--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.2 creationTimestamp: null name: clusterlinks.platform.confluent.io spec: group: platform.confluent.io names: categories: - all - confluent-platform - confluent kind: ClusterLink listKind: ClusterLinkList plural: clusterlinks shortNames: - cl - clusterlink - clink singular: clusterlink scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.clusterLinkID name: ID type: string - jsonPath: .status.state name: Status type: string - jsonPath: .status.destinationKafkaClusterID name: DestClusterID type: string - jsonPath: .status.sourceKafkaClusterID name: SrcClusterID type: string - jsonPath: .status.numMirrorTopics name: MirrorTopicCount type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1beta1 schema: openAPIV3Schema: description: ClusterLink is the schema for the ClusterLink API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: spec defines the desired state of the cluster link. properties: aclFilters: description: aclFilters specify the list of ACLs to be migrated from the source cluster to the destination cluster. items: description: 'AclFilter defines the configuration for the ACLs filter. This follows the same pattern as defined in the cluster linking documentation. More info: https://docs.confluent.io/platform/current/multi-dc-deployments/cluster-linking/security.html#cluster-link-acls-migrate' properties: accessFilter: description: AclSyncAccessFilter defines the access filter for ACLs. properties: host: description: host is the host for which operations can be coming from. The default value is `*` that matches all hosts. type: string operation: description: 'operation specifies the operation type of the filter. It can be `ANY` or operations based on resource type defined in the following Confluent documentation: https://docs.confluent.io/platform/current/kafka/authorization.html#acl-operations' type: string permissionType: description: permissionType is the permission type of the filter. Valid options are `any`, `allow`, and `deny`. enum: - any - allow - deny type: string principal: description: principal is the name of the principal. The default value is `*`. type: string required: - operation - permissionType type: object resourceFilter: description: AclSyncResourceFilter specifies the resource filter for ACLs. properties: name: description: name is the name of the resource associated with this filter. The default value is `*`. type: string patternType: description: patternType is the pattern of the resource. Valid options are `prefixed`, `literal`, `any`, and `match`. enum: - prefixed - literal - any - match type: string resourceType: description: resourceType is the type of the filter. Valid options are `any`, `cluster`, `group`, `topic`, `transactionId`, and `delegationToken`. enum: - any - cluster - group - topic - transcationId - delegationToken type: string required: - patternType - resourceType type: object required: - accessFilter - resourceFilter type: object type: array configs: additionalProperties: type: string description: 'configs is a map of string key and value pairs. It specifies additional configurations for the cluster link. More info: https://docs.confluent.io/platform/current/multi-dc-deployments/cluster-linking/configs.html' type: object x-kubernetes-map-type: granular consumerGroupFilters: description: consumerGroupFilters specify a list of consumer groups to be migrated from the source cluster to the destination cluster. items: description: ClusterLinkOptionsFilter defines the scheme for a filter properties: filterType: description: filterType specifies the filter type. Valid options are `INCLUDE` and `EXCLUDE`. enum: - INCLUDE - EXCLUDE type: string name: description: name is the resource name associated with this filter. type: string patternType: description: patternType is the pattern of the resource. Valid options are `PREFIXED` and `LITERAL`. enum: - PREFIXED - LITERAL type: string required: - filterType - name - patternType type: object type: array destinationKafkaCluster: description: destinationKafkaCluster specifies the destination Kafka cluster and its REST API configuration. properties: authentication: description: authentication specifies the authentication for the Kafka cluster. properties: jaasConfig: description: jaasConfig specifies the Kafka client-side JaaS configuration. properties: secretRef: description: 'secretRef references the secret containing the required credentials. More info: https://docs.confluent.io/operator/current/co-authenticate.html' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - secretRef type: object jaasConfigPassThrough: description: jaasConfigPassThrough specifies another way to provide the Kafka client-side JaaS configuration. properties: directoryPathInContainer: description: 'directoryPathInContainer specifies the directory path in the container where required credentials are mounted. More info: https://docs.confluent.io/operator/current/co-authenticate.html' minLength: 1 type: string secretRef: description: 'secretRef references the secret containing the required credentials for authentication. More info: https://docs.confluent.io/operator/current/co-authenticate.html' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string type: object oauthbearer: description: oauthbearer is the authentication mechanism to provider principals. Only supported in RBAC deployment. properties: directoryPathInContainer: description: directoryPathInContainer specifies the directory path in the container where the credential is mounted. minLength: 1 type: string secretRef: description: 'secretRef specifies the name of the secret that contains the credential. More info: https://docs.confluent.io/operator/current/co-authenticate.html#bearer-authentication' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string type: object type: description: type specifies the Kafka client authentication type. Valid options are `plain`, `oauthbearer`, `digest`, and `mtls`. enum: - plain - oauthbearer - digest - mtls type: string required: - type type: object bootstrapEndpoint: description: bootstrapEndpoint specifies the bootstrap endpoint for the Kafka cluster. When `spec.sourceInitiatedLink.linkMode` is configured as `Source`, this is required for `spec.destinationKafkaCluster` and not required for `spec.sourceKafkaCluster`. For other cluster links this is required for `spec.sourceKafkaCluster` and not required for `spec.destinationKafkaCluster`. minLength: 1 pattern: .+:[0-9]+ type: string clusterID: description: clusterID specifies the id of the Kafka cluster. If clusterID is defined for the Kafka cluster, it takes precedence over using the REST API for getting the cluster ID. minLength: 1 type: string kafkaRestClassRef: description: kafkaRestClassRef references the KafkaRestClass application resource which defines the Kafka REST API connection information. When `spec.sourceInitiatedLink.linkMode` is configured as `Source`, this is required for `spec.sourceKafkaCluster` and optional for `spec.destinationKafkaCluster` if `spec.clusterID` is set. For other cluster links this is required for 'spec.destinationKafkaCluster` and optional for `spec.sourceKafkaCluster` if the `spec.clusterID` is set. properties: name: description: name specifies the name of the KafkaRestClass application resource. minLength: 1 type: string namespace: description: namespace specifies the namespace of the KafkaRestClass. type: string required: - name type: object tls: description: tls specifies the client-side TLS configuration for the Kafka cluster. properties: directoryPathInContainer: description: directoryPathInContainer contains the directory path in the container where `fullchain.pem`, `privkey.pem`, `cacerts.pem` or `tls.crt`, `tls.key`, `ca.crt` keys are mounted. minLength: 1 type: string enabled: description: enabled specifies whether to enable the TLS configuration for the cluster link. The default value is `false`. type: boolean keyPassword: description: keyPassword references the secret containing the SSL key password if the private key passed in the secretRef above is encrypted. properties: secretRef: description: 'secretRef references the name of the secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - secretRef type: object secretRef: description: 'secretRef references the secret containing the certificates. More info: https://docs.confluent.io/operator/current/co-network-encryption.html' maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - enabled type: object type: object mirrorTopicOptions: description: mirrorTopicOptions specify configuration options for mirror topics. properties: autoCreateTopics: description: 'autoCreateTopics specifies configurations for the cluster link to automatically create mirror topics on the destination cluster for topics that exist on the source cluster based on defined filters. More info: https://docs.confluent.io/platform/current/multi-dc-deployments/cluster-linking/mirror-topics-cp.html#auto-create-mirror-topics' properties: enabled: description: enabled specifies whether to auto-create mirror topics based on topics on the source cluster. When set to “true”, mirror topics will be auto-created. Setting this option to “false” disables mirror topic creation and clears any existing filters. type: boolean topicFilters: description: topicFilter contains an array of filters to apply to indicate which topics should be mirrored. items: description: ClusterLinkOptionsFilter defines the scheme for a filter properties: filterType: description: filterType specifies the filter type. Valid options are `INCLUDE` and `EXCLUDE`. enum: - INCLUDE - EXCLUDE type: string name: description: name is the resource name associated with this filter. type: string patternType: description: patternType is the pattern of the resource. Valid options are `PREFIXED` and `LITERAL`. enum: - PREFIXED - LITERAL type: string required: - filterType - name - patternType type: object type: array type: object prefix: description: prefix specifies prefix for the mirror topics of the cluster link. If configured, the valid mirror topic name should be defined with `` format which mirrors the topic name of the format `` from source cluster. When auto-create is enabled and the prefix is configured then the topics created on the destination will automatically contain the prefix. Otherwise, `spec.mirrorTopic.name` should be defined with `` format. maxLength: 255 minLength: 1 pattern: ^[a-zA-Z0-9\._\-]*$ type: string type: object mirrorTopics: description: mirrorTopics specify the mirror topics under this cluster link. items: description: MirrorTopic defines the mirror topic configuration. properties: configs: additionalProperties: type: string description: configs is a map of string key and value pairs. It specifies any additional configuration or configuration overrides for the mirror topic. type: object x-kubernetes-map-type: granular name: description: 'name is the mirror topic name. If the sourceTopicName is not configured, we assume that the sourceTopicName is the same as mirrorTopicName, so a topic with the exact same name must exist on the source cluster and no topic with this name should exist on the destination cluster. When `spec.mirrorTopicOptions.prefix: ` is configured for the cluster link, the name has to be of the format ``.' maxLength: 255 minLength: 1 pattern: ^[a-zA-Z0-9\._\-]*$ type: string replicationFactor: description: replicationFactor specifies the replication factor for the mirror topic on the destination cluster. If this is not configured, mirror topic will inherit the broker `default.replication.factor` configuration. format: int32 type: integer sourceTopicName: description: 'sourceTopicName is topic name on the source cluster that will be mirrored to the destination cluster. When `spec.mirrorTopicOptions.prefix: ` is not configured, you should not configure this field. If it is configured, a topic with the exact same name must exist on the source cluster.' maxLength: 255 minLength: 1 pattern: ^[a-zA-Z0-9\._\-]*$ type: string state: description: state specifies the desired state for this mirror topic. Valid options are `ACTIVE`, `FAILOVER`, `PAUSE`, and `PROMOTE`. The default value is `ACTIVE`. enum: - PAUSE - PROMOTE - FAILOVER - ACTIVE type: string required: - name type: object type: array name: description: name specifies the cluster link name. If not configured, then ClusterLink CR name is used as the cluster link name. maxLength: 255 minLength: 1 pattern: ^[a-zA-Z0-9\._\-]*$ type: string sourceInitiatedLink: description: sourceInitiatedLink specify configs for source initiated cluster links. properties: linkMode: description: linkMode specifies if this source initiated cluster link is in Source or Destination mode. enum: - Source - Destination type: string required: - linkMode type: object sourceKafkaCluster: description: sourceKafkaCluster specifies the source Kafka cluster and its REST API configuration. properties: authentication: description: authentication specifies the authentication for the Kafka cluster. properties: jaasConfig: description: jaasConfig specifies the Kafka client-side JaaS configuration. properties: secretRef: description: 'secretRef references the secret containing the required credentials. More info: https://docs.confluent.io/operator/current/co-authenticate.html' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - secretRef type: object jaasConfigPassThrough: description: jaasConfigPassThrough specifies another way to provide the Kafka client-side JaaS configuration. properties: directoryPathInContainer: description: 'directoryPathInContainer specifies the directory path in the container where required credentials are mounted. More info: https://docs.confluent.io/operator/current/co-authenticate.html' minLength: 1 type: string secretRef: description: 'secretRef references the secret containing the required credentials for authentication. More info: https://docs.confluent.io/operator/current/co-authenticate.html' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string type: object oauthbearer: description: oauthbearer is the authentication mechanism to provider principals. Only supported in RBAC deployment. properties: directoryPathInContainer: description: directoryPathInContainer specifies the directory path in the container where the credential is mounted. minLength: 1 type: string secretRef: description: 'secretRef specifies the name of the secret that contains the credential. More info: https://docs.confluent.io/operator/current/co-authenticate.html#bearer-authentication' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string type: object type: description: type specifies the Kafka client authentication type. Valid options are `plain`, `oauthbearer`, `digest`, and `mtls`. enum: - plain - oauthbearer - digest - mtls type: string required: - type type: object bootstrapEndpoint: description: bootstrapEndpoint specifies the bootstrap endpoint for the Kafka cluster. When `spec.sourceInitiatedLink.linkMode` is configured as `Source`, this is required for `spec.destinationKafkaCluster` and not required for `spec.sourceKafkaCluster`. For other cluster links this is required for `spec.sourceKafkaCluster` and not required for `spec.destinationKafkaCluster`. minLength: 1 pattern: .+:[0-9]+ type: string clusterID: description: clusterID specifies the id of the Kafka cluster. If clusterID is defined for the Kafka cluster, it takes precedence over using the REST API for getting the cluster ID. minLength: 1 type: string kafkaRestClassRef: description: kafkaRestClassRef references the KafkaRestClass application resource which defines the Kafka REST API connection information. When `spec.sourceInitiatedLink.linkMode` is configured as `Source`, this is required for `spec.sourceKafkaCluster` and optional for `spec.destinationKafkaCluster` if `spec.clusterID` is set. For other cluster links this is required for 'spec.destinationKafkaCluster` and optional for `spec.sourceKafkaCluster` if the `spec.clusterID` is set. properties: name: description: name specifies the name of the KafkaRestClass application resource. minLength: 1 type: string namespace: description: namespace specifies the namespace of the KafkaRestClass. type: string required: - name type: object tls: description: tls specifies the client-side TLS configuration for the Kafka cluster. properties: directoryPathInContainer: description: directoryPathInContainer contains the directory path in the container where `fullchain.pem`, `privkey.pem`, `cacerts.pem` or `tls.crt`, `tls.key`, `ca.crt` keys are mounted. minLength: 1 type: string enabled: description: enabled specifies whether to enable the TLS configuration for the cluster link. The default value is `false`. type: boolean keyPassword: description: keyPassword references the secret containing the SSL key password if the private key passed in the secretRef above is encrypted. properties: secretRef: description: 'secretRef references the name of the secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates' maxLength: 30 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - secretRef type: object secretRef: description: 'secretRef references the secret containing the certificates. More info: https://docs.confluent.io/operator/current/co-network-encryption.html' maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - enabled type: object type: object required: - destinationKafkaCluster - sourceKafkaCluster type: object status: description: status defines the observed state of the cluster link. properties: appState: default: Unknown description: appState is the current state of the cluster link application. enum: - Unknown - Created - Failed - Deleted type: string clusterLinkID: description: clusterLinkID is the id of the cluster link. type: string clusterLinkName: description: clusterLinkName is the name of the cluster link. type: string conditions: description: conditions are the latest available observations of the cluster link's state. items: description: Condition represent the latest available observations of the current state. properties: lastProbeTime: description: lastProbeTime shows the last time the condition was evaluated. format: date-time type: string lastTransitionTime: description: lastTransitionTime shows the last time the condition was transitioned from one status to another. format: date-time type: string message: description: message shows a human-readable message with details about the transition. type: string reason: description: reason shows the reason for the last transition of the condition. type: string status: description: status shows the status of the condition, one of `True`, `False`, or `Unknown`. type: string type: description: type shows the condition type. type: string type: object type: array destinationKafkaClusterID: description: destinationKafkaClusterID is the ID of the destination Kafka cluster. type: string kafkaCluster: description: 'kafkaCluster is the Kafka cluster this cluster link belongs to. The format is: `/`' type: string mirrorTopics: additionalProperties: description: MirrorTopicStatus specifies the status reported for each mirror topic as part of the cluster link status. properties: observedGeneration: description: observedGeneration is the most recent generation observed for this Confluent component. format: int64 type: integer replicationFactor: description: replicationFactor specifies the replication factor for the mirror topic on the destination cluster. format: int32 type: integer sourceTopicName: description: sourceTopicName is the name of the topic being mirrored on the source cluster. type: string status: description: status is the status of the mirror topic. It can be `ACTIVE`, `FAILED`, `PAUSED`, `STOPPED`, and `PENDING_STOPPED`. type: string type: object description: mirrorTopics is a map of mirror topic name to its status type: object x-kubernetes-map-type: granular numMirrorTopics: description: numMirrorTopics is the number of mirror topics for the cluster link. type: integer observedGeneration: description: observedGeneration is the most recent generation observed for this Confluent component. format: int64 type: integer sourceKafkaClusterID: description: sourceKafkaClusterID is the ID of the source Kafka cluster. type: string state: description: state is the current state of the cluster link. type: string type: object required: - spec type: object served: true storage: true subresources: status: {}