From b516f2070f715fb8109fb90d10ed81a76146e9b7 Mon Sep 17 00:00:00 2001 From: Eric Shen Date: Tue, 10 Sep 2024 15:30:30 +0800 Subject: [PATCH] chore: upgrade operator to 0.6.1 (#55) Signed-off-by: ericsyh (cherry picked from commit 94cae382f4db273c6751f3ff1cc8f65a7dc63e38) --- charts/sn-operator/Chart.yaml | 4 +- ...er.streamnative.io_bookkeeperclusters.yaml | 69 + .../crds/k8s.streamnative.io_apikeys.yaml | 69 + .../k8s.streamnative.io_oxiaclusters.yaml | 81 +- .../k8s.streamnative.io_pfsqlclusters.yaml | 69 + ...8s.streamnative.io_pulsarcoordinators.yaml | 6 + ...streamnative.io_pulsarbrokerrevisions.yaml | 5070 +++++++++++++++++ .../pulsar.streamnative.io_pulsarbrokers.yaml | 143 + .../pulsar.streamnative.io_pulsarproxies.yaml | 69 + ...per.streamnative.io_zookeeperclusters.yaml | 69 + 10 files changed, 5645 insertions(+), 4 deletions(-) create mode 100644 charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokerrevisions.yaml diff --git a/charts/sn-operator/Chart.yaml b/charts/sn-operator/Chart.yaml index cfbcff9..3136bca 100644 --- a/charts/sn-operator/Chart.yaml +++ b/charts/sn-operator/Chart.yaml @@ -15,13 +15,13 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: v0.2.0 +version: v0.2.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v0.5.1" +appVersion: "v0.6.1" # This is a semver range of compatible Kubernetes versions. Helm will validate the version # constraints when installing the chart and fail if the cluster runs an unsupported Kubernetes version diff --git a/charts/sn-operator/crds/bookkeeper.streamnative.io_bookkeeperclusters.yaml b/charts/sn-operator/crds/bookkeeper.streamnative.io_bookkeeperclusters.yaml index 7cd1ba3..3a7a42a 100644 --- a/charts/sn-operator/crds/bookkeeper.streamnative.io_bookkeeperclusters.yaml +++ b/charts/sn-operator/crds/bookkeeper.streamnative.io_bookkeeperclusters.yaml @@ -5956,6 +5956,19 @@ spec: type: array type: object type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array type: object type: array enabled: @@ -5984,6 +5997,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -6010,6 +6045,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -6039,6 +6080,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -6065,6 +6128,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store diff --git a/charts/sn-operator/crds/k8s.streamnative.io_apikeys.yaml b/charts/sn-operator/crds/k8s.streamnative.io_apikeys.yaml index 0db731e..389eaee 100644 --- a/charts/sn-operator/crds/k8s.streamnative.io_apikeys.yaml +++ b/charts/sn-operator/crds/k8s.streamnative.io_apikeys.yaml @@ -171,6 +171,19 @@ spec: type: array type: object type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array type: object type: array enabled: @@ -199,6 +212,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -225,6 +260,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -254,6 +295,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -280,6 +343,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store diff --git a/charts/sn-operator/crds/k8s.streamnative.io_oxiaclusters.yaml b/charts/sn-operator/crds/k8s.streamnative.io_oxiaclusters.yaml index 49b4c8b..7d27671 100644 --- a/charts/sn-operator/crds/k8s.streamnative.io_oxiaclusters.yaml +++ b/charts/sn-operator/crds/k8s.streamnative.io_oxiaclusters.yaml @@ -123,6 +123,19 @@ spec: type: array type: object type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array type: object type: array enabled: @@ -151,6 +164,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -177,6 +212,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -206,6 +247,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -232,6 +295,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -277,9 +346,17 @@ spec: description: Server contains configuration specific to the server component properties: + blockCacheSize: + anyOf: + - type: integer + - type: string + description: BlockCacheSize is the max size of the shared DB cache. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true blockCacheSizeMB: - description: BlockCacheSizeMB is the max size of the shared DB - cache. + description: |- + BlockCacheSizeMB is the max size of the shared DB cache. + Deprecate: Use BlockCacheSize instead. format: int32 type: integer persistentVolumeClaimRetentionPolicy: diff --git a/charts/sn-operator/crds/k8s.streamnative.io_pfsqlclusters.yaml b/charts/sn-operator/crds/k8s.streamnative.io_pfsqlclusters.yaml index 1d6d2c9..f54443c 100644 --- a/charts/sn-operator/crds/k8s.streamnative.io_pfsqlclusters.yaml +++ b/charts/sn-operator/crds/k8s.streamnative.io_pfsqlclusters.yaml @@ -102,6 +102,19 @@ spec: type: array type: object type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array type: object type: array enabled: @@ -130,6 +143,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -156,6 +191,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -185,6 +226,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -211,6 +274,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store diff --git a/charts/sn-operator/crds/k8s.streamnative.io_pulsarcoordinators.yaml b/charts/sn-operator/crds/k8s.streamnative.io_pulsarcoordinators.yaml index 2ef80be..940eba5 100644 --- a/charts/sn-operator/crds/k8s.streamnative.io_pulsarcoordinators.yaml +++ b/charts/sn-operator/crds/k8s.streamnative.io_pulsarcoordinators.yaml @@ -110,6 +110,12 @@ spec: Detector defines the configuration of SLA detector Detector will be enabled when the field is not nil properties: + image: + description: |- + Image is the container image used to pulsar detector pods. + The default should be same as broker image + nullable: true + type: string kafka: nullable: true properties: diff --git a/charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokerrevisions.yaml b/charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokerrevisions.yaml new file mode 100644 index 0000000..0d06ae6 --- /dev/null +++ b/charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokerrevisions.yaml @@ -0,0 +1,5070 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: pulsarbrokerrevisions.pulsar.streamnative.io +spec: + group: pulsar.streamnative.io + names: + categories: + - pulsar + kind: PulsarBrokerRevision + listKind: PulsarBrokerRevisionList + plural: pulsarbrokerrevisions + shortNames: + - pbv + - brokerrevision + singular: pulsarbrokerrevision + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.replicas + name: Replicas + type: integer + - jsonPath: .status.readyReplicas + name: Ready Replicas + type: integer + - jsonPath: .spec.image + name: Desired Image + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: PulsarBrokerRevision is the Schema for the pulsarbrokers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: PulsarBrokerRevisionSpec defines the desired state of PulsarBrokerRevision + properties: + apiObjects: + description: APIObjects allows precise control over how components + (services, statefulset and so on) should be managed + properties: + brokerConfigMap: + description: BrokerConfigMap defines the broker ConfigMap resource + template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + externalService: + description: ExternalService defines the Pulsar External Service + resource template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + functionMeshConfigMap: + description: FunctionMeshConfigMap defines the FunctionMesh ConfigMap + resource template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + functionWorkerConfigMap: + description: FunctionWorkerConfigMap defines the function worker + ConfigMap resource template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + headlessService: + description: HeadlessService defines the Pulsar Headless Service + resource template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + hpa: + description: HPA defines the horizontalPodAutoscaler resource + template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + interceptorConfigMap: + description: InterceptorConfigMap defines the interceptor ConfigMap + resource template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + internalService: + description: InternalService defines the Pulsar Client Service + resource template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + pdb: + description: PDB defines the PodDisruptionBudget resource template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + type: object + statefulSet: + description: StatefulSet defines the broker StatefulSet resource + template. + properties: + managed: + description: Managed config if this object should be managed + by controller + type: boolean + metadata: + description: |- + Standard object's metadata used to customize the name, labels, annotations of the object. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + description: Annotations of the resource. + nullable: true + type: object + labels: + additionalProperties: + type: string + description: Labels of the resource. + nullable: true + type: object + name: + description: Name of the resource within a namespace. + It must be unique. + type: string + type: object + replaceEnabled: + description: Enable replace if needed when ReplaceEnabled + is true + type: boolean + updatePolicy: + description: UpdatePolicy defines which field to update. + items: + description: UpdateMode defines how to update resource. + type: string + type: array + volumeClaimTemplates: + description: |- + VolumeClaimTemplates is a list of claims that pods are allowed to reference. + If a non-empty list is specified, the original values in the desired STS will be replaced. + items: + description: PersistentVolumeClaim is a user's request for + and claim to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey + names follow standard Kubernetes label syntax. + Valid values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the + volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller + with a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing + the volume but further resizing of\n\t\tvolume + is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState + set when kubelet starts resizing the volume.\n\t- + NodeResizeFailed:\n\t\tState set when resizing + has failed in kubelet with a terminal error. Transient + errors don't set\n\t\tNodeResizeFailed.\nFor example: + if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not + set, it means that no resize operation is in progress + for the given PVC.\n\n\nA controller that receives + PVC update with previously unknown resourceName + or ClaimResourceStatus\nshould ignore the update + for the purpose it was designed. For example - + a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates + that change other valid\nresources associated + with PVC.\n\n\nThis is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey + names follow standard Kubernetes label syntax. + Valid values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\n\nCapacity reported + here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor + storage quota, the larger value from allocatedResources + and PVC.spec.resources is used.\nIf allocatedResources + is not set, PVC.spec.resources alone is used for + quota calculation.\nIf a volume expansion capacity + request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress + and if the actual volume capacity\nis equal or + lower than the requested capacity.\n\n\nA controller + that receives PVC update with previously unknown + resourceName\nshould ignore the update for the + purpose it was designed. For example - a controller + that\nonly is responsible for resizing capacity + of the volume, should ignore PVC updates that + change other valid\nresources associated with + PVC.\n\n\nThis is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we + probed the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable + message indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "ResizeStarted" that means the underlying + persistent volume is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType + is a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is an alpha field and requires enabling VolumeAttributesClass feature. + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is an alpha field and requires enabling VolumeAttributesClass feature. + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, + such as\n the specified VolumeAttributesClass + not existing.\n - InProgress\n InProgress + indicates that the volume is being modified.\n + - Infeasible\n Infeasible indicates that + the request has been rejected as invalid by + the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be + specified.\nNote: New statuses can be added + in the future. Consumers should check for + unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName + is the name of the VolumeAttributesClass the + PVC currently being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase + of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + volumeExpansionEnabled: + description: Expand volume size automatically if needed when + VolumeExpansionEnabled is true + type: boolean + volumeMounts: + description: |- + VolumeMounts is a list of volumes to mount into the container's filesystem. + If a non-empty list is specified, the original values of the main container in the desired STS will be replaced. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + type: object + type: object + bkMetadataServiceUri: + description: |- + BkMetadataServiceURI defines the metadata service uri that bookkeeper is used for loading corresponding + metadata driver and resolving its metadata service location. + type: string + config: + description: Config defines configurations for brokers + nullable: true + properties: + additionalServlets: + description: AdditionalServlets defines additional servlet list + items: + type: string + nullable: true + type: array + advertisedDomain: + description: AdvertisedDomain defines a root domain of the services + to advertise to the outside world. + type: string + authentication: + description: Authentication defines broker authentication + properties: + apiKey: + description: ApiKeys authentication configuration + properties: + oidcIssuers: + description: OIDCIssuers OpenID Connect configuration + for API keys + items: + properties: + adminScope: + default: admin + description: AdminScope Scope to operate as a Pulsar + superuser, by default admin. + type: string + audience: + description: Audience The expected audience for + the OIDC token. This field is required. + type: string + authzAdminRole: + description: AuthzAdminRole Authz Role to operate + as a Pulsar superuser. + type: string + authzRoleClaim: + description: AuthzRoleClaim JWT claim to use for + Authz roles. + type: string + issuerUrl: + description: IssuerUrl of the provider which allows + Pulsar to discover public signing keys. Required. + type: string + requiredScope: + description: RequiredScope to require in a JWT token + used for authentication, optional. + type: string + scopeClaim: + default: scope + description: ScopeClaim JWT claim to use as the + scope claim, by default scope. + type: string + subjectClaim: + default: sub + description: SubjectClaim JWT claim to use as the + user name, by default sub. + type: string + required: + - audience + - issuerUrl + type: object + type: array + x-kubernetes-list-map-keys: + - issuerUrl + x-kubernetes-list-type: map + revocationListLoadIntervalInSecs: + description: RevocationListLoadIntervalInSecs Interval + to load the revocation list from api keys service + format: int32 + type: integer + revocationListUrl: + description: RevocationListUrl URL to fetch the revocation + list from api keys service + type: string + skipRevocationListValidationOnRevocationListInitFailure: + description: SkipRevocationListValidationOnRevocationListInitFailure + Skip validation of revocation list if the revocation + list + type: boolean + type: object + jwt: + description: JWT enabled jwt authentication + properties: + tokenAuthClaim: + default: sub + description: |- + TokenAuthClaim The token "claim" that will be interpreted as the authentication "role" or "principal" by + AuthenticationProviderToken (defaults to "sub" if blank) + type: string + tokenPublicKey: + description: |- + Asymmetric public/private key pair + TokenPublicKey Configure the public key to be used to validate auth tokens + The key can be specified like: + tokenPublicKey: data:;base64,xxxxxxxxx + tokenPublicKey: file:///my/public.key ( Note: key file must be DER-encoded ) + tokenPublicKey: your-secret-name, the secret should contain the `secret-key` field + type: string + tokenSecretKey: + description: |- + Symmetric key + TokenSecretKey Configure the secret key to be used to validate auth tokens + The key can be specified like: + tokenSecretKey: data:;base64,xxxxxxxxx + tokenSecretKey: file:///my/secret.key ( Note: key file must be DER-encoded ) + tokenSecretKey: your-secret-name, the secret should contain the `public-key` field + type: string + type: object + type: object + authorization: + description: Authorization defines broker authorization + properties: + proxyRoles: + description: |- + Role names that are treated as "proxy roles". If the broker sees a request with + role as proxyRoles - it will demand to see a valid original principal. + type: string + rbac: + nullable: true + type: object + superUserRoles: + description: |- + SuperUserRoles Role names that are treated as "super-user", meaning they will be able to do all admin + operations and publish/consume from all topics + type: string + type: object + clientAuth: + description: ClientAuth authentication configuration for client + connections + properties: + generic: + description: Generic Client Generic authentication configuration + properties: + authParams: + description: |- + Parameters passed to authentication plugin. + A comma separated list of key:value pairs. + Keys depend on the configured authPlugin. + e.g. for TLS + authParams: tlsCertFile:/my/cert/file,tlsKeyFile:/my/key/file + AuthParams This parameter is required if using a generic configuration + type: string + authPlugin: + description: |- + Authentication plugin to authenticate with servers + e.g. for TLS + authPlugin=org.apache.pulsar.client.impl.auth.AuthenticationTls + AuthPlugin This parameter is required if using a generic configuration + type: string + custom: + additionalProperties: + type: string + description: Custom parameters for the client authentication + type: object + required: + - authParams + - authPlugin + type: object + jwt: + description: JWT Client JWT authentication configuration + properties: + secret: + description: Secret name to fetch the token from, this + secret should contain the `token` field + type: string + token: + description: |- + Token passed to authentication plugin. + A comma separated list of key:value pairs. + Keys depend on the configured authPlugin. + Token + type: string + type: object + type: object + clusterName: + description: ClusterName defines name of the Pulsar cluster. + type: string + concurrentUnloadPerSecond: + description: control the unload speed of pulsar broker + format: int64 + type: integer + custom: + additionalProperties: + type: string + description: Custom allows to customize broker configurations + directly. + nullable: true + type: object + function: + description: FunctionConfig defines function worker configurations + properties: + custom: + additionalProperties: + type: string + description: Custom allows to custom functions worker's configuration + and will be written to the ConfigMap for `changeConfig` + nullable: true + type: object + customWorkerConfig: + description: |- + CustomWorkerConfig allows customizing function workers config. + The value should be a yaml with the configurations the user want to override + type: string + enabled: + description: Enabled defines whether to enable function in + the cluster + type: boolean + functionRunnerImages: + description: Function runner images + properties: + genericBase: + description: Image of GenericBase function runner. + type: string + genericNode: + description: Image of GenericNode function runner. + type: string + genericPython: + description: Image of GenericPython function runner. + type: string + go: + description: Image of Go function runner. + type: string + java: + description: Image of Java function runner. + type: string + python: + description: Image of Python function runner. + type: string + type: object + labels: + additionalProperties: + type: string + description: Labels defines custom labels for function pods + nullable: true + type: object + mesh: + description: Mesh defines configurations used in function + mesh + properties: + builtinConnectorsRef: + description: BuiltinConnectorsRef defines the reference + to the ConfigMap that contains a list of builtin-connector + definitions + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + disabledRuntimes: + description: DisabledRuntimes defines the list of disabled + runtimes + items: + type: string + nullable: true + type: array + x-kubernetes-list-type: set + functionEnabled: + description: FunctionEnabled defines whether to enable + function APIs + type: boolean + insecureAuthEnabled: + description: |- + InsecureAuthEnabled defines whether to use insecure auth: + use a same superuser account got from config file in all functions/sinks/sources + type: boolean + sinkEnabled: + description: SinkEnabled defines whether to enable sink + APIs + type: boolean + sourceEnabled: + description: SourceEnabled defines whether to enable source + APIs + type: boolean + uploadEnabled: + description: UploadEnabled defines whether to enable user + code upload in APIs + type: boolean + type: object + resourceRequirements: + description: ResourceRequirements describes the resource requirements + properties: + max: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Max describes maximum compute resource could + request for each replica + type: object + min: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Min describes minimal compute resource should + request for each replica + type: object + type: object + serviceAccountName: + description: The name of the service account to run functions + and connectors. + type: string + type: + description: |- + Type defines the type of function worker service to run functions/sources/sinks + Function-mesh worker service is used if the value of type is FunctionMesh, + otherwise the builtin worker service is used + type: string + type: object + placementPolicy: + description: |- + PlacementPolicy defines the placement policy of the broker + https://github.com/streamnative/sn-pulsar-plugins/tree/master/pulsar-placement-policy#pulsar-placement-policy + enum: + - az-rack-aware + - az-region-aware + type: string + protocolHandlers: + description: ProtocolHandlers defines the configuration of protocol + handlers + properties: + aop: + description: AoP configurations + properties: + enabled: + description: Enabled defines whether to enable AoP + type: boolean + proxyEnabled: + description: |- + Whether to start AMQP proxy. + Deprecated: proxy will always be enabled + type: boolean + type: object + kop: + description: KoP defines KoP configurations + properties: + enabled: + description: Enabled defines whether to enable KoP + type: boolean + schemaRegistryEnabled: + description: SchemaRegistryEnabled define whether to enable + schema registry + type: boolean + tls: + description: TLS defines the TLS configuration on the + broker. + properties: + certSecretName: + description: |- + CertSecretName defines the name of the secret that contains the certificate to use + the value should be name of the secret that contains a valid certificate to use in the proxy + type: string + enabled: + description: |- + Enabled determines whether to enable TLS in proxies + TODO move other TLS related fields here + type: boolean + passwordSecretRef: + description: |- + PasswordSecretRef is a reference to a key in a Secret resource + containing the password used to encrypt the keystore. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. + Some instances of this field may be defaulted, in others it may be + required. + type: string + name: + description: |- + Name of the resource being referred to. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + required: + - name + type: object + trustCertsEnabled: + description: TrustCertsEnabled defines whether to + enable trust store + type: boolean + type: object + type: object + mop: + description: MoP configurations + properties: + authenticationEnabled: + description: AuthenticationEnabled defines whether to + enable MoP authentication. + type: boolean + authenticationMethods: + description: AuthenticationMethods defines which authentication + method to use, only supports token now + type: string + authorizationEnabled: + description: AuthorizationEnabled defines whether to enable + MoP authorization. + type: boolean + enabled: + description: Enabled defines whether to enable MoP + type: boolean + proxyEnabled: + description: ProxyEnabled defines whether to enable MoP + proxy. + type: boolean + type: object + type: object + pulsarRestMessagingServiceEnabled: + description: PulsarRestMessagingServiceEnabled defines whether + Pulsar Rest Messaging will be enabled + type: boolean + readOnly: + description: ReadOnly Support for the broker to be read-only mode + nullable: true + properties: + enabled: + description: Enabled defines whether to enable read-only mode + nullable: true + type: boolean + zoneKeySuffix: + description: ZoneKeySuffix defines the zone key suffix that + are read-only broker + type: string + zoneMappings: + description: ZoneMappings defines the zone mappings + items: + properties: + id: + description: ID defines the zone id + type: string + name: + description: Zone defines the zone name + type: string + required: + - id + - name + type: object + type: array + x-kubernetes-list-map-keys: + - id + x-kubernetes-list-type: map + type: object + serviceURLGenerationPolicy: + default: NameUIDPrefix + description: ServiceURLGenerationPolicy defines how the service + url should be generated + enum: + - NameUIDPrefix + - OrdinalPrefix + - FQDN + type: string + tieredStorageConfig: + description: TieredStorageConfig defines the configuration of + the tiered storage + nullable: true + properties: + customConfig: + additionalProperties: + type: string + description: CustomConfig defines the other configurations + want to apply. + type: object + enabled: + description: Enabled defines whether to enable tiered storage + or not. + type: boolean + storagePath: + description: StoragePath defines the store path of offloaded + data + type: string + type: + description: Type defines which type of the tiered storage + will be used. + enum: + - delta + - iceberg + - hdfs + type: string + type: object + transactionEnabled: + description: TransactionEnabled defines whether transaction support + is enabled in the brokers + type: boolean + usePodIPAsAdvertisedAddress: + description: UsePodIPAsAdvertisedAddress use pod ip as advertise + address. + type: boolean + webSocketServiceEnabled: + description: WebSocketServiceEnabled defines whether WebSocket + will be enabled + type: boolean + type: object + configs: + additionalProperties: + type: string + description: |- + Configs defines custom configurations for brokers + Deprecated: use Config instead + nullable: true + type: object + configurationMetadataStoreUrl: + description: ConfigurationMetadataStoreUrl defines the configuration + metadata store url + nullable: true + type: string + configurationStoreConfig: + description: ConfigurationStoreConfig defines the configuration store + configuration + properties: + zk: + properties: + certSecretName: + description: |- + CertSecretName is the name of the secret that contains the zk client certificate + if set this, client will use mutual tls, otherwise, client will use simple tls + type: string + clusterIndex: + description: |- + ClusterIndex is the index of the zookeeper cluster in the zookeeper clusters list + to check if the cluster is the client of shared zk + format: int32 + type: integer + domain: + description: Domain is the host of the shared zookeeper cluster + type: string + serverPort: + description: ServerPort is the port of the shared zookeeper + cluster + format: int32 + type: integer + type: object + type: object + configurationStoreServers: + description: ConfigurationStoreServers defines the address of the + configuration store + type: string + customization: + description: Customization allows the desired manifests of operator + managed resources to be customized. + items: + properties: + manifest: + description: Manifest defines the patch to apply to customize + the desired resource + type: string + match: + description: Match defines what resource should be customized + by this customization layer + nullable: true + properties: + groupVersionKinds: + description: Matches the group, version, and kind of the + resource. + items: + properties: + group: + description: |- + Group is the group of the resource. + Matches all groups if it's empty or `*`. + type: string + kind: + description: |- + Kind is the kind of the resource. + Matches all kinds if it's `*`. + type: string + version: + description: |- + Version is the version of the resource. + Matches all versions if it's empty or `*`. + type: string + required: + - kind + type: object + nullable: true + type: array + name: + description: |- + Name matches the resource name defined in the metadata. + It could be defined as a Regex pattern, like `^.*-bk$`. + type: string + type: object + required: + - manifest + type: object + nullable: true + type: array + dnsNames: + description: A list of service urls this pulsar broker advertise + items: + type: string + nullable: true + type: array + image: + description: |- + Image is the container image used to run pulsar broker pods. + default is apachepulsar/pulsar:latest + type: string + imagePullPolicy: + description: Image pull policy, one of Always, Never, IfNotPresent, + default to Always. + type: string + interceptors: + description: Interceptors defines a list of interceptors to enable + items: + properties: + configs: + additionalProperties: + type: string + description: Configs defines configs for the interceptor + nullable: true + type: object + mountedConfigs: + description: MountedConfigs defines configs whose value should + be put in a dedicated file + items: + description: The operator generates config files based on + the spec automatically + properties: + configName: + description: ConfigName defines the name of the config + type: string + fileName: + description: FileName defines the name of the file used + to store the value. Defaults to the ConfigName. + type: string + value: + description: Value defines the value of the config + type: string + required: + - configName + - value + type: object + nullable: true + type: array + name: + description: Name defines the name of the interceptor + type: string + required: + - name + type: object + nullable: true + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + istio: + description: Istio defines the configurations for istio + properties: + authRules: + description: AuthRules define the AuthorizationPolicies + items: + properties: + fromSource: + items: + properties: + principals: + items: + type: string + type: array + type: object + type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array + type: object + type: array + enabled: + description: Enabled defines whether to enable Istio + type: boolean + gateway: + description: |- + Gateway defines the gateway configuration, Gateway will be ignored if Gateways is not empty + The operator could either create a gateway automatically or use an existing one + properties: + advertisedDomain: + description: AdvertisedDomain defines the domain name for + the gateway, used solely when serving a list of gateways + type: string + create: + description: Create defines whether to create a gateway + type: boolean + gateways: + description: Gateways defines a list of existing gateways + items: + type: string + nullable: true + type: array + key: + default: istio-generatedid + description: Key is used to identify the gateway and related + resources, used solely when serving a list of gateways + type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object + selector: + additionalProperties: + type: string + description: Selector defines the selector for the gateway + to create + nullable: true + type: object + tls: + properties: + certSecretName: + description: "SIMPLE mode:\n CertSecretName defines the + name of the secret that contains the\n certificate + to use in Istio Ingress Gateway. The value should be\n + \ name of the secret in the gateway workload namespace.\nPASSTHROUGH + mode:\n\t CertSecretName defines the name of the secret + that contains the\n\t certificate to use in Broker. + The value should be name of the secret\n name of the + secret in the Broker workload namespace.\nRequired in + both SIMPLE and PASSTHROUGH mode." + type: string + mode: + description: |- + Optional: Indicates whether connections to this port should be + secured using TLS. The value of this field determines how TLS is + enforced. + type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array + trustCertsEnabled: + description: TrustCertsEnabled defines whether to enable + trust store + type: boolean + type: object + type: object + gateways: + description: Gateways define a list of gateway configurations, + Gateway will be used if Gateways is empty + items: + properties: + advertisedDomain: + description: AdvertisedDomain defines the domain name for + the gateway, used solely when serving a list of gateways + type: string + create: + description: Create defines whether to create a gateway + type: boolean + gateways: + description: Gateways defines a list of existing gateways + items: + type: string + nullable: true + type: array + key: + default: istio-generatedid + description: Key is used to identify the gateway and related + resources, used solely when serving a list of gateways + type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object + selector: + additionalProperties: + type: string + description: Selector defines the selector for the gateway + to create + nullable: true + type: object + tls: + properties: + certSecretName: + description: "SIMPLE mode:\n CertSecretName defines + the name of the secret that contains the\n certificate + to use in Istio Ingress Gateway. The value should + be\n name of the secret in the gateway workload namespace.\nPASSTHROUGH + mode:\n\t CertSecretName defines the name of the secret + that contains the\n\t certificate to use in Broker. + The value should be name of the secret\n name of + the secret in the Broker workload namespace.\nRequired + in both SIMPLE and PASSTHROUGH mode." + type: string + mode: + description: |- + Optional: Indicates whether connections to this port should be + secured using TLS. The value of this field determines how TLS is + enforced. + type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array + trustCertsEnabled: + description: TrustCertsEnabled defines whether to enable + trust store + type: boolean + type: object + type: object + maxItems: 10 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + mtls: + description: Mtls defines the mTLS configuration + properties: + mode: + default: strict + type: string + type: object + revision: + default: default + description: Revision defines which Istio control plane inject + sidecar + type: string + trustDomain: + description: TrustDomain corresponds to the trust root of a system + and is part of a workload identity + type: string + type: object + logConfig: + description: LogConfig defines the log configuration + properties: + format: + default: text + description: Format is the log format, value is 'json' or 'text' + enum: + - json + - text + type: string + level: + default: INFO + description: Level is the log level + enum: + - INFO + - DEBUG + - TRACE + - WARN + - ERROR + - FATAL + - ALL + - "OFF" + type: string + template: + description: Template is the log Configuration content, can use + golang template syntax + type: string + type: object + metadataStoreUrl: + description: MetadataStoreUrl defines the metadata store url + nullable: true + type: string + pod: + description: Pod defines the policy for creating a broker pod + properties: + affinity: + description: Affinity specifies the scheduling constraints of + a pod + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: |- + An empty preferred scheduling term matches all objects with implicit weight 0 + (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: |- + A null or empty node selector term matches no objects. The requirements of + them are ANDed. + The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the anti-affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: |- + If the anti-affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the anti-affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + annotations: + additionalProperties: + type: string + description: Annotations specifies the annotations to attach to + pods the operator creates + type: object + debug: + description: Debug defines a switch enable debug + type: boolean + imagePullSecrets: + description: |- + ImagePullSecrets is an optional list of references to secrets in the same namespace + to use for pulling any of the images used by this PodSpec. + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers defines init containers of the pod. A typical use case could be using an init + container to download a remote jar to a local path. + items: + description: |- + A single application container that you want to run within a pod. + The Container API from the core group is not used directly to avoid unneeded fields + and reduce the size of the CRD. New fields could be added as needed. + properties: + args: + description: Arguments to the entrypoint. + items: + type: string + type: array + command: + description: Entrypoint array. Not executed within a shell. + items: + type: string + type: array + env: + description: List of environment variables to set in the + container. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Docker image name. + type: string + imagePullPolicy: + description: Image pull policy. + type: string + livenessProbe: + description: Periodic probe of container liveness. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + type: string + readinessProbe: + description: |- + Periodic probe of container service readiness. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resources: + description: Compute Resources required by this container. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + startupProbe: + description: StartupProbe indicates that the Pod has successfully + initialized. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. + type: string + required: + - name + type: object + type: array + jvmOptions: + description: JvmOptions defines the Jvm options passed to the + container + nullable: true + properties: + extraOptions: + items: + type: string + nullable: true + type: array + x-kubernetes-list-type: set + gcLoggingOptions: + items: + type: string + nullable: true + type: array + x-kubernetes-list-type: set + gcOptions: + items: + type: string + nullable: true + type: array + x-kubernetes-list-type: set + memoryOptions: + items: + type: string + nullable: true + type: array + x-kubernetes-list-type: set + type: object + x-kubernetes-map-type: granular + labels: + additionalProperties: + type: string + description: Labels specifies the labels to attach to pod the + operator creates for the cluster. + type: object + minReadySeconds: + description: |- + MinReadySeconds is the minimum time the pod must be ready without any of its + container crashing, for it to be considered available. + Only available when feature gate StatefulSetMinReadySeconds is enabled(enabled by default from v1.25.0). + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: |- + NodeSelector specifies a map of key-value pairs. For a pod to be eligible to run + on a node, the node must have each of the indicated key-value pairs as labels. + type: object + resources: + description: Resources specifies the resource requirements of + containers to run in the pod + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + secretRefs: + description: SecretRefs defines how to mount required secrets + into containers + items: + properties: + mountPath: + type: string + secretName: + type: string + required: + - mountPath + - secretName + type: object + type: array + x-kubernetes-list-map-keys: + - secretName + x-kubernetes-list-type: map + securityContext: + description: |- + SecurityContext specifies the security context for the entire pod + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context + properties: + fsGroup: + format: int64 + type: integer + readOnlyRootFilesystem: + description: ReadOnlyRootFilesystem specifies whether the + container use a read-only filesystem. + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + type: object + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run pods. + type: string + sidecars: + description: Sidecars defines sidecar containers running alongside + with the main function container in the pod. + items: + description: |- + A single application container that you want to run within a pod. + The Container API from the core group is not used directly to avoid unneeded fields + and reduce the size of the CRD. New fields could be added as needed. + properties: + args: + description: Arguments to the entrypoint. + items: + type: string + type: array + command: + description: Entrypoint array. Not executed within a shell. + items: + type: string + type: array + env: + description: List of environment variables to set in the + container. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Docker image name. + type: string + imagePullPolicy: + description: Image pull policy. + type: string + livenessProbe: + description: Periodic probe of container liveness. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + type: string + readinessProbe: + description: |- + Periodic probe of container service readiness. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resources: + description: Compute Resources required by this container. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + startupProbe: + description: StartupProbe indicates that the Pod has successfully + initialized. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. + type: string + required: + - name + type: object + type: array + terminationGracePeriodSeconds: + description: |- + TerminationGracePeriodSeconds is the amount of time that kubernetes will give + for a pod before terminating it. + format: int64 + type: integer + tolerations: + description: Tolerations specifies the tolerations of a Pod + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints describes how a group of pods ought to spread across topology + domains. Scheduler will schedule pods in a way which abides by the constraints. + All topologySpreadConstraints are ANDed + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + + + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + + If this value is nil, the behavior is equivalent to the Honor policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + + If this value is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + updateStrategy: + description: UpdateStrategy defines the update strategy of the + pod + nullable: true + properties: + partition: + description: |- + Partition indicates the ordinal at which the StatefulSet should be + partitioned. + Default value is 0. + format: int32 + type: integer + podUIDsToDelete: + description: PodUIDsToDelete is a list of pod UIDs to delete. + items: + type: string + nullable: true + type: array + type: + description: |- + Type indicates the type of the StatefulSetUpdateStrategy. + Default is RollingUpdate. + type: string + type: object + vars: + description: Vars specifies the environment variables of a Pod + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + volumes: + description: Volumes defines extra volumes of the pod. + items: + description: |- + Volume represents a named volume in a pod that may be accessed by any container in the pod. + The Volume API from the core group is not used directly to avoid unneeded fields defined in `VolumeSource` + and reduce the size of the CRD. New fields in VolumeSource could be added as needed. + properties: + configMap: + description: ConfigMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + name: + description: |- + Volume's name. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + secret: + description: Secret represents a secret that should populate + this volume. + properties: + defaultMode: + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + type: string + type: object + required: + - name + type: object + type: array + type: object + replicas: + description: Replicas is the expected size of the pulsar broker revision + format: int32 + minimum: 0 + type: integer + tls: + description: TLS defines the TLS configuration on the broker. + properties: + certSecretName: + description: |- + CertSecretName defines the name of the secret that contains the certificate to use + the value should be name of the secret that contains a valid certificate to use in the proxy + type: string + enabled: + description: |- + Enabled determines whether to enable TLS in proxies + TODO move other TLS related fields here + type: boolean + trustCertsEnabled: + description: TrustCertsEnabled defines whether to enable trust + store + type: boolean + type: object + zkServers: + description: Zookeeper server list + nullable: true + type: string + type: object + status: + description: PulsarBrokerRevisionStatus defines the observed state of + PulsarBrokerRevision + properties: + conditions: + additionalProperties: + description: The `Status` of a given `Condition` and the `Action` + needed to reach the `Status` + properties: + action: + description: The action needed to advance components to ready + status + type: string + condition: + type: string + status: + type: string + required: + - action + - condition + - status + type: object + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of Broker + Important: Run "make" to regenerate code after modifying this file + type: object + dynamicConfig: + additionalProperties: + type: string + description: DynamicConfig display the dynamic configurations for + the broker + type: object + labelSelector: + description: Label selector for scaling + type: string + observedGeneration: + description: |- + ObservedGeneration is the most recent generation observed for this cluster. + It corresponds to the metadata generation, which is updated on mutation by the API Server. + format: int64 + type: integer + onMeshReplicas: + description: OnMeshReplicas is the number of Pods with service mesh + enabled + format: int32 + type: integer + pendingChanges: + description: PendingChanges shows the skipped changes when the rollout + is paused + items: + properties: + action: + type: string + apiVersion: + type: string + diff: + type: string + kind: + type: string + name: + type: string + required: + - action + - apiVersion + - diff + - kind + - name + type: object + nullable: true + type: array + readyReplicas: + description: ReadyReplicas is the number of ready servers in the cluster + format: int32 + type: integer + replicas: + description: Replicas is the number of servers in the cluster + format: int32 + type: integer + serviceEndpoints: + properties: + cluster: + properties: + pulsarServiceURL: + type: string + webServiceURL: + type: string + type: object + external: + properties: + pulsarServiceURL: + type: string + webServiceURL: + type: string + type: object + type: object + updatedReplicas: + description: UpdatedReplicas is the number of servers that has been + updated to the latest configuration + format: int32 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.labelSelector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null \ No newline at end of file diff --git a/charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokers.yaml b/charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokers.yaml index 7050b1a..2230b30 100644 --- a/charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokers.yaml +++ b/charts/sn-operator/crds/pulsar.streamnative.io_pulsarbrokers.yaml @@ -1943,6 +1943,37 @@ spec: description: PulsarRestMessagingServiceEnabled defines whether Pulsar Rest Messaging will be enabled type: boolean + readOnly: + description: ReadOnly Support for the broker to be read-only mode + nullable: true + properties: + enabled: + description: Enabled defines whether to enable read-only mode + nullable: true + type: boolean + zoneKeySuffix: + description: ZoneKeySuffix defines the zone key suffix that + are read-only broker + type: string + zoneMappings: + description: ZoneMappings defines the zone mappings + items: + properties: + id: + description: ID defines the zone id + type: string + name: + description: Zone defines the zone name + type: string + required: + - id + - name + type: object + type: array + x-kubernetes-list-map-keys: + - id + x-kubernetes-list-type: map + type: object serviceURLGenerationPolicy: default: NameUIDPrefix description: ServiceURLGenerationPolicy defines how the service @@ -2006,6 +2037,33 @@ spec: metadata store url nullable: true type: string + configurationStoreConfig: + description: ConfigurationStoreConfig defines the configuration store + configuration + properties: + zk: + properties: + certSecretName: + description: |- + CertSecretName is the name of the secret that contains the zk client certificate + if set this, client will use mutual tls, otherwise, client will use simple tls + type: string + clusterIndex: + description: |- + ClusterIndex is the index of the zookeeper cluster in the zookeeper clusters list + to check if the cluster is the client of shared zk + format: int32 + type: integer + domain: + description: Domain is the host of the shared zookeeper cluster + type: string + serverPort: + description: ServerPort is the port of the shared zookeeper + cluster + format: int32 + type: integer + type: object + type: object configurationStoreServers: description: ConfigurationStoreServers defines the address of the configuration store @@ -5228,6 +5286,19 @@ spec: type: array type: object type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array type: object type: array enabled: @@ -5256,6 +5327,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -5282,6 +5375,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -5311,6 +5410,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -5337,6 +5458,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -8519,6 +8646,22 @@ spec: store type: boolean type: object + updateStrategy: + description: UpdateStrategy defines the strategy to apply when upgrading + the broker + nullable: true + properties: + partition: + description: ordinal >= partition will be updated, default is + 0 + format: int32 + minimum: 0 + type: integer + revisionHistoryLimit: + default: 3 + minimum: 1 + type: integer + type: object zkServers: description: Zookeeper server list nullable: true diff --git a/charts/sn-operator/crds/pulsar.streamnative.io_pulsarproxies.yaml b/charts/sn-operator/crds/pulsar.streamnative.io_pulsarproxies.yaml index 73854d7..f5a731c 100644 --- a/charts/sn-operator/crds/pulsar.streamnative.io_pulsarproxies.yaml +++ b/charts/sn-operator/crds/pulsar.streamnative.io_pulsarproxies.yaml @@ -1788,6 +1788,19 @@ spec: type: array type: object type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array type: object type: array enabled: @@ -1816,6 +1829,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -1842,6 +1877,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -1871,6 +1912,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -1897,6 +1960,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store diff --git a/charts/sn-operator/crds/zookeeper.streamnative.io_zookeeperclusters.yaml b/charts/sn-operator/crds/zookeeper.streamnative.io_zookeeperclusters.yaml index c0ce063..9bd76c3 100644 --- a/charts/sn-operator/crds/zookeeper.streamnative.io_zookeeperclusters.yaml +++ b/charts/sn-operator/crds/zookeeper.streamnative.io_zookeeperclusters.yaml @@ -997,6 +997,19 @@ spec: type: array type: object type: array + toOperation: + description: ToOperation defines the ports that the rule + applies to + items: + properties: + ports: + description: Ports defines the ports that the rule + applies to + items: + type: string + type: array + type: object + type: array type: object type: array enabled: @@ -1025,6 +1038,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used to + detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record from + wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -1051,6 +1086,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store @@ -1080,6 +1121,28 @@ spec: description: Key is used to identify the gateway and related resources, used solely when serving a list of gateways type: string + route: + description: Route defines route policy for the gateway + properties: + topologyAware: + description: TopologyAware defines + properties: + key: + description: Key defines the node label key used + to detect Pod topology info + type: string + subDomain: + description: SubDomain defines url generation rule + for broker Pod + type: string + required: + - key + type: object + useWildcardDNS: + description: UseWildcardDNS means inherit DNS record + from wildcard DNS, only works for externalDNS + type: boolean + type: object selector: additionalProperties: type: string @@ -1106,6 +1169,12 @@ spec: secured using TLS. The value of this field determines how TLS is enforced. type: string + subjectAltNames: + description: SubjectAltNames defines the subject alternative + names for the certificate + items: + type: string + type: array trustCertsEnabled: description: TrustCertsEnabled defines whether to enable trust store