--- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/pdb.yaml apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: mariadb-operator labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: maxUnavailable: 1 selector: matchLabels: app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: mariadb-operator-cert-controller-cert-controller labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: mariadb-operator labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm --- # Source: mariadb-operator/charts/mariadb-operator/templates/webhook/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: mariadb-operator-webhook labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/configmap.yaml apiVersion: v1 data: MARIADB_OPERATOR_IMAGE: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2" MARIADB_GALERA_LIB_PATH: "/usr/lib/galera/libgalera_smm.so" MARIADB_DEFAULT_VERSION: "11.8" RELATED_IMAGE_MARIADB: "docker-registry1.mariadb.com/library/mariadb:11.8.2" RELATED_IMAGE_MARIADB_NAME: "docker-registry1.mariadb.com/library/mariadb" RELATED_IMAGE_MAXSCALE: "docker-registry2.mariadb.com/mariadb/maxscale:23.08.5" RELATED_IMAGE_EXPORTER: "prom/mysqld-exporter:v0.15.1" RELATED_IMAGE_EXPORTER_MAXSCALE: "docker-registry2.mariadb.com/mariadb/maxscale-prometheus-exporter-ubi:v0.0.1" kind: ConfigMap metadata: creationTimestamp: null name: mariadb-operator-env --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: backups.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: Backup listKind: BackupList plural: backups shortNames: - bmdb singular: backup scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Complete")].status name: Complete type: string - jsonPath: .status.conditions[?(@.type=="Complete")].message name: Status type: string - jsonPath: .spec.mariaDbRef.name name: MariaDB type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: Backup is the Schema for the backups API. It is used to define backup jobs and its storage. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: BackupSpec defines the desired state of Backup properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array backoffLimit: description: BackoffLimit defines the maximum number of attempts to successfully take a Backup. format: int32 type: integer compression: description: Compression algorithm to be used in the Backup. enum: - none - bzip2 - gzip type: string databases: description: Databases defines the logical databases to be backed up. If not provided, all databases are backed up. items: type: string type: array failedJobsHistoryLimit: description: FailedJobsHistoryLimit defines the maximum number of failed Jobs to be displayed. format: int32 minimum: 0 type: integer ignoreGlobalPriv: description: |- IgnoreGlobalPriv indicates to ignore the mysql.global_priv in backups. If not provided, it will default to true when the referred MariaDB instance has Galera enabled and otherwise to false. See: https://github.com/mariadb-operator/mariadb-operator/issues/556 type: boolean imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array inheritMetadata: description: InheritMetadata defines the metadata to be inherited by children resources. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object logLevel: default: info description: LogLevel to be used n the Backup Job. It defaults to 'info'. type: string mariaDbRef: description: MariaDBRef is a reference to a MariaDB object. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object maxRetention: description: |- MaxRetention defines the retention policy for backups. Old backups will be cleaned up by the Backup Job. It defaults to 30 days. type: string nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object priorityClassName: description: PriorityClassName to be used in the Pod. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object restartPolicy: default: OnFailure description: RestartPolicy to be added to the Backup Pod. enum: - Always - OnFailure - Never type: string schedule: description: Schedule defines when the Backup will be taken. properties: cron: description: Cron is a cron expression that defines the schedule. type: string suspend: default: false description: Suspend defines whether the schedule is active or not. type: boolean required: - cron type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to be used by the Pods. type: string stagingStorage: description: |- StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Backup Job is scheduled. The staging area gets cleaned up after each backup is completed, consider this for sizing it appropriately. properties: persistentVolumeClaim: description: PersistentVolumeClaim is a Kubernetes PVC specification. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object volume: description: Volume is a Kubernetes volume specification. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object type: object storage: description: Storage defines the final storage for backups. properties: persistentVolumeClaim: description: PersistentVolumeClaim is a Kubernetes PVC specification. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object s3: description: S3 defines the configuration to store backups in a S3 compatible storage. properties: accessKeyIdSecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic bucket: description: Bucket is the name Name of the bucket to store backups. type: string endpoint: description: Endpoint is the S3 API endpoint without scheme. type: string prefix: description: 'Prefix indicates a folder/subfolder in the bucket. For example: mariadb/ or mariadb/backups. A trailing slash ''/'' is added if not provided.' type: string region: description: Region is the S3 region name to use. type: string secretAccessKeySecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic sessionTokenSecretKeyRef: description: SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic tls: description: TLS provides the configuration required to establish TLS connections with S3. properties: caSecretKeyRef: description: |- CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3. By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic enabled: description: Enabled is a flag to enable TLS. type: boolean type: object required: - bucket - endpoint type: object volume: description: Volume is a Kubernetes volume specification. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object type: object successfulJobsHistoryLimit: description: SuccessfulJobsHistoryLimit defines the maximum number of successful Jobs to be displayed. format: int32 minimum: 0 type: integer timeZone: description: TimeZone defines the timezone associated with the cron expression. type: string tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array required: - mariaDbRef - storage type: object status: description: BackupStatus defines the observed state of Backup properties: conditions: description: Conditions for the Backup object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: connections.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: Connection listKind: ConnectionList plural: connections shortNames: - cmdb singular: connection scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - jsonPath: .spec.secretName name: Secret type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: Connection is the Schema for the connections API. It is used to configure connection strings for the applications connecting to MariaDB. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: ConnectionSpec defines the desired state of Connection properties: database: description: Database to use when configuring the Connection. type: string healthCheck: description: HealthCheck to be used in the Connection. properties: interval: description: Interval used to perform health checks. type: string retryInterval: description: RetryInterval is the interval used to perform health check retries. type: string type: object host: description: Host to connect to. If not provided, it defaults to the MariaDB host or to the MaxScale host. type: string mariaDbRef: description: MariaDBRef is a reference to the MariaDB to connect to. Either MariaDBRef or MaxScaleRef must be provided. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object maxScaleRef: description: MaxScaleRef is a reference to the MaxScale to connect to. Either MariaDBRef or MaxScaleRef must be provided. properties: name: type: string namespace: type: string type: object params: additionalProperties: type: string description: Params to be used in the Connection. type: object passwordSecretKeyRef: description: |- PasswordSecretKeyRef is a reference to the password to use for configuring the Connection. Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic port: description: Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. format: int32 type: integer secretName: description: SecretName to be used in the Connection. type: string secretTemplate: description: SecretTemplate to be used in the Connection. properties: databaseKey: description: DatabaseKey to be used in the Secret. type: string format: description: Format to be used in the Secret. type: string hostKey: description: HostKey to be used in the Secret. type: string key: description: Key to be used in the Secret. type: string metadata: description: Metadata to be added to the Secret object. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordKey: description: PasswordKey to be used in the Secret. type: string portKey: description: PortKey to be used in the Secret. type: string usernameKey: description: UsernameKey to be used in the Secret. type: string type: object serviceName: description: ServiceName to be used in the Connection. type: string tlsClientCertSecretRef: description: |- TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when checking the connection health. Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. If not provided, the client certificate provided by the referred MariaDB is used if TLS is enabled. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the client certificate. properties: name: default: "" type: string type: object username: description: Username to use for configuring the Connection. type: string required: - username type: object status: description: ConnectionStatus defines the observed state of Connection properties: conditions: description: Conditions for the Connection object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: databases.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: Database listKind: DatabaseList plural: databases shortNames: - dmdb singular: database scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - jsonPath: .spec.characterSet name: CharSet type: string - jsonPath: .spec.collate name: Collate type: string - jsonPath: .spec.mariaDbRef.name name: MariaDB type: string - jsonPath: .metadata.creationTimestamp name: Age type: date - jsonPath: .spec.name name: Name type: string name: v1alpha1 schema: openAPIV3Schema: description: Database is the Schema for the databases API. It is used to define a logical database as if you were running a 'CREATE DATABASE' statement. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: DatabaseSpec defines the desired state of Database properties: characterSet: default: utf8 description: CharacterSet to use in the Database. type: string cleanupPolicy: description: CleanupPolicy defines the behavior for cleaning up a SQL resource. enum: - Skip - Delete type: string collate: default: utf8_general_ci description: Collate to use in the Database. type: string mariaDbRef: description: MariaDBRef is a reference to a MariaDB object. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object name: description: Name overrides the default Database name provided by metadata.name. maxLength: 80 type: string requeueInterval: description: RequeueInterval is used to perform requeue reconciliations. type: string retryInterval: description: RetryInterval is the interval used to perform retries. type: string required: - mariaDbRef type: object status: description: DatabaseStatus defines the observed state of Database properties: conditions: description: Conditions for the Database object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: externalmariadbs.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: ExternalMariaDB listKind: ExternalMariaDBList plural: externalmariadbs shortNames: - emdb singular: externalmariadb scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: ExternalMariaDB is the Schema for the external MariaDBs API. It is used to define external MariaDB server. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: ExternalMariaDBSpec defines the desired state of an External MariaDB properties: connection: description: Connection defines a template to configure a Connection for the external MariaDB. properties: healthCheck: description: HealthCheck to be used in the Connection. properties: interval: description: Interval used to perform health checks. type: string retryInterval: description: RetryInterval is the interval used to perform health check retries. type: string type: object params: additionalProperties: type: string description: Params to be used in the Connection. type: object port: description: Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. format: int32 type: integer secretName: description: SecretName to be used in the Connection. type: string secretTemplate: description: SecretTemplate to be used in the Connection. properties: databaseKey: description: DatabaseKey to be used in the Secret. type: string format: description: Format to be used in the Secret. type: string hostKey: description: HostKey to be used in the Secret. type: string key: description: Key to be used in the Secret. type: string metadata: description: Metadata to be added to the Secret object. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordKey: description: PasswordKey to be used in the Secret. type: string portKey: description: PortKey to be used in the Secret. type: string usernameKey: description: UsernameKey to be used in the Secret. type: string type: object serviceName: description: ServiceName to be used in the Connection. type: string type: object host: description: Hostname of the external MariaDB. type: string image: description: |- Image name to be used to perform operations on the external MariaDB, for example, for taking backups. The supported format is `:`. Only MariaDB official images are supported. If not provided, the MariaDB image version be inferred by the operator in runtime. The default MariaDB image will be used in this case, type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array inheritMetadata: description: InheritMetadata defines the metadata to be inherited by children resources. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordSecretKeyRef: description: PasswordSecretKeyRef is a reference to the password to connect to the external MariaDB. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic port: default: 3306 description: Port of the external MariaDB. format: int32 type: integer tls: description: TLS defines the PKI to be used with the external MariaDB. properties: clientCASecretRef: description: |- ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the client certificate. properties: name: default: "" type: string type: object clientCertIssuerRef: description: |- ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with clientCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object clientCertSecretRef: description: |- ClientCertSecretRef is a reference to a TLS Secret containing the client certificate. It is mutually exclusive with clientCertIssuerRef. properties: name: default: "" type: string type: object enabled: description: |- Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance. It is enabled by default. type: boolean galeraSSTEnabled: description: |- GaleraSSTEnabled determines whether Galera SST connections should use TLS. It disabled by default. type: boolean required: description: |- Required specifies whether TLS must be enforced for all connections. User TLS requirements take precedence over this. It disabled by default. type: boolean serverCASecretRef: description: |- ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided. If not provided, a self-signed CA will be provisioned to issue the server certificate. properties: name: default: "" type: string type: object serverCertIssuerRef: description: |- ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with serverCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object serverCertSecretRef: description: |- ServerCertSecretRef is a reference to a TLS Secret containing the server certificate. It is mutually exclusive with serverCertIssuerRef. properties: name: default: "" type: string type: object type: object username: description: Username is the username to connect to the external MariaDB. type: string required: - host - username type: object status: description: ExternalMariaDBStatus defines the observed state of MariaDB properties: conditions: description: Conditions for the ExternalMariadb object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array isGaleraEnabled: description: IsGaleraEnabled indicates that the external MariaDb has Galera enabled. type: boolean version: description: Version of the external MariaDB server. type: string type: object required: - spec type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: grants.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: Grant listKind: GrantList plural: grants shortNames: - gmdb singular: grant scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - jsonPath: .spec.database name: Database type: string - jsonPath: .spec.table name: Table type: string - jsonPath: .spec.username name: Username type: string - jsonPath: .spec.grantOption name: GrantOpt type: string - jsonPath: .spec.mariaDbRef.name name: MariaDB type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: Grant is the Schema for the grants API. It is used to define grants as if you were running a 'GRANT' statement. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: GrantSpec defines the desired state of Grant properties: cleanupPolicy: description: CleanupPolicy defines the behavior for cleaning up a SQL resource. enum: - Skip - Delete type: string database: default: '*' description: Database to use in the Grant. type: string grantOption: default: false description: GrantOption to use in the Grant. type: boolean host: description: Host to use in the Grant. It can be localhost, an IP or '%'. type: string mariaDbRef: description: MariaDBRef is a reference to a MariaDB object. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object privileges: description: Privileges to use in the Grant. items: type: string minItems: 1 type: array requeueInterval: description: RequeueInterval is used to perform requeue reconciliations. type: string retryInterval: description: RetryInterval is the interval used to perform retries. type: string table: default: '*' description: Table to use in the Grant. type: string username: description: Username to use in the Grant. type: string required: - mariaDbRef - privileges - username type: object status: description: GrantStatus defines the observed state of Grant properties: conditions: description: Conditions for the Grant object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array currentPrivileges: description: |- CurrentPrivileges is the list of current privileges used in the Grant. It allows to detect the divergence from the desired privileges. items: type: string type: array type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: mariadbs.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: MariaDB listKind: MariaDBList plural: mariadbs shortNames: - mdb singular: mariadb scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - jsonPath: .status.currentPrimary name: Primary type: string - jsonPath: .spec.updateStrategy.type name: Updates type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: MariaDB is the Schema for the mariadbs API. It is used to define MariaDB clusters. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: MariaDBSpec defines the desired state of MariaDB properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array bootstrapFrom: description: BootstrapFrom defines a source to bootstrap from. properties: backupContentType: description: |- BackupContentType is the backup content type available in the source to bootstrap from. It is inferred based on the BackupRef and VolumeSnapshotRef fields. If inference is not possible, it defaults to Logical. Set this field explicitly when using physical backups from S3 or Volume sources. enum: - Logical - Physical type: string backupRef: description: |- BackupRef is reference to a backup object. If the Kind is not specified, a logical Backup is assumed. This field takes precedence over S3 and Volume sources. properties: kind: description: Kind of the referent. type: string name: description: Name of the referent. type: string type: object restoreJob: description: RestoreJob defines additional properties for the Job used to perform the restoration. properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array metadata: description: Metadata defines additional metadata for the bootstrap Jobs. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array type: object s3: description: |- S3 defines the configuration to restore backups from a S3 compatible storage. This field takes precedence over the Volume source. properties: accessKeyIdSecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic bucket: description: Bucket is the name Name of the bucket to store backups. type: string endpoint: description: Endpoint is the S3 API endpoint without scheme. type: string prefix: description: 'Prefix indicates a folder/subfolder in the bucket. For example: mariadb/ or mariadb/backups. A trailing slash ''/'' is added if not provided.' type: string region: description: Region is the S3 region name to use. type: string secretAccessKeySecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic sessionTokenSecretKeyRef: description: SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic tls: description: TLS provides the configuration required to establish TLS connections with S3. properties: caSecretKeyRef: description: |- CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3. By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic enabled: description: Enabled is a flag to enable TLS. type: boolean type: object required: - bucket - endpoint type: object stagingStorage: description: |- StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Job is scheduled. properties: persistentVolumeClaim: description: PersistentVolumeClaim is a Kubernetes PVC specification. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object volume: description: Volume is a Kubernetes volume specification. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object type: object targetRecoveryTime: description: |- TargetRecoveryTime is a RFC3339 (1970-01-01T00:00:00Z) date and time that defines the point in time recovery objective. It is used to determine the closest restoration source in time. format: date-time type: string volume: description: Volume is a Kubernetes Volume object that contains a backup. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object volumeSnapshotRef: description: |- VolumeSnapshotRef is a reference to a VolumeSnapshot object. This field takes precedence over S3 and Volume sources. properties: name: default: "" type: string type: object type: object command: description: Command to be used in the Container. items: type: string type: array connection: description: |- Connection defines a template to configure the general Connection object. This Connection provides the initial User access to the initial Database. It will make use of the Service to route network traffic to all Pods. properties: healthCheck: description: HealthCheck to be used in the Connection. properties: interval: description: Interval used to perform health checks. type: string retryInterval: description: RetryInterval is the interval used to perform health check retries. type: string type: object params: additionalProperties: type: string description: Params to be used in the Connection. type: object port: description: Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. format: int32 type: integer secretName: description: SecretName to be used in the Connection. type: string secretTemplate: description: SecretTemplate to be used in the Connection. properties: databaseKey: description: DatabaseKey to be used in the Secret. type: string format: description: Format to be used in the Secret. type: string hostKey: description: HostKey to be used in the Secret. type: string key: description: Key to be used in the Secret. type: string metadata: description: Metadata to be added to the Secret object. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordKey: description: PasswordKey to be used in the Secret. type: string portKey: description: PortKey to be used in the Secret. type: string usernameKey: description: UsernameKey to be used in the Secret. type: string type: object serviceName: description: ServiceName to be used in the Connection. type: string type: object database: description: Database is the name of the initial Database. type: string env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: description: EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.' properties: configMapRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object prefix: type: string secretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: object type: array galera: description: Replication configures high availability via Galera. properties: agent: description: Agent is a sidecar agent that co-operates with mariadb-operator. properties: args: description: Args to be used in the Container. items: type: string type: array basicAuth: description: BasicAuth to be used by the agent container properties: enabled: description: Enabled is a flag to enable BasicAuth type: boolean passwordSecretKeyRef: description: PasswordSecretKeyRef to be used for basic authentication properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic username: description: Username to be used for basic authentication type: string type: object command: description: Command to be used in the Container. items: type: string type: array env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: description: EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.' properties: configMapRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object prefix: type: string secretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: object type: array gracefulShutdownTimeout: description: GracefulShutdownTimeout is the time we give to the agent container in order to gracefully terminate in-flight requests. type: string image: description: Image name to be used by the MariaDB instances. The supported format is `:`. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string kubernetesAuth: description: KubernetesAuth to be used by the agent container properties: authDelegatorRoleName: description: |- AuthDelegatorRoleName is the name of the ClusterRoleBinding that is associated with the "system:auth-delegator" ClusterRole. It is necessary for creating TokenReview objects in order for the agent to validate the service account token. type: string enabled: description: Enabled is a flag to enable KubernetesAuth type: boolean type: object livenessProbe: description: LivenessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object port: description: Port where the agent will be listening for API connections. format: int32 type: integer probePort: description: Port where the agent will be listening for probe connections. format: int32 type: integer readinessProbe: description: ReadinessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object startupProbe: description: StartupProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array type: object availableWhenDonor: description: AvailableWhenDonor indicates whether a donor node should be responding to queries. It defaults to false. type: boolean config: description: GaleraConfig defines storage options for the Galera configuration files. properties: reuseStorageVolume: description: |- ReuseStorageVolume indicates that storage volume used by MariaDB should be reused to store the Galera configuration files. It defaults to false, which implies that a dedicated volume for the Galera configuration files is provisioned. type: boolean volumeClaimTemplate: description: VolumeClaimTemplate is a template for the PVC that will contain the Galera configuration files shared between the InitContainer, Agent and MariaDB. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic metadata: description: Metadata to be added to the PVC metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object type: object enabled: description: Enabled is a flag to enable Galera. type: boolean galeraLibPath: description: |- GaleraLibPath is a path inside the MariaDB image to the wsrep provider plugin. It is defaulted if not provided. More info: https://galeracluster.com/library/documentation/mysql-wsrep-options.html#wsrep-provider. type: string initContainer: description: InitContainer is an init container that runs in the MariaDB Pod and co-operates with mariadb-operator. properties: args: description: Args to be used in the Container. items: type: string type: array command: description: Command to be used in the Container. items: type: string type: array env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: description: EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.' properties: configMapRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object prefix: type: string secretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: object type: array image: description: Image name to be used by the MariaDB instances. The supported format is `:`. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string livenessProbe: description: LivenessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object readinessProbe: description: ReadinessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object startupProbe: description: StartupProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array required: - image type: object initJob: description: InitJob defines a Job that co-operates with mariadb-operator by performing initialization tasks. properties: metadata: description: Metadata defines additional metadata for the Galera init Job. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object type: object primary: description: Primary is the Galera configuration for the primary node. properties: autoFailover: description: AutoFailover indicates whether the operator should automatically update PodIndex to perform an automatic primary failover. type: boolean podIndex: description: PodIndex is the StatefulSet index of the primary node. The user may change this field to perform a manual switchover. type: integer type: object providerOptions: additionalProperties: type: string description: |- ProviderOptions is map of Galera configuration parameters. More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_provider_options. type: object recovery: description: |- GaleraRecovery is the recovery process performed by the operator whenever the Galera cluster is not healthy. More info: https://galeracluster.com/library/documentation/crash-recovery.html. properties: clusterBootstrapTimeout: description: |- ClusterBootstrapTimeout is the time limit for bootstrapping a cluster. Once this timeout is reached, the Galera recovery state is reset and a new cluster bootstrap will be attempted. type: string clusterDownscaleTimeout: description: ClusterDownscaleTimeout represents the maximum duration for downscaling the cluster's StatefulSet during the recovery process. type: string clusterHealthyTimeout: description: |- ClusterHealthyTimeout represents the duration at which a Galera cluster, that consistently failed health checks, is considered unhealthy, and consequently the Galera recovery process will be initiated by the operator. type: string clusterMonitorInterval: description: ClusterMonitorInterval represents the interval used to monitor the Galera cluster health. type: string clusterUpscaleTimeout: description: ClusterUpscaleTimeout represents the maximum duration for upscaling the cluster's StatefulSet during the recovery process. type: string enabled: description: Enabled is a flag to enable GaleraRecovery. type: boolean forceClusterBootstrapInPod: description: |- ForceClusterBootstrapInPod allows you to manually initiate the bootstrap process in a specific Pod. IMPORTANT: Use this option only in exceptional circumstances. Not selecting the Pod with the highest sequence number may result in data loss. IMPORTANT: Ensure you unset this field after completing the bootstrap to allow the operator to choose the appropriate Pod to bootstrap from in an event of cluster recovery. type: string job: description: Job defines a Job that co-operates with mariadb-operator by performing the Galera cluster recovery . properties: metadata: description: Metadata defines additional metadata for the Galera recovery Jobs. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podAffinity: description: PodAffinity indicates whether the recovery Jobs should run in the same Node as the MariaDB Pods. It defaults to true. type: boolean resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object type: object minClusterSize: anyOf: - type: integer - type: string description: |- MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated. It defaults to '1' replica, and it is highly recommendeded to keep this value at '1' in most cases. If set to more than one replica, the cluster recovery process may restart the healthy replicas as well. x-kubernetes-int-or-string: true podRecoveryTimeout: description: PodRecoveryTimeout is the time limit for recevorying the sequence of a Pod during the cluster recovery. type: string podSyncTimeout: description: PodSyncTimeout is the time limit for a Pod to join the cluster after having performed a cluster bootstrap during the cluster recovery. type: string type: object replicaThreads: description: |- ReplicaThreads is the number of replica threads used to apply Galera write sets in parallel. More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_slave_threads. type: integer sst: description: |- SST is the Snapshot State Transfer used when new Pods join the cluster. More info: https://galeracluster.com/library/documentation/sst.html. enum: - rsync - mariabackup - mysqldump type: string type: object image: description: |- Image name to be used by the MariaDB instances. The supported format is `:`. Only MariaDB official images are supported. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array inheritMetadata: description: InheritMetadata defines the metadata to be inherited by children resources. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object initContainers: description: InitContainers to be used in the Pod. items: description: Container object definition. properties: args: description: Args to be used in the Container. items: type: string type: array command: description: Command to be used in the Container. items: type: string type: array env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: description: Image name to be used by the container. The supported format is `:`. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string name: description: Name to be given to the container. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array required: - image type: object type: array livenessProbe: description: LivenessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object maxScale: description: |- MaxScale is the MaxScale specification that defines the MaxScale resource to be used with the current MariaDB. When enabling this field, MaxScaleRef is automatically set. properties: admin: description: Admin configures the admin REST API and GUI. properties: guiEnabled: description: GuiEnabled indicates whether the admin GUI should be enabled. type: boolean port: description: Port where the admin REST API and GUI will be exposed. format: int32 type: integer type: object auth: description: Auth defines the credentials required for MaxScale to connect to MariaDB. properties: adminPasswordSecretKeyRef: description: AdminPasswordSecretKeyRef is Secret key reference to the admin password to call the admin REST API. It is defaulted if not provided. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic adminUsername: description: AdminUsername is an admin username to call the admin REST API. It is defaulted if not provided. type: string clientMaxConnections: description: |- ClientMaxConnections defines the maximum number of connections that the client can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer clientPasswordSecretKeyRef: description: |- ClientPasswordSecretKeyRef is Secret key reference to the password to connect to MaxScale. It is defaulted if not provided. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic clientUsername: description: ClientUsername is the user to connect to MaxScale. It is defaulted if not provided. type: string deleteDefaultAdmin: description: DeleteDefaultAdmin determines whether the default admin user should be deleted after the initial configuration. If not provided, it defaults to true. type: boolean generate: description: |- Generate defies whether the operator should generate users and grants for MaxScale to work. It only supports MariaDBs specified via spec.mariaDbRef. type: boolean metricsPasswordSecretKeyRef: description: MetricsPasswordSecretKeyRef is Secret key reference to the metrics password to call the admib REST API. It is defaulted if metrics are enabled. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic metricsUsername: description: MetricsUsername is an metrics username to call the REST API. It is defaulted if metrics are enabled. type: string monitorMaxConnections: description: |- MonitorMaxConnections defines the maximum number of connections that the monitor can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer monitorPasswordSecretKeyRef: description: |- MonitorPasswordSecretKeyRef is Secret key reference to the password used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic monitorUsername: description: MonitorUsername is the user used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided. type: string serverMaxConnections: description: |- ServerMaxConnections defines the maximum number of connections that the server can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer serverPasswordSecretKeyRef: description: |- ServerPasswordSecretKeyRef is Secret key reference to the password used by MaxScale to connect to MariaDB server. It is defaulted if not provided. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic serverUsername: description: ServerUsername is the user used by MaxScale to connect to MariaDB server. It is defaulted if not provided. type: string syncMaxConnections: description: |- SyncMaxConnections defines the maximum number of connections that the sync can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer syncPasswordSecretKeyRef: description: |- SyncPasswordSecretKeyRef is Secret key reference to the password used by MaxScale config to connect to MariaDB server. It is defaulted when HA is enabled. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic syncUsername: description: MonitoSyncUsernamerUsername is the user used by MaxScale config sync to connect to MariaDB server. It is defaulted when HA is enabled. type: string type: object config: description: Config defines the MaxScale configuration. properties: params: additionalProperties: type: string description: |- Params is a key value pair of parameters to be used in the MaxScale static configuration file. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#global-settings. type: object sync: description: Sync defines how to replicate configuration across MaxScale replicas. It is defaulted when HA is enabled. properties: database: description: Database is the MariaDB logical database where the 'maxscale_config' table will be created in order to persist and synchronize config changes. If not provided, it defaults to 'mysql'. type: string interval: description: Interval defines the config synchronization interval. It is defaulted if not provided. type: string timeout: description: Interval defines the config synchronization timeout. It is defaulted if not provided. type: string type: object volumeClaimTemplate: description: VolumeClaimTemplate provides a template to define the PVCs for storing MaxScale runtime configuration files. It is defaulted if not provided. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic metadata: description: Metadata to be added to the PVC metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object type: object connection: description: Connection provides a template to define the Connection for MaxScale. properties: healthCheck: description: HealthCheck to be used in the Connection. properties: interval: description: Interval used to perform health checks. type: string retryInterval: description: RetryInterval is the interval used to perform health check retries. type: string type: object params: additionalProperties: type: string description: Params to be used in the Connection. type: object port: description: Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. format: int32 type: integer secretName: description: SecretName to be used in the Connection. type: string secretTemplate: description: SecretTemplate to be used in the Connection. properties: databaseKey: description: DatabaseKey to be used in the Secret. type: string format: description: Format to be used in the Secret. type: string hostKey: description: HostKey to be used in the Secret. type: string key: description: Key to be used in the Secret. type: string metadata: description: Metadata to be added to the Secret object. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordKey: description: PasswordKey to be used in the Secret. type: string portKey: description: PortKey to be used in the Secret. type: string usernameKey: description: UsernameKey to be used in the Secret. type: string type: object serviceName: description: ServiceName to be used in the Connection. type: string type: object enabled: description: Enabled is a flag to enable a MaxScale instance to be used with the current MariaDB. type: boolean guiKubernetesService: description: GuiKubernetesService define a template for a Kubernetes Service object to connect to MaxScale's GUI. properties: allocateLoadBalancerNodePorts: description: AllocateLoadBalancerNodePorts Service field. type: boolean externalTrafficPolicy: description: ExternalTrafficPolicy Service field. type: string loadBalancerIP: description: LoadBalancerIP Service field. type: string loadBalancerSourceRanges: description: LoadBalancerSourceRanges Service field. items: type: string type: array metadata: description: Metadata to be added to the Service metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object sessionAffinity: description: SessionAffinity Service field. type: string type: default: ClusterIP description: Type is the Service type. One of `ClusterIP`, `NodePort` or `LoadBalancer`. If not defined, it defaults to `ClusterIP`. enum: - ClusterIP - NodePort - LoadBalancer type: string type: object image: description: |- Image name to be used by the MaxScale instances. The supported format is `:`. Only MariaDB official images are supported. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string kubernetesService: description: KubernetesService defines a template for a Kubernetes Service object to connect to MaxScale. properties: allocateLoadBalancerNodePorts: description: AllocateLoadBalancerNodePorts Service field. type: boolean externalTrafficPolicy: description: ExternalTrafficPolicy Service field. type: string loadBalancerIP: description: LoadBalancerIP Service field. type: string loadBalancerSourceRanges: description: LoadBalancerSourceRanges Service field. items: type: string type: array metadata: description: Metadata to be added to the Service metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object sessionAffinity: description: SessionAffinity Service field. type: string type: default: ClusterIP description: Type is the Service type. One of `ClusterIP`, `NodePort` or `LoadBalancer`. If not defined, it defaults to `ClusterIP`. enum: - ClusterIP - NodePort - LoadBalancer type: string type: object metrics: description: Metrics configures metrics and how to scrape them. properties: enabled: description: Enabled is a flag to enable Metrics type: boolean exporter: description: Exporter defines the metrics exporter container. properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array image: description: |- Image name to be used as metrics exporter. The supported format is `:`. Only mysqld-exporter >= v0.15.0 is supported: https://github.com/prometheus/mysqld_exporter type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object port: description: Port where the exporter will be listening for connections. format: int32 type: integer priorityClassName: description: PriorityClassName to be used in the Pod. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds container-level security attributes. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array type: object serviceMonitor: description: ServiceMonitor defines the ServiceMonior object. properties: interval: description: Interval for scraping metrics. type: string jobLabel: description: JobLabel to add to the ServiceMonitor object. type: string prometheusRelease: description: PrometheusRelease is the release label to add to the ServiceMonitor object. type: string scrapeTimeout: description: ScrapeTimeout defines the timeout for scraping metrics. type: string type: object type: object monitor: description: Monitor monitors MariaDB server instances. properties: cooperativeMonitoring: description: CooperativeMonitoring enables coordination between multiple MaxScale instances running monitors. It is defaulted when HA is enabled. enum: - majority_of_all - majority_of_running type: string interval: description: Interval used to monitor MariaDB servers. It is defaulted if not provided. type: string module: description: Module is the module to use to monitor MariaDB servers. It is mandatory when no MariaDB reference is provided. type: string name: description: Name is the identifier of the monitor. It is defaulted if not provided. type: string params: additionalProperties: type: string description: |- Params defines extra parameters to pass to the monitor. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/. Monitor specific parameter are also supported: https://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters. https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration. type: object suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean type: object podDisruptionBudget: description: PodDisruptionBudget defines the budget for replica availability. properties: maxUnavailable: anyOf: - type: integer - type: string description: MaxUnavailable defines the number of maximum unavailable Pods. x-kubernetes-int-or-string: true minAvailable: anyOf: - type: integer - type: string description: MinAvailable defines the number of minimum available Pods. x-kubernetes-int-or-string: true type: object replicas: description: Replicas indicates the number of desired instances. format: int32 type: integer requeueInterval: description: RequeueInterval is used to perform requeue reconciliations. type: string services: description: Services define how the traffic is forwarded to the MariaDB servers. items: description: Services define how the traffic is forwarded to the MariaDB servers. properties: listener: description: MaxScaleListener defines how the MaxScale server will listen for connections. properties: name: description: Name is the identifier of the listener. It is defaulted if not provided type: string params: additionalProperties: type: string description: |- Params defines extra parameters to pass to the listener. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#listener_1. type: object port: description: Port is the network port where the MaxScale server will listen. format: int32 type: integer protocol: description: Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol. type: string suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean required: - port type: object name: description: Name is the identifier of the MaxScale service. type: string params: additionalProperties: type: string description: |- Params defines extra parameters to pass to the service. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#service_1. Router specific parameter are also supported: https://mariadb.com/kb/en/mariadb-maxscale-2308-readwritesplit/#configuration. https://mariadb.com/kb/en/mariadb-maxscale-2308-readconnroute/#configuration. type: object router: description: Router is the type of router to use. enum: - readwritesplit - readconnroute type: string suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean required: - listener - name - router type: object type: array tls: description: TLS defines the PKI to be used with MaxScale. properties: adminCASecretRef: description: |- AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the server certificate. properties: name: default: "" type: string type: object adminCertIssuerRef: description: |- AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with adminCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object adminCertSecretRef: description: AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI. properties: name: default: "" type: string type: object enabled: description: |- Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance. It is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced. type: boolean listenerCASecretRef: description: |- ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the listener certificate. properties: name: default: "" type: string type: object listenerCertIssuerRef: description: |- ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with listenerCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object listenerCertSecretRef: description: ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners. properties: name: default: "" type: string type: object replicationSSLEnabled: description: |- ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration. It is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled. If the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well. type: boolean serverCASecretRef: description: |- ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers. The Secret should contain a 'ca.crt' key in order to establish trust. If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle. properties: name: default: "" type: string type: object serverCertSecretRef: description: |- ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers. If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef). properties: name: default: "" type: string type: object verifyPeerCertificate: description: |- VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA. It is disabled by default. type: boolean verifyPeerHost: description: |- VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host. It is disabled by default. type: boolean type: object updateStrategy: description: UpdateStrategy defines the update strategy for the StatefulSet object. properties: rollingUpdate: description: RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. properties: maxUnavailable: anyOf: - type: integer - type: string description: |- The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. x-kubernetes-int-or-string: true partition: description: |- Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. format: int32 type: integer type: object type: description: |- Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. type: string type: object type: object maxScaleRef: description: |- MaxScaleRef is a reference to a MaxScale resource to be used with the current MariaDB. Providing this field implies delegating high availability tasks such as primary failover to MaxScale. properties: name: type: string namespace: type: string type: object metrics: description: Metrics configures metrics and how to scrape them. properties: enabled: description: Enabled is a flag to enable Metrics type: boolean exporter: description: Exporter defines the metrics exporter container. properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array image: description: |- Image name to be used as metrics exporter. The supported format is `:`. Only mysqld-exporter >= v0.15.0 is supported: https://github.com/prometheus/mysqld_exporter type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object port: description: Port where the exporter will be listening for connections. format: int32 type: integer priorityClassName: description: PriorityClassName to be used in the Pod. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds container-level security attributes. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array type: object passwordSecretKeyRef: description: |- PasswordSecretKeyRef is a reference to the password of the monitoring user used by the exporter. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic serviceMonitor: description: ServiceMonitor defines the ServiceMonior object. properties: interval: description: Interval for scraping metrics. type: string jobLabel: description: JobLabel to add to the ServiceMonitor object. type: string prometheusRelease: description: PrometheusRelease is the release label to add to the ServiceMonitor object. type: string scrapeTimeout: description: ScrapeTimeout defines the timeout for scraping metrics. type: string type: object username: description: Username is the username of the monitoring user used by the exporter. type: string type: object myCnf: description: |- MyCnf allows to specify the my.cnf file mounted by Mariadb. Updating this field will trigger an update to the Mariadb resource. type: string myCnfConfigMapKeyRef: description: |- MyCnfConfigMapKeyRef is a reference to the my.cnf config file provided via a ConfigMap. If not provided, it will be defaulted with a reference to a ConfigMap containing the MyCnf field. If the referred ConfigMap is labeled with "k8s.mariadb.com/watch", an update to the Mariadb resource will be triggered when the ConfigMap is updated. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object passwordHashSecretKeyRef: description: |- PasswordHashSecretKeyRef is a reference to the password hash to be used by the initial User. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password hash. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic passwordPlugin: description: PasswordPlugin is a reference to the password plugin and arguments to be used by the initial User. properties: pluginArgSecretKeyRef: description: |- PluginArgSecretKeyRef is a reference to the arguments to be provided to the authentication plugin for the User. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin arguments. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic pluginNameSecretKeyRef: description: |- PluginNameSecretKeyRef is a reference to the authentication plugin to be used by the User. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object passwordSecretKeyRef: description: |- PasswordSecretKeyRef is a reference to a Secret that contains the password to be used by the initial User. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic podDisruptionBudget: description: PodDisruptionBudget defines the budget for replica availability. properties: maxUnavailable: anyOf: - type: integer - type: string description: MaxUnavailable defines the number of maximum unavailable Pods. x-kubernetes-int-or-string: true minAvailable: anyOf: - type: integer - type: string description: MinAvailable defines the number of minimum available Pods. x-kubernetes-int-or-string: true type: object podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object port: default: 3306 description: Port where the instances will be listening for connections. format: int32 type: integer primaryConnection: description: |- PrimaryConnection defines a template to configure the primary Connection object. This Connection provides the initial User access to the initial Database. It will make use of the PrimaryService to route network traffic to the primary Pod. properties: healthCheck: description: HealthCheck to be used in the Connection. properties: interval: description: Interval used to perform health checks. type: string retryInterval: description: RetryInterval is the interval used to perform health check retries. type: string type: object params: additionalProperties: type: string description: Params to be used in the Connection. type: object port: description: Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. format: int32 type: integer secretName: description: SecretName to be used in the Connection. type: string secretTemplate: description: SecretTemplate to be used in the Connection. properties: databaseKey: description: DatabaseKey to be used in the Secret. type: string format: description: Format to be used in the Secret. type: string hostKey: description: HostKey to be used in the Secret. type: string key: description: Key to be used in the Secret. type: string metadata: description: Metadata to be added to the Secret object. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordKey: description: PasswordKey to be used in the Secret. type: string portKey: description: PortKey to be used in the Secret. type: string usernameKey: description: UsernameKey to be used in the Secret. type: string type: object serviceName: description: ServiceName to be used in the Connection. type: string type: object primaryService: description: |- PrimaryService defines a template to configure the primary Service object. The network traffic of this Service will be routed to the primary Pod. properties: allocateLoadBalancerNodePorts: description: AllocateLoadBalancerNodePorts Service field. type: boolean externalTrafficPolicy: description: ExternalTrafficPolicy Service field. type: string loadBalancerIP: description: LoadBalancerIP Service field. type: string loadBalancerSourceRanges: description: LoadBalancerSourceRanges Service field. items: type: string type: array metadata: description: Metadata to be added to the Service metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object sessionAffinity: description: SessionAffinity Service field. type: string type: default: ClusterIP description: Type is the Service type. One of `ClusterIP`, `NodePort` or `LoadBalancer`. If not defined, it defaults to `ClusterIP`. enum: - ClusterIP - NodePort - LoadBalancer type: string type: object priorityClassName: description: PriorityClassName to be used in the Pod. type: string readinessProbe: description: ReadinessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object replicas: default: 1 description: Replicas indicates the number of desired instances. format: int32 type: integer replicasAllowEvenNumber: default: false description: disables the validation check for an odd number of replicas. type: boolean replication: description: Replication configures high availability via replication. This feature is still in alpha, use Galera if you are looking for a more production-ready HA. properties: agent: description: Agent is a sidecar agent that runs in the MariaDB Pod and co-operates with mariadb-operator. properties: args: description: Args to be used in the Container. items: type: string type: array basicAuth: description: BasicAuth to be used by the agent container properties: enabled: description: Enabled is a flag to enable BasicAuth type: boolean passwordSecretKeyRef: description: PasswordSecretKeyRef to be used for basic authentication properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic username: description: Username to be used for basic authentication type: string type: object command: description: Command to be used in the Container. items: type: string type: array env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: description: EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.' properties: configMapRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object prefix: type: string secretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: object type: array gracefulShutdownTimeout: description: GracefulShutdownTimeout is the time we give to the agent container in order to gracefully terminate in-flight requests. type: string image: description: Image name to be used by the MariaDB instances. The supported format is `:`. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string kubernetesAuth: description: KubernetesAuth to be used by the agent container properties: authDelegatorRoleName: description: |- AuthDelegatorRoleName is the name of the ClusterRoleBinding that is associated with the "system:auth-delegator" ClusterRole. It is necessary for creating TokenReview objects in order for the agent to validate the service account token. type: string enabled: description: Enabled is a flag to enable KubernetesAuth type: boolean type: object livenessProbe: description: LivenessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object port: description: Port where the agent will be listening for API connections. format: int32 type: integer probePort: description: Port where the agent will be listening for probe connections. format: int32 type: integer readinessProbe: description: ReadinessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object startupProbe: description: StartupProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array type: object enabled: description: Enabled is a flag to enable replication. type: boolean gtidStrictMode: description: |- GtidStrictMode determines whether the GTID strict mode is enabled. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/gtid#gtid_strict_mode. It is enabled by default. type: boolean initContainer: description: InitContainer is an init container that runs in the MariaDB Pod and co-operates with mariadb-operator. properties: args: description: Args to be used in the Container. items: type: string type: array command: description: Command to be used in the Container. items: type: string type: array env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: description: EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.' properties: configMapRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object prefix: type: string secretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: object type: array image: description: Image name to be used by the MariaDB instances. The supported format is `:`. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string livenessProbe: description: LivenessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object readinessProbe: description: ReadinessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object startupProbe: description: StartupProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array required: - image type: object primary: description: Primary is the replication configuration for the primary node. properties: autoFailover: description: |- AutoFailover indicates whether the operator should automatically update PodIndex to perform an automatic primary failover. It is enabled by default. type: boolean autoFailoverDelay: description: |- AutoFailoverDelay indicates the duration before performing an automatic primary failover. By default, no extra delay is added. type: string podIndex: description: PodIndex is the StatefulSet index of the primary node. The user may change this field to perform a manual switchover. type: integer type: object replica: description: ReplicaReplication is the replication configuration for the replica nodes. properties: bootstrapFrom: description: |- ReplicaBootstrapFrom defines the data sources used to bootstrap new replicas. This will be used as part of the scaling out and recovery operations, when new replicas are created. If not provided, scale out and recovery operations will return an error. properties: physicalBackupTemplateRef: description: |- PhysicalBackupTemplateRef is a reference to a PhysicalBackup object that will be used as template to create a new PhysicalBackup object used synchronize the data from an up to date replica to the new replica to be bootstrapped. properties: name: default: "" type: string type: object restoreJob: description: RestoreJob defines additional properties for the Job used to perform the restoration. properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array metadata: description: Metadata defines additional metadata for the bootstrap Jobs. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array type: object required: - physicalBackupTemplateRef type: object connectionRetrySeconds: description: |- ConnectionRetrySeconds is the number of seconds that the replica will wait between connection retries. See: https://mariadb.com/docs/server/reference/sql-statements/administrative-sql-statements/replication-statements/change-master-to#master_connect_retry. type: integer gtid: description: |- Gtid indicates which Global Transaction ID (GTID) position mode should be used when connecting a replica to the master. By default, CurrentPos is used. See: https://mariadb.com/docs/server/reference/sql-statements/administrative-sql-statements/replication-statements/change-master-to#master_use_gtid. enum: - CurrentPos - SlavePos type: string maxLagSeconds: description: |- MaxLagSeconds is the maximum number of seconds that replicas are allowed to lag behind the primary. If a replica exceeds this threshold, it is marked as not ready and read queries will no longer be forwarded to it. If not provided, it defaults to 0, which means that replicas are not allowed to lag behind the primary (recommended). Lagged replicas will not be taken into account as candidates for the new primary during failover, and they will block other operations, such as switchover and upgrade. This field is not taken into account by MaxScale, you can define the maximum lag as router parameters. See: https://mariadb.com/docs/maxscale/reference/maxscale-routers/maxscale-readwritesplit#max_replication_lag. type: integer recovery: description: |- ReplicaRecovery defines how the replicas should be recovered after they enter an error state. This process deletes data from faulty replicas and recreates them using the source defined in the bootstrapFrom field. It is disabled by default, and it requires the bootstrapFrom field to be set. properties: enabled: description: Enabled is a flag to enable replica recovery. type: boolean errorDurationThreshold: description: |- ErrorDurationThreshold defines the time duration after which, if a replica continues to report errors, the operator will initiate the recovery process for that replica. This threshold applies only to error codes not identified as recoverable by the operator. Errors identified as recoverable will trigger the recovery process immediately. It defaults to 5 minutes. type: string required: - enabled type: object replPasswordSecretKeyRef: description: |- ReplPasswordSecretKeyRef provides a reference to the Secret to use as password for the replication user. By default, a random password will be generated. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic syncTimeout: description: |- SyncTimeout defines the timeout for the synchronization phase during switchover and failover operations. During switchover, all replicas must be synced with the current primary before promoting the new primary. During failover, the new primary must be synced before being promoted as primary. This implies processing all the events in the relay log. When the timeout is reached, the operator restarts the operation from the beginning. It defaults to 10s. See: https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/miscellaneous-functions/master_gtid_wait type: string type: object semiSyncAckTimeout: description: |- SemiSyncAckTimeout for the replica to acknowledge transactions to the primary. It requires semi-synchronous replication to be enabled. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication#rpl_semi_sync_master_timeout type: string semiSyncEnabled: description: |- SemiSyncEnabled determines whether semi-synchronous replication is enabled. Semi-synchronous replication requires that at least one replica should have sent an ACK to the primary node before committing the transaction back to the client. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication It is enabled by default type: boolean semiSyncWaitPoint: description: |- SemiSyncWaitPoint determines whether the transaction should wait for an ACK after having synced the binlog (AfterSync) or after having committed to the storage engine (AfterCommit, the default). It requires semi-synchronous replication to be enabled. See: https://mariadb.com/kb/en/semisynchronous-replication/#rpl_semi_sync_master_wait_point. enum: - AfterSync - AfterCommit type: string standaloneProbes: description: |- StandaloneProbes indicates whether to use the default non-HA startup and liveness probes. It is disabled by default type: boolean syncBinlog: description: |- SyncBinlog indicates after how many events the binary log is synchronized to the disk. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/replication-and-binary-log-system-variables#sync_binlog type: integer type: object resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object rootEmptyPassword: description: RootEmptyPassword indicates if the root password should be empty. Don't use this feature in production, it is only intended for development and test environments. type: boolean rootPasswordSecretKeyRef: description: RootPasswordSecretKeyRef is a reference to a Secret key containing the root password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic secondaryConnection: description: |- SecondaryConnection defines a template to configure the secondary Connection object. This Connection provides the initial User access to the initial Database. It will make use of the SecondaryService to route network traffic to the secondary Pods. properties: healthCheck: description: HealthCheck to be used in the Connection. properties: interval: description: Interval used to perform health checks. type: string retryInterval: description: RetryInterval is the interval used to perform health check retries. type: string type: object params: additionalProperties: type: string description: Params to be used in the Connection. type: object port: description: Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. format: int32 type: integer secretName: description: SecretName to be used in the Connection. type: string secretTemplate: description: SecretTemplate to be used in the Connection. properties: databaseKey: description: DatabaseKey to be used in the Secret. type: string format: description: Format to be used in the Secret. type: string hostKey: description: HostKey to be used in the Secret. type: string key: description: Key to be used in the Secret. type: string metadata: description: Metadata to be added to the Secret object. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordKey: description: PasswordKey to be used in the Secret. type: string portKey: description: PortKey to be used in the Secret. type: string usernameKey: description: UsernameKey to be used in the Secret. type: string type: object serviceName: description: ServiceName to be used in the Connection. type: string type: object secondaryService: description: |- SecondaryService defines a template to configure the secondary Service object. The network traffic of this Service will be routed to the secondary Pods. properties: allocateLoadBalancerNodePorts: description: AllocateLoadBalancerNodePorts Service field. type: boolean externalTrafficPolicy: description: ExternalTrafficPolicy Service field. type: string loadBalancerIP: description: LoadBalancerIP Service field. type: string loadBalancerSourceRanges: description: LoadBalancerSourceRanges Service field. items: type: string type: array metadata: description: Metadata to be added to the Service metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object sessionAffinity: description: SessionAffinity Service field. type: string type: default: ClusterIP description: Type is the Service type. One of `ClusterIP`, `NodePort` or `LoadBalancer`. If not defined, it defaults to `ClusterIP`. enum: - ClusterIP - NodePort - LoadBalancer type: string type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object service: description: |- Service defines a template to configure the general Service object. The network traffic of this Service will be routed to all Pods. properties: allocateLoadBalancerNodePorts: description: AllocateLoadBalancerNodePorts Service field. type: boolean externalTrafficPolicy: description: ExternalTrafficPolicy Service field. type: string loadBalancerIP: description: LoadBalancerIP Service field. type: string loadBalancerSourceRanges: description: LoadBalancerSourceRanges Service field. items: type: string type: array metadata: description: Metadata to be added to the Service metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object sessionAffinity: description: SessionAffinity Service field. type: string type: default: ClusterIP description: Type is the Service type. One of `ClusterIP`, `NodePort` or `LoadBalancer`. If not defined, it defaults to `ClusterIP`. enum: - ClusterIP - NodePort - LoadBalancer type: string type: object serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to be used by the Pods. type: string servicePorts: description: ServicePorts is the list of additional named ports to be added to the Services created by the operator. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#serviceport-v1-core' properties: name: type: string port: format: int32 type: integer required: - name - port type: object type: array sidecarContainers: description: SidecarContainers to be used in the Pod. items: description: Container object definition. properties: args: description: Args to be used in the Container. items: type: string type: array command: description: Command to be used in the Container. items: type: string type: array env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: description: Image name to be used by the container. The supported format is `:`. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string name: description: Name to be given to the container. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array required: - image type: object type: array startupProbe: description: StartupProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object storage: description: Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB. properties: ephemeral: description: Ephemeral indicates whether to use ephemeral storage in the PVCs. It is only compatible with non HA MariaDBs. type: boolean resizeInUseVolumes: description: |- ResizeInUseVolumes indicates whether the PVCs can be resized. The 'StorageClassName' used should have 'allowVolumeExpansion' set to 'true' to allow resizing. It defaults to true. type: boolean size: anyOf: - type: integer - type: string description: Size of the PVCs to be mounted by MariaDB. Required if not provided in 'VolumeClaimTemplate'. It supersedes the storage size specified in 'VolumeClaimTemplate'. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true storageClassName: description: |- StorageClassName to be used to provision the PVCS. It supersedes the 'StorageClassName' specified in 'VolumeClaimTemplate'. If not provided, the default 'StorageClass' configured in the cluster is used. type: string volumeClaimTemplate: description: VolumeClaimTemplate provides a template to define the PVCs. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic metadata: description: Metadata to be added to the PVC metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object waitForVolumeResize: description: |- WaitForVolumeResize indicates whether to wait for the PVCs to be resized before marking the MariaDB object as ready. This will block other operations such as cluster recovery while the resize is in progress. It defaults to true. type: boolean type: object suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean timeZone: description: TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded. type: string tls: description: TLS defines the PKI to be used with MariaDB. properties: clientCASecretRef: description: |- ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the client certificate. properties: name: default: "" type: string type: object clientCertIssuerRef: description: |- ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with clientCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object clientCertSecretRef: description: |- ClientCertSecretRef is a reference to a TLS Secret containing the client certificate. It is mutually exclusive with clientCertIssuerRef. properties: name: default: "" type: string type: object enabled: description: |- Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance. It is enabled by default. type: boolean galeraSSTEnabled: description: |- GaleraSSTEnabled determines whether Galera SST connections should use TLS. It disabled by default. type: boolean required: description: |- Required specifies whether TLS must be enforced for all connections. User TLS requirements take precedence over this. It disabled by default. type: boolean serverCASecretRef: description: |- ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided. If not provided, a self-signed CA will be provisioned to issue the server certificate. properties: name: default: "" type: string type: object serverCertIssuerRef: description: |- ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with serverCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object serverCertSecretRef: description: |- ServerCertSecretRef is a reference to a TLS Secret containing the server certificate. It is mutually exclusive with serverCertIssuerRef. properties: name: default: "" type: string type: object type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array topologySpreadConstraints: description: TopologySpreadConstraints to be used in the Pod. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#topologyspreadconstraint-v1-core.' properties: labelSelector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array maxSkew: format: int32 type: integer minDomains: format: int32 type: integer nodeAffinityPolicy: description: NodeInclusionPolicy defines the type of node inclusion policy type: string nodeTaintsPolicy: description: NodeInclusionPolicy defines the type of node inclusion policy type: string topologyKey: type: string whenUnsatisfiable: type: string required: - maxSkew - topologyKey - whenUnsatisfiable type: object type: array updateStrategy: description: UpdateStrategy defines how a MariaDB resource is updated. properties: autoUpdateDataPlane: description: |- AutoUpdateDataPlane indicates whether the Galera data-plane version (agent and init containers) should be automatically updated based on the operator version. It defaults to false. Updating the operator will trigger updates on all the MariaDB instances that have this flag set to true. Thus, it is recommended to progressively set this flag after having updated the operator. type: boolean rollingUpdate: description: RollingUpdate defines parameters for the RollingUpdate type. properties: maxUnavailable: anyOf: - type: integer - type: string description: |- The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. x-kubernetes-int-or-string: true partition: description: |- Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. format: int32 type: integer type: object type: default: ReplicasFirstPrimaryLast description: Type defines the type of updates. One of `ReplicasFirstPrimaryLast`, `RollingUpdate` or `OnDelete`. If not defined, it defaults to `ReplicasFirstPrimaryLast`. enum: - ReplicasFirstPrimaryLast - RollingUpdate - OnDelete - Never type: string type: object username: description: |- Username is the initial username to be created by the operator once MariaDB is ready. The initial User will have ALL PRIVILEGES in the initial Database. type: string volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array volumes: description: Volumes to be used in the Pod. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volume-v1-core.' properties: configMap: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapvolumesource-v1-core.' properties: defaultMode: format: int32 type: integer name: default: "" type: string type: object csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object name: type: string nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object secret: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretvolumesource-v1-core.' properties: defaultMode: format: int32 type: integer secretName: type: string type: object required: - name type: object type: array type: object x-kubernetes-validations: - message: 'An odd number of MariaDB instances (mariadb.spec.replicas) is required to avoid split brain situations for Galera. Use ''mariadb.spec.replicasAllowEvenNumber: true'' to disable this validation.' rule: '!has(self.galera) || !self.galera.enabled || (self.replicas % 2 == 1 || self.replicasAllowEvenNumber)' status: description: MariaDBStatus defines the observed state of MariaDB properties: conditions: description: Conditions for the Mariadb object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array currentPrimary: description: CurrentPrimary is the primary Pod. type: string currentPrimaryFailingSince: description: CurrentPrimaryFailingSince is the timestamp of the moment when the primary became not ready. format: date-time type: string currentPrimaryPodIndex: description: CurrentPrimaryPodIndex is the primary Pod index. type: integer defaultVersion: description: |- DefaultVersion is the MariaDB version used by the operator when it cannot infer the version from spec.image. This can happen if the image uses a digest (e.g. sha256) instead of a version tag. type: string galeraRecovery: description: GaleraRecovery is the Galera recovery current state. properties: bootstrap: description: Bootstrap indicates when and in which Pod the cluster bootstrap process has been performed. properties: pod: type: string time: format: date-time type: string type: object podsRestarted: description: PodsRestarted that the Pods have been restarted after the cluster bootstrap. type: boolean recovered: additionalProperties: properties: seqno: type: integer uuid: type: string required: - seqno - uuid type: object description: State is a per Pod representation of the sequence recovery process. type: object state: additionalProperties: properties: safeToBootstrap: type: boolean seqno: type: integer uuid: type: string version: type: string required: - safeToBootstrap - seqno - uuid - version type: object description: State is a per Pod representation of the Galera state file (grastate.dat). type: object type: object replicas: description: Replicas indicates the number of current instances. format: int32 type: integer replication: description: Replication is the replication current status per each Pod. properties: replicaToRecover: description: ReplicaToRecover is the replica that is being recovered by the operator. type: string replicas: additionalProperties: description: ReplicaStatus is the observed replica status. properties: gtidCurrentPos: description: GtidCurrentPos is the last GTID position executed by the SQL thread. type: string gtidIOPos: description: GtidIOPos is the last GTID position received by the IO thread and written to the relay log. type: string lastErrorTransitionTime: description: LastErrorTransitionTime is the last time the replica transitioned to an error state. format: date-time type: string lastIOErrno: description: LastIOErrno is the error code returned by the IO thread. type: integer lastIOError: description: LastIOErrno is the error message returned by the IO thread. type: string lastSQLErrno: description: LastSQLErrno is the error code returned by the SQL thread. type: integer lastSQLError: description: LastSQLError is the error message returned by the SQL thread. type: string secondsBehindMaster: description: SecondsBehindMaster measures the replication lag with the primary. type: integer slaveIORunning: description: SlaveIORunning indicates whether the slave IO thread is running. type: boolean slaveSQLRunning: description: SlaveSQLRunning indicates whether the slave SQL thread is running. type: boolean type: object description: Replicas is the observed replication status for each replica. type: object roles: additionalProperties: description: ReplicationRole represents the observed replication roles. type: string description: Roles is the observed replication roles for each Pod. type: object type: object scaleOutInitialIndex: description: ScaleOutInitialIndex is the initial index where the scale out operation started. type: integer tls: description: TLS aggregates the status of the certificates used by the MariaDB instance. properties: caBundle: description: CABundle is the status of the Certificate Authority bundle. items: description: CertificateStatus represents the current status of a TLS certificate. properties: issuer: description: Issuer is the issuer of the current certificate. type: string notAfter: description: NotAfter indicates that the certificate is not valid after the given date. format: date-time type: string notBefore: description: NotBefore indicates that the certificate is not valid before the given date. format: date-time type: string subject: description: Subject is the subject of the current certificate. type: string required: - issuer - subject type: object type: array clientCert: description: ClientCert is the status of the client certificate. properties: issuer: description: Issuer is the issuer of the current certificate. type: string notAfter: description: NotAfter indicates that the certificate is not valid after the given date. format: date-time type: string notBefore: description: NotBefore indicates that the certificate is not valid before the given date. format: date-time type: string subject: description: Subject is the subject of the current certificate. type: string required: - issuer - subject type: object serverCert: description: ServerCert is the status of the server certificate. properties: issuer: description: Issuer is the issuer of the current certificate. type: string notAfter: description: NotAfter indicates that the certificate is not valid after the given date. format: date-time type: string notBefore: description: NotBefore indicates that the certificate is not valid before the given date. format: date-time type: string subject: description: Subject is the subject of the current certificate. type: string required: - issuer - subject type: object type: object type: object required: - spec type: object served: true storage: true subresources: scale: specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: maxscales.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: MaxScale listKind: MaxScaleList plural: maxscales shortNames: - mxs singular: maxscale scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - jsonPath: .status.primaryServer name: Primary type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: MaxScale is the Schema for the maxscales API. It is used to define MaxScale clusters. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: MaxScaleSpec defines the desired state of MaxScale. properties: admin: description: Admin configures the admin REST API and GUI. properties: guiEnabled: description: GuiEnabled indicates whether the admin GUI should be enabled. type: boolean port: description: Port where the admin REST API and GUI will be exposed. format: int32 type: integer type: object affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array auth: description: Auth defines the credentials required for MaxScale to connect to MariaDB. properties: adminPasswordSecretKeyRef: description: AdminPasswordSecretKeyRef is Secret key reference to the admin password to call the admin REST API. It is defaulted if not provided. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic adminUsername: description: AdminUsername is an admin username to call the admin REST API. It is defaulted if not provided. type: string clientMaxConnections: description: |- ClientMaxConnections defines the maximum number of connections that the client can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer clientPasswordSecretKeyRef: description: |- ClientPasswordSecretKeyRef is Secret key reference to the password to connect to MaxScale. It is defaulted if not provided. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic clientUsername: description: ClientUsername is the user to connect to MaxScale. It is defaulted if not provided. type: string deleteDefaultAdmin: description: DeleteDefaultAdmin determines whether the default admin user should be deleted after the initial configuration. If not provided, it defaults to true. type: boolean generate: description: |- Generate defies whether the operator should generate users and grants for MaxScale to work. It only supports MariaDBs specified via spec.mariaDbRef. type: boolean metricsPasswordSecretKeyRef: description: MetricsPasswordSecretKeyRef is Secret key reference to the metrics password to call the admib REST API. It is defaulted if metrics are enabled. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic metricsUsername: description: MetricsUsername is an metrics username to call the REST API. It is defaulted if metrics are enabled. type: string monitorMaxConnections: description: |- MonitorMaxConnections defines the maximum number of connections that the monitor can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer monitorPasswordSecretKeyRef: description: |- MonitorPasswordSecretKeyRef is Secret key reference to the password used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic monitorUsername: description: MonitorUsername is the user used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided. type: string serverMaxConnections: description: |- ServerMaxConnections defines the maximum number of connections that the server can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer serverPasswordSecretKeyRef: description: |- ServerPasswordSecretKeyRef is Secret key reference to the password used by MaxScale to connect to MariaDB server. It is defaulted if not provided. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic serverUsername: description: ServerUsername is the user used by MaxScale to connect to MariaDB server. It is defaulted if not provided. type: string syncMaxConnections: description: |- SyncMaxConnections defines the maximum number of connections that the sync can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas. format: int32 type: integer syncPasswordSecretKeyRef: description: |- SyncPasswordSecretKeyRef is Secret key reference to the password used by MaxScale config to connect to MariaDB server. It is defaulted when HA is enabled. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: generate: default: false description: Generate indicates whether the Secret should be generated if the Secret referenced is not present. type: boolean key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic syncUsername: description: MonitoSyncUsernamerUsername is the user used by MaxScale config sync to connect to MariaDB server. It is defaulted when HA is enabled. type: string type: object command: description: Command to be used in the Container. items: type: string type: array config: description: Config defines the MaxScale configuration. properties: params: additionalProperties: type: string description: |- Params is a key value pair of parameters to be used in the MaxScale static configuration file. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#global-settings. type: object sync: description: Sync defines how to replicate configuration across MaxScale replicas. It is defaulted when HA is enabled. properties: database: description: Database is the MariaDB logical database where the 'maxscale_config' table will be created in order to persist and synchronize config changes. If not provided, it defaults to 'mysql'. type: string interval: description: Interval defines the config synchronization interval. It is defaulted if not provided. type: string timeout: description: Interval defines the config synchronization timeout. It is defaulted if not provided. type: string type: object volumeClaimTemplate: description: VolumeClaimTemplate provides a template to define the PVCs for storing MaxScale runtime configuration files. It is defaulted if not provided. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic metadata: description: Metadata to be added to the PVC metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object type: object connection: description: Connection provides a template to define the Connection for MaxScale. properties: healthCheck: description: HealthCheck to be used in the Connection. properties: interval: description: Interval used to perform health checks. type: string retryInterval: description: RetryInterval is the interval used to perform health check retries. type: string type: object params: additionalProperties: type: string description: Params to be used in the Connection. type: object port: description: Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. format: int32 type: integer secretName: description: SecretName to be used in the Connection. type: string secretTemplate: description: SecretTemplate to be used in the Connection. properties: databaseKey: description: DatabaseKey to be used in the Secret. type: string format: description: Format to be used in the Secret. type: string hostKey: description: HostKey to be used in the Secret. type: string key: description: Key to be used in the Secret. type: string metadata: description: Metadata to be added to the Secret object. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object passwordKey: description: PasswordKey to be used in the Secret. type: string portKey: description: PortKey to be used in the Secret. type: string usernameKey: description: UsernameKey to be used in the Secret. type: string type: object serviceName: description: ServiceName to be used in the Connection. type: string type: object env: description: Env represents the environment variables to be injected in a container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: type: string valueFrom: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.' properties: configMapKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic fieldRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.' properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic secretKeyRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.' properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: description: EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.' properties: configMapRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object prefix: type: string secretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: object type: array guiKubernetesService: description: GuiKubernetesService defines a template for a Kubernetes Service object to connect to MaxScale's GUI. properties: allocateLoadBalancerNodePorts: description: AllocateLoadBalancerNodePorts Service field. type: boolean externalTrafficPolicy: description: ExternalTrafficPolicy Service field. type: string loadBalancerIP: description: LoadBalancerIP Service field. type: string loadBalancerSourceRanges: description: LoadBalancerSourceRanges Service field. items: type: string type: array metadata: description: Metadata to be added to the Service metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object sessionAffinity: description: SessionAffinity Service field. type: string type: default: ClusterIP description: Type is the Service type. One of `ClusterIP`, `NodePort` or `LoadBalancer`. If not defined, it defaults to `ClusterIP`. enum: - ClusterIP - NodePort - LoadBalancer type: string type: object image: description: |- Image name to be used by the MaxScale instances. The supported format is `:`. Only MaxScale official images are supported. type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array inheritMetadata: description: InheritMetadata defines the metadata to be inherited by children resources. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object kubernetesService: description: KubernetesService defines a template for a Kubernetes Service object to connect to MaxScale. properties: allocateLoadBalancerNodePorts: description: AllocateLoadBalancerNodePorts Service field. type: boolean externalTrafficPolicy: description: ExternalTrafficPolicy Service field. type: string loadBalancerIP: description: LoadBalancerIP Service field. type: string loadBalancerSourceRanges: description: LoadBalancerSourceRanges Service field. items: type: string type: array metadata: description: Metadata to be added to the Service metadata. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object sessionAffinity: description: SessionAffinity Service field. type: string type: default: ClusterIP description: Type is the Service type. One of `ClusterIP`, `NodePort` or `LoadBalancer`. If not defined, it defaults to `ClusterIP`. enum: - ClusterIP - NodePort - LoadBalancer type: string type: object livenessProbe: description: LivenessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object mariaDbRef: description: MariaDBRef is a reference to the MariaDB that MaxScale points to. It is used to initialize the servers field. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object metrics: description: Metrics configures metrics and how to scrape them. properties: enabled: description: Enabled is a flag to enable Metrics type: boolean exporter: description: Exporter defines the metrics exporter container. properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array image: description: |- Image name to be used as metrics exporter. The supported format is `:`. Only mysqld-exporter >= v0.15.0 is supported: https://github.com/prometheus/mysqld_exporter type: string imagePullPolicy: description: ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. enum: - Always - Never - IfNotPresent type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object port: description: Port where the exporter will be listening for connections. format: int32 type: integer priorityClassName: description: PriorityClassName to be used in the Pod. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds container-level security attributes. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array type: object serviceMonitor: description: ServiceMonitor defines the ServiceMonior object. properties: interval: description: Interval for scraping metrics. type: string jobLabel: description: JobLabel to add to the ServiceMonitor object. type: string prometheusRelease: description: PrometheusRelease is the release label to add to the ServiceMonitor object. type: string scrapeTimeout: description: ScrapeTimeout defines the timeout for scraping metrics. type: string type: object type: object monitor: description: Monitor monitors MariaDB server instances. It is required if 'spec.mariaDbRef' is not provided. properties: cooperativeMonitoring: description: CooperativeMonitoring enables coordination between multiple MaxScale instances running monitors. It is defaulted when HA is enabled. enum: - majority_of_all - majority_of_running type: string interval: description: Interval used to monitor MariaDB servers. It is defaulted if not provided. type: string module: description: Module is the module to use to monitor MariaDB servers. It is mandatory when no MariaDB reference is provided. type: string name: description: Name is the identifier of the monitor. It is defaulted if not provided. type: string params: additionalProperties: type: string description: |- Params defines extra parameters to pass to the monitor. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/. Monitor specific parameter are also supported: https://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters. https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration. type: object suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean type: object nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object podDisruptionBudget: description: PodDisruptionBudget defines the budget for replica availability. properties: maxUnavailable: anyOf: - type: integer - type: string description: MaxUnavailable defines the number of maximum unavailable Pods. x-kubernetes-int-or-string: true minAvailable: anyOf: - type: integer - type: string description: MinAvailable defines the number of minimum available Pods. x-kubernetes-int-or-string: true type: object podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object primaryServer: description: |- PrimaryServer specifies the desired primary server. Setting this field triggers a switchover operation in MaxScale to the desired server. This option is only valid when using monitors that support switchover, currently limited to the MariaDB monitor. type: string priorityClassName: description: PriorityClassName to be used in the Pod. type: string readinessProbe: description: ReadinessProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object replicas: default: 1 description: Replicas indicates the number of desired instances. format: int32 type: integer requeueInterval: description: RequeueInterval is used to perform requeue reconciliations. If not defined, it defaults to 10s. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object servers: description: Servers are the MariaDB servers to forward traffic to. It is required if 'spec.mariaDbRef' is not provided. items: description: MaxScaleServer defines a MariaDB server to forward traffic to. properties: address: description: Address is the network address of the MariaDB server. type: string maintenance: description: Maintenance indicates whether the server is in maintenance mode. type: boolean name: description: Name is the identifier of the MariaDB server. type: string params: additionalProperties: type: string description: |- Params defines extra parameters to pass to the server. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#server_1. type: object port: description: Port is the network port of the MariaDB server. If not provided, it defaults to 3306. format: int32 type: integer protocol: description: Protocol is the MaxScale protocol to use when communicating with this MariaDB server. If not provided, it defaults to MariaDBBackend. type: string required: - address - name type: object type: array serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to be used by the Pods. type: string services: description: Services define how the traffic is forwarded to the MariaDB servers. It is defaulted if not provided. items: description: Services define how the traffic is forwarded to the MariaDB servers. properties: listener: description: MaxScaleListener defines how the MaxScale server will listen for connections. properties: name: description: Name is the identifier of the listener. It is defaulted if not provided type: string params: additionalProperties: type: string description: |- Params defines extra parameters to pass to the listener. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#listener_1. type: object port: description: Port is the network port where the MaxScale server will listen. format: int32 type: integer protocol: description: Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol. type: string suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean required: - port type: object name: description: Name is the identifier of the MaxScale service. type: string params: additionalProperties: type: string description: |- Params defines extra parameters to pass to the service. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#service_1. Router specific parameter are also supported: https://mariadb.com/kb/en/mariadb-maxscale-2308-readwritesplit/#configuration. https://mariadb.com/kb/en/mariadb-maxscale-2308-readconnroute/#configuration. type: object router: description: Router is the type of router to use. enum: - readwritesplit - readconnroute type: string suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean required: - listener - name - router type: object type: array startupProbe: description: StartupProbe to be used in the Container. properties: exec: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.' properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer httpGet: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.' properties: host: type: string path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: description: URIScheme identifies the scheme used for connection to a host for Get actions type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.' properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object timeoutSeconds: format: int32 type: integer type: object suspend: default: false description: |- Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. type: boolean tls: description: TLS defines the PKI to be used with MaxScale. properties: adminCASecretRef: description: |- AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the server certificate. properties: name: default: "" type: string type: object adminCertIssuerRef: description: |- AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with adminCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object adminCertSecretRef: description: AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI. properties: name: default: "" type: string type: object enabled: description: |- Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance. It is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced. type: boolean listenerCASecretRef: description: |- ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the listener certificate. properties: name: default: "" type: string type: object listenerCertIssuerRef: description: |- ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with listenerCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef. properties: group: description: Group of the resource being referred to. type: string kind: description: Kind of the resource being referred to. type: string name: description: Name of the resource being referred to. type: string required: - name type: object listenerCertSecretRef: description: ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners. properties: name: default: "" type: string type: object replicationSSLEnabled: description: |- ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration. It is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled. If the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well. type: boolean serverCASecretRef: description: |- ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers. The Secret should contain a 'ca.crt' key in order to establish trust. If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle. properties: name: default: "" type: string type: object serverCertSecretRef: description: |- ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers. If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef). properties: name: default: "" type: string type: object verifyPeerCertificate: description: |- VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA. It is disabled by default. type: boolean verifyPeerHost: description: |- VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host. It is disabled by default. type: boolean type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array topologySpreadConstraints: description: TopologySpreadConstraints to be used in the Pod. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#topologyspreadconstraint-v1-core.' properties: labelSelector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array maxSkew: format: int32 type: integer minDomains: format: int32 type: integer nodeAffinityPolicy: description: NodeInclusionPolicy defines the type of node inclusion policy type: string nodeTaintsPolicy: description: NodeInclusionPolicy defines the type of node inclusion policy type: string topologyKey: type: string whenUnsatisfiable: type: string required: - maxSkew - topologyKey - whenUnsatisfiable type: object type: array updateStrategy: description: UpdateStrategy defines the update strategy for the StatefulSet object. properties: rollingUpdate: description: RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. properties: maxUnavailable: anyOf: - type: integer - type: string description: |- The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. x-kubernetes-int-or-string: true partition: description: |- Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. format: int32 type: integer type: object type: description: |- Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. type: string type: object volumeMounts: description: VolumeMounts to be used in the Container. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.' properties: mountPath: type: string name: description: This must match the Name of a Volume. type: string readOnly: type: boolean subPath: type: string required: - mountPath - name type: object type: array type: object status: description: MaxScaleStatus defines the observed state of MaxScale properties: conditions: description: Conditions for the MaxScale object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array configSync: description: ConfigSync is the state of config sync. properties: databaseVersion: type: integer maxScaleVersion: type: integer required: - databaseVersion - maxScaleVersion type: object listeners: description: Listeners is the state of the listeners in the MaxScale API. items: description: MaxScaleResourceStatus indicates whether the resource is in a given state. properties: name: type: string state: type: string required: - name - state type: object type: array monitor: description: Monitor is the state of the monitor in the MaxScale API. properties: name: type: string state: type: string required: - name - state type: object monitorSpec: description: MonitorSpec is a hashed version of spec.monitor to be able to track changes during reconciliation. type: string primaryServer: description: PrimaryServer is the primary server in the MaxScale API. type: string replicas: description: Replicas indicates the number of current instances. format: int32 type: integer servers: description: Servers is the state of the servers in the MaxScale API. items: description: MaxScaleAPIStatus is the state of the servers in the MaxScale API. properties: name: type: string state: type: string required: - name - state type: object type: array serversSpec: description: ServersSpec is a hashed version of spec.servers to be able to track changes during reconciliation. type: string services: description: Services is the state of the services in the MaxScale API. items: description: MaxScaleResourceStatus indicates whether the resource is in a given state. properties: name: type: string state: type: string required: - name - state type: object type: array servicesSpec: description: ServicesSpec is a hashed version of spec.services to be able to track changes during reconciliation. type: string tls: description: TLS aggregates the status of the certificates used by the MaxScale instance. properties: adminCert: description: AdminCert is the status of the admin certificate. properties: issuer: description: Issuer is the issuer of the current certificate. type: string notAfter: description: NotAfter indicates that the certificate is not valid after the given date. format: date-time type: string notBefore: description: NotBefore indicates that the certificate is not valid before the given date. format: date-time type: string subject: description: Subject is the subject of the current certificate. type: string required: - issuer - subject type: object caBundle: description: CABundle is the status of the Certificate Authority bundle. items: description: CertificateStatus represents the current status of a TLS certificate. properties: issuer: description: Issuer is the issuer of the current certificate. type: string notAfter: description: NotAfter indicates that the certificate is not valid after the given date. format: date-time type: string notBefore: description: NotBefore indicates that the certificate is not valid before the given date. format: date-time type: string subject: description: Subject is the subject of the current certificate. type: string required: - issuer - subject type: object type: array listenerCert: description: ListenerCert is the status of the listener certificate. properties: issuer: description: Issuer is the issuer of the current certificate. type: string notAfter: description: NotAfter indicates that the certificate is not valid after the given date. format: date-time type: string notBefore: description: NotBefore indicates that the certificate is not valid before the given date. format: date-time type: string subject: description: Subject is the subject of the current certificate. type: string required: - issuer - subject type: object serverCert: description: ServerCert is the status of the MariaDB server certificate. properties: issuer: description: Issuer is the issuer of the current certificate. type: string notAfter: description: NotAfter indicates that the certificate is not valid after the given date. format: date-time type: string notBefore: description: NotBefore indicates that the certificate is not valid before the given date. format: date-time type: string subject: description: Subject is the subject of the current certificate. type: string required: - issuer - subject type: object type: object type: object type: object served: true storage: true subresources: scale: specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: physicalbackups.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: PhysicalBackup listKind: PhysicalBackupList plural: physicalbackups shortNames: - pbmdb singular: physicalbackup scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Complete")].status name: Complete type: string - jsonPath: .status.conditions[?(@.type=="Complete")].message name: Status type: string - jsonPath: .spec.mariaDbRef.name name: MariaDB type: string - jsonPath: .status.lastScheduleTime name: Last Scheduled type: date - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: PhysicalBackup is the Schema for the physicalbackups API. It is used to define physical backup jobs and its storage. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: PhysicalBackupSpec defines the desired state of PhysicalBackup. properties: args: description: Args to be used in the Container. items: type: string type: array backoffLimit: description: BackoffLimit defines the maximum number of attempts to successfully take a PhysicalBackup. format: int32 type: integer compression: description: Compression algorithm to be used in the Backup. enum: - none - bzip2 - gzip type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array inheritMetadata: description: InheritMetadata defines the metadata to be inherited by children resources. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object mariaDbRef: description: MariaDBRef is a reference to a MariaDB object. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object maxRetention: description: |- MaxRetention defines the retention policy for backups. Old backups will be cleaned up by the Backup Job. It defaults to 30 days. type: string podAffinity: description: |- PodAffinity indicates whether the Jobs should run in the same Node as the MariaDB Pods to be able to attach the PVC. It defaults to true. type: boolean podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object priorityClassName: description: PriorityClassName to be used in the Pod. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object restartPolicy: default: OnFailure description: RestartPolicy to be added to the PhysicalBackup Pod. enum: - Always - OnFailure - Never type: string schedule: description: Schedule defines when the PhysicalBackup will be taken. properties: cron: description: Cron is a cron expression that defines the schedule. type: string immediate: description: Immediate indicates whether the first backup should be taken immediately after creating the PhysicalBackup. type: boolean suspend: default: false description: Suspend defines whether the schedule is active or not. type: boolean type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to be used by the Pods. type: string stagingStorage: description: |- StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the PhysicalBackup Job is scheduled. The staging area gets cleaned up after each backup is completed, consider this for sizing it appropriately. properties: persistentVolumeClaim: description: PersistentVolumeClaim is a Kubernetes PVC specification. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object volume: description: Volume is a Kubernetes volume specification. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object type: object storage: description: Storage defines the final storage for backups. properties: persistentVolumeClaim: description: PersistentVolumeClaim is a Kubernetes PVC specification. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object s3: description: S3 defines the configuration to store backups in a S3 compatible storage. properties: accessKeyIdSecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic bucket: description: Bucket is the name Name of the bucket to store backups. type: string endpoint: description: Endpoint is the S3 API endpoint without scheme. type: string prefix: description: 'Prefix indicates a folder/subfolder in the bucket. For example: mariadb/ or mariadb/backups. A trailing slash ''/'' is added if not provided.' type: string region: description: Region is the S3 region name to use. type: string secretAccessKeySecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic sessionTokenSecretKeyRef: description: SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic tls: description: TLS provides the configuration required to establish TLS connections with S3. properties: caSecretKeyRef: description: |- CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3. By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic enabled: description: Enabled is a flag to enable TLS. type: boolean type: object required: - bucket - endpoint type: object volume: description: Volume is a Kubernetes volume specification. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object volumeSnapshot: description: VolumeSnapshot is a Kubernetes VolumeSnapshot specification. properties: metadata: description: Metadata is extra metadata to the added to the VolumeSnapshot objects. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object volumeSnapshotClassName: description: VolumeSnapshotClassName is the VolumeSnapshot class to be used to take snapshots. type: string required: - volumeSnapshotClassName type: object type: object successfulJobsHistoryLimit: description: SuccessfulJobsHistoryLimit defines the maximum number of successful Jobs to be displayed. It defaults to 5. format: int32 minimum: 0 type: integer timeout: description: |- Timeout defines the maximum duration of a PhysicalBackup job or snapshot. If this duration is exceeded, the job or snapshot is considered expired and is deleted by the operator. A new job or snapshot will then be created according to the schedule. It defaults to 1 hour. type: string tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array required: - mariaDbRef - storage type: object status: description: PhysicalBackupStatus defines the observed state of PhysicalBackup. properties: conditions: description: Conditions for the PhysicalBackup object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array lastScheduleCheckTime: description: LastScheduleCheckTime is the last time that the schedule was checked. format: date-time type: string lastScheduleTime: description: LastScheduleTime is the last time that a backup was scheduled. format: date-time type: string nextScheduleTime: description: NextScheduleTime is the next time that a backup will be scheduled. format: date-time type: string type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: restores.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: Restore listKind: RestoreList plural: restores shortNames: - rmdb singular: restore scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Complete")].status name: Complete type: string - jsonPath: .status.conditions[?(@.type=="Complete")].message name: Status type: string - jsonPath: .spec.mariaDbRef.name name: MariaDB type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: Restore is the Schema for the restores API. It is used to define restore jobs and its restoration source. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: RestoreSpec defines the desired state of restore properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array backoffLimit: default: 5 description: BackoffLimit defines the maximum number of attempts to successfully perform a Backup. format: int32 type: integer backupRef: description: BackupRef is a reference to a Backup object. It has priority over S3 and Volume. properties: name: default: "" type: string type: object database: description: |- Database defines the logical database to be restored. If not provided, all databases available in the backup are restored. IMPORTANT: The database must previously exist. type: string imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array inheritMetadata: description: InheritMetadata defines the metadata to be inherited by children resources. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object logLevel: default: info description: LogLevel to be used n the Backup Job. It defaults to 'info'. type: string mariaDbRef: description: MariaDBRef is a reference to a MariaDB object. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object priorityClassName: description: PriorityClassName to be used in the Pod. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object restartPolicy: default: OnFailure description: RestartPolicy to be added to the Backup Job. enum: - Always - OnFailure - Never type: string s3: description: S3 defines the configuration to restore backups from a S3 compatible storage. It has priority over Volume. properties: accessKeyIdSecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic bucket: description: Bucket is the name Name of the bucket to store backups. type: string endpoint: description: Endpoint is the S3 API endpoint without scheme. type: string prefix: description: 'Prefix indicates a folder/subfolder in the bucket. For example: mariadb/ or mariadb/backups. A trailing slash ''/'' is added if not provided.' type: string region: description: Region is the S3 region name to use. type: string secretAccessKeySecretKeyRef: description: AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic sessionTokenSecretKeyRef: description: SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic tls: description: TLS provides the configuration required to establish TLS connections with S3. properties: caSecretKeyRef: description: |- CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3. By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic enabled: description: Enabled is a flag to enable TLS. type: boolean type: object required: - bucket - endpoint type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to be used by the Pods. type: string stagingStorage: description: |- StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Restore Job is scheduled. properties: persistentVolumeClaim: description: PersistentVolumeClaim is a Kubernetes PVC specification. properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic resources: description: VolumeResourceRequirements describes the storage resource requirements for a volume. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string type: object volume: description: Volume is a Kubernetes volume specification. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object type: object targetRecoveryTime: description: |- TargetRecoveryTime is a RFC3339 (1970-01-01T00:00:00Z) date and time that defines the point in time recovery objective. It is used to determine the closest restoration source in time. format: date-time type: string tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array volume: description: Volume is a Kubernetes Volume object that contains a backup. properties: csi: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.' properties: driver: type: string fsType: type: string nodePublishSecretRef: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object emptyDir: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.' properties: medium: description: StorageMedium defines ways that storage can be allocated to a volume. type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core' properties: path: type: string type: type: string required: - path type: object nfs: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.' properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.' properties: claimName: type: string readOnly: type: boolean required: - claimName type: object type: object required: - mariaDbRef type: object status: description: RestoreStatus defines the observed state of restore properties: conditions: description: Conditions for the Restore object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: sqljobs.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: SqlJob listKind: SqlJobList plural: sqljobs shortNames: - smdb singular: sqljob scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Complete")].status name: Complete type: string - jsonPath: .status.conditions[?(@.type=="Complete")].message name: Status type: string - jsonPath: .spec.mariaDbRef.name name: MariaDB type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: SqlJob is the Schema for the sqljobs API. It is used to run sql scripts as jobs. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: SqlJobSpec defines the desired state of SqlJob properties: affinity: description: Affinity to be used in the Pod. properties: antiAffinityEnabled: description: |- AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. type: boolean nodeAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core' properties: preference: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core' properties: nodeSelectorTerms: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core' properties: key: type: string operator: description: |- A node selector operator is the set of operators that can be used in a node selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object type: object podAntiAffinity: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.' properties: preferredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.' properties: podAffinityTerm: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.' properties: labelSelector: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta' properties: matchExpressions: items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta' properties: key: type: string operator: description: A label selector operator is the set of operators that can be used in a selector requirement. type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object args: description: Args to be used in the Container. items: type: string type: array backoffLimit: default: 5 description: BackoffLimit defines the maximum number of attempts to successfully execute a SqlJob. format: int32 type: integer database: description: Username to be used when executing the SqlJob. type: string dependsOn: description: DependsOn defines dependencies with other SqlJob objectecs. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array failedJobsHistoryLimit: description: FailedJobsHistoryLimit defines the maximum number of failed Jobs to be displayed. format: int32 minimum: 0 type: integer imagePullSecrets: description: ImagePullSecrets is the list of pull Secrets to be used to pull the image. items: description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.' properties: name: default: "" type: string type: object type: array inheritMetadata: description: InheritMetadata defines the metadata to be inherited by children resources. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object mariaDbRef: description: MariaDBRef is a reference to a MariaDB object. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object nodeSelector: additionalProperties: type: string description: NodeSelector to be used in the Pod. type: object passwordSecretKeyRef: description: UserPasswordSecretKeyRef is a reference to the impersonated user's password to be used when executing the SqlJob. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic podMetadata: description: PodMetadata defines extra metadata for the Pod. properties: annotations: additionalProperties: type: string description: Annotations to be added to children resources. type: object labels: additionalProperties: type: string description: Labels to be added to children resources. type: object type: object podSecurityContext: description: SecurityContext holds pod-level security attributes and common container settings. properties: appArmorProfile: description: AppArmorProfile defines a pod or container's AppArmor settings. properties: localhostProfile: description: |- localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". type: string type: description: |- type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: description: |- PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume when volume is mounted. type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: description: SELinuxOptions are the labels to be applied to the container properties: level: description: Level is SELinux level label that applies to the container. type: string role: description: Role is a SELinux role label that applies to the container. type: string type: description: Type is a SELinux type label that applies to the container. type: string user: description: User is a SELinux user label that applies to the container. type: string type: object seccompProfile: description: |- SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set. properties: localhostProfile: description: |- localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: description: |- type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic type: object priorityClassName: description: PriorityClassName to be used in the Pod. type: string resources: description: Resources describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: ResourceList is a set of (resource name, quantity) pairs. type: object type: object restartPolicy: default: OnFailure description: RestartPolicy to be added to the SqlJob Pod. enum: - Always - OnFailure - Never type: string schedule: description: Schedule defines when the SqlJob will be executed. properties: cron: description: Cron is a cron expression that defines the schedule. type: string suspend: default: false description: Suspend defines whether the schedule is active or not. type: boolean required: - cron type: object securityContext: description: SecurityContext holds security configuration that will be applied to a container. properties: allowPrivilegeEscalation: type: boolean capabilities: description: Adds and removes POSIX capabilities from running containers. properties: add: description: Added capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer type: object serviceAccountName: description: ServiceAccountName is the name of the ServiceAccount to be used by the Pods. type: string sql: description: Sql is the script to be executed by the SqlJob. type: string sqlConfigMapKeyRef: description: |- SqlConfigMapKeyRef is a reference to a ConfigMap containing the Sql script. It is defaulted to a ConfigMap with the contents of the Sql field. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic successfulJobsHistoryLimit: description: SuccessfulJobsHistoryLimit defines the maximum number of successful Jobs to be displayed. format: int32 minimum: 0 type: integer timeZone: description: TimeZone defines the timezone associated with the cron expression. type: string tlsCASecretRef: description: |- TLSCACertSecretRef is a reference toa CA Secret used to establish trust when executing the SqlJob. If not provided, the CA bundle provided by the referred MariaDB is used. properties: name: default: "" type: string type: object tlsClientCertSecretRef: description: |- TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when executing the SqlJob. If not provided, the client certificate provided by the referred MariaDB is used. properties: name: default: "" type: string type: object tolerations: description: Tolerations to be used in the Pod. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array username: description: Username to be impersonated when executing the SqlJob. type: string required: - mariaDbRef - passwordSecretKeyRef - username type: object status: description: SqlJobStatus defines the observed state of SqlJob properties: conditions: description: Conditions for the SqlJob object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: users.k8s.mariadb.com spec: group: k8s.mariadb.com names: kind: User listKind: UserList plural: users shortNames: - umdb singular: user scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - jsonPath: .spec.maxUserConnections name: MaxConns type: string - jsonPath: .spec.mariaDbRef.name name: MariaDB type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: User is the Schema for the users API. It is used to define grants as if you were running a 'CREATE USER' statement. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: UserSpec defines the desired state of User properties: cleanupPolicy: description: CleanupPolicy defines the behavior for cleaning up a SQL resource. enum: - Skip - Delete type: string host: description: Host related to the User. maxLength: 255 type: string mariaDbRef: description: MariaDBRef is a reference to a MariaDB object. properties: kind: description: Kind of the referent. type: string name: type: string namespace: type: string waitForIt: default: true description: WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready. type: boolean type: object maxUserConnections: default: 10 description: MaxUserConnections defines the maximum number of simultaneous connections that the User can establish. format: int32 type: integer name: description: Name overrides the default name provided by metadata.name. maxLength: 80 type: string passwordHashSecretKeyRef: description: |- PasswordHashSecretKeyRef is a reference to the password hash to be used by the User. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password hash. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic passwordPlugin: description: PasswordPlugin is a reference to the password plugin and arguments to be used by the User. properties: pluginArgSecretKeyRef: description: |- PluginArgSecretKeyRef is a reference to the arguments to be provided to the authentication plugin for the User. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin arguments. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic pluginNameSecretKeyRef: description: |- PluginNameSecretKeyRef is a reference to the authentication plugin to be used by the User. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic type: object passwordSecretKeyRef: description: |- PasswordSecretKeyRef is a reference to the password to be used by the User. If not provided, the account will be locked and the password will expire. If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. properties: key: type: string name: default: "" type: string required: - key type: object x-kubernetes-map-type: atomic requeueInterval: description: RequeueInterval is used to perform requeue reconciliations. type: string require: description: 'Require specifies TLS requirements for the user to connect. See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls.' properties: issuer: description: Issuer indicates that the TLS certificate provided by the user must be issued by a specific issuer. type: string ssl: description: SSL indicates that the user must connect via TLS. type: boolean subject: description: Subject indicates that the TLS certificate provided by the user must have a specific subject. type: string x509: description: X509 indicates that the user must provide a valid x509 certificate to connect. type: boolean type: object retryInterval: description: RetryInterval is the interval used to perform retries. type: string required: - mariaDbRef type: object status: description: UserStatus defines the observed state of User properties: conditions: description: Conditions for the User object. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array type: object type: object served: true storage: true subresources: status: {} --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: mariadb-operator-cert-controller rules: - apiGroups: - admissionregistration.k8s.io resources: - validatingwebhookconfigurations - mutatingwebhookconfigurations verbs: - get - list - update - patch - watch - apiGroups: - "" resources: - secrets verbs: - create - list - patch - watch - apiGroups: - discovery.k8s.io resources: - endpointslices - endpointslices/restricted verbs: - get - list - watch --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac-user.yaml # the mariadb-view ClusterRole allows viewing all k8s.mariadb.com resources apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: mariadb-operator-view labels: rbac.authorization.k8s.io/aggregate-to-view: "true" rules: - apiGroups: ["k8s.mariadb.com"] resources: ["*"] verbs: ["get", "list", "watch"] --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac-user.yaml # the mariadb-edit ClusterRole allows editing k8s.mariadb.com resources apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: mariadb-operator-edit labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" rules: - apiGroups: ["k8s.mariadb.com"] resources: ["*"] verbs: ["create", "update", "patch", "delete"] --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: mariadb-operator rules: - apiGroups: - "" resources: - configmaps verbs: - create - delete - get - list - patch - watch - apiGroups: - "" resources: - events - secrets - serviceaccounts - services verbs: - create - list - patch - watch - apiGroups: - "" resources: - persistentvolumeclaims verbs: - create - delete - deletecollection - list - patch - watch - apiGroups: - "" resources: - pods verbs: - delete - get - list - watch - patch - apiGroups: - "" resources: - pods/log verbs: - get - apiGroups: - apps resources: - deployments verbs: - create - list - patch - watch - apiGroups: - apps resources: - statefulsets verbs: - create - delete - get - list - patch - watch - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create - apiGroups: - batch resources: - cronjobs verbs: - create - list - patch - watch - apiGroups: - batch resources: - jobs verbs: - create - delete - get - list - patch - watch - apiGroups: - cert-manager.io resources: - certificates verbs: - create - list - patch - watch - apiGroups: - discovery.k8s.io resources: - endpointslices - endpointslices/restricted verbs: - create - get - list - patch - watch - apiGroups: - k8s.mariadb.com resources: - backups - connections - databases - grants - mariadbs - externalmariadbs - maxscales - physicalbackups - restores - sqljobs - users verbs: - create - delete - get - list - patch - update - watch - apiGroups: - k8s.mariadb.com resources: - backups/finalizers - connections/finalizers - databases/finalizers - grants/finalizers - mariadbs/finalizers - externalmariadbs/finalizers - maxscales/finalizers - physicalbackups/finalizers - restores/finalizers - sqljobs/finalizers - users/finalizers verbs: - update - apiGroups: - k8s.mariadb.com resources: - backups/status - connections/status - databases/status - grants/status - mariadbs/status - externalmariadbs/status - maxscales/status - physicalbackups/status - restores/status - sqljobs/status - users/status verbs: - get - patch - update - apiGroups: - k8s.mariadb.com resources: - maxscale verbs: - create - list - patch - watch - apiGroups: - monitoring.coreos.com resources: - servicemonitors verbs: - create - list - patch - watch - apiGroups: - policy resources: - poddisruptionbudgets verbs: - create - list - patch - watch - apiGroups: - rbac.authorization.k8s.io resources: - clusterrolebindings - rolebindings - roles verbs: - create - list - patch - watch - apiGroups: - snapshot.storage.k8s.io resources: - volumesnapshots verbs: - create - delete - get - list - patch - watch --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: mariadb-operator-cert-controller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: mariadb-operator-cert-controller subjects: - kind: ServiceAccount name: mariadb-operator-cert-controller-cert-controller namespace: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: mariadb-operator roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: mariadb-operator subjects: - kind: ServiceAccount name: mariadb-operator namespace: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: mariadb-operator:auth-delegator roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:auth-delegator subjects: - kind: ServiceAccount name: mariadb-operator namespace: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: mariadb-operator-cert-controller rules: - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - patch --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: mariadb-operator rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - patch --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: mariadb-operator-cert-controller roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: mariadb-operator-cert-controller subjects: - kind: ServiceAccount name: mariadb-operator-cert-controller-cert-controller namespace: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: mariadb-operator roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: mariadb-operator subjects: - kind: ServiceAccount name: mariadb-operator namespace: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/servicemonitor.yaml apiVersion: v1 kind: Service metadata: name: mariadb-operator-cert-controller-metrics labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: ports: - port: 8080 protocol: TCP name: metrics selector: app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/metrics-servicemonitor.yaml apiVersion: v1 kind: Service metadata: name: mariadb-operator-metrics labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: ports: - port: 8080 protocol: TCP name: metrics selector: app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/webhook/service.yaml apiVersion: v1 kind: Service metadata: name: mariadb-operator-webhook labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: ports: - port: 443 protocol: TCP targetPort: 9443 selector: app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/webhook/servicemonitor.yaml apiVersion: v1 kind: Service metadata: name: mariadb-operator-webhook-metrics labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: ports: - port: 8080 protocol: TCP name: metrics selector: app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: mariadb-operator-cert-controller labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: selector: matchLabels: app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator template: metadata: labels: app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator spec: serviceAccountName: mariadb-operator-cert-controller-cert-controller automountServiceAccountToken: true containers: - image: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2" imagePullPolicy: IfNotPresent name: cert-controller args: - cert-controller - --ca-secret-name=mariadb-operator-webhook-ca - --ca-secret-namespace=mariadb-operator - --ca-lifetime=26280h - --cert-secret-name=mariadb-operator-webhook-cert - --cert-secret-namespace=mariadb-operator - --cert-lifetime=2160h - --renew-before-percentage=33 - --service-name=mariadb-operator-webhook - --service-namespace=mariadb-operator - --requeue-duration=5m - --metrics-addr=:8080 - --health-addr=:8081 - --log-level=INFO ports: - containerPort: 8080 protocol: TCP name: metrics - containerPort: 8081 protocol: TCP name: health env: - name: CLUSTER_NAME value: cluster.local readinessProbe: httpGet: path: /readyz port: 8081 initialDelaySeconds: 20 periodSeconds: 5 --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: mariadb-operator labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: replicas: 3 selector: matchLabels: app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator template: metadata: labels: app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator spec: serviceAccountName: mariadb-operator automountServiceAccountToken: true terminationGracePeriodSeconds: 10 containers: - image: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2" imagePullPolicy: IfNotPresent name: controller args: - --metrics-addr=:8080 - --log-level=INFO - --leader-elect ports: - containerPort: 8080 protocol: TCP name: metrics envFrom: - configMapRef: name: mariadb-operator-env env: - name: CLUSTER_NAME value: cluster.local - name: MARIADB_OPERATOR_NAME valueFrom: fieldRef: fieldPath: spec.serviceAccountName - name: MARIADB_OPERATOR_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: MARIADB_OPERATOR_SA_PATH value: /var/run/secrets/kubernetes.io/serviceaccount/token --- # Source: mariadb-operator/charts/mariadb-operator/templates/webhook/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: mariadb-operator-webhook labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: selector: matchLabels: app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator template: metadata: labels: app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator spec: serviceAccountName: mariadb-operator-webhook automountServiceAccountToken: true hostNetwork: false containers: - image: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2" imagePullPolicy: IfNotPresent name: webhook args: - webhook - --ca-cert-path=/tmp/k8s-webhook-server/certificate-authority/tls.crt - --cert-dir=/tmp/k8s-webhook-server/serving-certs - --dns-name=mariadb-operator-webhook.mariadb-operator.svc - --port=9443 - --metrics-addr=:8080 - --health-addr=:8081 - --log-level=INFO ports: - containerPort: 9443 protocol: TCP name: https - containerPort: 8080 protocol: TCP name: metrics - containerPort: 8081 protocol: TCP name: health volumeMounts: - mountPath: /tmp/k8s-webhook-server/certificate-authority name: ca readOnly: true - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true readinessProbe: httpGet: path: /readyz port: 8081 initialDelaySeconds: 20 periodSeconds: 5 volumes: - name: ca secret: defaultMode: 420 secretName: mariadb-operator-webhook-ca - name: cert secret: defaultMode: 420 secretName: mariadb-operator-webhook-cert --- # Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/servicemonitor.yaml apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: mariadb-operator-cert-controller labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: selector: matchLabels: app.kubernetes.io/name: mariadb-operator-cert-controller app.kubernetes.io/instance: mariadb-operator namespaceSelector: matchNames: - "mariadb-operator" endpoints: - port: metrics interval: 30s scrapeTimeout: 25s --- # Source: mariadb-operator/charts/mariadb-operator/templates/operator/metrics-servicemonitor.yaml apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: mariadb-operator labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: selector: matchLabels: app.kubernetes.io/name: mariadb-operator app.kubernetes.io/instance: mariadb-operator namespaceSelector: matchNames: - "mariadb-operator" endpoints: - port: metrics interval: 30s scrapeTimeout: 25s --- # Source: mariadb-operator/charts/mariadb-operator/templates/webhook/servicemonitor.yaml apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: mariadb-operator-webhook labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm spec: selector: matchLabels: app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator namespaceSelector: matchNames: - "mariadb-operator" endpoints: - port: metrics interval: 30s scrapeTimeout: 25s --- # Source: mariadb-operator/charts/mariadb-operator/templates/webhook/config.yaml apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: name: mariadb-operator-webhook labels: helm.sh/chart: mariadb-operator-25.10.2 app.kubernetes.io/name: mariadb-operator-webhook app.kubernetes.io/instance: mariadb-operator app.kubernetes.io/version: "25.10.2" app.kubernetes.io/managed-by: Helm annotations: k8s.mariadb.com/webhook: "" webhooks: - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-backup failurePolicy: Fail name: vbackup-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - backups sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-physicalbackup failurePolicy: Fail name: vphysicalbackup-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - physicalbackups sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-connection failurePolicy: Fail name: vconnection-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - connections sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-database failurePolicy: Fail name: vdatabase-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - databases sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-grant failurePolicy: Fail name: vgrant-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - grants sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-mariadb failurePolicy: Fail name: vmariadb-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - mariadbs sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-maxscale failurePolicy: Fail name: vmaxscale-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - maxscales sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-restore failurePolicy: Fail name: vrestore-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - restores sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-sqljob failurePolicy: Fail name: vsqljob-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - sqljobs sideEffects: None - admissionReviewVersions: - v1 clientConfig: service: name: mariadb-operator-webhook namespace: mariadb-operator path: /validate-k8s-mariadb-com-v1alpha1-user failurePolicy: Fail name: vuser-v1alpha1.kb.io rules: - apiGroups: - k8s.mariadb.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - users sideEffects: None