alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 14 Actions Activity
Files
5ca176e682b4c1f24cf697c6d989ef5bebec064d
infrastructure/clusters/cl01tl/manifests/mariadb-operator/mariadb-operator.yaml

16054 lines
802 KiB
YAML
Raw Blame History

---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/pdb.yaml
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: mariadb-operator
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: mariadb-operator-cert-controller-cert-controller
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: mariadb-operator
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
---
# Source: mariadb-operator/charts/mariadb-operator/templates/webhook/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: mariadb-operator-webhook
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/configmap.yaml
apiVersion: v1
data:
MARIADB_OPERATOR_IMAGE: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2"
MARIADB_GALERA_LIB_PATH: "/usr/lib/galera/libgalera_smm.so"
MARIADB_DEFAULT_VERSION: "11.8"
RELATED_IMAGE_MARIADB: "docker-registry1.mariadb.com/library/mariadb:11.8.2"
RELATED_IMAGE_MARIADB_NAME: "docker-registry1.mariadb.com/library/mariadb"
RELATED_IMAGE_MAXSCALE: "docker-registry2.mariadb.com/mariadb/maxscale:23.08.5"
RELATED_IMAGE_EXPORTER: "prom/mysqld-exporter:v0.15.1"
RELATED_IMAGE_EXPORTER_MAXSCALE: "docker-registry2.mariadb.com/mariadb/maxscale-prometheus-exporter-ubi:v0.0.1"
kind: ConfigMap
metadata:
creationTimestamp: null
name: mariadb-operator-env
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: backups.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: Backup
listKind: BackupList
plural: backups
shortNames:
- bmdb
singular: backup
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Complete")].status
name: Complete
type: string
- jsonPath: .status.conditions[?(@.type=="Complete")].message
name: Status
type: string
- jsonPath: .spec.mariaDbRef.name
name: MariaDB
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Backup is the Schema for the backups API. It is used to define
backup jobs and its storage.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: BackupSpec defines the desired state of Backup
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can be
used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator is
the set of operators that can be used in
a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
backoffLimit:
description: BackoffLimit defines the maximum number of attempts to
successfully take a Backup.
format: int32
type: integer
compression:
description: Compression algorithm to be used in the Backup.
enum:
- none
- bzip2
- gzip
type: string
databases:
description: Databases defines the logical databases to be backed
up. If not provided, all databases are backed up.
items:
type: string
type: array
failedJobsHistoryLimit:
description: FailedJobsHistoryLimit defines the maximum number of
failed Jobs to be displayed.
format: int32
minimum: 0
type: integer
ignoreGlobalPriv:
description: |-
IgnoreGlobalPriv indicates to ignore the mysql.global_priv in backups.
If not provided, it will default to true when the referred MariaDB instance has Galera enabled and otherwise to false.
See: https://github.com/mariadb-operator/mariadb-operator/issues/556
type: boolean
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets to be used
to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
inheritMetadata:
description: InheritMetadata defines the metadata to be inherited
by children resources.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
logLevel:
default: info
description: LogLevel to be used n the Backup Job. It defaults to
'info'.
type: string
mariaDbRef:
description: MariaDBRef is a reference to a MariaDB object.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
maxRetention:
description: |-
MaxRetention defines the retention policy for backups. Old backups will be cleaned up by the Backup Job.
It defaults to 30 days.
type: string
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes and
common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's AppArmor
settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied to the
container
properties:
level:
description: Level is SELinux level label that applies to
the container.
type: string
role:
description: Role is a SELinux role label that applies to
the container.
type: string
type:
description: Type is a SELinux type label that applies to
the container.
type: string
user:
description: User is a SELinux user label that applies to
the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
restartPolicy:
default: OnFailure
description: RestartPolicy to be added to the Backup Pod.
enum:
- Always
- OnFailure
- Never
type: string
schedule:
description: Schedule defines when the Backup will be taken.
properties:
cron:
description: Cron is a cron expression that defines the schedule.
type: string
suspend:
default: false
description: Suspend defines whether the schedule is active or
not.
type: boolean
required:
- cron
type: object
securityContext:
description: SecurityContext holds security configuration that will
be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from running
containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
serviceAccountName:
description: ServiceAccountName is the name of the ServiceAccount
to be used by the Pods.
type: string
stagingStorage:
description: |-
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed.
It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Backup Job is scheduled.
The staging area gets cleaned up after each backup is completed, consider this for sizing it appropriately.
properties:
persistentVolumeClaim:
description: PersistentVolumeClaim is a Kubernetes PVC specification.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
resources:
description: VolumeResourceRequirements describes the storage
resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
volume:
description: Volume is a Kubernetes volume specification.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can
be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
type: object
storage:
description: Storage defines the final storage for backups.
properties:
persistentVolumeClaim:
description: PersistentVolumeClaim is a Kubernetes PVC specification.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
resources:
description: VolumeResourceRequirements describes the storage
resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
s3:
description: S3 defines the configuration to store backups in
a S3 compatible storage.
properties:
accessKeyIdSecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 access key id.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
bucket:
description: Bucket is the name Name of the bucket to store
backups.
type: string
endpoint:
description: Endpoint is the S3 API endpoint without scheme.
type: string
prefix:
description: 'Prefix indicates a folder/subfolder in the bucket.
For example: mariadb/ or mariadb/backups. A trailing slash
''/'' is added if not provided.'
type: string
region:
description: Region is the S3 region name to use.
type: string
secretAccessKeySecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 secret key.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
sessionTokenSecretKeyRef:
description: SessionTokenSecretKeyRef is a reference to a
Secret key containing the S3 session token.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
tls:
description: TLS provides the configuration required to establish
TLS connections with S3.
properties:
caSecretKeyRef:
description: |-
CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3.
By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
enabled:
description: Enabled is a flag to enable TLS.
type: boolean
type: object
required:
- bucket
- endpoint
type: object
volume:
description: Volume is a Kubernetes volume specification.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can
be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
type: object
successfulJobsHistoryLimit:
description: SuccessfulJobsHistoryLimit defines the maximum number
of successful Jobs to be displayed.
format: int32
minimum: 0
type: integer
timeZone:
description: TimeZone defines the timezone associated with the cron
expression.
type: string
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
required:
- mariaDbRef
- storage
type: object
status:
description: BackupStatus defines the observed state of Backup
properties:
conditions:
description: Conditions for the Backup object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: connections.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: Connection
listKind: ConnectionList
plural: connections
shortNames:
- cmdb
singular: connection
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .spec.secretName
name: Secret
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Connection is the Schema for the connections API. It is used
to configure connection strings for the applications connecting to MariaDB.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ConnectionSpec defines the desired state of Connection
properties:
database:
description: Database to use when configuring the Connection.
type: string
healthCheck:
description: HealthCheck to be used in the Connection.
properties:
interval:
description: Interval used to perform health checks.
type: string
retryInterval:
description: RetryInterval is the interval used to perform health
check retries.
type: string
type: object
host:
description: Host to connect to. If not provided, it defaults to the
MariaDB host or to the MaxScale host.
type: string
mariaDbRef:
description: MariaDBRef is a reference to the MariaDB to connect to.
Either MariaDBRef or MaxScaleRef must be provided.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
maxScaleRef:
description: MaxScaleRef is a reference to the MaxScale to connect
to. Either MariaDBRef or MaxScaleRef must be provided.
properties:
name:
type: string
namespace:
type: string
type: object
params:
additionalProperties:
type: string
description: Params to be used in the Connection.
type: object
passwordSecretKeyRef:
description: |-
PasswordSecretKeyRef is a reference to the password to use for configuring the Connection.
Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
port:
description: Port to connect to. If not provided, it defaults to the
MariaDB port or to the first MaxScale listener.
format: int32
type: integer
secretName:
description: SecretName to be used in the Connection.
type: string
secretTemplate:
description: SecretTemplate to be used in the Connection.
properties:
databaseKey:
description: DatabaseKey to be used in the Secret.
type: string
format:
description: Format to be used in the Secret.
type: string
hostKey:
description: HostKey to be used in the Secret.
type: string
key:
description: Key to be used in the Secret.
type: string
metadata:
description: Metadata to be added to the Secret object.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordKey:
description: PasswordKey to be used in the Secret.
type: string
portKey:
description: PortKey to be used in the Secret.
type: string
usernameKey:
description: UsernameKey to be used in the Secret.
type: string
type: object
serviceName:
description: ServiceName to be used in the Connection.
type: string
tlsClientCertSecretRef:
description: |-
TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when checking the connection health.
Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials.
If not provided, the client certificate provided by the referred MariaDB is used if TLS is enabled.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the client certificate.
properties:
name:
default: ""
type: string
type: object
username:
description: Username to use for configuring the Connection.
type: string
required:
- username
type: object
status:
description: ConnectionStatus defines the observed state of Connection
properties:
conditions:
description: Conditions for the Connection object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: databases.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: Database
listKind: DatabaseList
plural: databases
shortNames:
- dmdb
singular: database
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .spec.characterSet
name: CharSet
type: string
- jsonPath: .spec.collate
name: Collate
type: string
- jsonPath: .spec.mariaDbRef.name
name: MariaDB
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .spec.name
name: Name
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Database is the Schema for the databases API. It is used to define
a logical database as if you were running a 'CREATE DATABASE' statement.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: DatabaseSpec defines the desired state of Database
properties:
characterSet:
default: utf8
description: CharacterSet to use in the Database.
type: string
cleanupPolicy:
description: CleanupPolicy defines the behavior for cleaning up a
SQL resource.
enum:
- Skip
- Delete
type: string
collate:
default: utf8_general_ci
description: Collate to use in the Database.
type: string
mariaDbRef:
description: MariaDBRef is a reference to a MariaDB object.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
name:
description: Name overrides the default Database name provided by
metadata.name.
maxLength: 80
type: string
requeueInterval:
description: RequeueInterval is used to perform requeue reconciliations.
type: string
retryInterval:
description: RetryInterval is the interval used to perform retries.
type: string
required:
- mariaDbRef
type: object
status:
description: DatabaseStatus defines the observed state of Database
properties:
conditions:
description: Conditions for the Database object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: externalmariadbs.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: ExternalMariaDB
listKind: ExternalMariaDBList
plural: externalmariadbs
shortNames:
- emdb
singular: externalmariadb
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: ExternalMariaDB is the Schema for the external MariaDBs API.
It is used to define external MariaDB server.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ExternalMariaDBSpec defines the desired state of an External
MariaDB
properties:
connection:
description: Connection defines a template to configure a Connection
for the external MariaDB.
properties:
healthCheck:
description: HealthCheck to be used in the Connection.
properties:
interval:
description: Interval used to perform health checks.
type: string
retryInterval:
description: RetryInterval is the interval used to perform
health check retries.
type: string
type: object
params:
additionalProperties:
type: string
description: Params to be used in the Connection.
type: object
port:
description: Port to connect to. If not provided, it defaults
to the MariaDB port or to the first MaxScale listener.
format: int32
type: integer
secretName:
description: SecretName to be used in the Connection.
type: string
secretTemplate:
description: SecretTemplate to be used in the Connection.
properties:
databaseKey:
description: DatabaseKey to be used in the Secret.
type: string
format:
description: Format to be used in the Secret.
type: string
hostKey:
description: HostKey to be used in the Secret.
type: string
key:
description: Key to be used in the Secret.
type: string
metadata:
description: Metadata to be added to the Secret object.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordKey:
description: PasswordKey to be used in the Secret.
type: string
portKey:
description: PortKey to be used in the Secret.
type: string
usernameKey:
description: UsernameKey to be used in the Secret.
type: string
type: object
serviceName:
description: ServiceName to be used in the Connection.
type: string
type: object
host:
description: Hostname of the external MariaDB.
type: string
image:
description: |-
Image name to be used to perform operations on the external MariaDB, for example, for taking backups.
The supported format is `<image>:<tag>`. Only MariaDB official images are supported.
If not provided, the MariaDB image version be inferred by the operator in runtime. The default MariaDB image will be used in this case,
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One of `Always`,
`Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets to be used
to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
inheritMetadata:
description: InheritMetadata defines the metadata to be inherited
by children resources.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordSecretKeyRef:
description: PasswordSecretKeyRef is a reference to the password to
connect to the external MariaDB.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
port:
default: 3306
description: Port of the external MariaDB.
format: int32
type: integer
tls:
description: TLS defines the PKI to be used with the external MariaDB.
properties:
clientCASecretRef:
description: |-
ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided.
If not provided, a self-signed CA will be provisioned to issue the client certificate.
properties:
name:
default: ""
type: string
type: object
clientCertIssuerRef:
description: |-
ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with clientCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
clientCertSecretRef:
description: |-
ClientCertSecretRef is a reference to a TLS Secret containing the client certificate.
It is mutually exclusive with clientCertIssuerRef.
properties:
name:
default: ""
type: string
type: object
enabled:
description: |-
Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance.
It is enabled by default.
type: boolean
galeraSSTEnabled:
description: |-
GaleraSSTEnabled determines whether Galera SST connections should use TLS.
It disabled by default.
type: boolean
required:
description: |-
Required specifies whether TLS must be enforced for all connections.
User TLS requirements take precedence over this.
It disabled by default.
type: boolean
serverCASecretRef:
description: |-
ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided.
If not provided, a self-signed CA will be provisioned to issue the server certificate.
properties:
name:
default: ""
type: string
type: object
serverCertIssuerRef:
description: |-
ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with serverCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
serverCertSecretRef:
description: |-
ServerCertSecretRef is a reference to a TLS Secret containing the server certificate.
It is mutually exclusive with serverCertIssuerRef.
properties:
name:
default: ""
type: string
type: object
type: object
username:
description: Username is the username to connect to the external MariaDB.
type: string
required:
- host
- username
type: object
status:
description: ExternalMariaDBStatus defines the observed state of MariaDB
properties:
conditions:
description: Conditions for the ExternalMariadb object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
isGaleraEnabled:
description: IsGaleraEnabled indicates that the external MariaDb has
Galera enabled.
type: boolean
version:
description: Version of the external MariaDB server.
type: string
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: grants.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: Grant
listKind: GrantList
plural: grants
shortNames:
- gmdb
singular: grant
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .spec.database
name: Database
type: string
- jsonPath: .spec.table
name: Table
type: string
- jsonPath: .spec.username
name: Username
type: string
- jsonPath: .spec.grantOption
name: GrantOpt
type: string
- jsonPath: .spec.mariaDbRef.name
name: MariaDB
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Grant is the Schema for the grants API. It is used to define
grants as if you were running a 'GRANT' statement.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: GrantSpec defines the desired state of Grant
properties:
cleanupPolicy:
description: CleanupPolicy defines the behavior for cleaning up a
SQL resource.
enum:
- Skip
- Delete
type: string
database:
default: '*'
description: Database to use in the Grant.
type: string
grantOption:
default: false
description: GrantOption to use in the Grant.
type: boolean
host:
description: Host to use in the Grant. It can be localhost, an IP
or '%'.
type: string
mariaDbRef:
description: MariaDBRef is a reference to a MariaDB object.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
privileges:
description: Privileges to use in the Grant.
items:
type: string
minItems: 1
type: array
requeueInterval:
description: RequeueInterval is used to perform requeue reconciliations.
type: string
retryInterval:
description: RetryInterval is the interval used to perform retries.
type: string
table:
default: '*'
description: Table to use in the Grant.
type: string
username:
description: Username to use in the Grant.
type: string
required:
- mariaDbRef
- privileges
- username
type: object
status:
description: GrantStatus defines the observed state of Grant
properties:
conditions:
description: Conditions for the Grant object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
currentPrivileges:
description: |-
CurrentPrivileges is the list of current privileges used in the Grant.
It allows to detect the divergence from the desired privileges.
items:
type: string
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: mariadbs.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: MariaDB
listKind: MariaDBList
plural: mariadbs
shortNames:
- mdb
singular: mariadb
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .status.currentPrimary
name: Primary
type: string
- jsonPath: .spec.updateStrategy.type
name: Updates
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: MariaDB is the Schema for the mariadbs API. It is used to define
MariaDB clusters.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: MariaDBSpec defines the desired state of MariaDB
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can be
used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator is
the set of operators that can be used in
a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
bootstrapFrom:
description: BootstrapFrom defines a source to bootstrap from.
properties:
backupContentType:
description: |-
BackupContentType is the backup content type available in the source to bootstrap from.
It is inferred based on the BackupRef and VolumeSnapshotRef fields. If inference is not possible, it defaults to Logical.
Set this field explicitly when using physical backups from S3 or Volume sources.
enum:
- Logical
- Physical
type: string
backupRef:
description: |-
BackupRef is reference to a backup object. If the Kind is not specified, a logical Backup is assumed.
This field takes precedence over S3 and Volume sources.
properties:
kind:
description: Kind of the referent.
type: string
name:
description: Name of the referent.
type: string
type: object
restoreJob:
description: RestoreJob defines additional properties for the
Job used to perform the restoration.
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector
operator is the set of operators
that can be used in a selector
requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can
be used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
metadata:
description: Metadata defines additional metadata for the
bootstrap Jobs.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
s3:
description: |-
S3 defines the configuration to restore backups from a S3 compatible storage.
This field takes precedence over the Volume source.
properties:
accessKeyIdSecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 access key id.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
bucket:
description: Bucket is the name Name of the bucket to store
backups.
type: string
endpoint:
description: Endpoint is the S3 API endpoint without scheme.
type: string
prefix:
description: 'Prefix indicates a folder/subfolder in the bucket.
For example: mariadb/ or mariadb/backups. A trailing slash
''/'' is added if not provided.'
type: string
region:
description: Region is the S3 region name to use.
type: string
secretAccessKeySecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 secret key.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
sessionTokenSecretKeyRef:
description: SessionTokenSecretKeyRef is a reference to a
Secret key containing the S3 session token.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
tls:
description: TLS provides the configuration required to establish
TLS connections with S3.
properties:
caSecretKeyRef:
description: |-
CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3.
By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
enabled:
description: Enabled is a flag to enable TLS.
type: boolean
type: object
required:
- bucket
- endpoint
type: object
stagingStorage:
description: |-
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed.
It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Job is scheduled.
properties:
persistentVolumeClaim:
description: PersistentVolumeClaim is a Kubernetes PVC specification.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
resources:
description: VolumeResourceRequirements describes the
storage resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
volume:
description: Volume is a Kubernetes volume specification.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage
can be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
type: object
targetRecoveryTime:
description: |-
TargetRecoveryTime is a RFC3339 (1970-01-01T00:00:00Z) date and time that defines the point in time recovery objective.
It is used to determine the closest restoration source in time.
format: date-time
type: string
volume:
description: Volume is a Kubernetes Volume object that contains
a backup.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can
be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
volumeSnapshotRef:
description: |-
VolumeSnapshotRef is a reference to a VolumeSnapshot object.
This field takes precedence over S3 and Volume sources.
properties:
name:
default: ""
type: string
type: object
type: object
command:
description: Command to be used in the Container.
items:
type: string
type: array
connection:
description: |-
Connection defines a template to configure the general Connection object.
This Connection provides the initial User access to the initial Database.
It will make use of the Service to route network traffic to all Pods.
properties:
healthCheck:
description: HealthCheck to be used in the Connection.
properties:
interval:
description: Interval used to perform health checks.
type: string
retryInterval:
description: RetryInterval is the interval used to perform
health check retries.
type: string
type: object
params:
additionalProperties:
type: string
description: Params to be used in the Connection.
type: object
port:
description: Port to connect to. If not provided, it defaults
to the MariaDB port or to the first MaxScale listener.
format: int32
type: integer
secretName:
description: SecretName to be used in the Connection.
type: string
secretTemplate:
description: SecretTemplate to be used in the Connection.
properties:
databaseKey:
description: DatabaseKey to be used in the Secret.
type: string
format:
description: Format to be used in the Secret.
type: string
hostKey:
description: HostKey to be used in the Secret.
type: string
key:
description: Key to be used in the Secret.
type: string
metadata:
description: Metadata to be added to the Secret object.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordKey:
description: PasswordKey to be used in the Secret.
type: string
portKey:
description: PortKey to be used in the Secret.
type: string
usernameKey:
description: UsernameKey to be used in the Secret.
type: string
type: object
serviceName:
description: ServiceName to be used in the Connection.
type: string
type: object
database:
description: Database is the name of the initial Database.
type: string
env:
description: Env represents the environment variables to be injected
in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
envFrom:
description: EnvFrom represents the references (via ConfigMap and
Secrets) to environment variables to be injected in the container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.'
properties:
configMapRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
prefix:
type: string
secretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: object
type: array
galera:
description: Replication configures high availability via Galera.
properties:
agent:
description: Agent is a sidecar agent that co-operates with mariadb-operator.
properties:
args:
description: Args to be used in the Container.
items:
type: string
type: array
basicAuth:
description: BasicAuth to be used by the agent container
properties:
enabled:
description: Enabled is a flag to enable BasicAuth
type: boolean
passwordSecretKeyRef:
description: PasswordSecretKeyRef to be used for basic
authentication
properties:
generate:
default: false
description: Generate indicates whether the Secret
should be generated if the Secret referenced is
not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: Username to be used for basic authentication
type: string
type: object
command:
description: Command to be used in the Container.
items:
type: string
type: array
env:
description: Env represents the environment variables to be
injected in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must
be a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
envFrom:
description: EnvFrom represents the references (via ConfigMap
and Secrets) to environment variables to be injected in
the container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.'
properties:
configMapRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
prefix:
type: string
secretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: object
type: array
gracefulShutdownTimeout:
description: GracefulShutdownTimeout is the time we give to
the agent container in order to gracefully terminate in-flight
requests.
type: string
image:
description: Image name to be used by the MariaDB instances.
The supported format is `<image>:<tag>`.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One
of `Always`, `Never` or `IfNotPresent`. If not defined,
it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
kubernetesAuth:
description: KubernetesAuth to be used by the agent container
properties:
authDelegatorRoleName:
description: |-
AuthDelegatorRoleName is the name of the ClusterRoleBinding that is associated with the "system:auth-delegator" ClusterRole.
It is necessary for creating TokenReview objects in order for the agent to validate the service account token.
type: string
enabled:
description: Enabled is a flag to enable KubernetesAuth
type: boolean
type: object
livenessProbe:
description: LivenessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
port:
description: Port where the agent will be listening for API
connections.
format: int32
type: integer
probePort:
description: Port where the agent will be listening for probe
connections.
format: int32
type: integer
readinessProbe:
description: ReadinessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
securityContext:
description: SecurityContext holds security configuration
that will be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from
running containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
startupProbe:
description: StartupProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
type: object
availableWhenDonor:
description: AvailableWhenDonor indicates whether a donor node
should be responding to queries. It defaults to false.
type: boolean
config:
description: GaleraConfig defines storage options for the Galera
configuration files.
properties:
reuseStorageVolume:
description: |-
ReuseStorageVolume indicates that storage volume used by MariaDB should be reused to store the Galera configuration files.
It defaults to false, which implies that a dedicated volume for the Galera configuration files is provisioned.
type: boolean
volumeClaimTemplate:
description: VolumeClaimTemplate is a template for the PVC
that will contain the Galera configuration files shared
between the InitContainer, Agent and MariaDB.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
metadata:
description: Metadata to be added to the PVC metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
resources:
description: VolumeResourceRequirements describes the
storage resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
type: object
enabled:
description: Enabled is a flag to enable Galera.
type: boolean
galeraLibPath:
description: |-
GaleraLibPath is a path inside the MariaDB image to the wsrep provider plugin. It is defaulted if not provided.
More info: https://galeracluster.com/library/documentation/mysql-wsrep-options.html#wsrep-provider.
type: string
initContainer:
description: InitContainer is an init container that runs in the
MariaDB Pod and co-operates with mariadb-operator.
properties:
args:
description: Args to be used in the Container.
items:
type: string
type: array
command:
description: Command to be used in the Container.
items:
type: string
type: array
env:
description: Env represents the environment variables to be
injected in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must
be a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
envFrom:
description: EnvFrom represents the references (via ConfigMap
and Secrets) to environment variables to be injected in
the container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.'
properties:
configMapRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
prefix:
type: string
secretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: object
type: array
image:
description: Image name to be used by the MariaDB instances.
The supported format is `<image>:<tag>`.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One
of `Always`, `Never` or `IfNotPresent`. If not defined,
it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
livenessProbe:
description: LivenessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
readinessProbe:
description: ReadinessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
securityContext:
description: SecurityContext holds security configuration
that will be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from
running containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
startupProbe:
description: StartupProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
required:
- image
type: object
initJob:
description: InitJob defines a Job that co-operates with mariadb-operator
by performing initialization tasks.
properties:
metadata:
description: Metadata defines additional metadata for the
Galera init Job.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
type: object
primary:
description: Primary is the Galera configuration for the primary
node.
properties:
autoFailover:
description: AutoFailover indicates whether the operator should
automatically update PodIndex to perform an automatic primary
failover.
type: boolean
podIndex:
description: PodIndex is the StatefulSet index of the primary
node. The user may change this field to perform a manual
switchover.
type: integer
type: object
providerOptions:
additionalProperties:
type: string
description: |-
ProviderOptions is map of Galera configuration parameters.
More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_provider_options.
type: object
recovery:
description: |-
GaleraRecovery is the recovery process performed by the operator whenever the Galera cluster is not healthy.
More info: https://galeracluster.com/library/documentation/crash-recovery.html.
properties:
clusterBootstrapTimeout:
description: |-
ClusterBootstrapTimeout is the time limit for bootstrapping a cluster.
Once this timeout is reached, the Galera recovery state is reset and a new cluster bootstrap will be attempted.
type: string
clusterDownscaleTimeout:
description: ClusterDownscaleTimeout represents the maximum
duration for downscaling the cluster's StatefulSet during
the recovery process.
type: string
clusterHealthyTimeout:
description: |-
ClusterHealthyTimeout represents the duration at which a Galera cluster, that consistently failed health checks,
is considered unhealthy, and consequently the Galera recovery process will be initiated by the operator.
type: string
clusterMonitorInterval:
description: ClusterMonitorInterval represents the interval
used to monitor the Galera cluster health.
type: string
clusterUpscaleTimeout:
description: ClusterUpscaleTimeout represents the maximum
duration for upscaling the cluster's StatefulSet during
the recovery process.
type: string
enabled:
description: Enabled is a flag to enable GaleraRecovery.
type: boolean
forceClusterBootstrapInPod:
description: |-
ForceClusterBootstrapInPod allows you to manually initiate the bootstrap process in a specific Pod.
IMPORTANT: Use this option only in exceptional circumstances. Not selecting the Pod with the highest sequence number may result in data loss.
IMPORTANT: Ensure you unset this field after completing the bootstrap to allow the operator to choose the appropriate Pod to bootstrap from in an event of cluster recovery.
type: string
job:
description: Job defines a Job that co-operates with mariadb-operator
by performing the Galera cluster recovery .
properties:
metadata:
description: Metadata defines additional metadata for
the Galera recovery Jobs.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podAffinity:
description: PodAffinity indicates whether the recovery
Jobs should run in the same Node as the MariaDB Pods.
It defaults to true.
type: boolean
resources:
description: Resources describes the compute resource
requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
type: object
minClusterSize:
anyOf:
- type: integer
- type: string
description: |-
MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%).
If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated.
It defaults to '1' replica, and it is highly recommendeded to keep this value at '1' in most cases.
If set to more than one replica, the cluster recovery process may restart the healthy replicas as well.
x-kubernetes-int-or-string: true
podRecoveryTimeout:
description: PodRecoveryTimeout is the time limit for recevorying
the sequence of a Pod during the cluster recovery.
type: string
podSyncTimeout:
description: PodSyncTimeout is the time limit for a Pod to
join the cluster after having performed a cluster bootstrap
during the cluster recovery.
type: string
type: object
replicaThreads:
description: |-
ReplicaThreads is the number of replica threads used to apply Galera write sets in parallel.
More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_slave_threads.
type: integer
sst:
description: |-
SST is the Snapshot State Transfer used when new Pods join the cluster.
More info: https://galeracluster.com/library/documentation/sst.html.
enum:
- rsync
- mariabackup
- mysqldump
type: string
type: object
image:
description: |-
Image name to be used by the MariaDB instances. The supported format is `<image>:<tag>`.
Only MariaDB official images are supported.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One of `Always`,
`Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets to be used
to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
inheritMetadata:
description: InheritMetadata defines the metadata to be inherited
by children resources.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
initContainers:
description: InitContainers to be used in the Pod.
items:
description: Container object definition.
properties:
args:
description: Args to be used in the Container.
items:
type: string
type: array
command:
description: Command to be used in the Container.
items:
type: string
type: array
env:
description: Env represents the environment variables to be
injected in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must be
a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
image:
description: Image name to be used by the container. The supported
format is `<image>:<tag>`.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One of
`Always`, `Never` or `IfNotPresent`. If not defined, it defaults
to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
name:
description: Name to be given to the container.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
required:
- image
type: object
type: array
livenessProbe:
description: LivenessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used for connection
to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
maxScale:
description: |-
MaxScale is the MaxScale specification that defines the MaxScale resource to be used with the current MariaDB.
When enabling this field, MaxScaleRef is automatically set.
properties:
admin:
description: Admin configures the admin REST API and GUI.
properties:
guiEnabled:
description: GuiEnabled indicates whether the admin GUI should
be enabled.
type: boolean
port:
description: Port where the admin REST API and GUI will be
exposed.
format: int32
type: integer
type: object
auth:
description: Auth defines the credentials required for MaxScale
to connect to MariaDB.
properties:
adminPasswordSecretKeyRef:
description: AdminPasswordSecretKeyRef is Secret key reference
to the admin password to call the admin REST API. It is
defaulted if not provided.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
adminUsername:
description: AdminUsername is an admin username to call the
admin REST API. It is defaulted if not provided.
type: string
clientMaxConnections:
description: |-
ClientMaxConnections defines the maximum number of connections that the client can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
clientPasswordSecretKeyRef:
description: |-
ClientPasswordSecretKeyRef is Secret key reference to the password to connect to MaxScale. It is defaulted if not provided.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
clientUsername:
description: ClientUsername is the user to connect to MaxScale.
It is defaulted if not provided.
type: string
deleteDefaultAdmin:
description: DeleteDefaultAdmin determines whether the default
admin user should be deleted after the initial configuration.
If not provided, it defaults to true.
type: boolean
generate:
description: |-
Generate defies whether the operator should generate users and grants for MaxScale to work.
It only supports MariaDBs specified via spec.mariaDbRef.
type: boolean
metricsPasswordSecretKeyRef:
description: MetricsPasswordSecretKeyRef is Secret key reference
to the metrics password to call the admib REST API. It is
defaulted if metrics are enabled.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
metricsUsername:
description: MetricsUsername is an metrics username to call
the REST API. It is defaulted if metrics are enabled.
type: string
monitorMaxConnections:
description: |-
MonitorMaxConnections defines the maximum number of connections that the monitor can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
monitorPasswordSecretKeyRef:
description: |-
MonitorPasswordSecretKeyRef is Secret key reference to the password used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
monitorUsername:
description: MonitorUsername is the user used by MaxScale
monitor to connect to MariaDB server. It is defaulted if
not provided.
type: string
serverMaxConnections:
description: |-
ServerMaxConnections defines the maximum number of connections that the server can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
serverPasswordSecretKeyRef:
description: |-
ServerPasswordSecretKeyRef is Secret key reference to the password used by MaxScale to connect to MariaDB server. It is defaulted if not provided.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
serverUsername:
description: ServerUsername is the user used by MaxScale to
connect to MariaDB server. It is defaulted if not provided.
type: string
syncMaxConnections:
description: |-
SyncMaxConnections defines the maximum number of connections that the sync can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
syncPasswordSecretKeyRef:
description: |-
SyncPasswordSecretKeyRef is Secret key reference to the password used by MaxScale config to connect to MariaDB server. It is defaulted when HA is enabled.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
syncUsername:
description: MonitoSyncUsernamerUsername is the user used
by MaxScale config sync to connect to MariaDB server. It
is defaulted when HA is enabled.
type: string
type: object
config:
description: Config defines the MaxScale configuration.
properties:
params:
additionalProperties:
type: string
description: |-
Params is a key value pair of parameters to be used in the MaxScale static configuration file.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#global-settings.
type: object
sync:
description: Sync defines how to replicate configuration across
MaxScale replicas. It is defaulted when HA is enabled.
properties:
database:
description: Database is the MariaDB logical database
where the 'maxscale_config' table will be created in
order to persist and synchronize config changes. If
not provided, it defaults to 'mysql'.
type: string
interval:
description: Interval defines the config synchronization
interval. It is defaulted if not provided.
type: string
timeout:
description: Interval defines the config synchronization
timeout. It is defaulted if not provided.
type: string
type: object
volumeClaimTemplate:
description: VolumeClaimTemplate provides a template to define
the PVCs for storing MaxScale runtime configuration files.
It is defaulted if not provided.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
metadata:
description: Metadata to be added to the PVC metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
resources:
description: VolumeResourceRequirements describes the
storage resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
type: object
connection:
description: Connection provides a template to define the Connection
for MaxScale.
properties:
healthCheck:
description: HealthCheck to be used in the Connection.
properties:
interval:
description: Interval used to perform health checks.
type: string
retryInterval:
description: RetryInterval is the interval used to perform
health check retries.
type: string
type: object
params:
additionalProperties:
type: string
description: Params to be used in the Connection.
type: object
port:
description: Port to connect to. If not provided, it defaults
to the MariaDB port or to the first MaxScale listener.
format: int32
type: integer
secretName:
description: SecretName to be used in the Connection.
type: string
secretTemplate:
description: SecretTemplate to be used in the Connection.
properties:
databaseKey:
description: DatabaseKey to be used in the Secret.
type: string
format:
description: Format to be used in the Secret.
type: string
hostKey:
description: HostKey to be used in the Secret.
type: string
key:
description: Key to be used in the Secret.
type: string
metadata:
description: Metadata to be added to the Secret object.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordKey:
description: PasswordKey to be used in the Secret.
type: string
portKey:
description: PortKey to be used in the Secret.
type: string
usernameKey:
description: UsernameKey to be used in the Secret.
type: string
type: object
serviceName:
description: ServiceName to be used in the Connection.
type: string
type: object
enabled:
description: Enabled is a flag to enable a MaxScale instance to
be used with the current MariaDB.
type: boolean
guiKubernetesService:
description: GuiKubernetesService define a template for a Kubernetes
Service object to connect to MaxScale's GUI.
properties:
allocateLoadBalancerNodePorts:
description: AllocateLoadBalancerNodePorts Service field.
type: boolean
externalTrafficPolicy:
description: ExternalTrafficPolicy Service field.
type: string
loadBalancerIP:
description: LoadBalancerIP Service field.
type: string
loadBalancerSourceRanges:
description: LoadBalancerSourceRanges Service field.
items:
type: string
type: array
metadata:
description: Metadata to be added to the Service metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
sessionAffinity:
description: SessionAffinity Service field.
type: string
type:
default: ClusterIP
description: Type is the Service type. One of `ClusterIP`,
`NodePort` or `LoadBalancer`. If not defined, it defaults
to `ClusterIP`.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
image:
description: |-
Image name to be used by the MaxScale instances. The supported format is `<image>:<tag>`.
Only MariaDB official images are supported.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One of
`Always`, `Never` or `IfNotPresent`. If not defined, it defaults
to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
kubernetesService:
description: KubernetesService defines a template for a Kubernetes
Service object to connect to MaxScale.
properties:
allocateLoadBalancerNodePorts:
description: AllocateLoadBalancerNodePorts Service field.
type: boolean
externalTrafficPolicy:
description: ExternalTrafficPolicy Service field.
type: string
loadBalancerIP:
description: LoadBalancerIP Service field.
type: string
loadBalancerSourceRanges:
description: LoadBalancerSourceRanges Service field.
items:
type: string
type: array
metadata:
description: Metadata to be added to the Service metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
sessionAffinity:
description: SessionAffinity Service field.
type: string
type:
default: ClusterIP
description: Type is the Service type. One of `ClusterIP`,
`NodePort` or `LoadBalancer`. If not defined, it defaults
to `ClusterIP`.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
metrics:
description: Metrics configures metrics and how to scrape them.
properties:
enabled:
description: Enabled is a flag to enable Metrics
type: boolean
exporter:
description: Exporter defines the metrics exporter container.
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector
operator is the set of operators
that can be used in a selector
requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector
operator is the set of operators
that can be used in a selector
requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
image:
description: |-
Image name to be used as metrics exporter. The supported format is `<image>:<tag>`.
Only mysqld-exporter >= v0.15.0 is supported: https://github.com/prometheus/mysqld_exporter
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy.
One of `Always`, `Never` or `IfNotPresent`. If not defined,
it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets
to be used to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
podMetadata:
description: PodMetadata defines extra metadata for the
Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security
attributes and common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's
AppArmor settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied
to the container
properties:
level:
description: Level is SELinux level label that
applies to the container.
type: string
role:
description: Role is a SELinux role label that
applies to the container.
type: string
type:
description: Type is a SELinux type label that
applies to the container.
type: string
user:
description: User is a SELinux user label that
applies to the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
port:
description: Port where the exporter will be listening
for connections.
format: int32
type: integer
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
resources:
description: Resources describes the compute resource
requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
securityContext:
description: SecurityContext holds container-level security
attributes.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from
running containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
serviceMonitor:
description: ServiceMonitor defines the ServiceMonior object.
properties:
interval:
description: Interval for scraping metrics.
type: string
jobLabel:
description: JobLabel to add to the ServiceMonitor object.
type: string
prometheusRelease:
description: PrometheusRelease is the release label to
add to the ServiceMonitor object.
type: string
scrapeTimeout:
description: ScrapeTimeout defines the timeout for scraping
metrics.
type: string
type: object
type: object
monitor:
description: Monitor monitors MariaDB server instances.
properties:
cooperativeMonitoring:
description: CooperativeMonitoring enables coordination between
multiple MaxScale instances running monitors. It is defaulted
when HA is enabled.
enum:
- majority_of_all
- majority_of_running
type: string
interval:
description: Interval used to monitor MariaDB servers. It
is defaulted if not provided.
type: string
module:
description: Module is the module to use to monitor MariaDB
servers. It is mandatory when no MariaDB reference is provided.
type: string
name:
description: Name is the identifier of the monitor. It is
defaulted if not provided.
type: string
params:
additionalProperties:
type: string
description: |-
Params defines extra parameters to pass to the monitor.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/.
Monitor specific parameter are also supported:
https://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters.
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration.
type: object
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
type: object
podDisruptionBudget:
description: PodDisruptionBudget defines the budget for replica
availability.
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: MaxUnavailable defines the number of maximum
unavailable Pods.
x-kubernetes-int-or-string: true
minAvailable:
anyOf:
- type: integer
- type: string
description: MinAvailable defines the number of minimum available
Pods.
x-kubernetes-int-or-string: true
type: object
replicas:
description: Replicas indicates the number of desired instances.
format: int32
type: integer
requeueInterval:
description: RequeueInterval is used to perform requeue reconciliations.
type: string
services:
description: Services define how the traffic is forwarded to the
MariaDB servers.
items:
description: Services define how the traffic is forwarded to
the MariaDB servers.
properties:
listener:
description: MaxScaleListener defines how the MaxScale server
will listen for connections.
properties:
name:
description: Name is the identifier of the listener.
It is defaulted if not provided
type: string
params:
additionalProperties:
type: string
description: |-
Params defines extra parameters to pass to the listener.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#listener_1.
type: object
port:
description: Port is the network port where the MaxScale
server will listen.
format: int32
type: integer
protocol:
description: Protocol is the MaxScale protocol to use
when communicating with the client. If not provided,
it defaults to MariaDBProtocol.
type: string
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
required:
- port
type: object
name:
description: Name is the identifier of the MaxScale service.
type: string
params:
additionalProperties:
type: string
description: |-
Params defines extra parameters to pass to the service.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#service_1.
Router specific parameter are also supported:
https://mariadb.com/kb/en/mariadb-maxscale-2308-readwritesplit/#configuration.
https://mariadb.com/kb/en/mariadb-maxscale-2308-readconnroute/#configuration.
type: object
router:
description: Router is the type of router to use.
enum:
- readwritesplit
- readconnroute
type: string
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
required:
- listener
- name
- router
type: object
type: array
tls:
description: TLS defines the PKI to be used with MaxScale.
properties:
adminCASecretRef:
description: |-
AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided.
If not provided, a self-signed CA will be provisioned to issue the server certificate.
properties:
name:
default: ""
type: string
type: object
adminCertIssuerRef:
description: |-
AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with adminCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
adminCertSecretRef:
description: AdminCertSecretRef is a reference to a TLS Secret
used by the MaxScale's administrative REST API and GUI.
properties:
name:
default: ""
type: string
type: object
enabled:
description: |-
Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance.
It is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced.
type: boolean
listenerCASecretRef:
description: |-
ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided.
If not provided, a self-signed CA will be provisioned to issue the listener certificate.
properties:
name:
default: ""
type: string
type: object
listenerCertIssuerRef:
description: |-
ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with listenerCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
listenerCertSecretRef:
description: ListenerCertSecretRef is a reference to a TLS
Secret used by the MaxScale's listeners.
properties:
name:
default: ""
type: string
type: object
replicationSSLEnabled:
description: |-
ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration.
It is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled.
If the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well.
type: boolean
serverCASecretRef:
description: |-
ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers.
The Secret should contain a 'ca.crt' key in order to establish trust.
If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle.
properties:
name:
default: ""
type: string
type: object
serverCertSecretRef:
description: |-
ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers.
If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef).
properties:
name:
default: ""
type: string
type: object
verifyPeerCertificate:
description: |-
VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA.
It is disabled by default.
type: boolean
verifyPeerHost:
description: |-
VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host.
It is disabled by default.
type: boolean
type: object
updateStrategy:
description: UpdateStrategy defines the update strategy for the
StatefulSet object.
properties:
rollingUpdate:
description: RollingUpdate is used to communicate parameters
when Type is RollingUpdateStatefulSetStrategyType.
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding up. This can not be 0.
Defaults to 1. This field is alpha-level and is only honored by servers that enable the
MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to
Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it
will be counted towards MaxUnavailable.
x-kubernetes-int-or-string: true
partition:
description: |-
Partition indicates the ordinal at which the StatefulSet should be partitioned
for updates. During a rolling update, all pods from ordinal Replicas-1 to
Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched.
This is helpful in being able to do a canary based deployment. The default value is 0.
format: int32
type: integer
type: object
type:
description: |-
Type indicates the type of the StatefulSetUpdateStrategy.
Default is RollingUpdate.
type: string
type: object
type: object
maxScaleRef:
description: |-
MaxScaleRef is a reference to a MaxScale resource to be used with the current MariaDB.
Providing this field implies delegating high availability tasks such as primary failover to MaxScale.
properties:
name:
type: string
namespace:
type: string
type: object
metrics:
description: Metrics configures metrics and how to scrape them.
properties:
enabled:
description: Enabled is a flag to enable Metrics
type: boolean
exporter:
description: Exporter defines the metrics exporter container.
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector
operator is the set of operators
that can be used in a selector
requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can
be used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
image:
description: |-
Image name to be used as metrics exporter. The supported format is `<image>:<tag>`.
Only mysqld-exporter >= v0.15.0 is supported: https://github.com/prometheus/mysqld_exporter
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One
of `Always`, `Never` or `IfNotPresent`. If not defined,
it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets
to be used to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes
and common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's
AppArmor settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied
to the container
properties:
level:
description: Level is SELinux level label that applies
to the container.
type: string
role:
description: Role is a SELinux role label that applies
to the container.
type: string
type:
description: Type is a SELinux type label that applies
to the container.
type: string
user:
description: User is a SELinux user label that applies
to the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
port:
description: Port where the exporter will be listening for
connections.
format: int32
type: integer
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
securityContext:
description: SecurityContext holds container-level security
attributes.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from
running containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
passwordSecretKeyRef:
description: |-
PasswordSecretKeyRef is a reference to the password of the monitoring user used by the exporter.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
serviceMonitor:
description: ServiceMonitor defines the ServiceMonior object.
properties:
interval:
description: Interval for scraping metrics.
type: string
jobLabel:
description: JobLabel to add to the ServiceMonitor object.
type: string
prometheusRelease:
description: PrometheusRelease is the release label to add
to the ServiceMonitor object.
type: string
scrapeTimeout:
description: ScrapeTimeout defines the timeout for scraping
metrics.
type: string
type: object
username:
description: Username is the username of the monitoring user used
by the exporter.
type: string
type: object
myCnf:
description: |-
MyCnf allows to specify the my.cnf file mounted by Mariadb.
Updating this field will trigger an update to the Mariadb resource.
type: string
myCnfConfigMapKeyRef:
description: |-
MyCnfConfigMapKeyRef is a reference to the my.cnf config file provided via a ConfigMap.
If not provided, it will be defaulted with a reference to a ConfigMap containing the MyCnf field.
If the referred ConfigMap is labeled with "k8s.mariadb.com/watch", an update to the Mariadb resource will be triggered when the ConfigMap is updated.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
passwordHashSecretKeyRef:
description: |-
PasswordHashSecretKeyRef is a reference to the password hash to be used by the initial User.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password hash.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
passwordPlugin:
description: PasswordPlugin is a reference to the password plugin
and arguments to be used by the initial User.
properties:
pluginArgSecretKeyRef:
description: |-
PluginArgSecretKeyRef is a reference to the arguments to be provided to the authentication plugin for the User.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin arguments.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
pluginNameSecretKeyRef:
description: |-
PluginNameSecretKeyRef is a reference to the authentication plugin to be used by the User.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
passwordSecretKeyRef:
description: |-
PasswordSecretKeyRef is a reference to a Secret that contains the password to be used by the initial User.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should be generated
if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
podDisruptionBudget:
description: PodDisruptionBudget defines the budget for replica availability.
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: MaxUnavailable defines the number of maximum unavailable
Pods.
x-kubernetes-int-or-string: true
minAvailable:
anyOf:
- type: integer
- type: string
description: MinAvailable defines the number of minimum available
Pods.
x-kubernetes-int-or-string: true
type: object
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes and
common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's AppArmor
settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied to the
container
properties:
level:
description: Level is SELinux level label that applies to
the container.
type: string
role:
description: Role is a SELinux role label that applies to
the container.
type: string
type:
description: Type is a SELinux type label that applies to
the container.
type: string
user:
description: User is a SELinux user label that applies to
the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
port:
default: 3306
description: Port where the instances will be listening for connections.
format: int32
type: integer
primaryConnection:
description: |-
PrimaryConnection defines a template to configure the primary Connection object.
This Connection provides the initial User access to the initial Database.
It will make use of the PrimaryService to route network traffic to the primary Pod.
properties:
healthCheck:
description: HealthCheck to be used in the Connection.
properties:
interval:
description: Interval used to perform health checks.
type: string
retryInterval:
description: RetryInterval is the interval used to perform
health check retries.
type: string
type: object
params:
additionalProperties:
type: string
description: Params to be used in the Connection.
type: object
port:
description: Port to connect to. If not provided, it defaults
to the MariaDB port or to the first MaxScale listener.
format: int32
type: integer
secretName:
description: SecretName to be used in the Connection.
type: string
secretTemplate:
description: SecretTemplate to be used in the Connection.
properties:
databaseKey:
description: DatabaseKey to be used in the Secret.
type: string
format:
description: Format to be used in the Secret.
type: string
hostKey:
description: HostKey to be used in the Secret.
type: string
key:
description: Key to be used in the Secret.
type: string
metadata:
description: Metadata to be added to the Secret object.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordKey:
description: PasswordKey to be used in the Secret.
type: string
portKey:
description: PortKey to be used in the Secret.
type: string
usernameKey:
description: UsernameKey to be used in the Secret.
type: string
type: object
serviceName:
description: ServiceName to be used in the Connection.
type: string
type: object
primaryService:
description: |-
PrimaryService defines a template to configure the primary Service object.
The network traffic of this Service will be routed to the primary Pod.
properties:
allocateLoadBalancerNodePorts:
description: AllocateLoadBalancerNodePorts Service field.
type: boolean
externalTrafficPolicy:
description: ExternalTrafficPolicy Service field.
type: string
loadBalancerIP:
description: LoadBalancerIP Service field.
type: string
loadBalancerSourceRanges:
description: LoadBalancerSourceRanges Service field.
items:
type: string
type: array
metadata:
description: Metadata to be added to the Service metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
sessionAffinity:
description: SessionAffinity Service field.
type: string
type:
default: ClusterIP
description: Type is the Service type. One of `ClusterIP`, `NodePort`
or `LoadBalancer`. If not defined, it defaults to `ClusterIP`.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
readinessProbe:
description: ReadinessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used for connection
to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
replicas:
default: 1
description: Replicas indicates the number of desired instances.
format: int32
type: integer
replicasAllowEvenNumber:
default: false
description: disables the validation check for an odd number of replicas.
type: boolean
replication:
description: Replication configures high availability via replication.
This feature is still in alpha, use Galera if you are looking for
a more production-ready HA.
properties:
agent:
description: Agent is a sidecar agent that runs in the MariaDB
Pod and co-operates with mariadb-operator.
properties:
args:
description: Args to be used in the Container.
items:
type: string
type: array
basicAuth:
description: BasicAuth to be used by the agent container
properties:
enabled:
description: Enabled is a flag to enable BasicAuth
type: boolean
passwordSecretKeyRef:
description: PasswordSecretKeyRef to be used for basic
authentication
properties:
generate:
default: false
description: Generate indicates whether the Secret
should be generated if the Secret referenced is
not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: Username to be used for basic authentication
type: string
type: object
command:
description: Command to be used in the Container.
items:
type: string
type: array
env:
description: Env represents the environment variables to be
injected in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must
be a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
envFrom:
description: EnvFrom represents the references (via ConfigMap
and Secrets) to environment variables to be injected in
the container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.'
properties:
configMapRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
prefix:
type: string
secretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: object
type: array
gracefulShutdownTimeout:
description: GracefulShutdownTimeout is the time we give to
the agent container in order to gracefully terminate in-flight
requests.
type: string
image:
description: Image name to be used by the MariaDB instances.
The supported format is `<image>:<tag>`.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One
of `Always`, `Never` or `IfNotPresent`. If not defined,
it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
kubernetesAuth:
description: KubernetesAuth to be used by the agent container
properties:
authDelegatorRoleName:
description: |-
AuthDelegatorRoleName is the name of the ClusterRoleBinding that is associated with the "system:auth-delegator" ClusterRole.
It is necessary for creating TokenReview objects in order for the agent to validate the service account token.
type: string
enabled:
description: Enabled is a flag to enable KubernetesAuth
type: boolean
type: object
livenessProbe:
description: LivenessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
port:
description: Port where the agent will be listening for API
connections.
format: int32
type: integer
probePort:
description: Port where the agent will be listening for probe
connections.
format: int32
type: integer
readinessProbe:
description: ReadinessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
securityContext:
description: SecurityContext holds security configuration
that will be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from
running containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
startupProbe:
description: StartupProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
type: object
enabled:
description: Enabled is a flag to enable replication.
type: boolean
gtidStrictMode:
description: |-
GtidStrictMode determines whether the GTID strict mode is enabled.
See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/gtid#gtid_strict_mode.
It is enabled by default.
type: boolean
initContainer:
description: InitContainer is an init container that runs in the
MariaDB Pod and co-operates with mariadb-operator.
properties:
args:
description: Args to be used in the Container.
items:
type: string
type: array
command:
description: Command to be used in the Container.
items:
type: string
type: array
env:
description: Env represents the environment variables to be
injected in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must
be a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
envFrom:
description: EnvFrom represents the references (via ConfigMap
and Secrets) to environment variables to be injected in
the container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.'
properties:
configMapRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
prefix:
type: string
secretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: object
type: array
image:
description: Image name to be used by the MariaDB instances.
The supported format is `<image>:<tag>`.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One
of `Always`, `Never` or `IfNotPresent`. If not defined,
it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
livenessProbe:
description: LivenessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
readinessProbe:
description: ReadinessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
securityContext:
description: SecurityContext holds security configuration
that will be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from
running containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
startupProbe:
description: StartupProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used
for connection to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
required:
- image
type: object
primary:
description: Primary is the replication configuration for the
primary node.
properties:
autoFailover:
description: |-
AutoFailover indicates whether the operator should automatically update PodIndex to perform an automatic primary failover.
It is enabled by default.
type: boolean
autoFailoverDelay:
description: |-
AutoFailoverDelay indicates the duration before performing an automatic primary failover.
By default, no extra delay is added.
type: string
podIndex:
description: PodIndex is the StatefulSet index of the primary
node. The user may change this field to perform a manual
switchover.
type: integer
type: object
replica:
description: ReplicaReplication is the replication configuration
for the replica nodes.
properties:
bootstrapFrom:
description: |-
ReplicaBootstrapFrom defines the data sources used to bootstrap new replicas.
This will be used as part of the scaling out and recovery operations, when new replicas are created.
If not provided, scale out and recovery operations will return an error.
properties:
physicalBackupTemplateRef:
description: |-
PhysicalBackupTemplateRef is a reference to a PhysicalBackup object that will be used as template to create a new PhysicalBackup object
used synchronize the data from an up to date replica to the new replica to be bootstrapped.
properties:
name:
default: ""
type: string
type: object
restoreJob:
description: RestoreJob defines additional properties
for the Job used to perform the restoration.
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the
Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector
operator is the set
of operators that can
be used in a selector
requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector
operator is the set of operators
that can be used in a selector
requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
metadata:
description: Metadata defines additional metadata
for the bootstrap Jobs.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children
resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
resources:
description: Resources describes the compute resource
requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource
name, quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource
name, quantity) pairs.
type: object
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
required:
- physicalBackupTemplateRef
type: object
connectionRetrySeconds:
description: |-
ConnectionRetrySeconds is the number of seconds that the replica will wait between connection retries.
See: https://mariadb.com/docs/server/reference/sql-statements/administrative-sql-statements/replication-statements/change-master-to#master_connect_retry.
type: integer
gtid:
description: |-
Gtid indicates which Global Transaction ID (GTID) position mode should be used when connecting a replica to the master.
By default, CurrentPos is used.
See: https://mariadb.com/docs/server/reference/sql-statements/administrative-sql-statements/replication-statements/change-master-to#master_use_gtid.
enum:
- CurrentPos
- SlavePos
type: string
maxLagSeconds:
description: |-
MaxLagSeconds is the maximum number of seconds that replicas are allowed to lag behind the primary.
If a replica exceeds this threshold, it is marked as not ready and read queries will no longer be forwarded to it.
If not provided, it defaults to 0, which means that replicas are not allowed to lag behind the primary (recommended).
Lagged replicas will not be taken into account as candidates for the new primary during failover,
and they will block other operations, such as switchover and upgrade.
This field is not taken into account by MaxScale, you can define the maximum lag as router parameters.
See: https://mariadb.com/docs/maxscale/reference/maxscale-routers/maxscale-readwritesplit#max_replication_lag.
type: integer
recovery:
description: |-
ReplicaRecovery defines how the replicas should be recovered after they enter an error state.
This process deletes data from faulty replicas and recreates them using the source defined in the bootstrapFrom field.
It is disabled by default, and it requires the bootstrapFrom field to be set.
properties:
enabled:
description: Enabled is a flag to enable replica recovery.
type: boolean
errorDurationThreshold:
description: |-
ErrorDurationThreshold defines the time duration after which, if a replica continues to report errors,
the operator will initiate the recovery process for that replica.
This threshold applies only to error codes not identified as recoverable by the operator.
Errors identified as recoverable will trigger the recovery process immediately.
It defaults to 5 minutes.
type: string
required:
- enabled
type: object
replPasswordSecretKeyRef:
description: |-
ReplPasswordSecretKeyRef provides a reference to the Secret to use as password for the replication user.
By default, a random password will be generated.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
syncTimeout:
description: |-
SyncTimeout defines the timeout for the synchronization phase during switchover and failover operations.
During switchover, all replicas must be synced with the current primary before promoting the new primary.
During failover, the new primary must be synced before being promoted as primary. This implies processing all the events in the relay log.
When the timeout is reached, the operator restarts the operation from the beginning.
It defaults to 10s.
See: https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/miscellaneous-functions/master_gtid_wait
type: string
type: object
semiSyncAckTimeout:
description: |-
SemiSyncAckTimeout for the replica to acknowledge transactions to the primary.
It requires semi-synchronous replication to be enabled.
See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication#rpl_semi_sync_master_timeout
type: string
semiSyncEnabled:
description: |-
SemiSyncEnabled determines whether semi-synchronous replication is enabled.
Semi-synchronous replication requires that at least one replica should have sent an ACK to the primary node
before committing the transaction back to the client.
See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication
It is enabled by default
type: boolean
semiSyncWaitPoint:
description: |-
SemiSyncWaitPoint determines whether the transaction should wait for an ACK after having synced the binlog (AfterSync)
or after having committed to the storage engine (AfterCommit, the default).
It requires semi-synchronous replication to be enabled.
See: https://mariadb.com/kb/en/semisynchronous-replication/#rpl_semi_sync_master_wait_point.
enum:
- AfterSync
- AfterCommit
type: string
standaloneProbes:
description: |-
StandaloneProbes indicates whether to use the default non-HA startup and liveness probes.
It is disabled by default
type: boolean
syncBinlog:
description: |-
SyncBinlog indicates after how many events the binary log is synchronized to the disk.
See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/replication-and-binary-log-system-variables#sync_binlog
type: integer
type: object
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
rootEmptyPassword:
description: RootEmptyPassword indicates if the root password should
be empty. Don't use this feature in production, it is only intended
for development and test environments.
type: boolean
rootPasswordSecretKeyRef:
description: RootPasswordSecretKeyRef is a reference to a Secret key
containing the root password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should be generated
if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
secondaryConnection:
description: |-
SecondaryConnection defines a template to configure the secondary Connection object.
This Connection provides the initial User access to the initial Database.
It will make use of the SecondaryService to route network traffic to the secondary Pods.
properties:
healthCheck:
description: HealthCheck to be used in the Connection.
properties:
interval:
description: Interval used to perform health checks.
type: string
retryInterval:
description: RetryInterval is the interval used to perform
health check retries.
type: string
type: object
params:
additionalProperties:
type: string
description: Params to be used in the Connection.
type: object
port:
description: Port to connect to. If not provided, it defaults
to the MariaDB port or to the first MaxScale listener.
format: int32
type: integer
secretName:
description: SecretName to be used in the Connection.
type: string
secretTemplate:
description: SecretTemplate to be used in the Connection.
properties:
databaseKey:
description: DatabaseKey to be used in the Secret.
type: string
format:
description: Format to be used in the Secret.
type: string
hostKey:
description: HostKey to be used in the Secret.
type: string
key:
description: Key to be used in the Secret.
type: string
metadata:
description: Metadata to be added to the Secret object.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordKey:
description: PasswordKey to be used in the Secret.
type: string
portKey:
description: PortKey to be used in the Secret.
type: string
usernameKey:
description: UsernameKey to be used in the Secret.
type: string
type: object
serviceName:
description: ServiceName to be used in the Connection.
type: string
type: object
secondaryService:
description: |-
SecondaryService defines a template to configure the secondary Service object.
The network traffic of this Service will be routed to the secondary Pods.
properties:
allocateLoadBalancerNodePorts:
description: AllocateLoadBalancerNodePorts Service field.
type: boolean
externalTrafficPolicy:
description: ExternalTrafficPolicy Service field.
type: string
loadBalancerIP:
description: LoadBalancerIP Service field.
type: string
loadBalancerSourceRanges:
description: LoadBalancerSourceRanges Service field.
items:
type: string
type: array
metadata:
description: Metadata to be added to the Service metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
sessionAffinity:
description: SessionAffinity Service field.
type: string
type:
default: ClusterIP
description: Type is the Service type. One of `ClusterIP`, `NodePort`
or `LoadBalancer`. If not defined, it defaults to `ClusterIP`.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
securityContext:
description: SecurityContext holds security configuration that will
be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from running
containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
service:
description: |-
Service defines a template to configure the general Service object.
The network traffic of this Service will be routed to all Pods.
properties:
allocateLoadBalancerNodePorts:
description: AllocateLoadBalancerNodePorts Service field.
type: boolean
externalTrafficPolicy:
description: ExternalTrafficPolicy Service field.
type: string
loadBalancerIP:
description: LoadBalancerIP Service field.
type: string
loadBalancerSourceRanges:
description: LoadBalancerSourceRanges Service field.
items:
type: string
type: array
metadata:
description: Metadata to be added to the Service metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
sessionAffinity:
description: SessionAffinity Service field.
type: string
type:
default: ClusterIP
description: Type is the Service type. One of `ClusterIP`, `NodePort`
or `LoadBalancer`. If not defined, it defaults to `ClusterIP`.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
serviceAccountName:
description: ServiceAccountName is the name of the ServiceAccount
to be used by the Pods.
type: string
servicePorts:
description: ServicePorts is the list of additional named ports to
be added to the Services created by the operator.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#serviceport-v1-core'
properties:
name:
type: string
port:
format: int32
type: integer
required:
- name
- port
type: object
type: array
sidecarContainers:
description: SidecarContainers to be used in the Pod.
items:
description: Container object definition.
properties:
args:
description: Args to be used in the Container.
items:
type: string
type: array
command:
description: Command to be used in the Container.
items:
type: string
type: array
env:
description: Env represents the environment variables to be
injected in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must be
a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
image:
description: Image name to be used by the container. The supported
format is `<image>:<tag>`.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One of
`Always`, `Never` or `IfNotPresent`. If not defined, it defaults
to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
name:
description: Name to be given to the container.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
required:
- image
type: object
type: array
startupProbe:
description: StartupProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used for connection
to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
storage:
description: Storage defines the storage options to be used for provisioning
the PVCs mounted by MariaDB.
properties:
ephemeral:
description: Ephemeral indicates whether to use ephemeral storage
in the PVCs. It is only compatible with non HA MariaDBs.
type: boolean
resizeInUseVolumes:
description: |-
ResizeInUseVolumes indicates whether the PVCs can be resized. The 'StorageClassName' used should have 'allowVolumeExpansion' set to 'true' to allow resizing.
It defaults to true.
type: boolean
size:
anyOf:
- type: integer
- type: string
description: Size of the PVCs to be mounted by MariaDB. Required
if not provided in 'VolumeClaimTemplate'. It supersedes the
storage size specified in 'VolumeClaimTemplate'.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
storageClassName:
description: |-
StorageClassName to be used to provision the PVCS. It supersedes the 'StorageClassName' specified in 'VolumeClaimTemplate'.
If not provided, the default 'StorageClass' configured in the cluster is used.
type: string
volumeClaimTemplate:
description: VolumeClaimTemplate provides a template to define
the PVCs.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
metadata:
description: Metadata to be added to the PVC metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
resources:
description: VolumeResourceRequirements describes the storage
resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
waitForVolumeResize:
description: |-
WaitForVolumeResize indicates whether to wait for the PVCs to be resized before marking the MariaDB object as ready. This will block other operations such as cluster recovery while the resize is in progress.
It defaults to true.
type: boolean
type: object
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
timeZone:
description: TimeZone sets the default timezone. If not provided,
it defaults to SYSTEM and the timezone data is not loaded.
type: string
tls:
description: TLS defines the PKI to be used with MariaDB.
properties:
clientCASecretRef:
description: |-
ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided.
If not provided, a self-signed CA will be provisioned to issue the client certificate.
properties:
name:
default: ""
type: string
type: object
clientCertIssuerRef:
description: |-
ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with clientCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
clientCertSecretRef:
description: |-
ClientCertSecretRef is a reference to a TLS Secret containing the client certificate.
It is mutually exclusive with clientCertIssuerRef.
properties:
name:
default: ""
type: string
type: object
enabled:
description: |-
Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance.
It is enabled by default.
type: boolean
galeraSSTEnabled:
description: |-
GaleraSSTEnabled determines whether Galera SST connections should use TLS.
It disabled by default.
type: boolean
required:
description: |-
Required specifies whether TLS must be enforced for all connections.
User TLS requirements take precedence over this.
It disabled by default.
type: boolean
serverCASecretRef:
description: |-
ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided.
If not provided, a self-signed CA will be provisioned to issue the server certificate.
properties:
name:
default: ""
type: string
type: object
serverCertIssuerRef:
description: |-
ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with serverCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
serverCertSecretRef:
description: |-
ServerCertSecretRef is a reference to a TLS Secret containing the server certificate.
It is mutually exclusive with serverCertIssuerRef.
properties:
name:
default: ""
type: string
type: object
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
topologySpreadConstraints:
description: TopologySpreadConstraints to be used in the Pod.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#topologyspreadconstraint-v1-core.'
properties:
labelSelector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
items:
type: string
type: array
maxSkew:
format: int32
type: integer
minDomains:
format: int32
type: integer
nodeAffinityPolicy:
description: NodeInclusionPolicy defines the type of node inclusion
policy
type: string
nodeTaintsPolicy:
description: NodeInclusionPolicy defines the type of node inclusion
policy
type: string
topologyKey:
type: string
whenUnsatisfiable:
type: string
required:
- maxSkew
- topologyKey
- whenUnsatisfiable
type: object
type: array
updateStrategy:
description: UpdateStrategy defines how a MariaDB resource is updated.
properties:
autoUpdateDataPlane:
description: |-
AutoUpdateDataPlane indicates whether the Galera data-plane version (agent and init containers) should be automatically updated based on the operator version. It defaults to false.
Updating the operator will trigger updates on all the MariaDB instances that have this flag set to true. Thus, it is recommended to progressively set this flag after having updated the operator.
type: boolean
rollingUpdate:
description: RollingUpdate defines parameters for the RollingUpdate
type.
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding up. This can not be 0.
Defaults to 1. This field is alpha-level and is only honored by servers that enable the
MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to
Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it
will be counted towards MaxUnavailable.
x-kubernetes-int-or-string: true
partition:
description: |-
Partition indicates the ordinal at which the StatefulSet should be partitioned
for updates. During a rolling update, all pods from ordinal Replicas-1 to
Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched.
This is helpful in being able to do a canary based deployment. The default value is 0.
format: int32
type: integer
type: object
type:
default: ReplicasFirstPrimaryLast
description: Type defines the type of updates. One of `ReplicasFirstPrimaryLast`,
`RollingUpdate` or `OnDelete`. If not defined, it defaults to
`ReplicasFirstPrimaryLast`.
enum:
- ReplicasFirstPrimaryLast
- RollingUpdate
- OnDelete
- Never
type: string
type: object
username:
description: |-
Username is the initial username to be created by the operator once MariaDB is ready.
The initial User will have ALL PRIVILEGES in the initial Database.
type: string
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
volumes:
description: Volumes to be used in the Pod.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volume-v1-core.'
properties:
configMap:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapvolumesource-v1-core.'
properties:
defaultMode:
format: int32
type: integer
name:
default: ""
type: string
type: object
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can
be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
name:
type: string
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
secret:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretvolumesource-v1-core.'
properties:
defaultMode:
format: int32
type: integer
secretName:
type: string
type: object
required:
- name
type: object
type: array
type: object
x-kubernetes-validations:
- message: 'An odd number of MariaDB instances (mariadb.spec.replicas)
is required to avoid split brain situations for Galera. Use ''mariadb.spec.replicasAllowEvenNumber:
true'' to disable this validation.'
rule: '!has(self.galera) || !self.galera.enabled || (self.replicas %
2 == 1 || self.replicasAllowEvenNumber)'
status:
description: MariaDBStatus defines the observed state of MariaDB
properties:
conditions:
description: Conditions for the Mariadb object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
currentPrimary:
description: CurrentPrimary is the primary Pod.
type: string
currentPrimaryFailingSince:
description: CurrentPrimaryFailingSince is the timestamp of the moment
when the primary became not ready.
format: date-time
type: string
currentPrimaryPodIndex:
description: CurrentPrimaryPodIndex is the primary Pod index.
type: integer
defaultVersion:
description: |-
DefaultVersion is the MariaDB version used by the operator when it cannot infer the version
from spec.image. This can happen if the image uses a digest (e.g. sha256) instead
of a version tag.
type: string
galeraRecovery:
description: GaleraRecovery is the Galera recovery current state.
properties:
bootstrap:
description: Bootstrap indicates when and in which Pod the cluster
bootstrap process has been performed.
properties:
pod:
type: string
time:
format: date-time
type: string
type: object
podsRestarted:
description: PodsRestarted that the Pods have been restarted after
the cluster bootstrap.
type: boolean
recovered:
additionalProperties:
properties:
seqno:
type: integer
uuid:
type: string
required:
- seqno
- uuid
type: object
description: State is a per Pod representation of the sequence
recovery process.
type: object
state:
additionalProperties:
properties:
safeToBootstrap:
type: boolean
seqno:
type: integer
uuid:
type: string
version:
type: string
required:
- safeToBootstrap
- seqno
- uuid
- version
type: object
description: State is a per Pod representation of the Galera state
file (grastate.dat).
type: object
type: object
replicas:
description: Replicas indicates the number of current instances.
format: int32
type: integer
replication:
description: Replication is the replication current status per each
Pod.
properties:
replicaToRecover:
description: ReplicaToRecover is the replica that is being recovered
by the operator.
type: string
replicas:
additionalProperties:
description: ReplicaStatus is the observed replica status.
properties:
gtidCurrentPos:
description: GtidCurrentPos is the last GTID position executed
by the SQL thread.
type: string
gtidIOPos:
description: GtidIOPos is the last GTID position received
by the IO thread and written to the relay log.
type: string
lastErrorTransitionTime:
description: LastErrorTransitionTime is the last time the
replica transitioned to an error state.
format: date-time
type: string
lastIOErrno:
description: LastIOErrno is the error code returned by the
IO thread.
type: integer
lastIOError:
description: LastIOErrno is the error message returned by
the IO thread.
type: string
lastSQLErrno:
description: LastSQLErrno is the error code returned by
the SQL thread.
type: integer
lastSQLError:
description: LastSQLError is the error message returned
by the SQL thread.
type: string
secondsBehindMaster:
description: SecondsBehindMaster measures the replication
lag with the primary.
type: integer
slaveIORunning:
description: SlaveIORunning indicates whether the slave
IO thread is running.
type: boolean
slaveSQLRunning:
description: SlaveSQLRunning indicates whether the slave
SQL thread is running.
type: boolean
type: object
description: Replicas is the observed replication status for each
replica.
type: object
roles:
additionalProperties:
description: ReplicationRole represents the observed replication
roles.
type: string
description: Roles is the observed replication roles for each
Pod.
type: object
type: object
scaleOutInitialIndex:
description: ScaleOutInitialIndex is the initial index where the scale
out operation started.
type: integer
tls:
description: TLS aggregates the status of the certificates used by
the MariaDB instance.
properties:
caBundle:
description: CABundle is the status of the Certificate Authority
bundle.
items:
description: CertificateStatus represents the current status
of a TLS certificate.
properties:
issuer:
description: Issuer is the issuer of the current certificate.
type: string
notAfter:
description: NotAfter indicates that the certificate is
not valid after the given date.
format: date-time
type: string
notBefore:
description: NotBefore indicates that the certificate is
not valid before the given date.
format: date-time
type: string
subject:
description: Subject is the subject of the current certificate.
type: string
required:
- issuer
- subject
type: object
type: array
clientCert:
description: ClientCert is the status of the client certificate.
properties:
issuer:
description: Issuer is the issuer of the current certificate.
type: string
notAfter:
description: NotAfter indicates that the certificate is not
valid after the given date.
format: date-time
type: string
notBefore:
description: NotBefore indicates that the certificate is not
valid before the given date.
format: date-time
type: string
subject:
description: Subject is the subject of the current certificate.
type: string
required:
- issuer
- subject
type: object
serverCert:
description: ServerCert is the status of the server certificate.
properties:
issuer:
description: Issuer is the issuer of the current certificate.
type: string
notAfter:
description: NotAfter indicates that the certificate is not
valid after the given date.
format: date-time
type: string
notBefore:
description: NotBefore indicates that the certificate is not
valid before the given date.
format: date-time
type: string
subject:
description: Subject is the subject of the current certificate.
type: string
required:
- issuer
- subject
type: object
type: object
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
scale:
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: maxscales.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: MaxScale
listKind: MaxScaleList
plural: maxscales
shortNames:
- mxs
singular: maxscale
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .status.primaryServer
name: Primary
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: MaxScale is the Schema for the maxscales API. It is used to define
MaxScale clusters.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: MaxScaleSpec defines the desired state of MaxScale.
properties:
admin:
description: Admin configures the admin REST API and GUI.
properties:
guiEnabled:
description: GuiEnabled indicates whether the admin GUI should
be enabled.
type: boolean
port:
description: Port where the admin REST API and GUI will be exposed.
format: int32
type: integer
type: object
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can be
used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator is
the set of operators that can be used in
a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
auth:
description: Auth defines the credentials required for MaxScale to
connect to MariaDB.
properties:
adminPasswordSecretKeyRef:
description: AdminPasswordSecretKeyRef is Secret key reference
to the admin password to call the admin REST API. It is defaulted
if not provided.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
adminUsername:
description: AdminUsername is an admin username to call the admin
REST API. It is defaulted if not provided.
type: string
clientMaxConnections:
description: |-
ClientMaxConnections defines the maximum number of connections that the client can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
clientPasswordSecretKeyRef:
description: |-
ClientPasswordSecretKeyRef is Secret key reference to the password to connect to MaxScale. It is defaulted if not provided.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
clientUsername:
description: ClientUsername is the user to connect to MaxScale.
It is defaulted if not provided.
type: string
deleteDefaultAdmin:
description: DeleteDefaultAdmin determines whether the default
admin user should be deleted after the initial configuration.
If not provided, it defaults to true.
type: boolean
generate:
description: |-
Generate defies whether the operator should generate users and grants for MaxScale to work.
It only supports MariaDBs specified via spec.mariaDbRef.
type: boolean
metricsPasswordSecretKeyRef:
description: MetricsPasswordSecretKeyRef is Secret key reference
to the metrics password to call the admib REST API. It is defaulted
if metrics are enabled.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
metricsUsername:
description: MetricsUsername is an metrics username to call the
REST API. It is defaulted if metrics are enabled.
type: string
monitorMaxConnections:
description: |-
MonitorMaxConnections defines the maximum number of connections that the monitor can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
monitorPasswordSecretKeyRef:
description: |-
MonitorPasswordSecretKeyRef is Secret key reference to the password used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
monitorUsername:
description: MonitorUsername is the user used by MaxScale monitor
to connect to MariaDB server. It is defaulted if not provided.
type: string
serverMaxConnections:
description: |-
ServerMaxConnections defines the maximum number of connections that the server can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
serverPasswordSecretKeyRef:
description: |-
ServerPasswordSecretKeyRef is Secret key reference to the password used by MaxScale to connect to MariaDB server. It is defaulted if not provided.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
serverUsername:
description: ServerUsername is the user used by MaxScale to connect
to MariaDB server. It is defaulted if not provided.
type: string
syncMaxConnections:
description: |-
SyncMaxConnections defines the maximum number of connections that the sync can establish.
If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections.
It defaults to 30 times the number of MaxScale replicas.
format: int32
type: integer
syncPasswordSecretKeyRef:
description: |-
SyncPasswordSecretKeyRef is Secret key reference to the password used by MaxScale config to connect to MariaDB server. It is defaulted when HA is enabled.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
generate:
default: false
description: Generate indicates whether the Secret should
be generated if the Secret referenced is not present.
type: boolean
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
syncUsername:
description: MonitoSyncUsernamerUsername is the user used by MaxScale
config sync to connect to MariaDB server. It is defaulted when
HA is enabled.
type: string
type: object
command:
description: Command to be used in the Container.
items:
type: string
type: array
config:
description: Config defines the MaxScale configuration.
properties:
params:
additionalProperties:
type: string
description: |-
Params is a key value pair of parameters to be used in the MaxScale static configuration file.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#global-settings.
type: object
sync:
description: Sync defines how to replicate configuration across
MaxScale replicas. It is defaulted when HA is enabled.
properties:
database:
description: Database is the MariaDB logical database where
the 'maxscale_config' table will be created in order to
persist and synchronize config changes. If not provided,
it defaults to 'mysql'.
type: string
interval:
description: Interval defines the config synchronization interval.
It is defaulted if not provided.
type: string
timeout:
description: Interval defines the config synchronization timeout.
It is defaulted if not provided.
type: string
type: object
volumeClaimTemplate:
description: VolumeClaimTemplate provides a template to define
the PVCs for storing MaxScale runtime configuration files. It
is defaulted if not provided.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
metadata:
description: Metadata to be added to the PVC metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
resources:
description: VolumeResourceRequirements describes the storage
resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
type: object
connection:
description: Connection provides a template to define the Connection
for MaxScale.
properties:
healthCheck:
description: HealthCheck to be used in the Connection.
properties:
interval:
description: Interval used to perform health checks.
type: string
retryInterval:
description: RetryInterval is the interval used to perform
health check retries.
type: string
type: object
params:
additionalProperties:
type: string
description: Params to be used in the Connection.
type: object
port:
description: Port to connect to. If not provided, it defaults
to the MariaDB port or to the first MaxScale listener.
format: int32
type: integer
secretName:
description: SecretName to be used in the Connection.
type: string
secretTemplate:
description: SecretTemplate to be used in the Connection.
properties:
databaseKey:
description: DatabaseKey to be used in the Secret.
type: string
format:
description: Format to be used in the Secret.
type: string
hostKey:
description: HostKey to be used in the Secret.
type: string
key:
description: Key to be used in the Secret.
type: string
metadata:
description: Metadata to be added to the Secret object.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
passwordKey:
description: PasswordKey to be used in the Secret.
type: string
portKey:
description: PortKey to be used in the Secret.
type: string
usernameKey:
description: UsernameKey to be used in the Secret.
type: string
type: object
serviceName:
description: ServiceName to be used in the Connection.
type: string
type: object
env:
description: Env represents the environment variables to be injected
in a container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
type: string
valueFrom:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.'
properties:
configMapKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.'
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.'
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
envFrom:
description: EnvFrom represents the references (via ConfigMap and
Secrets) to environment variables to be injected in the container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.'
properties:
configMapRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
prefix:
type: string
secretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: object
type: array
guiKubernetesService:
description: GuiKubernetesService defines a template for a Kubernetes
Service object to connect to MaxScale's GUI.
properties:
allocateLoadBalancerNodePorts:
description: AllocateLoadBalancerNodePorts Service field.
type: boolean
externalTrafficPolicy:
description: ExternalTrafficPolicy Service field.
type: string
loadBalancerIP:
description: LoadBalancerIP Service field.
type: string
loadBalancerSourceRanges:
description: LoadBalancerSourceRanges Service field.
items:
type: string
type: array
metadata:
description: Metadata to be added to the Service metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
sessionAffinity:
description: SessionAffinity Service field.
type: string
type:
default: ClusterIP
description: Type is the Service type. One of `ClusterIP`, `NodePort`
or `LoadBalancer`. If not defined, it defaults to `ClusterIP`.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
image:
description: |-
Image name to be used by the MaxScale instances. The supported format is `<image>:<tag>`.
Only MaxScale official images are supported.
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One of `Always`,
`Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets to be used
to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
inheritMetadata:
description: InheritMetadata defines the metadata to be inherited
by children resources.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
kubernetesService:
description: KubernetesService defines a template for a Kubernetes
Service object to connect to MaxScale.
properties:
allocateLoadBalancerNodePorts:
description: AllocateLoadBalancerNodePorts Service field.
type: boolean
externalTrafficPolicy:
description: ExternalTrafficPolicy Service field.
type: string
loadBalancerIP:
description: LoadBalancerIP Service field.
type: string
loadBalancerSourceRanges:
description: LoadBalancerSourceRanges Service field.
items:
type: string
type: array
metadata:
description: Metadata to be added to the Service metadata.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
sessionAffinity:
description: SessionAffinity Service field.
type: string
type:
default: ClusterIP
description: Type is the Service type. One of `ClusterIP`, `NodePort`
or `LoadBalancer`. If not defined, it defaults to `ClusterIP`.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
livenessProbe:
description: LivenessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used for connection
to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
mariaDbRef:
description: MariaDBRef is a reference to the MariaDB that MaxScale
points to. It is used to initialize the servers field.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
metrics:
description: Metrics configures metrics and how to scrape them.
properties:
enabled:
description: Enabled is a flag to enable Metrics
type: boolean
exporter:
description: Exporter defines the metrics exporter container.
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector
operator is the set of operators
that can be used in a selector
requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes
docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can
be used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
image:
description: |-
Image name to be used as metrics exporter. The supported format is `<image>:<tag>`.
Only mysqld-exporter >= v0.15.0 is supported: https://github.com/prometheus/mysqld_exporter
type: string
imagePullPolicy:
description: ImagePullPolicy is the image pull policy. One
of `Always`, `Never` or `IfNotPresent`. If not defined,
it defaults to `IfNotPresent`.
enum:
- Always
- Never
- IfNotPresent
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets
to be used to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes
and common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's
AppArmor settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied
to the container
properties:
level:
description: Level is SELinux level label that applies
to the container.
type: string
role:
description: Role is a SELinux role label that applies
to the container.
type: string
type:
description: Type is a SELinux type label that applies
to the container.
type: string
user:
description: User is a SELinux user label that applies
to the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
port:
description: Port where the exporter will be listening for
connections.
format: int32
type: integer
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name,
quantity) pairs.
type: object
type: object
securityContext:
description: SecurityContext holds container-level security
attributes.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from
running containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
serviceMonitor:
description: ServiceMonitor defines the ServiceMonior object.
properties:
interval:
description: Interval for scraping metrics.
type: string
jobLabel:
description: JobLabel to add to the ServiceMonitor object.
type: string
prometheusRelease:
description: PrometheusRelease is the release label to add
to the ServiceMonitor object.
type: string
scrapeTimeout:
description: ScrapeTimeout defines the timeout for scraping
metrics.
type: string
type: object
type: object
monitor:
description: Monitor monitors MariaDB server instances. It is required
if 'spec.mariaDbRef' is not provided.
properties:
cooperativeMonitoring:
description: CooperativeMonitoring enables coordination between
multiple MaxScale instances running monitors. It is defaulted
when HA is enabled.
enum:
- majority_of_all
- majority_of_running
type: string
interval:
description: Interval used to monitor MariaDB servers. It is defaulted
if not provided.
type: string
module:
description: Module is the module to use to monitor MariaDB servers.
It is mandatory when no MariaDB reference is provided.
type: string
name:
description: Name is the identifier of the monitor. It is defaulted
if not provided.
type: string
params:
additionalProperties:
type: string
description: |-
Params defines extra parameters to pass to the monitor.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/.
Monitor specific parameter are also supported:
https://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters.
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration.
type: object
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
podDisruptionBudget:
description: PodDisruptionBudget defines the budget for replica availability.
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: MaxUnavailable defines the number of maximum unavailable
Pods.
x-kubernetes-int-or-string: true
minAvailable:
anyOf:
- type: integer
- type: string
description: MinAvailable defines the number of minimum available
Pods.
x-kubernetes-int-or-string: true
type: object
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes and
common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's AppArmor
settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied to the
container
properties:
level:
description: Level is SELinux level label that applies to
the container.
type: string
role:
description: Role is a SELinux role label that applies to
the container.
type: string
type:
description: Type is a SELinux type label that applies to
the container.
type: string
user:
description: User is a SELinux user label that applies to
the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
primaryServer:
description: |-
PrimaryServer specifies the desired primary server. Setting this field triggers a switchover operation in MaxScale to the desired server.
This option is only valid when using monitors that support switchover, currently limited to the MariaDB monitor.
type: string
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
readinessProbe:
description: ReadinessProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used for connection
to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
replicas:
default: 1
description: Replicas indicates the number of desired instances.
format: int32
type: integer
requeueInterval:
description: RequeueInterval is used to perform requeue reconciliations.
If not defined, it defaults to 10s.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
securityContext:
description: SecurityContext holds security configuration that will
be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from running
containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
servers:
description: Servers are the MariaDB servers to forward traffic to.
It is required if 'spec.mariaDbRef' is not provided.
items:
description: MaxScaleServer defines a MariaDB server to forward
traffic to.
properties:
address:
description: Address is the network address of the MariaDB server.
type: string
maintenance:
description: Maintenance indicates whether the server is in
maintenance mode.
type: boolean
name:
description: Name is the identifier of the MariaDB server.
type: string
params:
additionalProperties:
type: string
description: |-
Params defines extra parameters to pass to the server.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#server_1.
type: object
port:
description: Port is the network port of the MariaDB server.
If not provided, it defaults to 3306.
format: int32
type: integer
protocol:
description: Protocol is the MaxScale protocol to use when communicating
with this MariaDB server. If not provided, it defaults to
MariaDBBackend.
type: string
required:
- address
- name
type: object
type: array
serviceAccountName:
description: ServiceAccountName is the name of the ServiceAccount
to be used by the Pods.
type: string
services:
description: Services define how the traffic is forwarded to the MariaDB
servers. It is defaulted if not provided.
items:
description: Services define how the traffic is forwarded to the
MariaDB servers.
properties:
listener:
description: MaxScaleListener defines how the MaxScale server
will listen for connections.
properties:
name:
description: Name is the identifier of the listener. It
is defaulted if not provided
type: string
params:
additionalProperties:
type: string
description: |-
Params defines extra parameters to pass to the listener.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#listener_1.
type: object
port:
description: Port is the network port where the MaxScale
server will listen.
format: int32
type: integer
protocol:
description: Protocol is the MaxScale protocol to use when
communicating with the client. If not provided, it defaults
to MariaDBProtocol.
type: string
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
required:
- port
type: object
name:
description: Name is the identifier of the MaxScale service.
type: string
params:
additionalProperties:
type: string
description: |-
Params defines extra parameters to pass to the service.
Any parameter supported by MaxScale may be specified here. See reference:
https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#service_1.
Router specific parameter are also supported:
https://mariadb.com/kb/en/mariadb-maxscale-2308-readwritesplit/#configuration.
https://mariadb.com/kb/en/mariadb-maxscale-2308-readconnroute/#configuration.
type: object
router:
description: Router is the type of router to use.
enum:
- readwritesplit
- readconnroute
type: string
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
required:
- listener
- name
- router
type: object
type: array
startupProbe:
description: StartupProbe to be used in the Container.
properties:
exec:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.'
properties:
command:
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
format: int32
type: integer
httpGet:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.'
properties:
host:
type: string
path:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
scheme:
description: URIScheme identifies the scheme used for connection
to a host for Get actions
type: string
required:
- port
type: object
initialDelaySeconds:
format: int32
type: integer
periodSeconds:
format: int32
type: integer
successThreshold:
format: int32
type: integer
tcpSocket:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.'
properties:
host:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
format: int32
type: integer
type: object
suspend:
default: false
description: |-
Suspend indicates whether the current resource should be suspended or not.
This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
type: boolean
tls:
description: TLS defines the PKI to be used with MaxScale.
properties:
adminCASecretRef:
description: |-
AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided.
If not provided, a self-signed CA will be provisioned to issue the server certificate.
properties:
name:
default: ""
type: string
type: object
adminCertIssuerRef:
description: |-
AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with adminCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
adminCertSecretRef:
description: AdminCertSecretRef is a reference to a TLS Secret
used by the MaxScale's administrative REST API and GUI.
properties:
name:
default: ""
type: string
type: object
enabled:
description: |-
Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance.
It is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced.
type: boolean
listenerCASecretRef:
description: |-
ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners.
One of:
- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.
- Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided.
If not provided, a self-signed CA will be provisioned to issue the listener certificate.
properties:
name:
default: ""
type: string
type: object
listenerCertIssuerRef:
description: |-
ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster.
It is mutually exclusive with listenerCertSecretRef.
By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef.
properties:
group:
description: Group of the resource being referred to.
type: string
kind:
description: Kind of the resource being referred to.
type: string
name:
description: Name of the resource being referred to.
type: string
required:
- name
type: object
listenerCertSecretRef:
description: ListenerCertSecretRef is a reference to a TLS Secret
used by the MaxScale's listeners.
properties:
name:
default: ""
type: string
type: object
replicationSSLEnabled:
description: |-
ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration.
It is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled.
If the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well.
type: boolean
serverCASecretRef:
description: |-
ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers.
The Secret should contain a 'ca.crt' key in order to establish trust.
If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle.
properties:
name:
default: ""
type: string
type: object
serverCertSecretRef:
description: |-
ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers.
If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef).
properties:
name:
default: ""
type: string
type: object
verifyPeerCertificate:
description: |-
VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA.
It is disabled by default.
type: boolean
verifyPeerHost:
description: |-
VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host.
It is disabled by default.
type: boolean
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
topologySpreadConstraints:
description: TopologySpreadConstraints to be used in the Pod.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#topologyspreadconstraint-v1-core.'
properties:
labelSelector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
items:
type: string
type: array
maxSkew:
format: int32
type: integer
minDomains:
format: int32
type: integer
nodeAffinityPolicy:
description: NodeInclusionPolicy defines the type of node inclusion
policy
type: string
nodeTaintsPolicy:
description: NodeInclusionPolicy defines the type of node inclusion
policy
type: string
topologyKey:
type: string
whenUnsatisfiable:
type: string
required:
- maxSkew
- topologyKey
- whenUnsatisfiable
type: object
type: array
updateStrategy:
description: UpdateStrategy defines the update strategy for the StatefulSet
object.
properties:
rollingUpdate:
description: RollingUpdate is used to communicate parameters when
Type is RollingUpdateStatefulSetStrategyType.
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding up. This can not be 0.
Defaults to 1. This field is alpha-level and is only honored by servers that enable the
MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to
Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it
will be counted towards MaxUnavailable.
x-kubernetes-int-or-string: true
partition:
description: |-
Partition indicates the ordinal at which the StatefulSet should be partitioned
for updates. During a rolling update, all pods from ordinal Replicas-1 to
Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched.
This is helpful in being able to do a canary based deployment. The default value is 0.
format: int32
type: integer
type: object
type:
description: |-
Type indicates the type of the StatefulSetUpdateStrategy.
Default is RollingUpdate.
type: string
type: object
volumeMounts:
description: VolumeMounts to be used in the Container.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.'
properties:
mountPath:
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
type: boolean
subPath:
type: string
required:
- mountPath
- name
type: object
type: array
type: object
status:
description: MaxScaleStatus defines the observed state of MaxScale
properties:
conditions:
description: Conditions for the MaxScale object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
configSync:
description: ConfigSync is the state of config sync.
properties:
databaseVersion:
type: integer
maxScaleVersion:
type: integer
required:
- databaseVersion
- maxScaleVersion
type: object
listeners:
description: Listeners is the state of the listeners in the MaxScale
API.
items:
description: MaxScaleResourceStatus indicates whether the resource
is in a given state.
properties:
name:
type: string
state:
type: string
required:
- name
- state
type: object
type: array
monitor:
description: Monitor is the state of the monitor in the MaxScale API.
properties:
name:
type: string
state:
type: string
required:
- name
- state
type: object
monitorSpec:
description: MonitorSpec is a hashed version of spec.monitor to be
able to track changes during reconciliation.
type: string
primaryServer:
description: PrimaryServer is the primary server in the MaxScale API.
type: string
replicas:
description: Replicas indicates the number of current instances.
format: int32
type: integer
servers:
description: Servers is the state of the servers in the MaxScale API.
items:
description: MaxScaleAPIStatus is the state of the servers in the
MaxScale API.
properties:
name:
type: string
state:
type: string
required:
- name
- state
type: object
type: array
serversSpec:
description: ServersSpec is a hashed version of spec.servers to be
able to track changes during reconciliation.
type: string
services:
description: Services is the state of the services in the MaxScale
API.
items:
description: MaxScaleResourceStatus indicates whether the resource
is in a given state.
properties:
name:
type: string
state:
type: string
required:
- name
- state
type: object
type: array
servicesSpec:
description: ServicesSpec is a hashed version of spec.services to
be able to track changes during reconciliation.
type: string
tls:
description: TLS aggregates the status of the certificates used by
the MaxScale instance.
properties:
adminCert:
description: AdminCert is the status of the admin certificate.
properties:
issuer:
description: Issuer is the issuer of the current certificate.
type: string
notAfter:
description: NotAfter indicates that the certificate is not
valid after the given date.
format: date-time
type: string
notBefore:
description: NotBefore indicates that the certificate is not
valid before the given date.
format: date-time
type: string
subject:
description: Subject is the subject of the current certificate.
type: string
required:
- issuer
- subject
type: object
caBundle:
description: CABundle is the status of the Certificate Authority
bundle.
items:
description: CertificateStatus represents the current status
of a TLS certificate.
properties:
issuer:
description: Issuer is the issuer of the current certificate.
type: string
notAfter:
description: NotAfter indicates that the certificate is
not valid after the given date.
format: date-time
type: string
notBefore:
description: NotBefore indicates that the certificate is
not valid before the given date.
format: date-time
type: string
subject:
description: Subject is the subject of the current certificate.
type: string
required:
- issuer
- subject
type: object
type: array
listenerCert:
description: ListenerCert is the status of the listener certificate.
properties:
issuer:
description: Issuer is the issuer of the current certificate.
type: string
notAfter:
description: NotAfter indicates that the certificate is not
valid after the given date.
format: date-time
type: string
notBefore:
description: NotBefore indicates that the certificate is not
valid before the given date.
format: date-time
type: string
subject:
description: Subject is the subject of the current certificate.
type: string
required:
- issuer
- subject
type: object
serverCert:
description: ServerCert is the status of the MariaDB server certificate.
properties:
issuer:
description: Issuer is the issuer of the current certificate.
type: string
notAfter:
description: NotAfter indicates that the certificate is not
valid after the given date.
format: date-time
type: string
notBefore:
description: NotBefore indicates that the certificate is not
valid before the given date.
format: date-time
type: string
subject:
description: Subject is the subject of the current certificate.
type: string
required:
- issuer
- subject
type: object
type: object
type: object
type: object
served: true
storage: true
subresources:
scale:
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: physicalbackups.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: PhysicalBackup
listKind: PhysicalBackupList
plural: physicalbackups
shortNames:
- pbmdb
singular: physicalbackup
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Complete")].status
name: Complete
type: string
- jsonPath: .status.conditions[?(@.type=="Complete")].message
name: Status
type: string
- jsonPath: .spec.mariaDbRef.name
name: MariaDB
type: string
- jsonPath: .status.lastScheduleTime
name: Last Scheduled
type: date
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: PhysicalBackup is the Schema for the physicalbackups API. It
is used to define physical backup jobs and its storage.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PhysicalBackupSpec defines the desired state of PhysicalBackup.
properties:
args:
description: Args to be used in the Container.
items:
type: string
type: array
backoffLimit:
description: BackoffLimit defines the maximum number of attempts to
successfully take a PhysicalBackup.
format: int32
type: integer
compression:
description: Compression algorithm to be used in the Backup.
enum:
- none
- bzip2
- gzip
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets to be used
to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
inheritMetadata:
description: InheritMetadata defines the metadata to be inherited
by children resources.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
mariaDbRef:
description: MariaDBRef is a reference to a MariaDB object.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
maxRetention:
description: |-
MaxRetention defines the retention policy for backups. Old backups will be cleaned up by the Backup Job.
It defaults to 30 days.
type: string
podAffinity:
description: |-
PodAffinity indicates whether the Jobs should run in the same Node as the MariaDB Pods to be able to attach the PVC.
It defaults to true.
type: boolean
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes and
common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's AppArmor
settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied to the
container
properties:
level:
description: Level is SELinux level label that applies to
the container.
type: string
role:
description: Role is a SELinux role label that applies to
the container.
type: string
type:
description: Type is a SELinux type label that applies to
the container.
type: string
user:
description: User is a SELinux user label that applies to
the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
restartPolicy:
default: OnFailure
description: RestartPolicy to be added to the PhysicalBackup Pod.
enum:
- Always
- OnFailure
- Never
type: string
schedule:
description: Schedule defines when the PhysicalBackup will be taken.
properties:
cron:
description: Cron is a cron expression that defines the schedule.
type: string
immediate:
description: Immediate indicates whether the first backup should
be taken immediately after creating the PhysicalBackup.
type: boolean
suspend:
default: false
description: Suspend defines whether the schedule is active or
not.
type: boolean
type: object
securityContext:
description: SecurityContext holds security configuration that will
be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from running
containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
serviceAccountName:
description: ServiceAccountName is the name of the ServiceAccount
to be used by the Pods.
type: string
stagingStorage:
description: |-
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed.
It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the PhysicalBackup Job is scheduled.
The staging area gets cleaned up after each backup is completed, consider this for sizing it appropriately.
properties:
persistentVolumeClaim:
description: PersistentVolumeClaim is a Kubernetes PVC specification.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
resources:
description: VolumeResourceRequirements describes the storage
resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
volume:
description: Volume is a Kubernetes volume specification.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can
be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
type: object
storage:
description: Storage defines the final storage for backups.
properties:
persistentVolumeClaim:
description: PersistentVolumeClaim is a Kubernetes PVC specification.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
resources:
description: VolumeResourceRequirements describes the storage
resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
s3:
description: S3 defines the configuration to store backups in
a S3 compatible storage.
properties:
accessKeyIdSecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 access key id.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
bucket:
description: Bucket is the name Name of the bucket to store
backups.
type: string
endpoint:
description: Endpoint is the S3 API endpoint without scheme.
type: string
prefix:
description: 'Prefix indicates a folder/subfolder in the bucket.
For example: mariadb/ or mariadb/backups. A trailing slash
''/'' is added if not provided.'
type: string
region:
description: Region is the S3 region name to use.
type: string
secretAccessKeySecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 secret key.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
sessionTokenSecretKeyRef:
description: SessionTokenSecretKeyRef is a reference to a
Secret key containing the S3 session token.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
tls:
description: TLS provides the configuration required to establish
TLS connections with S3.
properties:
caSecretKeyRef:
description: |-
CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3.
By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
enabled:
description: Enabled is a flag to enable TLS.
type: boolean
type: object
required:
- bucket
- endpoint
type: object
volume:
description: Volume is a Kubernetes volume specification.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can
be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
volumeSnapshot:
description: VolumeSnapshot is a Kubernetes VolumeSnapshot specification.
properties:
metadata:
description: Metadata is extra metadata to the added to the
VolumeSnapshot objects.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
volumeSnapshotClassName:
description: VolumeSnapshotClassName is the VolumeSnapshot
class to be used to take snapshots.
type: string
required:
- volumeSnapshotClassName
type: object
type: object
successfulJobsHistoryLimit:
description: SuccessfulJobsHistoryLimit defines the maximum number
of successful Jobs to be displayed. It defaults to 5.
format: int32
minimum: 0
type: integer
timeout:
description: |-
Timeout defines the maximum duration of a PhysicalBackup job or snapshot.
If this duration is exceeded, the job or snapshot is considered expired and is deleted by the operator.
A new job or snapshot will then be created according to the schedule.
It defaults to 1 hour.
type: string
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
required:
- mariaDbRef
- storage
type: object
status:
description: PhysicalBackupStatus defines the observed state of PhysicalBackup.
properties:
conditions:
description: Conditions for the PhysicalBackup object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastScheduleCheckTime:
description: LastScheduleCheckTime is the last time that the schedule
was checked.
format: date-time
type: string
lastScheduleTime:
description: LastScheduleTime is the last time that a backup was scheduled.
format: date-time
type: string
nextScheduleTime:
description: NextScheduleTime is the next time that a backup will
be scheduled.
format: date-time
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: restores.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: Restore
listKind: RestoreList
plural: restores
shortNames:
- rmdb
singular: restore
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Complete")].status
name: Complete
type: string
- jsonPath: .status.conditions[?(@.type=="Complete")].message
name: Status
type: string
- jsonPath: .spec.mariaDbRef.name
name: MariaDB
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Restore is the Schema for the restores API. It is used to define
restore jobs and its restoration source.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: RestoreSpec defines the desired state of restore
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can be
used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator is
the set of operators that can be used in
a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
backoffLimit:
default: 5
description: BackoffLimit defines the maximum number of attempts to
successfully perform a Backup.
format: int32
type: integer
backupRef:
description: BackupRef is a reference to a Backup object. It has priority
over S3 and Volume.
properties:
name:
default: ""
type: string
type: object
database:
description: |-
Database defines the logical database to be restored. If not provided, all databases available in the backup are restored.
IMPORTANT: The database must previously exist.
type: string
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets to be used
to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
inheritMetadata:
description: InheritMetadata defines the metadata to be inherited
by children resources.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
logLevel:
default: info
description: LogLevel to be used n the Backup Job. It defaults to
'info'.
type: string
mariaDbRef:
description: MariaDBRef is a reference to a MariaDB object.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes and
common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's AppArmor
settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied to the
container
properties:
level:
description: Level is SELinux level label that applies to
the container.
type: string
role:
description: Role is a SELinux role label that applies to
the container.
type: string
type:
description: Type is a SELinux type label that applies to
the container.
type: string
user:
description: User is a SELinux user label that applies to
the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
restartPolicy:
default: OnFailure
description: RestartPolicy to be added to the Backup Job.
enum:
- Always
- OnFailure
- Never
type: string
s3:
description: S3 defines the configuration to restore backups from
a S3 compatible storage. It has priority over Volume.
properties:
accessKeyIdSecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 access key id.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
bucket:
description: Bucket is the name Name of the bucket to store backups.
type: string
endpoint:
description: Endpoint is the S3 API endpoint without scheme.
type: string
prefix:
description: 'Prefix indicates a folder/subfolder in the bucket.
For example: mariadb/ or mariadb/backups. A trailing slash ''/''
is added if not provided.'
type: string
region:
description: Region is the S3 region name to use.
type: string
secretAccessKeySecretKeyRef:
description: AccessKeyIdSecretKeyRef is a reference to a Secret
key containing the S3 secret key.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
sessionTokenSecretKeyRef:
description: SessionTokenSecretKeyRef is a reference to a Secret
key containing the S3 session token.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
tls:
description: TLS provides the configuration required to establish
TLS connections with S3.
properties:
caSecretKeyRef:
description: |-
CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3.
By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
enabled:
description: Enabled is a flag to enable TLS.
type: boolean
type: object
required:
- bucket
- endpoint
type: object
securityContext:
description: SecurityContext holds security configuration that will
be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from running
containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
serviceAccountName:
description: ServiceAccountName is the name of the ServiceAccount
to be used by the Pods.
type: string
stagingStorage:
description: |-
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed.
It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Restore Job is scheduled.
properties:
persistentVolumeClaim:
description: PersistentVolumeClaim is a Kubernetes PVC specification.
properties:
accessModes:
items:
type: string
type: array
x-kubernetes-list-type: atomic
resources:
description: VolumeResourceRequirements describes the storage
resource requirements for a volume.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: |-
A label selector is a label query over a set of resources. The result of matchLabels and
matchExpressions are ANDed. An empty label selector matches all objects. A null
label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
type: object
volume:
description: Volume is a Kubernetes volume specification.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can
be allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
type: object
targetRecoveryTime:
description: |-
TargetRecoveryTime is a RFC3339 (1970-01-01T00:00:00Z) date and time that defines the point in time recovery objective.
It is used to determine the closest restoration source in time.
format: date-time
type: string
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
volume:
description: Volume is a Kubernetes Volume object that contains a
backup.
properties:
csi:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.'
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
emptyDir:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.'
properties:
medium:
description: StorageMedium defines ways that storage can be
allocated to a volume.
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
hostPath:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core'
properties:
path:
type: string
type:
type: string
required:
- path
type: object
nfs:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.'
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.'
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
type: object
required:
- mariaDbRef
type: object
status:
description: RestoreStatus defines the observed state of restore
properties:
conditions:
description: Conditions for the Restore object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: sqljobs.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: SqlJob
listKind: SqlJobList
plural: sqljobs
shortNames:
- smdb
singular: sqljob
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Complete")].status
name: Complete
type: string
- jsonPath: .status.conditions[?(@.type=="Complete")].message
name: Status
type: string
- jsonPath: .spec.mariaDbRef.name
name: MariaDB
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: SqlJob is the Schema for the sqljobs API. It is used to run sql
scripts as jobs.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: SqlJobSpec defines the desired state of SqlJob
properties:
affinity:
description: Affinity to be used in the Pod.
properties:
antiAffinityEnabled:
description: |-
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA.
Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
type: boolean
nodeAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core'
properties:
preference:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core'
properties:
nodeSelectorTerms:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchFields:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core'
properties:
key:
type: string
operator:
description: |-
A node selector operator is the set of operators that can be used in
a node selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
required:
- nodeSelectorTerms
type: object
type: object
podAntiAffinity:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.'
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.'
properties:
podAffinityTerm:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs:
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator
is the set of operators that can be
used in a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
weight:
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
x-kubernetes-list-type: atomic
requiredDuringSchedulingIgnoredDuringExecution:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.'
properties:
labelSelector:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta'
properties:
matchExpressions:
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta'
properties:
key:
type: string
operator:
description: A label selector operator is
the set of operators that can be used in
a selector requirement.
type: string
values:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
type: object
type: object
topologyKey:
type: string
required:
- topologyKey
type: object
type: array
x-kubernetes-list-type: atomic
type: object
type: object
args:
description: Args to be used in the Container.
items:
type: string
type: array
backoffLimit:
default: 5
description: BackoffLimit defines the maximum number of attempts to
successfully execute a SqlJob.
format: int32
type: integer
database:
description: Username to be used when executing the SqlJob.
type: string
dependsOn:
description: DependsOn defines dependencies with other SqlJob objectecs.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
failedJobsHistoryLimit:
description: FailedJobsHistoryLimit defines the maximum number of
failed Jobs to be displayed.
format: int32
minimum: 0
type: integer
imagePullSecrets:
description: ImagePullSecrets is the list of pull Secrets to be used
to pull the image.
items:
description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.'
properties:
name:
default: ""
type: string
type: object
type: array
inheritMetadata:
description: InheritMetadata defines the metadata to be inherited
by children resources.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
mariaDbRef:
description: MariaDBRef is a reference to a MariaDB object.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to be used in the Pod.
type: object
passwordSecretKeyRef:
description: UserPasswordSecretKeyRef is a reference to the impersonated
user's password to be used when executing the SqlJob.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
podMetadata:
description: PodMetadata defines extra metadata for the Pod.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to be added to children resources.
type: object
labels:
additionalProperties:
type: string
description: Labels to be added to children resources.
type: object
type: object
podSecurityContext:
description: SecurityContext holds pod-level security attributes and
common container settings.
properties:
appArmorProfile:
description: AppArmorProfile defines a pod or container's AppArmor
settings.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
format: int64
type: integer
fsGroupChangePolicy:
description: |-
PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume
when volume is mounted.
type: string
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
description: SELinuxOptions are the labels to be applied to the
container
properties:
level:
description: Level is SELinux level label that applies to
the container.
type: string
role:
description: Role is a SELinux role label that applies to
the container.
type: string
type:
description: Type is a SELinux type label that applies to
the container.
type: string
user:
description: User is a SELinux user label that applies to
the container.
type: string
type: object
seccompProfile:
description: |-
SeccompProfile defines a pod/container's seccomp profile settings.
Only one profile source may be set.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
type: object
priorityClassName:
description: PriorityClassName to be used in the Pod.
type: string
resources:
description: Resources describes the compute resource requirements.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceList is a set of (resource name, quantity)
pairs.
type: object
type: object
restartPolicy:
default: OnFailure
description: RestartPolicy to be added to the SqlJob Pod.
enum:
- Always
- OnFailure
- Never
type: string
schedule:
description: Schedule defines when the SqlJob will be executed.
properties:
cron:
description: Cron is a cron expression that defines the schedule.
type: string
suspend:
default: false
description: Suspend defines whether the schedule is active or
not.
type: boolean
required:
- cron
type: object
securityContext:
description: SecurityContext holds security configuration that will
be applied to a container.
properties:
allowPrivilegeEscalation:
type: boolean
capabilities:
description: Adds and removes POSIX capabilities from running
containers.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
type: boolean
readOnlyRootFilesystem:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
type: object
serviceAccountName:
description: ServiceAccountName is the name of the ServiceAccount
to be used by the Pods.
type: string
sql:
description: Sql is the script to be executed by the SqlJob.
type: string
sqlConfigMapKeyRef:
description: |-
SqlConfigMapKeyRef is a reference to a ConfigMap containing the Sql script.
It is defaulted to a ConfigMap with the contents of the Sql field.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
successfulJobsHistoryLimit:
description: SuccessfulJobsHistoryLimit defines the maximum number
of successful Jobs to be displayed.
format: int32
minimum: 0
type: integer
timeZone:
description: TimeZone defines the timezone associated with the cron
expression.
type: string
tlsCASecretRef:
description: |-
TLSCACertSecretRef is a reference toa CA Secret used to establish trust when executing the SqlJob.
If not provided, the CA bundle provided by the referred MariaDB is used.
properties:
name:
default: ""
type: string
type: object
tlsClientCertSecretRef:
description: |-
TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when executing the SqlJob.
If not provided, the client certificate provided by the referred MariaDB is used.
properties:
name:
default: ""
type: string
type: object
tolerations:
description: Tolerations to be used in the Pod.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
username:
description: Username to be impersonated when executing the SqlJob.
type: string
required:
- mariaDbRef
- passwordSecretKeyRef
- username
type: object
status:
description: SqlJobStatus defines the observed state of SqlJob
properties:
conditions:
description: Conditions for the SqlJob object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.18.0
name: users.k8s.mariadb.com
spec:
group: k8s.mariadb.com
names:
kind: User
listKind: UserList
plural: users
shortNames:
- umdb
singular: user
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .spec.maxUserConnections
name: MaxConns
type: string
- jsonPath: .spec.mariaDbRef.name
name: MariaDB
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: User is the Schema for the users API. It is used to define grants
as if you were running a 'CREATE USER' statement.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: UserSpec defines the desired state of User
properties:
cleanupPolicy:
description: CleanupPolicy defines the behavior for cleaning up a
SQL resource.
enum:
- Skip
- Delete
type: string
host:
description: Host related to the User.
maxLength: 255
type: string
mariaDbRef:
description: MariaDBRef is a reference to a MariaDB object.
properties:
kind:
description: Kind of the referent.
type: string
name:
type: string
namespace:
type: string
waitForIt:
default: true
description: WaitForIt indicates whether the controller using
this reference should wait for MariaDB to be ready.
type: boolean
type: object
maxUserConnections:
default: 10
description: MaxUserConnections defines the maximum number of simultaneous
connections that the User can establish.
format: int32
type: integer
name:
description: Name overrides the default name provided by metadata.name.
maxLength: 80
type: string
passwordHashSecretKeyRef:
description: |-
PasswordHashSecretKeyRef is a reference to the password hash to be used by the User.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password hash.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
passwordPlugin:
description: PasswordPlugin is a reference to the password plugin
and arguments to be used by the User.
properties:
pluginArgSecretKeyRef:
description: |-
PluginArgSecretKeyRef is a reference to the arguments to be provided to the authentication plugin for the User.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin arguments.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
pluginNameSecretKeyRef:
description: |-
PluginNameSecretKeyRef is a reference to the authentication plugin to be used by the User.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
passwordSecretKeyRef:
description: |-
PasswordSecretKeyRef is a reference to the password to be used by the User.
If not provided, the account will be locked and the password will expire.
If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
properties:
key:
type: string
name:
default: ""
type: string
required:
- key
type: object
x-kubernetes-map-type: atomic
requeueInterval:
description: RequeueInterval is used to perform requeue reconciliations.
type: string
require:
description: 'Require specifies TLS requirements for the user to connect.
See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls.'
properties:
issuer:
description: Issuer indicates that the TLS certificate provided
by the user must be issued by a specific issuer.
type: string
ssl:
description: SSL indicates that the user must connect via TLS.
type: boolean
subject:
description: Subject indicates that the TLS certificate provided
by the user must have a specific subject.
type: string
x509:
description: X509 indicates that the user must provide a valid
x509 certificate to connect.
type: boolean
type: object
retryInterval:
description: RetryInterval is the interval used to perform retries.
type: string
required:
- mariaDbRef
type: object
status:
description: UserStatus defines the observed state of User
properties:
conditions:
description: Conditions for the User object.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: mariadb-operator-cert-controller
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
- mutatingwebhookconfigurations
verbs:
- get
- list
- update
- patch
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- list
- patch
- watch
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
- endpointslices/restricted
verbs:
- get
- list
- watch
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac-user.yaml
# the mariadb-view ClusterRole allows viewing all k8s.mariadb.com resources
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: mariadb-operator-view
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
rules:
- apiGroups: ["k8s.mariadb.com"]
resources: ["*"]
verbs: ["get", "list", "watch"]
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac-user.yaml
# the mariadb-edit ClusterRole allows editing k8s.mariadb.com resources
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: mariadb-operator-edit
labels:
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rules:
- apiGroups: ["k8s.mariadb.com"]
resources: ["*"]
verbs: ["create", "update", "patch", "delete"]
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: mariadb-operator
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- ""
resources:
- events
- secrets
- serviceaccounts
- services
verbs:
- create
- list
- patch
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- create
- delete
- deletecollection
- list
- patch
- watch
- apiGroups:
- ""
resources:
- pods
verbs:
- delete
- get
- list
- watch
- patch
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- apiGroups:
- apps
resources:
- deployments
verbs:
- create
- list
- patch
- watch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- create
- list
- patch
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- cert-manager.io
resources:
- certificates
verbs:
- create
- list
- patch
- watch
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
- endpointslices/restricted
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- k8s.mariadb.com
resources:
- backups
- connections
- databases
- grants
- mariadbs
- externalmariadbs
- maxscales
- physicalbackups
- restores
- sqljobs
- users
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- k8s.mariadb.com
resources:
- backups/finalizers
- connections/finalizers
- databases/finalizers
- grants/finalizers
- mariadbs/finalizers
- externalmariadbs/finalizers
- maxscales/finalizers
- physicalbackups/finalizers
- restores/finalizers
- sqljobs/finalizers
- users/finalizers
verbs:
- update
- apiGroups:
- k8s.mariadb.com
resources:
- backups/status
- connections/status
- databases/status
- grants/status
- mariadbs/status
- externalmariadbs/status
- maxscales/status
- physicalbackups/status
- restores/status
- sqljobs/status
- users/status
verbs:
- get
- patch
- update
- apiGroups:
- k8s.mariadb.com
resources:
- maxscale
verbs:
- create
- list
- patch
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- create
- list
- patch
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- list
- patch
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterrolebindings
- rolebindings
- roles
verbs:
- create
- list
- patch
- watch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshots
verbs:
- create
- delete
- get
- list
- patch
- watch
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: mariadb-operator-cert-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: mariadb-operator-cert-controller
subjects:
- kind: ServiceAccount
name: mariadb-operator-cert-controller-cert-controller
namespace: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: mariadb-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: mariadb-operator
subjects:
- kind: ServiceAccount
name: mariadb-operator
namespace: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: mariadb-operator:auth-delegator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:auth-delegator
subjects:
- kind: ServiceAccount
name: mariadb-operator
namespace: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: mariadb-operator-cert-controller
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: mariadb-operator
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: mariadb-operator-cert-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: mariadb-operator-cert-controller
subjects:
- kind: ServiceAccount
name: mariadb-operator-cert-controller-cert-controller
namespace: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: mariadb-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: mariadb-operator
subjects:
- kind: ServiceAccount
name: mariadb-operator
namespace: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/servicemonitor.yaml
apiVersion: v1
kind: Service
metadata:
name: mariadb-operator-cert-controller-metrics
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
ports:
- port: 8080
protocol: TCP
name: metrics
selector:
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/metrics-servicemonitor.yaml
apiVersion: v1
kind: Service
metadata:
name: mariadb-operator-metrics
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
ports:
- port: 8080
protocol: TCP
name: metrics
selector:
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/webhook/service.yaml
apiVersion: v1
kind: Service
metadata:
name: mariadb-operator-webhook
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
ports:
- port: 443
protocol: TCP
targetPort: 9443
selector:
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/webhook/servicemonitor.yaml
apiVersion: v1
kind: Service
metadata:
name: mariadb-operator-webhook-metrics
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
ports:
- port: 8080
protocol: TCP
name: metrics
selector:
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mariadb-operator-cert-controller
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
template:
metadata:
labels:
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
spec:
serviceAccountName: mariadb-operator-cert-controller-cert-controller
automountServiceAccountToken: true
containers:
- image: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2"
imagePullPolicy: IfNotPresent
name: cert-controller
args:
- cert-controller
- --ca-secret-name=mariadb-operator-webhook-ca
- --ca-secret-namespace=mariadb-operator
- --ca-lifetime=26280h
- --cert-secret-name=mariadb-operator-webhook-cert
- --cert-secret-namespace=mariadb-operator
- --cert-lifetime=2160h
- --renew-before-percentage=33
- --service-name=mariadb-operator-webhook
- --service-namespace=mariadb-operator
- --requeue-duration=5m
- --metrics-addr=:8080
- --health-addr=:8081
- --log-level=INFO
ports:
- containerPort: 8080
protocol: TCP
name: metrics
- containerPort: 8081
protocol: TCP
name: health
env:
- name: CLUSTER_NAME
value: cluster.local
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 20
periodSeconds: 5
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mariadb-operator
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 3
selector:
matchLabels:
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
template:
metadata:
labels:
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
spec:
serviceAccountName: mariadb-operator
automountServiceAccountToken: true
terminationGracePeriodSeconds: 10
containers:
- image: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2"
imagePullPolicy: IfNotPresent
name: controller
args:
- --metrics-addr=:8080
- --log-level=INFO
- --leader-elect
ports:
- containerPort: 8080
protocol: TCP
name: metrics
envFrom:
- configMapRef:
name: mariadb-operator-env
env:
- name: CLUSTER_NAME
value: cluster.local
- name: MARIADB_OPERATOR_NAME
valueFrom:
fieldRef:
fieldPath: spec.serviceAccountName
- name: MARIADB_OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: MARIADB_OPERATOR_SA_PATH
value: /var/run/secrets/kubernetes.io/serviceaccount/token
---
# Source: mariadb-operator/charts/mariadb-operator/templates/webhook/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mariadb-operator-webhook
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
template:
metadata:
labels:
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
spec:
serviceAccountName: mariadb-operator-webhook
automountServiceAccountToken: true
hostNetwork: false
containers:
- image: "docker-registry3.mariadb.com/mariadb-operator/mariadb-operator:25.10.2"
imagePullPolicy: IfNotPresent
name: webhook
args:
- webhook
- --ca-cert-path=/tmp/k8s-webhook-server/certificate-authority/tls.crt
- --cert-dir=/tmp/k8s-webhook-server/serving-certs
- --dns-name=mariadb-operator-webhook.mariadb-operator.svc
- --port=9443
- --metrics-addr=:8080
- --health-addr=:8081
- --log-level=INFO
ports:
- containerPort: 9443
protocol: TCP
name: https
- containerPort: 8080
protocol: TCP
name: metrics
- containerPort: 8081
protocol: TCP
name: health
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/certificate-authority
name: ca
readOnly: true
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 20
periodSeconds: 5
volumes:
- name: ca
secret:
defaultMode: 420
secretName: mariadb-operator-webhook-ca
- name: cert
secret:
defaultMode: 420
secretName: mariadb-operator-webhook-cert
---
# Source: mariadb-operator/charts/mariadb-operator/templates/cert-controller/servicemonitor.yaml
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: mariadb-operator-cert-controller
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: mariadb-operator-cert-controller
app.kubernetes.io/instance: mariadb-operator
namespaceSelector:
matchNames:
- "mariadb-operator"
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 25s
---
# Source: mariadb-operator/charts/mariadb-operator/templates/operator/metrics-servicemonitor.yaml
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: mariadb-operator
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: mariadb-operator
app.kubernetes.io/instance: mariadb-operator
namespaceSelector:
matchNames:
- "mariadb-operator"
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 25s
---
# Source: mariadb-operator/charts/mariadb-operator/templates/webhook/servicemonitor.yaml
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: mariadb-operator-webhook
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
namespaceSelector:
matchNames:
- "mariadb-operator"
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 25s
---
# Source: mariadb-operator/charts/mariadb-operator/templates/webhook/config.yaml
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: mariadb-operator-webhook
labels:
helm.sh/chart: mariadb-operator-25.10.2
app.kubernetes.io/name: mariadb-operator-webhook
app.kubernetes.io/instance: mariadb-operator
app.kubernetes.io/version: "25.10.2"
app.kubernetes.io/managed-by: Helm
annotations:
k8s.mariadb.com/webhook: ""
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-backup
failurePolicy: Fail
name: vbackup-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- backups
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-physicalbackup
failurePolicy: Fail
name: vphysicalbackup-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- physicalbackups
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-connection
failurePolicy: Fail
name: vconnection-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- connections
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-database
failurePolicy: Fail
name: vdatabase-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- databases
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-grant
failurePolicy: Fail
name: vgrant-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- grants
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-mariadb
failurePolicy: Fail
name: vmariadb-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- mariadbs
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-maxscale
failurePolicy: Fail
name: vmaxscale-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- maxscales
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-restore
failurePolicy: Fail
name: vrestore-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- restores
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-sqljob
failurePolicy: Fail
name: vsqljob-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- sqljobs
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: mariadb-operator-webhook
namespace: mariadb-operator
path: /validate-k8s-mariadb-com-v1alpha1-user
failurePolicy: Fail
name: vuser-v1alpha1.kb.io
rules:
- apiGroups:
- k8s.mariadb.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- users
sideEffects: None
Reference in New Issue View Git Blame Copy Permalink