From 17b4ce01473abe1baac99f3ec2502984e40598aa Mon Sep 17 00:00:00 2001 From: Michael Hoffmann <88316042+mhoffm-aiven@users.noreply.github.com> Date: Mon, 16 May 2022 15:29:55 +0200 Subject: [PATCH] sync with operator release 3.0 (#11) charts/aiven-operator-crds: sync crds charts/aiven-operator: sync webhooks --- charts/aiven-operator-crds/Chart.yaml | 6 +- .../templates/aiven.io_clickhouses.yaml | 223 +++++++ .../templates/aiven.io_clickhouseusers.yaml | 182 ++++++ .../templates/aiven.io_kafkas.yaml | 22 +- .../templates/aiven.io_opensearches.yaml | 585 ++++++++++++++++++ .../templates/aiven.io_postgresqls.yaml | 12 +- .../templates/aiven.io_redis.yaml | 5 + charts/aiven-operator/Chart.yaml | 6 +- .../templates/cluster_role.yaml | 60 ++ .../mutating_webhook_configuration.yaml | 60 ++ .../validating_webhook_configuration.yaml | 62 ++ 11 files changed, 1201 insertions(+), 22 deletions(-) create mode 100644 charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml create mode 100644 charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml create mode 100644 charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml diff --git a/charts/aiven-operator-crds/Chart.yaml b/charts/aiven-operator-crds/Chart.yaml index 2b8b627..f9cb9a5 100644 --- a/charts/aiven-operator-crds/Chart.yaml +++ b/charts/aiven-operator-crds/Chart.yaml @@ -2,8 +2,10 @@ apiVersion: v2 name: aiven-operator-crds description: A Helm chart to deploy the aiven operator custom resource definitions type: application -version: v0.2.0 -appVersion: v0.2.0 +version: v0.3.0 +appVersion: v0.3.0 maintainers: - name: mhoffm-aiven url: https://www.aiven.io +- name: ivan-savciuc + url: https://www.aiven.io diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml new file mode 100644 index 0000000..d4a81dc --- /dev/null +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml @@ -0,0 +1,223 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: clickhouses.aiven.io +spec: + group: aiven.io + names: + kind: Clickhouse + listKind: ClickhouseList + plural: clickhouses + singular: clickhouse + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: Information regarding secret creation + properties: + name: + description: Name of the Secret resource to be created + type: string + required: + - name + type: object + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + - never + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + ip_filter: + description: 'Glob pattern and number of indexes matching that + pattern to be kept Allows you to create glob style patterns + and set a max number of indexes matching this pattern you want + to keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a pattern + looking like ''logs.?'' and then create index logs.1, logs.2 + etc, it will delete logs.1 once you create logs.6. Do note ''logs.?'' + does not apply to logs.10. Note: Setting max_index_count to + 0 will do nothing and the pattern gets ignored. IP filter Allow + incoming connections from CIDR address block, e.g. ''10.20.0.0/16''' + items: + type: string + type: array + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 63 + type: string + type: object + required: + - authSecretRef + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml new file mode 100644 index 0000000..09025c2 --- /dev/null +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml @@ -0,0 +1,182 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: clickhouseusers.aiven.io +spec: + group: aiven.io + names: + kind: ClickhouseUser + listKind: ClickhouseUserList + plural: clickhouseusers + singular: clickhouseuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: Information regarding secret creation + properties: + name: + description: Name of the Secret resource to be created + type: string + required: + - name + type: object + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - authSecretRef + - project + - serviceName + type: object + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml index bda9386..7fd2793 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml @@ -75,6 +75,16 @@ spec: required: - name type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: Switch the service to use Karapace for schema registry + and REST proxy + type: boolean maintenanceWindowDow: description: Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc. @@ -603,18 +613,6 @@ spec: type: object kafka_version: description: Kafka major version - enum: - - "1.0" - - "1.1" - - "2.0" - - "2.1" - - "2.2" - - "2.3" - - "2.4" - - "2.5" - - "2.6" - - "2.7" - - "2.8" type: string private_access: description: Allow access to selected service ports from private diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml new file mode 100644 index 0000000..f7ec0d7 --- /dev/null +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -0,0 +1,585 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: opensearches.aiven.io +spec: + group: aiven.io + names: + kind: OpenSearch + listKind: OpenSearchList + plural: opensearches + singular: opensearch + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: Information regarding secret creation + properties: + name: + description: Name of the Secret resource to be created + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + - never + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + custom_domain: + description: Custom domain Serve the web frontend using a custom + CNAME pointing to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: 'Disable replication factor adjustment DEPRECATED: + Disable automatic replication factor adjustment for multi-node + services. By default, Aiven ensures all indexes are replicated + at least to two nodes. Note: Due to potential data loss in case + of losing a service node, this setting can no longer be activated.' + type: boolean + index_patterns: + description: 'Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to keep. + Creating indexes exceeding this value will cause the oldest + one to get deleted. You could for example create a pattern looking + like ''logs.?'' and then create index logs.1, logs.2 etc, it + will delete logs.1 once you create logs.6. Do note ''logs.?'' + does not apply to logs.10. Note: Setting max_index_count to + 0 will do nothing and the pattern gets ignored.' + items: + properties: + max_index_count: + description: Maximum number of indexes to keep + format: int64 + minimum: 0 + type: integer + pattern: + description: Must consist of alpha-numeric characters, dashes, + underscores, dots and glob characters (* and ?) + maxLength: 1024 + type: string + type: object + type: array + index_template: + description: Template settings for all new indexes + properties: + mapping_nested_objects_limit: + description: index.mapping.nested_objects.limit The maximum + number of nested JSON objects that a single document can + contain across all nested types. This limit helps to prevent + out of memory errors when a document contains too many nested + objects. Default is 10000. + format: int64 + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: index.number_of_replicas The number of replicas + each primary shard has. + format: int64 + maximum: 29 + minimum: 0 + type: integer + number_of_shards: + description: index.number_of_shards The number of primary + shards that an index should have. + format: int64 + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: 'Glob pattern and number of indexes matching that + pattern to be kept Allows you to create glob style patterns + and set a max number of indexes matching this pattern you want + to keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a pattern + looking like ''logs.?'' and then create index logs.1, logs.2 + etc, it will delete logs.1 once you create logs.6. Do note ''logs.?'' + does not apply to logs.10. Note: Setting max_index_count to + 0 will do nothing and the pattern gets ignored. IP filter Allow + incoming connections from CIDR address block, e.g. ''10.20.0.0/16''' + items: + type: string + type: array + keep_index_refresh_interval: + description: Don't reset index.refresh_interval to the default + value Aiven automation resets index.refresh_interval to default + value for every index to be sure that indices are always visible + to search. If it doesn't fit your case, you can disable this + by setting up this flag to true. + type: boolean + max_index_count: + description: Maximum index count Maximum number of indexes to + keep before deleting the oldest one + format: int64 + minimum: 0 + type: integer + opensearch: + description: OpenSearch settings + properties: + action_auto_create_index_enabled: + description: action.auto_create_index Explicitly allow or + block automatic creation of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + cluster_max_shards_per_node: + description: cluster.max_shards_per_node Controls the number + of shards allowed in the cluster per data node + format: int64 + maximum: 10000 + minimum: 100 + type: integer + http_max_content_length: + description: http.max_content_length Maximum content length + for HTTP requests to the OpenSearch HTTP API, in bytes. + format: int64 + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: http.max_header_size The max size of allowed + headers, in bytes + format: int64 + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: http.max_initial_line_length The max length of + an HTTP URL, in bytes + format: int64 + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: indices.fielddata.cache.size Relative amount. + Maximum amount of heap memory used for field data cache. + This is an expert setting; decreasing the value too much + will increase overhead of loading field data; too much memory + used for field data cache will decrease amount of heap available + for other operations. + format: int64 + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: indices.memory.index_buffer_size Percentage value. + Default is 10%. Total amount of heap used for indexing buffer, + before writing segments to disk. This is an expert setting. + Too low value will slow down indexing; too high value will + increase indexing performance but causes performance issues + for query performance. + format: int64 + maximum: 40 + minimum: 3 + type: integer + indices_queries_cache_size: + description: indices.queries.cache.size Percentage value. + Default is 10%. Maximum amount of heap used for query cache. + This is an expert setting. Too low value will decrease query + performance and increase performance for other operations; + too high value will cause issues with other OpenSearch functionality. + format: int64 + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: indices.query.bool.max_clause_count Maximum number + of clauses Lucene BooleanQuery can have. The default value + (1024) is relatively high, and increasing it may cause performance + issues. Investigate other approaches first before increasing + this value. + format: int64 + maximum: 4096 + minimum: 64 + type: integer + reindex_remote_whitelist: + description: reindex_remote_whitelist Whitelisted addresses + for reindexing. Changing this value will cause all OpenSearch + instances to restart. Address (hostname:port or IP:port) + items: + type: string + type: array + search_max_buckets: + description: search.max_buckets Maximum number of aggregation + buckets allowed in a single response. OpenSearch default + value is used when this is not defined. + format: int64 + maximum: 20000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: analyze thread pool queue size for the thread + pool queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: analyze thread pool size for the thread pool. + See documentation for exact details. Do note this may have + maximum value depending on CPU count - value is automatically + lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: force_merge thread pool size for the thread pool. + See documentation for exact details. Do note this may have + maximum value depending on CPU count - value is automatically + lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: get thread pool queue size for the thread pool + queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: get thread pool size for the thread pool. See + documentation for exact details. Do note this may have maximum + value depending on CPU count - value is automatically lowered + if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_index_size: + description: index thread pool size for the thread pool. See + documentation for exact details. Do note this may have maximum + value depending on CPU count - value is automatically lowered + if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: search thread pool queue size for the thread + pool queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: search thread pool size for the thread pool. + See documentation for exact details. Do note this may have + maximum value depending on CPU count - value is automatically + lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: search_throttled thread pool queue size for the + thread pool queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: search_throttled thread pool size for the thread + pool. See documentation for exact details. Do note this + may have maximum value depending on CPU count - value is + automatically lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: write thread pool queue size for the thread pool + queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: write thread pool size for the thread pool. See + documentation for exact details. Do note this may have maximum + value depending on CPU count - value is automatically lowered + if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: 'max_old_space_size Limits the maximum amount + of memory (in MiB) the OpenSearch Dashboards process can + use. This sets the max_old_space_size option of the nodejs + running the OpenSearch Dashboards. Note: the memory reserved + by OpenSearch Dashboards is not available for OpenSearch.' + format: int64 + maximum: 1024 + minimum: 64 + type: integer + opensearch_request_timeout: + description: Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + format: int64 + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + type: string + private_access: + description: Allow access to selected service ports from private + networks + properties: + opensearch: + description: Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + format: ^[a-zA-Z0-9-_:.]+$ + maxLength: 128 + type: string + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 63 + type: string + static_ips: + description: Static IP addresses Use static public IP addresses + type: boolean + type: object + required: + - authSecretRef + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml index 584bdf4..09faeb6 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml @@ -75,6 +75,12 @@ spec: required: - name type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string maintenanceWindowDow: description: Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc. @@ -480,12 +486,6 @@ spec: type: string pg_version: description: PostgreSQL major version - enum: - - "9.5" - - "9.6" - - "10" - - "11" - - "12" type: string pgbouncer: description: PGBouncer connection pooling settings diff --git a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml index 802164d..33b015d 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml @@ -62,6 +62,11 @@ spec: required: - name type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + type: string maintenanceWindowDow: description: Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc. diff --git a/charts/aiven-operator/Chart.yaml b/charts/aiven-operator/Chart.yaml index 3fbad90..a0ea9df 100644 --- a/charts/aiven-operator/Chart.yaml +++ b/charts/aiven-operator/Chart.yaml @@ -2,8 +2,10 @@ apiVersion: v2 name: aiven-operator description: A Helm chart to deploy the aiven operator type: application -version: v0.2.0 -appVersion: v0.2.0 +version: v0.3.0 +appVersion: v0.3.0 maintainers: - name: mhoffm-aiven url: https://www.aiven.io +- name: ivan-savciuc + url: https://www.aiven.io diff --git a/charts/aiven-operator/templates/cluster_role.yaml b/charts/aiven-operator/templates/cluster_role.yaml index 2971dcc..bbf883f 100644 --- a/charts/aiven-operator/templates/cluster_role.yaml +++ b/charts/aiven-operator/templates/cluster_role.yaml @@ -25,6 +25,46 @@ rules: - patch - update - watch +- apiGroups: + - aiven.io + resources: + - clickhouses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - clickhouses/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - clickhouseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - clickhouseusers/status + verbs: + - get + - patch + - update - apiGroups: - aiven.io resources: @@ -187,6 +227,26 @@ rules: - get - patch - update +- apiGroups: + - aiven.io + resources: + - opensearches + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - opensearches/status + verbs: + - get + - patch + - update - apiGroups: - aiven.io resources: diff --git a/charts/aiven-operator/templates/mutating_webhook_configuration.yaml b/charts/aiven-operator/templates/mutating_webhook_configuration.yaml index 5ece068..f474636 100644 --- a/charts/aiven-operator/templates/mutating_webhook_configuration.yaml +++ b/charts/aiven-operator/templates/mutating_webhook_configuration.yaml @@ -11,6 +11,46 @@ metadata: {{- include "aiven-operator.labels" . | nindent 4 }} webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /mutate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: mclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouses + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /mutate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: mclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None - admissionReviewVersions: - v1 clientConfig: @@ -171,6 +211,26 @@ webhooks: resources: - kafkatopics sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /mutate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: mopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - opensearches + sideEffects: None - admissionReviewVersions: - v1 clientConfig: diff --git a/charts/aiven-operator/templates/validating_webhook_configuration.yaml b/charts/aiven-operator/templates/validating_webhook_configuration.yaml index b3007bf..07dc3ce 100644 --- a/charts/aiven-operator/templates/validating_webhook_configuration.yaml +++ b/charts/aiven-operator/templates/validating_webhook_configuration.yaml @@ -10,6 +10,47 @@ metadata: labels: {{- include "aiven-operator.labels" . | nindent 4 }} webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /validate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: vclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clickhouses + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /validate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: vclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None - admissionReviewVersions: - v1 clientConfig: @@ -176,6 +217,27 @@ webhooks: resources: - kafkatopics sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /validate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: vopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - opensearches + sideEffects: None - admissionReviewVersions: - v1 clientConfig: