0"` | Define the Agent version to use |
|
||||
| clusterChecksRunner.image.tagSuffix | string | `""` | Suffix to append to Agent tag |
|
||||
| clusterChecksRunner.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default agent liveness probe settings |
|
||||
| clusterChecksRunner.networkPolicy.create | bool | `false` | If true, create a NetworkPolicy for the cluster checks runners. DEPRECATED. Use datadog.networkPolicy.create instead |
|
||||
|
@ -580,6 +581,7 @@ helm install <RELEASE_NAME> \
|
|||
| clusterChecksRunner.securityContext | object | `{}` | Allows you to overwrite the default PodSecurityContext on the clusterchecks pods. |
|
||||
| clusterChecksRunner.strategy | object | `{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0},"type":"RollingUpdate"}` | Allow the ClusterChecks deployment to perform a rolling update on helm update |
|
||||
| clusterChecksRunner.tolerations | list | `[]` | Tolerations for pod assignment |
|
||||
| clusterChecksRunner.topologySpreadConstraints | list | `[]` | Allow the ClusterChecks Deployment to schedule using pod topology spreading |
|
||||
| clusterChecksRunner.volumeMounts | list | `[]` | Specify additional volumes to mount in the cluster checks container |
|
||||
| clusterChecksRunner.volumes | list | `[]` | Specify additional volumes to mount in the cluster checks container |
|
||||
| commonLabels | object | `{}` | Labels to apply to all resources |
|
||||
|
|
|
@ -254,4 +254,8 @@ spec:
|
|||
tolerations:
|
||||
{{ toYaml .Values.clusterChecksRunner.tolerations | indent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.clusterChecksRunner.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
|
|
|
@ -104,7 +104,7 @@ spec:
|
|||
{{- if .Values.clusterAgent.containers.initContainers.resources }}
|
||||
resources:
|
||||
{{ toYaml .Values.clusterAgent.containers.initContainers.resources | indent 10 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
imagePullPolicy: {{ .Values.clusterAgent.image.pullPolicy }}
|
||||
command:
|
||||
- cp
|
||||
|
@ -419,4 +419,8 @@ spec:
|
|||
{{- if .Values.clusterAgent.nodeSelector }}
|
||||
{{ toYaml .Values.clusterAgent.nodeSelector | indent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.clusterAgent.topologySpreadConstraints }}
|
||||
topologySpreadConstraints:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
|
|
|
@ -239,6 +239,7 @@ data:
|
|||
"stat",
|
||||
"stat64",
|
||||
"statfs",
|
||||
"statx",
|
||||
"symlinkat",
|
||||
"sysinfo",
|
||||
"tgkill",
|
||||
|
|
|
@ -802,7 +802,7 @@ clusterAgent:
|
|||
name: cluster-agent
|
||||
|
||||
# clusterAgent.image.tag -- Cluster Agent image tag to use
|
||||
tag: 7.43.1
|
||||
tag: 7.44.0
|
||||
|
||||
# clusterAgent.image.digest -- Cluster Agent image digest to use, takes precedence over tag if specified
|
||||
digest: ""
|
||||
|
@ -1024,6 +1024,12 @@ clusterAgent:
|
|||
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
||||
affinity: {}
|
||||
|
||||
# clusterAgent.topologySpreadConstraints -- Allow the Cluster Agent Deployment to schedule using pod topology spreading
|
||||
|
||||
## By default, no constraints are set, allowing cluster defaults to be used for scheduling
|
||||
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
topologySpreadConstraints: []
|
||||
|
||||
# clusterAgent.healthPort -- Port number to use in the Cluster Agent for the healthz endpoint
|
||||
healthPort: 5556
|
||||
|
||||
|
@ -1148,7 +1154,7 @@ agents:
|
|||
name: agent
|
||||
|
||||
# agents.image.tag -- Define the Agent version to use
|
||||
tag: 7.43.1
|
||||
tag: 7.44.0
|
||||
|
||||
# agents.image.digest -- Define Agent image digest to use, takes precedence over tag if specified
|
||||
digest: ""
|
||||
|
@ -1614,7 +1620,7 @@ clusterChecksRunner:
|
|||
name: agent
|
||||
|
||||
# clusterChecksRunner.image.tag -- Define the Agent version to use
|
||||
tag: 7.43.1
|
||||
tag: 7.44.0
|
||||
|
||||
# clusterChecksRunner.image.digest -- Define Agent image digest to use, takes precedence over tag if specified
|
||||
digest: ""
|
||||
|
@ -1682,6 +1688,12 @@ clusterChecksRunner:
|
|||
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
||||
affinity: {}
|
||||
|
||||
# clusterChecksRunner.topologySpreadConstraints -- Allow the ClusterChecks Deployment to schedule using pod topology spreading
|
||||
|
||||
## By default, no constraints are set, allowing cluster defaults to be used for scheduling
|
||||
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
||||
topologySpreadConstraints: []
|
||||
|
||||
# clusterChecksRunner.strategy -- Allow the ClusterChecks deployment to perform a rolling update on helm update
|
||||
|
||||
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
|
||||
|
|
|
@ -4,7 +4,7 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>=1.19.0-0'
|
||||
catalog.cattle.io/release-name: dynatrace-operator
|
||||
apiVersion: v2
|
||||
appVersion: 0.11.0
|
||||
appVersion: 0.11.1
|
||||
description: The Dynatrace Operator Helm chart for Kubernetes and OpenShift
|
||||
home: https://www.dynatrace.com/
|
||||
icon: https://assets.dynatrace.com/global/resources/Signet_Logo_RGB_CP_512x512px.png
|
||||
|
@ -20,4 +20,4 @@ name: dynatrace-operator
|
|||
sources:
|
||||
- https://github.com/Dynatrace/dynatrace-operator
|
||||
type: application
|
||||
version: 0.11.0
|
||||
version: 0.11.1
|
||||
|
|
|
@ -3383,6 +3383,16 @@ spec:
|
|||
properties:
|
||||
activeGate:
|
||||
properties:
|
||||
connectionInfoStatus:
|
||||
properties:
|
||||
endpoints:
|
||||
type: string
|
||||
lastRequest:
|
||||
format: date-time
|
||||
type: string
|
||||
tenantUUID:
|
||||
type: string
|
||||
type: object
|
||||
imageID:
|
||||
type: string
|
||||
lastProbeTimestamp:
|
||||
|
@ -3477,12 +3487,6 @@ spec:
|
|||
type: array
|
||||
dynatraceApi:
|
||||
properties:
|
||||
lastActiveGateConnectionInfoRequest:
|
||||
format: date-time
|
||||
type: string
|
||||
lastOneAgentConnectionInfoRequest:
|
||||
format: date-time
|
||||
type: string
|
||||
lastTokenScopeRequest:
|
||||
format: date-time
|
||||
type: string
|
||||
|
@ -3499,6 +3503,28 @@ spec:
|
|||
type: string
|
||||
oneAgent:
|
||||
properties:
|
||||
connectionInfoStatus:
|
||||
properties:
|
||||
communicationHosts:
|
||||
items:
|
||||
properties:
|
||||
host:
|
||||
type: string
|
||||
port:
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
type: string
|
||||
type: object
|
||||
type: array
|
||||
endpoints:
|
||||
type: string
|
||||
lastRequest:
|
||||
format: date-time
|
||||
type: string
|
||||
tenantUUID:
|
||||
type: string
|
||||
type: object
|
||||
imageID:
|
||||
type: string
|
||||
instances:
|
||||
|
|
|
@ -89,4 +89,4 @@ sources:
|
|||
- https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-logging
|
||||
- https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-pixie
|
||||
- https://github.com/newrelic/newrelic-infra-operator/tree/master/charts/newrelic-infra-operator
|
||||
version: 5.0.10
|
||||
version: 5.0.11
|
||||
|
|
|
@ -177,8 +177,7 @@ honors global options as described below.
|
|||
| global.serviceAccount.name | string | `nil` | Change the name of the service account. This is honored if you disable on this chart the creation of the service account so you can use your own |
|
||||
| global.tolerations | list | `[]` | Sets pod's tolerations to node taints |
|
||||
| global.verboseLog | bool | false | Sets the debug logs to this integration or all integrations if it is set globally |
|
||||
| kube-state-metrics.collectors | object | See [`values.yaml`](values.yaml) of the kube-state-metric chart | Collectors configuration of kube-state-metric |
|
||||
| kube-state-metrics.enabled | bool | `false` | Install the [`kube-state-metrics` chart](https://github.com/kubernetes/kube-state-metrics/tree/master/charts/kube-state-metrics) from the stable helm charts repository. This is mandatory if `infrastructure.enabled` is set to `true` and the user does not provide its own instance of KSM version >=1.8 and <=2.0. Note, kube-state-metrics v2+ disables labels/annotations metrics by default. You can enable the target labels/annotations metrics to be monitored by using the metricLabelsAllowlist/metricAnnotationsAllowList options described [here](https://github.com/kubernetes/kube-state-metrics/blob/main/docs/cli-arguments.md) in your Kubernetes clusters |
|
||||
| kube-state-metrics.enabled | bool | `false` | Install the [`kube-state-metrics` chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) from the stable helm charts repository. This is mandatory if `infrastructure.enabled` is set to `true` and the user does not provide its own instance of KSM version >=1.8 and <=2.0 |
|
||||
| newrelic-infra-operator.enabled | bool | `false` | Install the [`newrelic-infra-operator` chart](https://github.com/newrelic/newrelic-infra-operator/tree/main/charts/newrelic-infra-operator) (Beta) |
|
||||
| newrelic-infrastructure.enabled | bool | `true` | Install the [`newrelic-infrastructure` chart](https://github.com/newrelic/nri-kubernetes/tree/main/charts/newrelic-infrastructure) |
|
||||
| newrelic-k8s-metrics-adapter.enabled | bool | `false` | Install the [`newrelic-k8s-metrics-adapter.` chart](https://github.com/newrelic/newrelic-k8s-metrics-adapter/tree/main/charts/newrelic-k8s-metrics-adapter) (Beta) |
|
||||
|
|
|
@ -17,7 +17,7 @@ here is a list of components that this chart installs and where you can find mor
|
|||
|------------------------------|-----------------------|-------------|
|
||||
| [newrelic-infrastructure](https://github.com/newrelic/nri-kubernetes/tree/main/charts/newrelic-infrastructure) | Yes | Sends metrics about nodes, cluster objects (e.g. Deployments, Pods), and the control plane to New Relic. |
|
||||
| [nri-metadata-injection](https://github.com/newrelic/k8s-metadata-injection/tree/main/charts/nri-metadata-injection) | Yes | Enriches New Relic-instrumented applications (APM) with Kubernetes information. |
|
||||
| [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics/tree/master/charts/kube-state-metrics) | | Required for `newrelic-infrastructure` to gather cluster-level metrics. |
|
||||
| [kube-state-metrics](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) | | Required for `newrelic-infrastructure` to gather cluster-level metrics. |
|
||||
| [nri-kube-events](https://github.com/newrelic/nri-kube-events/tree/main/charts/nri-kube-events) | | Reports Kubernetes events to New Relic. |
|
||||
| [newrelic-infra-operator](https://github.com/newrelic/newrelic-infra-operator/tree/main/charts/newrelic-infra-operator) | | (Beta) Used with Fargate or serverless environments to inject `newrelic-infrastructure` as a sidecar instead of the usual DaemonSet. |
|
||||
| [newrelic-k8s-metrics-adapter](https://github.com/newrelic/newrelic-k8s-metrics-adapter/tree/main/charts/newrelic-k8s-metrics-adapter) | | (Beta) Provides a source of data for Horizontal Pod Autoscalers (HPA) based on a NRQL query from New Relic. |
|
||||
|
|
|
@ -11,7 +11,7 @@ nri-metadata-injection:
|
|||
enabled: true
|
||||
|
||||
kube-state-metrics:
|
||||
# kube-state-metrics.enabled -- Install the [`kube-state-metrics` chart](https://github.com/kubernetes/kube-state-metrics/tree/master/charts/kube-state-metrics) from the stable helm charts repository.
|
||||
# kube-state-metrics.enabled -- Install the [`kube-state-metrics` chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) from the stable helm charts repository.
|
||||
# This is mandatory if `infrastructure.enabled` is set to `true` and the user does not provide its own instance of KSM version >=1.8 and <=2.0
|
||||
enabled: false
|
||||
|
||||
|
|
|
@ -22,6 +22,6 @@ dependencies:
|
|||
version: 0.10.0
|
||||
- name: mayastor
|
||||
repository: https://openebs.github.io/mayastor-extensions
|
||||
version: 2.0.1
|
||||
digest: sha256:3f27864981685c4f67b201ecf1afd8f876685f3ffe5fec626dfd808e625674d4
|
||||
generated: "2023-03-15T11:40:02.953579044Z"
|
||||
version: 2.1.0
|
||||
digest: sha256:7a5581f9f69600f76a026edd6057b40b598d989b7e8f4852409ba1f285777392
|
||||
generated: "2023-04-26T18:11:53.841045084Z"
|
||||
|
|
|
@ -3,7 +3,7 @@ annotations:
|
|||
catalog.cattle.io/display-name: OpenEBS
|
||||
catalog.cattle.io/release-name: openebs
|
||||
apiVersion: v2
|
||||
appVersion: 3.5.0
|
||||
appVersion: 3.6.0
|
||||
dependencies:
|
||||
- condition: openebs-ndm.enabled
|
||||
name: openebs-ndm
|
||||
|
@ -36,7 +36,7 @@ dependencies:
|
|||
- condition: mayastor.enabled
|
||||
name: mayastor
|
||||
repository: file://./charts/mayastor
|
||||
version: 2.0.1
|
||||
version: 2.1.0
|
||||
description: Containerized Attached Storage for Kubernetes
|
||||
home: http://www.openebs.io/
|
||||
icon: https://raw.githubusercontent.com/cncf/artwork/HEAD/projects/openebs/icon/color/openebs-icon-color.png
|
||||
|
@ -58,4 +58,4 @@ maintainers:
|
|||
name: openebs
|
||||
sources:
|
||||
- https://github.com/openebs/openebs
|
||||
version: 3.5.0
|
||||
version: 3.6.0
|
||||
|
|
|
@ -148,7 +148,7 @@ The following table lists the common configurable parameters of the OpenEBS char
|
|||
| `mayastor.etcd.persistence.size` | Set the size of the volume(s) used by the etcd | `""` |
|
||||
| `mayastor.image.registry` | Set the container image registry for the mayastor containers | `"docker.io"` |
|
||||
| `mayastor.image.repo` | Set the container image repository for the mayastor containers | `"openebs"` |
|
||||
| `mayastor.image.tag` | Set the container image tag for the mayastor containers | `"v2.0.1"` |
|
||||
| `mayastor.image.tag` | Set the container image tag for the mayastor containers | `"v2.1.0"` |
|
||||
| `mayastor.image.pullPolicy` | Set the container ImagePullPolicy for the mayastor containers | `"Always"` |
|
||||
| `mayastor.csi.image.registry` | Set the container image registry for the Kubernetes CSI sidecar containers | `"registry.k8s.io"` |
|
||||
| `mayastor.csi.image.repo` | Set the container image repository for the Kubernetes CSI sidecar containers | `"sig-storage"` |
|
||||
|
|
|
@ -9,4 +9,4 @@ dependencies:
|
|||
repository: https://grafana.github.io/helm-charts
|
||||
version: 2.6.4
|
||||
digest: sha256:3d832d0ef2dd68bda649805711ef21fd5e5fb3841c1c6b9a4200703475cf6c28
|
||||
generated: "2023-03-13T17:37:10.19817861Z"
|
||||
generated: "2023-04-26T16:19:24.221513168Z"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 2.0.1
|
||||
appVersion: 2.1.0
|
||||
dependencies:
|
||||
- name: etcd
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
|
@ -15,4 +15,4 @@ dependencies:
|
|||
description: Mayastor Helm chart for Kubernetes
|
||||
name: mayastor
|
||||
type: application
|
||||
version: 2.0.1
|
||||
version: 2.1.0
|
||||
|
|
|
@ -8,7 +8,7 @@ repository:
|
|||
name: mayastor
|
||||
chart:
|
||||
name: mayastor
|
||||
version: 2.0.1
|
||||
version: 2.1.0
|
||||
values: "-- generate from values file --"
|
||||
valuesExample: "-- generate from values file --"
|
||||
prerequisites:
|
||||
|
|
|
@ -98,14 +98,38 @@ Usage:
|
|||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Generate CPU list specification based on CPU count (-l param of mayastor) */}}
|
||||
{{/* Generate Core list specification (-l param of io-engine) */}}
|
||||
{{- define "cpuFlag" -}}
|
||||
{{- range $i, $e := until (int .Values.io_engine.cpuCount) }}
|
||||
{{- if gt $i 0 }}
|
||||
{{- printf "," }}
|
||||
{{- end }}
|
||||
{{- printf "%d" (add $i 1) }}
|
||||
{{- end }}
|
||||
{{- include "coreListUniq" . -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Get the number of cores from the coreList */}}
|
||||
{{- define "coreCount" -}}
|
||||
{{- include "coreListUniq" . | split "," | len -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Get a list of cores as a comma-separated list */}}
|
||||
{{- define "coreListUniq" -}}
|
||||
{{- if .Values.io_engine.coreList -}}
|
||||
{{- $cores_pre := .Values.io_engine.coreList -}}
|
||||
{{- if not (kindIs "slice" .Values.io_engine.coreList) -}}
|
||||
{{- $cores_pre = list $cores_pre -}}
|
||||
{{- end -}}
|
||||
{{- $cores := list -}}
|
||||
{{- range $index, $value := $cores_pre | uniq -}}
|
||||
{{- $value = $value | toString | replace " " "" }}
|
||||
{{- if eq ($value | int | toString) $value -}}
|
||||
{{- $cores = append $cores $value -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- $first := first $cores | required (print "At least one core must be specified in io_engine.coreList") -}}
|
||||
{{- $cores | join "," -}}
|
||||
{{- else -}}
|
||||
{{- if gt 1 (.Values.io_engine.cpuCount | int) -}}
|
||||
{{- fail ".Values.io_engine.cpuCount must be >= 1" -}}
|
||||
{{- end -}}
|
||||
{{- untilStep 1 (add 1 .Values.io_engine.cpuCount | int) 1 | join "," -}}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
|
|
|
@ -25,11 +25,11 @@ spec:
|
|||
{{- include "base_pull_secrets" . }}
|
||||
initContainers:
|
||||
{{- include "base_init_core_containers" . }}
|
||||
priorityClassName: {{ default "system-cluster-critical" .Values.priorityClassName }}
|
||||
{{- if .Values.nodeSelector }}
|
||||
nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
tolerations: {{- toYaml .Values.earlyEvictionTolerations | nindent 8}}
|
||||
priorityClassName: system-cluster-critical # Priority class provided by k8s by default.
|
||||
containers:
|
||||
- name: agent-core
|
||||
resources:
|
||||
|
@ -39,7 +39,7 @@ spec:
|
|||
requests:
|
||||
cpu: {{ .Values.agents.core.resources.requests.cpu | quote }}
|
||||
memory: {{ .Values.agents.core.resources.requests.memory | quote }}
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-agent-core:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-agent-core:{{ default .Values.image.tag .Values.image.repoTags.controlPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- "-s{{ .Release.Name }}-etcd:{{ .Values.etcd.service.port }}"
|
||||
|
@ -47,6 +47,9 @@ spec:
|
|||
- "--cache-period={{ .Values.base.cache_poll_period }}"{{ if .Values.base.jaeger.enabled }}
|
||||
- "--jaeger={{ .Values.base.jaeger.agent.name }}:{{ .Values.base.jaeger.agent.port }}"{{ end }}
|
||||
- "--grpc-server-addr=0.0.0.0:50051"
|
||||
- "--pool-commitment={{ .Values.agents.core.capacity.thin.poolCommitment }}"
|
||||
- "--volume-commitment-initial={{ .Values.agents.core.capacity.thin.volumeCommitmentInitial }}"
|
||||
- "--volume-commitment={{ .Values.agents.core.capacity.thin.volumeCommitment }}"
|
||||
ports:
|
||||
- containerPort: 50051
|
||||
env:
|
||||
|
@ -72,7 +75,7 @@ spec:
|
|||
requests:
|
||||
cpu: {{ .Values.agents.ha.cluster.resources.requests.cpu | quote }}
|
||||
memory: {{ .Values.agents.ha.cluster.resources.requests.memory | quote }}
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-agent-ha-cluster:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-agent-ha-cluster:{{ default .Values.image.tag .Values.image.repoTags.controlPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- "-g=0.0.0.0:50052"
|
||||
|
|
|
@ -31,6 +31,9 @@ spec:
|
|||
{{- include "base_init_ha_node_containers" . }}
|
||||
imagePullSecrets:
|
||||
{{- include "base_pull_secrets" . }}
|
||||
{{- if .Values.priorityClassName }}
|
||||
priorityClassName: {{ .Values.priorityClassName }}
|
||||
{{- end }}
|
||||
nodeSelector:
|
||||
{{- if .Values.nodeSelector }}
|
||||
{{- toYaml .Values.nodeSelector | nindent 8 }}
|
||||
|
@ -42,7 +45,7 @@ spec:
|
|||
{{- end }}
|
||||
containers:
|
||||
- name: agent-ha-node
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-agent-ha-node:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-agent-ha-node:{{ default .Values.image.tag .Values.image.repoTags.controlPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
|
|
|
@ -24,11 +24,11 @@ spec:
|
|||
{{- include "base_pull_secrets" . }}
|
||||
initContainers:
|
||||
{{- include "base_init_containers" . }}
|
||||
priorityClassName: {{ default "system-cluster-critical" .Values.priorityClassName }}
|
||||
{{- if .Values.nodeSelector }}
|
||||
nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
tolerations: {{- toYaml .Values.earlyEvictionTolerations | nindent 8 }}
|
||||
priorityClassName: system-cluster-critical # Priority class provided by k8s by default.
|
||||
containers:
|
||||
- name: api-rest
|
||||
resources:
|
||||
|
@ -38,7 +38,7 @@ spec:
|
|||
requests:
|
||||
cpu: {{ .Values.apis.rest.resources.requests.cpu | quote }}
|
||||
memory: {{ .Values.apis.rest.resources.requests.memory | quote }}
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-api-rest:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-api-rest:{{ default .Values.image.tag .Values.image.repoTags.controlPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- "--dummy-certificates"
|
||||
|
|
|
@ -28,6 +28,9 @@ spec:
|
|||
initContainers:
|
||||
{{- include "jaeger_agent_init_container" . }}
|
||||
{{- include "rest_agent_init_container" . }}
|
||||
{{- if .Values.priorityClassName }}
|
||||
priorityClassName: {{ .Values.priorityClassName }}
|
||||
{{- end }}
|
||||
{{- if .Values.nodeSelector }}
|
||||
nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -67,7 +70,7 @@ spec:
|
|||
requests:
|
||||
cpu: {{ .Values.csi.controller.resources.requests.cpu | quote }}
|
||||
memory: {{ .Values.csi.controller.resources.requests.memory | quote }}
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-csi-controller:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-csi-controller:{{ default .Values.image.tag .Values.image.repoTags.controlPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- "--csi-socket=/var/lib/csi/sockets/pluginproxy/csi.sock"
|
||||
|
@ -89,4 +92,3 @@ spec:
|
|||
volumes:
|
||||
- name: socket-dir
|
||||
emptyDir:
|
||||
|
||||
|
|
|
@ -31,6 +31,9 @@ spec:
|
|||
hostNetwork: true
|
||||
imagePullSecrets:
|
||||
{{- include "base_pull_secrets" . }}
|
||||
{{- if .Values.priorityClassName }}
|
||||
priorityClassName: {{ .Values.priorityClassName }}
|
||||
{{- end }}
|
||||
nodeSelector:
|
||||
{{- if .Values.nodeSelector }}
|
||||
{{- toYaml .Values.nodeSelector | nindent 8 }}
|
||||
|
@ -46,7 +49,7 @@ spec:
|
|||
# the same.
|
||||
containers:
|
||||
- name: csi-node
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-csi-node:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-csi-node:{{ default .Values.image.tag .Values.image.repoTags.controlPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
# we need privileged because we mount filesystems and use mknod
|
||||
securityContext:
|
||||
|
@ -75,7 +78,7 @@ spec:
|
|||
- "--nvme-core-io-timeout={{ .Values.csi.node.nvme.io_timeout }}"{{ end }}{{ if .Values.csi.node.nvme.ctrl_loss_tmo }}
|
||||
- "--nvme-ctrl-loss-tmo={{ .Values.csi.node.nvme.ctrl_loss_tmo }}"{{ end }}{{ if .Values.csi.node.nvme.keep_alive_tmo }}
|
||||
- "--nvme-keep-alive-tmo={{ .Values.csi.node.nvme.keep_alive_tmo }}"{{ end }}
|
||||
- "--nvme-nr-io-queues={{ .Values.io_engine.cpuCount }}"
|
||||
- "--nvme-nr-io-queues={{ include "coreCount" . }}"
|
||||
{{- range $key, $val := .Values.csi.node.topology.segments }}
|
||||
- "--node-selector={{ $key }}={{ $val }}"
|
||||
{{- end }}
|
||||
|
|
|
@ -28,12 +28,15 @@ spec:
|
|||
# To resolve services in the namespace
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
nodeSelector: {{- .Values.io_engine.nodeSelector | toYaml | nindent 8 }}
|
||||
{{- if .Values.priorityClassName }}
|
||||
priorityClassName: {{ .Values.priorityClassName }}
|
||||
{{- end }}
|
||||
initContainers:
|
||||
{{- include "base_init_containers" . }}
|
||||
containers:
|
||||
{{- if .Values.base.metrics.enabled }}
|
||||
- name: metrics-exporter-pool
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-metrics-exporter-pool:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-metrics-exporter-pool:{{ default .Values.image.tag .Values.image.repoTags.extensions }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
env:
|
||||
- name: MY_NODE_NAME
|
||||
|
@ -55,7 +58,7 @@ spec:
|
|||
name: metrics
|
||||
{{- end }}
|
||||
- name: io-engine
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-io-engine:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-io-engine:{{ default .Values.image.tag .Values.image.repoTags.dataPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
env:
|
||||
- name: RUST_LOG
|
||||
|
@ -109,11 +112,11 @@ spec:
|
|||
mountPath: /dev/hugepages
|
||||
resources:
|
||||
limits:
|
||||
cpu: {{ .Values.io_engine.resources.limits.cpu | default .Values.io_engine.cpuCount | quote }}
|
||||
cpu: {{ .Values.io_engine.resources.limits.cpu | default (include "coreCount" .) | quote }}
|
||||
memory: {{ .Values.io_engine.resources.limits.memory | quote }}
|
||||
hugepages-2Mi: {{ .Values.io_engine.resources.limits.hugepages2Mi | quote }}
|
||||
requests:
|
||||
cpu: {{ .Values.io_engine.resources.requests.cpu | default .Values.io_engine.cpuCount | quote }}
|
||||
cpu: {{ .Values.io_engine.resources.requests.cpu | default (include "coreCount" .) | quote }}
|
||||
memory: {{ .Values.io_engine.resources.requests.memory | quote }}
|
||||
hugepages-2Mi: {{ .Values.io_engine.resources.requests.hugepages2Mi | quote }}
|
||||
ports:
|
||||
|
|
|
@ -23,12 +23,15 @@ spec:
|
|||
serviceAccount: {{ .Release.Name }}-service-account
|
||||
imagePullSecrets:
|
||||
{{- include "base_pull_secrets" . }}
|
||||
{{- if .Values.priorityClassName }}
|
||||
priorityClassName: {{ .Values.priorityClassName }}
|
||||
{{- end }}
|
||||
{{- if .Values.nodeSelector }}
|
||||
nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: obs-callhome
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-obs-callhome:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-obs-callhome:{{ default .Values.image.tag .Values.image.repoTags.extensions }}"
|
||||
args:
|
||||
- "-e http://{{ .Release.Name }}-api-rest:8081"
|
||||
- "-n {{ .Release.Namespace }}"
|
||||
|
|
|
@ -25,6 +25,9 @@ spec:
|
|||
{{- include "base_pull_secrets" . }}
|
||||
initContainers:
|
||||
{{- include "base_init_containers" . }}
|
||||
{{- if .Values.priorityClassName }}
|
||||
priorityClassName: {{ .Values.priorityClassName }}
|
||||
{{- end }}
|
||||
{{- if .Values.nodeSelector }}
|
||||
nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
|
@ -37,7 +40,7 @@ spec:
|
|||
requests:
|
||||
cpu: {{ .Values.operators.pool.resources.requests.cpu | quote }}
|
||||
memory: {{ .Values.operators.pool.resources.requests.memory | quote }}
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-operator-diskpool:{{ .Values.image.tag }}"
|
||||
image: "{{ .Values.image.registry }}/{{ .Values.image.repo }}/{{ .Chart.Name }}-operator-diskpool:{{ default .Values.image.tag .Values.image.repoTags.controlPlane }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- "-e http://{{ .Release.Name }}-api-rest:8081"
|
||||
|
|
|
@ -20,10 +20,14 @@ rules:
|
|||
- apiGroups: ["apiextensions.k8s.io"]
|
||||
resources: ["customresourcedefinitions"]
|
||||
verbs: ["create", "get", "update", "list"]
|
||||
# must read mayastorpools info. This is needed to handle upgrades from v1.
|
||||
- apiGroups: [ "openebs.io" ]
|
||||
resources: [ "mayastorpools" ]
|
||||
verbs: ["get", "list", "patch", "delete", "deletecollection"]
|
||||
# must read diskpool info
|
||||
- apiGroups: ["openebs.io"]
|
||||
resources: ["diskpools"]
|
||||
verbs: ["get", "list", "watch", "update", "replace", "patch"]
|
||||
verbs: ["get", "list", "watch", "update", "replace", "patch", "create"]
|
||||
# must update diskpool status
|
||||
- apiGroups: ["openebs.io"]
|
||||
resources: ["diskpools/status"]
|
||||
|
|
|
@ -4,7 +4,17 @@ image:
|
|||
# -- Image registry's namespace
|
||||
repo: openebs
|
||||
# -- Release tag for our images
|
||||
tag: v2.0.1
|
||||
tag: v2.1.0
|
||||
repoTags:
|
||||
# Note: Below image tag configuration is optional and typically should never be
|
||||
# used. Setting specific image tags for the different repositories proves useful
|
||||
# for some integration testing scenarios. Use the 'tag' option above to set
|
||||
# release/pre-release container image tags.
|
||||
# The below tag values will be picked for images by default.
|
||||
# If not specified, 'tag' option provided above will be picked.
|
||||
controlPlane: ""
|
||||
dataPlane: ""
|
||||
extensions: ""
|
||||
# -- ImagePullPolicy for our images
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
|
@ -15,6 +25,10 @@ image:
|
|||
nodeSelector:
|
||||
kubernetes.io/arch: amd64
|
||||
|
||||
# -- Pod scheduling priority
|
||||
# ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
||||
priorityClassName: ""
|
||||
|
||||
earlyEvictionTolerations:
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/unreachable
|
||||
|
@ -119,6 +133,20 @@ agents:
|
|||
core:
|
||||
# -- Log level for the core service
|
||||
logLevel: info
|
||||
capacity:
|
||||
thin:
|
||||
# -- The allowed pool commitment limit when dealing with thin provisioned volumes.
|
||||
# Example: If the commitment is 250 and the pool is 10GiB we can overcommit the pool
|
||||
# up to 25GiB (create 2 10GiB and 1 5GiB volume) but no further.
|
||||
poolCommitment: "250%"
|
||||
# -- When creating replicas for an existing volume, each replica pool must have at least
|
||||
# this much free space percentage of the volume size.
|
||||
# Example: if this value is 40, the pool has 40GiB free, then the max volume size allowed
|
||||
# to be created on the pool is 100GiB.
|
||||
volumeCommitment: "40%"
|
||||
# -- Same as the `volumeCommitment` argument, but applicable only when creating replicas
|
||||
# for a new volume.
|
||||
volumeCommitmentInitial: "40%"
|
||||
resources:
|
||||
limits:
|
||||
# -- Cpu limits for core agents
|
||||
|
@ -250,7 +278,7 @@ csi:
|
|||
|
||||
io_engine:
|
||||
# -- Log level for the io-engine service
|
||||
logLevel: info,io_engine=info
|
||||
logLevel: info
|
||||
api: "v1"
|
||||
target:
|
||||
nvmf:
|
||||
|
@ -263,8 +291,11 @@ io_engine:
|
|||
envcontext: ""
|
||||
reactorFreezeDetection:
|
||||
enabled: false
|
||||
# -- The number of cpu that each io-engine instance will bind to.
|
||||
# -- The number of cores that each io-engine instance will bind to.
|
||||
cpuCount: "2"
|
||||
# -- If not empty, overrides the cpuCount and explicitly sets the list of cores.
|
||||
# Example: --set='io_engine.coreList={30,31}'
|
||||
coreList: []
|
||||
# -- Node selectors to designate storage nodes for diskpool creation
|
||||
# Note that if multi-arch images support 'kubernetes.io/arch: amd64'
|
||||
# should be removed.
|
||||
|
@ -349,9 +380,13 @@ etcd:
|
|||
# extra debug information on logs
|
||||
debug: false
|
||||
initialClusterState: "new"
|
||||
# Pod anti-affinity preset
|
||||
|
||||
# -- Pod anti-affinity preset
|
||||
# Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
||||
podAntiAffinityPreset: "hard"
|
||||
## -- nodeSelector [object] Node labels for pod assignment
|
||||
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
|
||||
nodeSelector: {}
|
||||
|
||||
# etcd service parameters defines how the etcd service is exposed
|
||||
service:
|
||||
|
|
|
@ -18,7 +18,7 @@ imagePullSecrets: []
|
|||
|
||||
release:
|
||||
# "openebs.io/version" label for control plane components
|
||||
version: "3.5.0"
|
||||
version: "3.6.0"
|
||||
|
||||
# Legacy components will be installed if it is enabled.
|
||||
# Legacy components are - admission-server, maya api-server, snapshot-operator
|
||||
|
@ -404,7 +404,7 @@ mayastor:
|
|||
|
||||
# Sample configuration, if you want to configure mayastor with custom values.
|
||||
# This is a small part of the full configuration. Full configuration available
|
||||
# here - https://github.com/openebs/mayastor-extensions/blob/v2.0.1/chart/values.yaml
|
||||
# here - https://github.com/openebs/mayastor-extensions/blob/v2.1.0/chart/values.yaml
|
||||
|
||||
image:
|
||||
# -- Image registry to pull Mayastor product images
|
||||
|
@ -412,9 +412,13 @@ mayastor:
|
|||
# -- Image registry's namespace
|
||||
repo: openebs
|
||||
# -- Release tag for Mayastor images
|
||||
tag: v2.0.1
|
||||
tag: v2.1.0
|
||||
# -- ImagePullPolicy for Mayastor images
|
||||
pullPolicy: Always
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Pod scheduling priority
|
||||
# ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
||||
# priorityClassName: ""
|
||||
|
||||
# base:
|
||||
# # docker-secrets required to pull images if the container registry from image.Registry is protected
|
||||
|
@ -455,6 +459,20 @@ mayastor:
|
|||
# core:
|
||||
# # -- Log level for the core service
|
||||
# logLevel: info
|
||||
# capacity:
|
||||
# thin:
|
||||
# # -- The allowed pool commitment limit when dealing with thin provisioned volumes.
|
||||
# # Example: If the commitment is 250 and the pool is 10GiB we can overcommit the pool
|
||||
# # up to 25GiB (create 2 10GiB and 1 5GiB volume) but no further.
|
||||
# poolCommitment: "250%"
|
||||
# # -- When creating replicas for an existing volume, each replica pool must have at least
|
||||
# # this much free space percentage of the volume size.
|
||||
# # Example: if this value is 40, the pool has 40GiB free, then the max volume size allowed
|
||||
# # to be created on the pool is 100GiB.
|
||||
# volumeCommitment: "40%"
|
||||
# # -- Same as the `volumeCommitment` argument, but applicable only when creating replicas
|
||||
# # for a new volume.
|
||||
# volumeCommitmentInitial: "40%"
|
||||
# ha:
|
||||
# enabled: true
|
||||
# node:
|
||||
|
@ -501,7 +519,7 @@ mayastor:
|
|||
|
||||
# io_engine:
|
||||
# # -- Log level for the io-engine service
|
||||
# logLevel: info,io_engine=info
|
||||
# logLevel: info
|
||||
# # -- Node selectors to designate storage nodes for diskpool creation
|
||||
# # Note that if multi-arch images support 'kubernetes.io/arch: amd64'
|
||||
# # should be removed.
|
||||
|
|
|
@ -16,4 +16,4 @@ maintainers:
|
|||
- email: sergey.pronin@percona.com
|
||||
name: spron-in
|
||||
name: psmdb-operator
|
||||
version: 1.14.1
|
||||
version: 1.14.2
|
||||
|
|
|
@ -40,6 +40,7 @@ The chart can be customized using the following configurable parameters:
|
|||
| `rbac.create` | If false RBAC will not be created. RBAC resources will need to be created manually | `true` |
|
||||
| `securityContext` | Container Security Context | `{}` |
|
||||
| `serviceAccount.create` | If false the ServiceAccounts will not be created. The ServiceAccounts must be created manually | `true` |
|
||||
| `disableTelemetry` | Disable sending PSMDB Operator telemetry data to Percona | `false` |
|
||||
|
||||
Specify parameters using `--set key=value[,key=value]` argument to `helm install`
|
||||
|
||||
|
|
|
@ -56,6 +56,8 @@ spec:
|
|||
value: "{{ .Values.env.resyncPeriod }}"
|
||||
- name: LOG_VERBOSE
|
||||
value: "{{ .Values.env.logVerbose }}"
|
||||
- name: DISABLE_TELEMETRY
|
||||
value: "{{ .Values.disableTelemetry }}"
|
||||
# livenessProbe:
|
||||
# httpGet:
|
||||
# path: /
|
||||
|
|
|
@ -9,6 +9,12 @@ image:
|
|||
tag: 1.14.0
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# disableTelemetry: according to
|
||||
# https://docs.percona.com/percona-operator-for-mongodb/telemetry.html
|
||||
# this is how you can disable telemetry collection
|
||||
# default is false which means telemetry will be collected
|
||||
disableTelemetry: false
|
||||
|
||||
# set if you want to specify a namespace to watch
|
||||
# defaults to `.Release.namespace` if left blank
|
||||
# watchNamespace:
|
||||
|
|
|
@ -31,4 +31,4 @@ name: redpanda
|
|||
sources:
|
||||
- https://github.com/redpanda-data/helm-charts
|
||||
type: application
|
||||
version: 4.0.7
|
||||
version: 4.0.12
|
||||
|
|
|
@ -19,9 +19,10 @@ statefulset:
|
|||
|
||||
external:
|
||||
enabled: true
|
||||
type: LoadBalancer
|
||||
# was LoadBalancer, here we are concerned with external addresses working so this is ok
|
||||
type: NodePort
|
||||
domain: my-domain
|
||||
addresses:
|
||||
- redpanda-1
|
||||
- 127.0.0.1
|
||||
- 192.168.0.1
|
||||
- 192.168.0.1
|
|
@ -1,49 +0,0 @@
|
|||
# Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
# contributor license agreements. See the NOTICE file distributed with
|
||||
# this work for additional information regarding copyright ownership.
|
||||
# The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
# (the "License"); you may not use this file except in compliance with
|
||||
# the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
---
|
||||
license_key: "dGVzdAo=.dGVzdAo="
|
||||
|
||||
storage:
|
||||
tieredConfig:
|
||||
cloud_storage_enabled: true
|
||||
false_value: false
|
||||
zero_value: 0
|
||||
null_value: null
|
||||
empty_array_value: []
|
||||
empty_map_value: {}
|
||||
empty_string_value: ""
|
||||
|
||||
config:
|
||||
cluster:
|
||||
false_value: false
|
||||
zero_value: 0
|
||||
null_value: null
|
||||
empty_array_value: []
|
||||
empty_map_value: {}
|
||||
empty_string_value: ""
|
||||
tunable:
|
||||
false_value: false
|
||||
zero_value: 0
|
||||
null_value: null
|
||||
empty_array_value: []
|
||||
empty_map_value: {}
|
||||
empty_string_value: ""
|
||||
node:
|
||||
false_value: false
|
||||
zero_value: 0
|
||||
null_value: null
|
||||
empty_array_value: []
|
||||
empty_map_value: {}
|
||||
empty_string_value: ""
|
|
@ -449,9 +449,8 @@ than 1 core.
|
|||
{{- define "tunable" -}}
|
||||
{{- $tunable := dig "tunable" dict .Values.config -}}
|
||||
{{- if (include "redpanda-atleast-22-3-0" . | fromJson).bool -}}
|
||||
{{- toYaml $tunable | nindent 4 -}}
|
||||
{{- range $key, $element := $tunable }}
|
||||
{{- if $element }}
|
||||
{{- if or (eq (typeOf $element) "bool") $element }}
|
||||
{{ $key }}: {{ $element | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
@ -460,7 +459,7 @@ than 1 core.
|
|||
{{- $tunable = unset $tunable "log_segment_size_max" -}}
|
||||
{{- $tunable = unset $tunable "kafka_batch_max_bytes" -}}
|
||||
{{- range $key, $element := $tunable }}
|
||||
{{- if $element }}
|
||||
{{- if or (eq (typeOf $element) "bool") $element }}
|
||||
{{ $key }}: {{ $element | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -71,7 +71,7 @@ data:
|
|||
{{- end }}
|
||||
{{- with (dig "cluster" dict .Values.config) }}
|
||||
{{- range $key, $element := .}}
|
||||
{{- if $element }}
|
||||
{{- if or (eq (typeOf $element) "bool") $element }}
|
||||
{{ $key }}: {{ $element | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
@ -87,7 +87,7 @@ data:
|
|||
{{- $tieredStorageConfig = unset $tieredStorageConfig "cloud_storage_credentials_source"}}
|
||||
{{- end }}
|
||||
{{- range $key, $element := $tieredStorageConfig}}
|
||||
{{- if $element }}
|
||||
{{- if or (eq (typeOf $element) "bool") $element }}
|
||||
{{ $key }}: {{ $element | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
@ -115,14 +115,14 @@ data:
|
|||
{{- end }}
|
||||
{{- with (dig "cluster" dict .Values.config) }}
|
||||
{{- range $key, $element := .}}
|
||||
{{- if $element }}
|
||||
{{- if or (eq (typeOf $element) "bool") $element }}
|
||||
{{ $key }}: {{ $element | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with (dig "tunable" dict .Values.config) }}
|
||||
{{- range $key, $element := .}}
|
||||
{{- if $element }}
|
||||
{{- if or (eq (typeOf $element) "bool") $element }}
|
||||
{{ $key }}: {{ $element | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
@ -132,7 +132,7 @@ data:
|
|||
{{- end }}
|
||||
{{- with dig "node" dict .Values.config }}
|
||||
{{- range $key, $element := .}}
|
||||
{{- if $element }}
|
||||
{{- if or (eq (typeOf $element) "bool") $element }}
|
||||
{{ $key }}: {{ $element | toYaml }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
@ -200,7 +200,7 @@ data:
|
|||
{{- $certPath := printf "/etc/tls/certs/%s" $certName }}
|
||||
{{- $cert := get $values.tls.certs $certName }}
|
||||
{{- if empty $cert }}
|
||||
{{- fail (printf "Certificate, '%s', used but not defined")}}
|
||||
{{- fail (printf "Certificate, '%s', used but not defined" $certName)}}
|
||||
{{- end }}
|
||||
- name: {{ $name }}
|
||||
enabled: true
|
||||
|
|
|
@ -26,6 +26,15 @@ limitations under the License.
|
|||
{{- $uid := dig "podSecurityContext" "runAsUser" .Values.statefulset.securityContext.runAsUser .Values.statefulset -}}
|
||||
{{- $gid := dig "podSecurityContext" "fsGroup" .Values.statefulset.securityContext.fsGroup .Values.statefulset -}}
|
||||
{{- $root := deepCopy . }}
|
||||
|
||||
{{- if not (include "redpanda-atleast-22-2-0" . | fromJson).bool -}}
|
||||
{{- if eq (get .Values "force" | default false) false -}}
|
||||
{{- fail (
|
||||
printf "\n\nError: The Redpanda version (%s) is not longer supported \nTo accept this risk, run the upgrade again adding `--set force=true`\n" (( include "redpanda.semver" . ))
|
||||
)
|
||||
-}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
|
@ -68,7 +77,7 @@ spec:
|
|||
rpk redpanda tune all
|
||||
securityContext:
|
||||
capabilities:
|
||||
add: ["CAP_SYS_RESOURCE"]
|
||||
add: ["SYS_RESOURCE"]
|
||||
privileged: true
|
||||
runAsUser: 0
|
||||
runAsGroup: 0
|
||||
|
|
|
@ -14,9 +14,10 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
{{- $sasl := .Values.auth.sasl }}
|
||||
{{- $useSaslSecret := and $sasl.enabled (not (empty $sasl.secretRef )) }}
|
||||
{{- if .Values.rbac.enabled -}}
|
||||
{{- if and .Values.rbac.enabled (include "redpanda-atleast-23-1-1" .|fromJson).bool -}}
|
||||
{{- $sasl := .Values.auth.sasl }}
|
||||
{{- $useSaslSecret := and $sasl.enabled (not (empty $sasl.secretRef )) }}
|
||||
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
|
|
|
@ -149,7 +149,7 @@ tls:
|
|||
# -- Example external tls configuration
|
||||
# uncomment and set the right key to the listeners that require them
|
||||
# also enable the tls setting for those listeners.
|
||||
# external:
|
||||
external:
|
||||
# -- To use a custom pre-installed Issuer,
|
||||
# add its name and kind to the `issuerRef` object.
|
||||
# issuerRef:
|
||||
|
@ -160,7 +160,7 @@ tls:
|
|||
# name: my-tls-secret
|
||||
# -- Set the `caEnabled` flag to `true` only for Certificates
|
||||
# that are not authenticated using public authorities.
|
||||
# caEnabled: true
|
||||
caEnabled: true
|
||||
# duration: 43800h
|
||||
|
||||
# -- External access settings.
|
||||
|
@ -639,6 +639,9 @@ listeners:
|
|||
# List one port if you want to use the same port for each broker (would be the case when using NodePort service).
|
||||
# Otherwise, list the port you want to use for each broker in order of StatefulSet replicas.
|
||||
# If undefined, `listeners.admin.port` is used.
|
||||
tls:
|
||||
# enabled: true
|
||||
cert: external
|
||||
advertisedPorts:
|
||||
- 31644
|
||||
# -- Optional TLS section (required if global TLS is enabled)
|
||||
|
@ -666,11 +669,9 @@ listeners:
|
|||
# -- If undefined, `listeners.kafka.external.default.port` is used.
|
||||
advertisedPorts:
|
||||
- 31092
|
||||
# -- Uncomment to define external tls
|
||||
# tls:
|
||||
# # Optional flag to override the global TLS enabled flag.
|
||||
# # enabled: true
|
||||
# cert: external
|
||||
tls:
|
||||
# enabled: true
|
||||
cert: external
|
||||
# -- RPC listener (this is never externally accessible).
|
||||
rpc:
|
||||
port: 33145
|
||||
|
@ -695,11 +696,9 @@ listeners:
|
|||
port: 8084
|
||||
advertisedPorts:
|
||||
- 30081
|
||||
# -- Uncomment to define external tls
|
||||
# tls:
|
||||
# # Optional flag to override the global TLS enabled flag.
|
||||
# # enabled: true
|
||||
# cert: external
|
||||
tls:
|
||||
# enabled: true
|
||||
cert: external
|
||||
# -- HTTP API listeners (aka PandaProxy).
|
||||
http:
|
||||
enabled: true
|
||||
|
@ -716,11 +715,9 @@ listeners:
|
|||
port: 8083
|
||||
advertisedPorts:
|
||||
- 30082
|
||||
# -- Uncomment to define external tls
|
||||
# tls:
|
||||
# # Optional flag to override the global TLS enabled flag.
|
||||
# # enabled: true
|
||||
# cert: external
|
||||
tls:
|
||||
# enabled: true
|
||||
cert: external
|
||||
|
||||
# Expert Config
|
||||
# Here be dragons!
|
||||
|
|
|
@ -4,7 +4,7 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>= 1.17.0-0'
|
||||
catalog.cattle.io/release-name: speedscale-operator
|
||||
apiVersion: v1
|
||||
appVersion: 1.2.551
|
||||
appVersion: 1.2.575
|
||||
description: Stress test your APIs with real world scenarios. Collect and replay
|
||||
traffic without scripting.
|
||||
home: https://speedscale.com
|
||||
|
@ -24,4 +24,4 @@ maintainers:
|
|||
- email: support@speedscale.com
|
||||
name: Speedscale Support
|
||||
name: speedscale-operator
|
||||
version: 1.2.36
|
||||
version: 1.2.40
|
||||
|
|
|
@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen
|
|||
A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
|
||||
incompatible breaking change needing manual actions.
|
||||
|
||||
### Upgrade to 1.2.36
|
||||
### Upgrade to 1.2.40
|
||||
|
||||
```bash
|
||||
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.36/templates/crds/trafficreplays.yaml
|
||||
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.40/templates/crds/trafficreplays.yaml
|
||||
```
|
||||
|
||||
### Upgrade to 1.1.0
|
||||
|
|
|
@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen
|
|||
A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
|
||||
incompatible breaking change needing manual actions.
|
||||
|
||||
### Upgrade to 1.2.36
|
||||
### Upgrade to 1.2.40
|
||||
|
||||
```bash
|
||||
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.36/templates/crds/trafficreplays.yaml
|
||||
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.40/templates/crds/trafficreplays.yaml
|
||||
```
|
||||
|
||||
### Upgrade to 1.1.0
|
||||
|
|
|
@ -58,15 +58,15 @@ spec:
|
|||
image: '{{ .Values.image.registry }}/operator:{{ .Values.image.tag }}'
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
failureThreshold: 5
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: health-check
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: 1
|
||||
periodSeconds: 10
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 30
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 2
|
||||
timeoutSeconds: 5
|
||||
name: operator
|
||||
ports:
|
||||
- containerPort: 9443
|
||||
|
@ -74,15 +74,15 @@ spec:
|
|||
- containerPort: 8081
|
||||
name: health-check
|
||||
readinessProbe:
|
||||
failureThreshold: 5
|
||||
failureThreshold: 10
|
||||
httpGet:
|
||||
path: /readyz
|
||||
port: health-check
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 1
|
||||
periodSeconds: 5
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 2
|
||||
timeoutSeconds: 5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 100m
|
||||
|
|
|
@ -20,7 +20,7 @@ clusterName: "my-cluster"
|
|||
# Speedscale components image settings.
|
||||
image:
|
||||
registry: gcr.io/speedscale
|
||||
tag: v1.2.551
|
||||
tag: v1.2.575
|
||||
pullPolicy: Always
|
||||
|
||||
# Log level for Speedscale components.
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue