From f9082373e0aa4bfa3879e6c01c2fdd88bbd24f90 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Dec 2023 00:20:34 +0000 Subject: [PATCH 1/3] build(deps): bump actions/setup-go from 4 to 5 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 49bb1f4e..b4cf097e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: stable - uses: trunk-io/trunk-action@v1 From 3ff5f67a5ee181e3c138730cd47d084b208f7740 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Mon, 25 Dec 2023 00:21:22 +0000 Subject: [PATCH 2/3] chore(userconfigs): generate files --- .../templates/aiven.io_cassandras.yaml | 746 +++---- .../templates/aiven.io_clickhouses.yaml | 714 +++--- .../templates/aiven.io_clickhouseusers.yaml | 348 ++- .../templates/aiven.io_connectionpools.yaml | 391 ++-- .../templates/aiven.io_databases.yaml | 300 ++- .../templates/aiven.io_grafanas.yaml | 1600 +++++++------ .../templates/aiven.io_kafkaacls.yaml | 325 ++- .../templates/aiven.io_kafkaconnectors.yaml | 409 ++-- .../templates/aiven.io_kafkaconnects.yaml | 848 ++++--- .../templates/aiven.io_kafkas.yaml | 1981 ++++++++--------- .../templates/aiven.io_kafkaschemas.yaml | 334 ++- .../templates/aiven.io_kafkatopics.yaml | 535 +++-- .../templates/aiven.io_mysqls.yaml | 1331 ++++++----- .../templates/aiven.io_opensearches.yaml | 1918 ++++++++-------- .../templates/aiven.io_postgresqls.yaml | 1943 ++++++++-------- .../templates/aiven.io_projects.yaml | 445 ++-- .../templates/aiven.io_projectvpcs.yaml | 321 ++- .../templates/aiven.io_redis.yaml | 911 ++++---- .../aiven.io_serviceintegrations.yaml | 1476 ++++++------ .../templates/aiven.io_serviceusers.yaml | 348 ++- config/crd/bases/aiven.io_cassandras.yaml | 746 +++---- config/crd/bases/aiven.io_clickhouses.yaml | 714 +++--- .../crd/bases/aiven.io_clickhouseusers.yaml | 348 ++- .../crd/bases/aiven.io_connectionpools.yaml | 391 ++-- config/crd/bases/aiven.io_databases.yaml | 300 ++- config/crd/bases/aiven.io_grafanas.yaml | 1600 +++++++------ config/crd/bases/aiven.io_kafkaacls.yaml | 325 ++- .../crd/bases/aiven.io_kafkaconnectors.yaml | 409 ++-- config/crd/bases/aiven.io_kafkaconnects.yaml | 848 ++++--- config/crd/bases/aiven.io_kafkas.yaml | 1981 ++++++++--------- config/crd/bases/aiven.io_kafkaschemas.yaml | 334 ++- config/crd/bases/aiven.io_kafkatopics.yaml | 535 +++-- config/crd/bases/aiven.io_mysqls.yaml | 1331 ++++++----- config/crd/bases/aiven.io_opensearches.yaml | 1918 ++++++++-------- config/crd/bases/aiven.io_postgresqls.yaml | 1943 ++++++++-------- config/crd/bases/aiven.io_projects.yaml | 445 ++-- config/crd/bases/aiven.io_projectvpcs.yaml | 321 ++- config/crd/bases/aiven.io_redis.yaml | 911 ++++---- .../bases/aiven.io_serviceintegrations.yaml | 1476 ++++++------ config/crd/bases/aiven.io_serviceusers.yaml | 348 ++- config/rbac/role.yaml | 1192 +++++----- config/webhook/manifests.yaml | 1548 ++++++------- docs/docs/api-reference/cassandra.md | 13 +- docs/docs/api-reference/clickhouse.md | 13 +- docs/docs/api-reference/clickhouseuser.md | 5 +- docs/docs/api-reference/connectionpool.md | 5 +- docs/docs/api-reference/database.md | 5 +- docs/docs/api-reference/grafana.md | 17 +- docs/docs/api-reference/kafka.md | 15 +- docs/docs/api-reference/kafkaacl.md | 5 +- docs/docs/api-reference/kafkaconnect.md | 15 +- docs/docs/api-reference/kafkaconnector.md | 5 +- docs/docs/api-reference/kafkaschema.md | 5 +- docs/docs/api-reference/kafkatopic.md | 9 +- docs/docs/api-reference/mysql.md | 19 +- docs/docs/api-reference/opensearch.md | 21 +- docs/docs/api-reference/postgresql.md | 17 +- docs/docs/api-reference/project.md | 5 +- docs/docs/api-reference/projectvpc.md | 5 +- docs/docs/api-reference/redis.md | 15 +- docs/docs/api-reference/serviceintegration.md | 7 +- docs/docs/api-reference/serviceuser.md | 5 +- 62 files changed, 17935 insertions(+), 19459 deletions(-) diff --git a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml index c77cf9c8..b92c2e97 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml @@ -15,417 +15,381 @@ spec: singular: cassandra scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cassandra is the Schema for the cassandras API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: CassandraSpec defines the desired state of Cassandra - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cassandra is the Schema for the cassandras API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CassandraSpec defines the desired state of Cassandra + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - key: - minLength: 1 + integrationType: + enum: + - read_replica type: string - name: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - key - - name + - integrationType + - sourceServiceName type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, - `CASSANDRA_URI`, `CASSANDRA_HOSTS`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + backup_hour: + description: The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + cassandra: + description: cassandra configuration values + properties: + batch_size_fail_threshold_in_kb: + description: Fail any multiple-partition batch exceeding this + value. 50kb (10x warn threshold) by default. + maximum: 1000000 + minimum: 1 + type: integer + batch_size_warn_threshold_in_kb: + description: Log a warning message on any multiple-partition + batch size exceeding this value.5kb per batch by default.Caution + should be taken on increasing the size of this thresholdas + it can lead to node instability. + maximum: 1000000 + minimum: 1 + type: integer + datacenter: + description: Name of the datacenter to which nodes of this + service belong. Can be set only when creating the service. + maxLength: 128 type: string - description: Labels added to the secret + type: object + cassandra_version: + description: Cassandra major version + enum: + - "4" + - "3" + type: string + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1024 + type: array + migrate_sstableloader: + description: Sets the service into migration mode enabling the + sstableloader utility to be used to upload Cassandra data files. + Available only on service create. + type: boolean + private_access: + description: Allow access to selected service ports from private + networks + properties: + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + public_access: + description: Allow access to selected service ports from the public + Internet properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean type: object - maxItems: 1 - type: array - x-kubernetes-validations: + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + service_to_join_with: + description: When bootstrapping, instead of creating a new Cassandra + cluster try to join an existing one from another service. Can + only be set on service creation. + maxLength: 64 type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - additional_backup_regions: - description: Deprecated. Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - backup_hour: - description: - The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: - The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - cassandra: - description: cassandra configuration values - properties: - batch_size_fail_threshold_in_kb: - description: - Fail any multiple-partition batch exceeding this - value. 50kb (10x warn threshold) by default. - maximum: 1000000 - minimum: 1 - type: integer - batch_size_warn_threshold_in_kb: - description: - Log a warning message on any multiple-partition - batch size exceeding this value.5kb per batch by default.Caution - should be taken on increasing the size of this thresholdas - it can lead to node instability. - maximum: 1000000 - minimum: 1 - type: integer - datacenter: - description: - Name of the datacenter to which nodes of this - service belong. Can be set only when creating the service. - maxLength: 128 - type: string - type: object - cassandra_version: - description: Cassandra major version - enum: - - "4" - - "3" - type: string - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migrate_sstableloader: - description: - Sets the service into migration mode enabling the - sstableloader utility to be used to upload Cassandra data files. - Available only on service create. - type: boolean - private_access: - description: - Allow access to selected service ports from private - networks - properties: - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_to_join_with: - description: - When bootstrapping, instead of creating a new Cassandra - cluster try to join an existing one from another service. Can - only be set on service creation. - maxLength: 64 + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - static_ips: - description: Use static public IP addresses - type: boolean + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml index 631948cd..6fbd5c4e 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml @@ -15,396 +15,360 @@ spec: singular: clickhouse scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Clickhouse is the Schema for the clickhouses API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ClickhouseSpec defines the desired state of Clickhouse - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + private_access: + description: Allow access to selected service ports from private + networks + properties: + clickhouse: + description: Allow clients to connect to clickhouse with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + clickhouse_https: + description: Allow clients to connect to clickhouse_https + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + clickhouse_mysql: + description: Allow clients to connect to clickhouse_mysql + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName + clickhouse: + description: Enable clickhouse + type: boolean + clickhouse_https: + description: Enable clickhouse_https + type: boolean + clickhouse_mysql: + description: Enable clickhouse_mysql + type: boolean + prometheus: + description: Enable prometheus + type: boolean type: object - maxItems: 1 - type: array - x-kubernetes-validations: + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + clickhouse: + description: Allow clients to connect to clickhouse from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + clickhouse_https: + description: Allow clients to connect to clickhouse_https + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + clickhouse_mysql: + description: Allow clients to connect to clickhouse_mysql + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - private_access: - description: - Allow access to selected service ports from private - networks - properties: - clickhouse: - description: - Allow clients to connect to clickhouse with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - clickhouse_https: - description: - Allow clients to connect to clickhouse_https - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - clickhouse_mysql: - description: - Allow clients to connect to clickhouse_mysql - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - clickhouse: - description: Enable clickhouse - type: boolean - clickhouse_https: - description: Enable clickhouse_https - type: boolean - clickhouse_mysql: - description: Enable clickhouse_mysql - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - clickhouse: - description: - Allow clients to connect to clickhouse from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - clickhouse_https: - description: - Allow clients to connect to clickhouse_https - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - clickhouse_mysql: - description: - Allow clients to connect to clickhouse_mysql - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml index 87435b42..d28df3a9 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml @@ -15,191 +15,179 @@ spec: singular: clickhouseuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClickhouseUser is the Schema for the clickhouseusers API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ClickhouseUserSpec defines the desired state of ClickhouseUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - project + - serviceName + type: object + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - name: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, - `CLICKHOUSEUSER_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - project - - serviceName - type: object - status: - description: ClickhouseUserStatus defines the observed state of ClickhouseUser - properties: - conditions: - description: - Conditions represent the latest available observations - of an ClickhouseUser state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - uuid: - description: Clickhouse user UUID - type: string - required: - - conditions - - uuid - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml index 8c40c19c..f8b3d439 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml @@ -15,213 +15,200 @@ spec: singular: connectionpool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.databaseName - name: Database - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.poolSize - name: Pool Size - type: string - - jsonPath: .spec.poolMode - name: Pool Mode - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ConnectionPool is the Schema for the connectionpools API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ConnectionPoolSpec defines the desired state of ConnectionPool - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.databaseName + name: Database + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.poolSize + name: Pool Size + type: string + - jsonPath: .spec.poolMode + name: Pool Mode + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ConnectionPool is the Schema for the connectionpools API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConnectionPoolSpec defines the desired state of ConnectionPool + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, + `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, + `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + databaseName: + description: Name of the database the pool connects to + maxLength: 40 + type: string + poolMode: + description: Mode the pool operates in (session, transaction, statement) + enum: + - session + - transaction + - statement + type: string + poolSize: + description: Number of connections the pool may create towards the + backend server + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + username: + description: Name of the service user used to connect to the database + maxLength: 64 + type: string + required: + - databaseName + - project + - serviceName + - username + type: object + status: + description: ConnectionPoolStatus defines the observed state of ConnectionPool + properties: + conditions: + description: Conditions represent the latest available observations + of an ConnectionPool state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - name: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, - `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, - `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - databaseName: - description: Name of the database the pool connects to - maxLength: 40 - type: string - poolMode: - description: Mode the pool operates in (session, transaction, statement) - enum: - - session - - transaction - - statement - type: string - poolSize: - description: - Number of connections the pool may create towards the - backend server - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - username: - description: Name of the service user used to connect to the database - maxLength: 64 - type: string - required: - - databaseName - - project - - serviceName - - username - type: object - status: - description: ConnectionPoolStatus defines the observed state of ConnectionPool - properties: - conditions: - description: - Conditions represent the latest available observations - of an ConnectionPool state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml index eb5e09e0..8a25500c 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml @@ -15,165 +15,153 @@ spec: singular: database scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Database is the Schema for the databases API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: DatabaseSpec defines the desired state of Database - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Database is the Schema for the databases API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DatabaseSpec defines the desired state of Database + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + lcCollate: + description: 'Default string sort order (LC_COLLATE) of the database. + Default value: en_US.UTF-8' + maxLength: 128 + type: string + lcCtype: + description: 'Default character classification (LC_CTYPE) of the database. + Default value: en_US.UTF-8' + maxLength: 128 + type: string + project: + description: Project to link the database to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: PostgreSQL service to link the database to + maxLength: 63 + type: string + terminationProtection: + description: It is a Kubernetes side deletion protections, which prevents + the database from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - project + - serviceName + type: object + status: + description: DatabaseStatus defines the observed state of Database + properties: + conditions: + description: Conditions represent the latest available observations + of an Database state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - lcCollate: - description: - "Default string sort order (LC_COLLATE) of the database. - Default value: en_US.UTF-8" - maxLength: 128 - type: string - lcCtype: - description: - "Default character classification (LC_CTYPE) of the database. - Default value: en_US.UTF-8" - maxLength: 128 - type: string - project: - description: Project to link the database to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: PostgreSQL service to link the database to - maxLength: 63 - type: string - terminationProtection: - description: - It is a Kubernetes side deletion protections, which prevents - the database from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - project - - serviceName - type: object - status: - description: DatabaseStatus defines the observed state of Database - properties: - conditions: - description: - Conditions represent the latest available observations - of an Database state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml index 17a7362e..7a9247f9 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml @@ -15,869 +15,799 @@ spec: singular: grafana scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Grafana is the Schema for the grafanas API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: GrafanaSpec defines the desired state of Grafana - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + alerting_enabled: + description: Enable or disable Grafana legacy alerting functionality. + This should not be enabled with unified_alerting_enabled. + type: boolean + alerting_error_or_timeout: + description: Default error or timeout setting for new alerting + rules + enum: + - alerting + - keep_state + type: string + alerting_max_annotations_to_keep: + description: Max number of alert annotations that Grafana stores. + 0 (default) keeps all alert annotations. + maximum: 1000000 + minimum: 0 + type: integer + alerting_nodata_or_nullvalues: + description: Default value for 'no data or null values' for new + alerting rules + enum: + - alerting + - no_data + - keep_state + - ok + type: string + allow_embedding: + description: Allow embedding Grafana dashboards with iframe/frame/object/embed + tags. Disabled by default to limit impact of clickjacking + type: boolean + auth_azuread: + description: Azure AD OAuth integration properties: - integrationType: - enum: - - read_replica + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ type: string - sourceServiceName: + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_basic_enabled: + description: Enable or disable basic authentication form, used + by Grafana built-in login + type: boolean + auth_generic_oauth: + description: Generic OAuth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_organizations: + description: Require user to be member of one of the listed + organizations + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL + maxLength: 2048 + type: string + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + auto_login: + description: Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + name: + description: Name of the OAuth integration + maxLength: 128 + pattern: ^[a-zA-Z0-9_\- ]+$ + type: string + scopes: + description: OAuth scopes + items: + type: string + maxItems: 50 + type: array + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - api_url + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_github: + description: Github Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_organizations: + description: Require users to belong to one of given organizations + items: + type: string + maxItems: 50 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + team_ids: + description: Require users to belong to one of given team + IDs + items: + type: integer + maxItems: 50 + type: array + required: + - client_id + - client_secret + type: object + auth_gitlab: + description: GitLab Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + auth_url: + description: Authorization URL. This only needs to be set + when using self hosted GitLab + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: Token URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + required: + - allowed_groups + - client_id + - client_secret + type: object + auth_google: + description: Google Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Domains allowed to sign-in to this Grafana + items: + type: string + maxItems: 64 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + required: + - allowed_domains + - client_id + - client_secret + type: object + cookie_samesite: + description: 'Cookie SameSite attribute: ''strict'' prevents sending + cookie for cross-site requests, effectively disabling direct + linking from other sites to Grafana. ''lax'' is the default + value.' + enum: + - lax + - strict + - none + type: string + custom_domain: + description: Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + dashboard_previews_enabled: + description: This feature is new in Grafana 9 and is quite resource + intensive. It may cause low-end plans to work more slowly while + the dashboard previews are rendering. + type: boolean + dashboards_min_refresh_interval: + description: Signed sequence of decimal numbers, followed by a + unit suffix (ms, s, m, h, d), e.g. 30s, 1h + maxLength: 16 + pattern: ^[0-9]+(ms|s|m|h|d)$ + type: string + dashboards_versions_to_keep: + description: Dashboard versions to keep per dashboard + maximum: 100 + minimum: 1 + type: integer + dataproxy_send_user_header: + description: Send 'X-Grafana-User' header to data source + type: boolean + dataproxy_timeout: + description: Timeout for data proxy requests in seconds + maximum: 90 + minimum: 15 + type: integer + date_formats: + description: Grafana date format specifications + properties: + default_timezone: + description: Default time zone for user preferences. Value + 'browser' uses browser local time zone. maxLength: 64 - minLength: 1 + pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ + type: string + full_date: + description: Moment.js style format string for cases where + full date is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_day: + description: Moment.js style format string used when a time + requiring day accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_hour: + description: Moment.js style format string used when a time + requiring hour accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_minute: + description: Moment.js style format string used when a time + requiring minute accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_month: + description: Moment.js style format string used when a time + requiring month accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_second: + description: Moment.js style format string used when a time + requiring second accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_year: + description: Moment.js style format string used when a time + requiring year accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + type: object + disable_gravatar: + description: Set to true to disable gravatar. Defaults to false + (gravatar is enabled) + type: boolean + editors_can_admin: + description: Editors can manage folders, teams and dashboards + created by them + type: boolean + external_image_storage: + description: External image store settings + properties: + access_key: + description: S3 access key. Requires permissions to the S3 + bucket for the s3:PutObject and s3:PutObjectAcl actions + maxLength: 4096 + pattern: ^[A-Z0-9]+$ + type: string + bucket_url: + description: Bucket URL for S3 + maxLength: 2048 + type: string + provider: + description: Provider type + enum: + - s3 + type: string + secret_key: + description: S3 secret key + maxLength: 4096 + pattern: ^[A-Za-z0-9/+=]+$ type: string required: - - integrationType - - sourceServiceName + - access_key + - bucket_url + - provider + - secret_key type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + google_analytics_ua_id: + description: Google Analytics ID + maxLength: 64 + pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - alerting_enabled: - description: - Enable or disable Grafana legacy alerting functionality. - This should not be enabled with unified_alerting_enabled. - type: boolean - alerting_error_or_timeout: - description: - Default error or timeout setting for new alerting - rules - enum: - - alerting - - keep_state - type: string - alerting_max_annotations_to_keep: - description: - Max number of alert annotations that Grafana stores. - 0 (default) keeps all alert annotations. - maximum: 1000000 - minimum: 0 - type: integer - alerting_nodata_or_nullvalues: - description: - Default value for 'no data or null values' for new - alerting rules - enum: - - alerting - - no_data - - keep_state - - ok - type: string - allow_embedding: - description: - Allow embedding Grafana dashboards with iframe/frame/object/embed - tags. Disabled by default to limit impact of clickjacking - type: boolean - auth_azuread: - description: Azure AD OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_basic_enabled: - description: - Enable or disable basic authentication form, used - by Grafana built-in login - type: boolean - auth_generic_oauth: - description: Generic OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_organizations: - description: - Require user to be member of one of the listed - organizations - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL - maxLength: 2048 - type: string - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - auto_login: - description: - Allow users to bypass the login screen and automatically - log in - type: boolean - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - name: - description: Name of the OAuth integration - maxLength: 128 - pattern: ^[a-zA-Z0-9_\- ]+$ - type: string - scopes: - description: OAuth scopes - items: - type: string - maxItems: 50 - type: array - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - api_url - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_github: - description: Github Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_organizations: - description: Require users to belong to one of given organizations - items: - type: string - maxItems: 50 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - team_ids: - description: - Require users to belong to one of given team - IDs - items: - type: integer - maxItems: 50 - type: array - required: - - client_id - - client_secret - type: object - auth_gitlab: - description: GitLab Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - api_url: - description: - API URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - auth_url: - description: - Authorization URL. This only needs to be set - when using self hosted GitLab - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: - Token URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - required: - - allowed_groups - - client_id - - client_secret - type: object - auth_google: - description: Google Auth integration + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Domains allowed to sign-in to this Grafana - items: - type: string - maxItems: 64 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - required: - - allowed_domains - - client_id - - client_secret - type: object - cookie_samesite: - description: - "Cookie SameSite attribute: 'strict' prevents sending - cookie for cross-site requests, effectively disabling direct - linking from other sites to Grafana. 'lax' is the default - value." - enum: - - lax - - strict - - none - type: string - custom_domain: - description: - Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - dashboard_previews_enabled: - description: - This feature is new in Grafana 9 and is quite resource - intensive. It may cause low-end plans to work more slowly while - the dashboard previews are rendering. - type: boolean - dashboards_min_refresh_interval: - description: - Signed sequence of decimal numbers, followed by a - unit suffix (ms, s, m, h, d), e.g. 30s, 1h - maxLength: 16 - pattern: ^[0-9]+(ms|s|m|h|d)$ - type: string - dashboards_versions_to_keep: - description: Dashboard versions to keep per dashboard - maximum: 100 - minimum: 1 - type: integer - dataproxy_send_user_header: - description: Send 'X-Grafana-User' header to data source - type: boolean - dataproxy_timeout: - description: Timeout for data proxy requests in seconds - maximum: 90 - minimum: 15 - type: integer - date_formats: - description: Grafana date format specifications - properties: - default_timezone: - description: - Default time zone for user preferences. Value - 'browser' uses browser local time zone. - maxLength: 64 - pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ - type: string - full_date: - description: - Moment.js style format string for cases where - full date is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_day: - description: - Moment.js style format string used when a time - requiring day accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_hour: - description: - Moment.js style format string used when a time - requiring hour accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_minute: - description: - Moment.js style format string used when a time - requiring minute accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_month: - description: - Moment.js style format string used when a time - requiring month accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_second: - description: - Moment.js style format string used when a time - requiring second accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_year: - description: - Moment.js style format string used when a time - requiring year accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - type: object - disable_gravatar: - description: - Set to true to disable gravatar. Defaults to false - (gravatar is enabled) - type: boolean - editors_can_admin: - description: - Editors can manage folders, teams and dashboards - created by them - type: boolean - external_image_storage: - description: External image store settings - properties: - access_key: - description: - S3 access key. Requires permissions to the S3 - bucket for the s3:PutObject and s3:PutObjectAcl actions - maxLength: 4096 - pattern: ^[A-Z0-9]+$ - type: string - bucket_url: - description: Bucket URL for S3 - maxLength: 2048 - type: string - provider: - description: Provider type - enum: - - s3 - type: string - secret_key: - description: S3 secret key - maxLength: 4096 - pattern: ^[A-Za-z0-9/+=]+$ - type: string - required: - - access_key - - bucket_url - - provider - - secret_key - type: object - google_analytics_ua_id: - description: Google Analytics ID - maxLength: 64 - pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ - type: string - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - metrics_enabled: - description: Enable Grafana /metrics endpoint - type: boolean - oauth_allow_insecure_email_lookup: - description: - Enforce user lookup based on email instead of the - unique ID provided by the IdP - type: boolean - private_access: - description: - Allow access to selected service ports from private - networks - properties: - grafana: - description: - Allow clients to connect to grafana with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - grafana: - description: Enable grafana - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - grafana: - description: - Allow clients to connect to grafana from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - smtp_server: - description: SMTP server settings - properties: - from_address: - description: Address used for sending emails - maxLength: 319 - pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ - type: string - from_name: - description: Name used in outgoing emails, defaults to Grafana - maxLength: 128 - pattern: ^[^\x00-\x1F]+$ - type: string - host: - description: Server hostname or IP - maxLength: 255 - type: string - password: - description: Password for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ - type: string - port: - description: SMTP server port - maximum: 65535 - minimum: 1 - type: integer - skip_verify: - description: - Skip verifying server certificate. Defaults to - false - type: boolean - starttls_policy: - description: - Either OpportunisticStartTLS, MandatoryStartTLS - or NoStartTLS. Default is OpportunisticStartTLS. - enum: - - OpportunisticStartTLS - - MandatoryStartTLS - - NoStartTLS + description: Description for IP filter list entry + maxLength: 1024 type: string - username: - description: Username for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + network: + description: CIDR address block + maxLength: 43 type: string required: - - from_address - - host - - port + - network type: object - static_ips: - description: Use static public IP addresses - type: boolean - unified_alerting_enabled: - description: - Enable or disable Grafana unified alerting functionality. - By default this is enabled and any legacy alerts will be migrated - on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled - to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ - for more details. - type: boolean - user_auto_assign_org: - description: - Auto-assign new users on signup to main organization. - Defaults to false - type: boolean - user_auto_assign_org_role: - description: Set role for new signups. Defaults to Viewer - enum: - - Viewer - - Admin - - Editor - type: string - viewers_can_edit: - description: - Users with view-only permission can edit but not - save dashboards - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + metrics_enabled: + description: Enable Grafana /metrics endpoint + type: boolean + oauth_allow_insecure_email_lookup: + description: Enforce user lookup based on email instead of the + unique ID provided by the IdP + type: boolean + private_access: + description: Allow access to selected service ports from private + networks properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + grafana: + description: Allow clients to connect to grafana with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + grafana: + description: Enable grafana + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + grafana: + description: Allow clients to connect to grafana from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + smtp_server: + description: SMTP server settings + properties: + from_address: + description: Address used for sending emails + maxLength: 319 + pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + from_name: + description: Name used in outgoing emails, defaults to Grafana + maxLength: 128 + pattern: ^[^\x00-\x1F]+$ type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + host: + description: Server hostname or IP + maxLength: 255 type: string - status: - description: status of the condition, one of True, False, Unknown. + password: + description: Password for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + port: + description: SMTP server port + maximum: 65535 + minimum: 1 + type: integer + skip_verify: + description: Skip verifying server certificate. Defaults to + false + type: boolean + starttls_policy: + description: Either OpportunisticStartTLS, MandatoryStartTLS + or NoStartTLS. Default is OpportunisticStartTLS. enum: - - "True" - - "False" - - Unknown + - OpportunisticStartTLS + - MandatoryStartTLS + - NoStartTLS type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + username: + description: Username for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - from_address + - host + - port type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + static_ips: + description: Use static public IP addresses + type: boolean + unified_alerting_enabled: + description: Enable or disable Grafana unified alerting functionality. + By default this is enabled and any legacy alerts will be migrated + on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled + to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ + for more details. + type: boolean + user_auto_assign_org: + description: Auto-assign new users on signup to main organization. + Defaults to false + type: boolean + user_auto_assign_org_role: + description: Set role for new signups. Defaults to Viewer + enum: + - Viewer + - Admin + - Editor + type: string + viewers_can_edit: + description: Users with view-only permission can edit but not + save dashboards + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml index 6f031472..30e2e2b5 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml @@ -15,176 +15,167 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: Conditions represent the latest available observations + of an KafkaACL state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: - Conditions represent the latest available observations - of an KafkaACL state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml index 91871b0b..2058658f 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml @@ -15,223 +15,212 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: - The connector specific configuration To build config - values from secret the template function {{`{{ fromSecret "name" "key" - }}`}} is provided when interpreting the keys - type: object - required: - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: - Conditions represent the latest available observations - of an kafka connector state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - pluginStatus: - description: - PluginStatus contains metadata about the configured connector - plugin + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: The connector specific configuration To build config + values from secret the template function {{`{{ fromSecret "name" "key" + }}`}} is provided when interpreting the keys + type: object + required: + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: Conditions represent the latest available observations + of an kafka connector state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - author: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - class: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - docUrl: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - title: + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer required: - - total + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + pluginStatus: + description: PluginStatus contains metadata about the configured connector + plugin + properties: + author: + type: string + class: + type: string + docUrl: + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - author + - class + - docUrl + - title + - type + - version + type: object + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml index 8ff70dac..2abf81ff 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml @@ -15,468 +15,426 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - key: - minLength: 1 + integrationType: + enum: + - read_replica type: string - name: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - key - - name + - integrationType + - sourceServiceName type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: KafkaConnect specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: KafkaConnect specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka_connect: - description: Kafka Connect configuration values + maxItems: 1 + type: array + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - connector_client_config_override_policy: - description: - Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: - What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest - type: string - consumer_fetch_max_bytes: - description: - Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: - Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + description: + description: Description for IP filter list entry + maxLength: 1024 type: string - consumer_max_partition_fetch_bytes: - description: - Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: - The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: - The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: - The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: - Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: - This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: - The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + network: + description: CIDR address block + maxLength: 43 type: string - producer_linger_ms: - description: - "This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will 'linger' - for the specified time waiting for more records to show - up. Defaults to 0." - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: - This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: - The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: - The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - private_access: - description: - Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: - Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - prometheus: - description: Enable prometheus - type: boolean + required: + - network type: object - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: - Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + kafka_connect: + description: Kafka Connect configuration values properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + connector_client_config_override_policy: + description: Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + consumer_auto_offset_reset: + description: What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 + consumer_fetch_max_bytes: + description: Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + consumer_isolation_level: + description: Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. enum: - - "True" - - "False" - - Unknown + - read_uncommitted + - read_committed type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + consumer_max_partition_fetch_bytes: + description: Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + producer_linger_ms: + description: 'This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will ''linger'' + for the specified time waiting for more records to show + up. Defaults to 0.' + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + private_access: + description: Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml index ea73fcba..d359f376 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml @@ -15,1069 +15,966 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, - `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, - `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, - `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, + `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, + `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: - Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - aiven_kafka_topic_messages: - description: - Allow access to read Kafka topic messages in the - Aiven Console and REST API. - type: boolean - custom_domain: - description: - Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka: - description: Kafka broker configuration values - properties: - auto_create_topics_enable: - description: Enable auto creation of topics - type: boolean - compression_type: - description: - Specify the final compression type for a given - topic. This configuration accepts the standard compression - codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally - accepts 'uncompressed' which is equivalent to no compression; - and 'producer' which means retain the original compression - codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: - "Idle connections timeout: the server socket - processor threads close the connections that idle for longer - than this." - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: Replication factor for autocreated topics - maximum: 10 - minimum: 1 - type: integer - group_initial_rebalance_delay_ms: - description: - The amount of time, in milliseconds, the group - coordinator will wait for more consumers to join a new group - before performing the first rebalance. A longer delay means - potentially fewer rebalances, but increases the time until - processing begins. The default value for this is 3 seconds. - During development and testing it might be desirable to - set this to 0 in order to not delay test execution time. - maximum: 300000 - minimum: 0 - type: integer - group_max_session_timeout_ms: - description: - The maximum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: - The minimum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: How long are delete records retained? - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: - The maximum amount of time message will remain - uncompacted. Only applicable for logs that are being compacted - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: - Controls log compactor frequency. Larger value - means more frequent compactions but also more space wasted - for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - maximum: 0.9 - minimum: 0.2 - type: number - log_cleaner_min_compaction_lag_ms: - description: - The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. - minimum: 0 - type: integer - log_cleanup_policy: - description: - The default cleanup policy for segments beyond - the retention window - enum: - - delete - - compact - - compact,delete - type: string - log_flush_interval_messages: - description: - The number of messages accumulated on a log partition - before messages are flushed to disk - minimum: 1 - type: integer - log_flush_interval_ms: - description: - The maximum time in ms that a message in any - topic is kept in memory before flushed to disk. If not set, - the value in log.flush.scheduler.interval.ms is used - minimum: 0 - type: integer - log_index_interval_bytes: - description: - The interval with which Kafka adds an entry to - the offset index - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: The maximum size in bytes of the offset index - maximum: 104857600 - minimum: 1048576 - type: integer - log_local_retention_bytes: - description: - The maximum size of local log segments that can - grow for a partition before it gets eligible for deletion. - If set to -2, the value of log.retention.bytes is used. - The effective value should always be less than or equal - to log.retention.bytes value. - minimum: -2 - type: integer - log_local_retention_ms: - description: - The number of milliseconds to keep the local - log segments before it gets eligible for deletion. If set - to -2, the value of log.retention.ms is used. The effective - value should always be less than or equal to log.retention.ms - value. - minimum: -2 - type: integer - log_message_downconversion_enable: - description: - This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: - The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message - minimum: 0 - type: integer - log_message_timestamp_type: - description: - Define whether the timestamp in the message is - message create time or log append time. - enum: - - CreateTime - - LogAppendTime - type: string - log_preallocate: - description: Should pre allocate file when create new segment? - type: boolean - log_retention_bytes: - description: The maximum size of the log before deleting messages - minimum: -1 - type: integer - log_retention_hours: - description: - The number of hours to keep a log file before - deleting it - maximum: 2147483647 - minimum: -1 - type: integer - log_retention_ms: - description: - The number of milliseconds to keep a log file - before deleting it (in milliseconds), If not set, the value - in log.retention.minutes is used. If set to -1, no time - limit is applied. - minimum: -1 - type: integer - log_roll_jitter_ms: - description: - The maximum jitter to subtract from logRollTimeMillis - (in milliseconds). If not set, the value in log.roll.jitter.hours - is used - minimum: 0 - type: integer - log_roll_ms: - description: - The maximum time before a new log segment is - rolled out (in milliseconds). - minimum: 1 - type: integer - log_segment_bytes: - description: The maximum size of a single log file - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: - The amount of time to wait before deleting a - file from the filesystem - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: - The maximum number of connections allowed from - each ip address (defaults to 2147483647). - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: - The maximum number of incremental fetch sessions - that the broker will maintain. - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: - The maximum size of message that the server can - receive. - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: - When a producer sets acks to 'all' (or '-1'), - min.insync.replicas specifies the minimum number of replicas - that must acknowledge a write for the write to be considered - successful. - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: Number of partitions for autocreated topics - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: Log retention window in minutes for offsets topic - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: - The purge interval (in number of requests) of - the producer request purgatory(defaults to 1000). - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: - The number of bytes of messages to attempt to - fetch for each partition (defaults to 1048576). This is - not an absolute maximum, if the first record batch in the - first non-empty partition of the fetch is larger than this - value, the record batch will still be returned to ensure - that progress can be made. - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: - Maximum bytes expected for the entire fetch response - (defaults to 10485760). Records are fetched in batches, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that progress can be made. - As such, this is not an absolute maximum. - maximum: 1048576000 - minimum: 10485760 - type: integer - sasl_oauthbearer_expected_audience: - description: - The (optional) comma-delimited setting for the - broker to use to verify that the JWT was issued for one - of the expected audiences. - maxLength: 128 - type: string - sasl_oauthbearer_expected_issuer: - description: - Optional setting for the broker to use to verify - that the JWT was created by the expected issuer. - maxLength: 128 - type: string - sasl_oauthbearer_jwks_endpoint_url: - description: - OIDC JWKS endpoint URL. By setting this the SASL - SSL OAuth2/OIDC authentication is enabled. See also other - options for SASL OAuth2/OIDC. - maxLength: 2048 - type: string - sasl_oauthbearer_sub_claim_name: - description: - Name of the scope from which to extract the subject - claim from the JWT. Defaults to sub. - maxLength: 128 - type: string - socket_request_max_bytes: - description: - The maximum number of bytes in a socket request - (defaults to 104857600). - maximum: 209715200 - minimum: 10485760 - type: integer - transaction_partition_verification_enable: - description: - Enable verification that checks that the partition - has been added to the transaction before writing transactional - records to the partition - type: boolean - transaction_remove_expired_transaction_cleanup_interval_ms: - description: - The interval at which to remove transactions - that have expired due to transactional.id.expiration.ms - passing (defaults to 3600000 (1 hour)). - maximum: 3600000 - minimum: 600000 - type: integer - transaction_state_log_segment_bytes: - description: - The transaction topic segment bytes should be - kept relatively small in order to facilitate faster log - compaction and cache loads (defaults to 104857600 (100 mebibytes)). - maximum: 2147483647 - minimum: 1048576 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean - type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_config: - description: Kafka Connect configuration values - properties: - connector_client_config_override_policy: - description: - Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: - What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest - type: string - consumer_fetch_max_bytes: - description: - Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: - Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed - type: string - consumer_max_partition_fetch_bytes: - description: - Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: - The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: - The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: - The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: - Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: - This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: - The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none - type: string - producer_linger_ms: - description: - "This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will 'linger' - for the specified time waiting for more records to show - up. Defaults to 0." - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: - This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: - The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: - The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_authorization: - description: Enable authorization in Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration + maxItems: 1 + type: array + aiven_kafka_topic_messages: + description: Allow access to read Kafka topic messages in the + Aiven Console and REST API. + type: boolean + custom_domain: + description: Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - consumer_enable_auto_commit: - description: - If true the consumer's offset will be periodically - committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: - Maximum number of bytes in unencoded message - keys and values by a single request - maximum: 671088640 - minimum: 0 - type: integer - consumer_request_timeout_ms: - description: - The maximum total time to wait for messages for - a request if the maximum number of messages has not yet - been reached - enum: - - 1000 - - 15000 - - 30000 - maximum: 30000 - minimum: 1000 - type: integer - name_strategy_validation: - description: - If true, validate that given schema is registered - under expected subject name by the used name strategy when - producing messages. - type: boolean - producer_acks: - description: - The number of acknowledgments the producer requires - the leader to have received before considering a request - complete. If set to 'all' or '-1', the leader will wait - for the full set of in-sync replicas to acknowledge the - record. - enum: - - all - - "-1" - - "0" - - "1" - type: string - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + description: + description: Description for IP filter list entry + maxLength: 1024 type: string - producer_linger_ms: - description: - Wait for up to the given delay to allow batching - records together - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: - The maximum size of a request in bytes. Note - that Kafka broker can also cap the record batch size. - maximum: 2147483647 - minimum: 0 - type: integer - simpleconsumer_pool_size_max: - description: - Maximum number of SimpleConsumers that can be - instantiated per broker - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - enum: - - "3.3" - - "3.1" - - "3.4" - - "3.5" - - "3.6" - type: string - private_access: - description: - Allow access to selected service ports from private - networks - properties: - kafka: - description: - Allow clients to connect to kafka with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - kafka_connect: - description: - Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - kafka_rest: - description: - Allow clients to connect to kafka_rest with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - schema_registry: - description: - Allow clients to connect to schema_registry with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka: - description: Enable kafka - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - kafka_rest: - description: Enable kafka_rest - type: boolean - prometheus: - description: Enable prometheus - type: boolean - schema_registry: - description: Enable schema_registry - type: boolean - type: object - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - kafka: - description: - Allow clients to connect to kafka from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - kafka_connect: - description: - Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_rest: - description: - Allow clients to connect to kafka_rest from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - schema_registry: - description: - Allow clients to connect to schema_registry from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: - If true, Karapace / Schema Registry on the service - nodes can participate in leader election. It might be needed - to disable this when the schemas topic is replicated to - a secondary cluster and Karapace / Schema Registry there - must not participate in leader election. Defaults to `true`. - type: boolean - topic_name: - description: - The durable single partition topic that acts - as the durable log for the data. This topic must be compacted - to avoid losing data due to retention policy. Please note - that changing this configuration in an existing Schema Registry - / Karapace setup leads to previous schemas being inaccessible, - data encoded with them potentially unreadable and schema - ID sequence put out of order. It's only possible to do the - switch while Schema Registry / Karapace is disabled. Defaults - to `_schemas`. - maxLength: 249 - minLength: 1 + network: + description: CIDR address block + maxLength: 43 type: string + required: + - network type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - tiered_storage: - description: Tiered storage configuration - properties: - enabled: - description: Whether to enable the tiered storage functionality - type: boolean - local_cache: - description: Deprecated. Local cache configuration - properties: - size: - description: Deprecated. Local cache size in bytes - maximum: 107374182400 - minimum: 1 - type: integer - type: object - type: object - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + kafka: + description: Kafka broker configuration values properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + auto_create_topics_enable: + description: Enable auto creation of topics + type: boolean + compression_type: + description: Specify the final compression type for a given + topic. This configuration accepts the standard compression + codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally + accepts 'uncompressed' which is equivalent to no compression; + and 'producer' which means retain the original compression + codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + connections_max_idle_ms: + description: 'Idle connections timeout: the server socket + processor threads close the connections that idle for longer + than this.' + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: Replication factor for autocreated topics + maximum: 10 + minimum: 1 + type: integer + group_initial_rebalance_delay_ms: + description: The amount of time, in milliseconds, the group + coordinator will wait for more consumers to join a new group + before performing the first rebalance. A longer delay means + potentially fewer rebalances, but increases the time until + processing begins. The default value for this is 3 seconds. + During development and testing it might be desirable to + set this to 0 in order to not delay test execution time. + maximum: 300000 + minimum: 0 + type: integer + group_max_session_timeout_ms: + description: The maximum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: The minimum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: How long are delete records retained? + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: The maximum amount of time message will remain + uncompacted. Only applicable for logs that are being compacted + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: Controls log compactor frequency. Larger value + means more frequent compactions but also more space wasted + for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + maximum: 0.9 + minimum: 0.2 + type: number + log_cleaner_min_compaction_lag_ms: + description: The minimum time a message will remain uncompacted + in the log. Only applicable for logs that are being compacted. + minimum: 0 + type: integer + log_cleanup_policy: + description: The default cleanup policy for segments beyond + the retention window + enum: + - delete + - compact + - compact,delete type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + log_flush_interval_messages: + description: The number of messages accumulated on a log partition + before messages are flushed to disk + minimum: 1 + type: integer + log_flush_interval_ms: + description: The maximum time in ms that a message in any + topic is kept in memory before flushed to disk. If not set, + the value in log.flush.scheduler.interval.ms is used minimum: 0 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + log_index_interval_bytes: + description: The interval with which Kafka adds an entry to + the offset index + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: The maximum size in bytes of the offset index + maximum: 104857600 + minimum: 1048576 + type: integer + log_local_retention_bytes: + description: The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer + log_message_downconversion_enable: + description: This configuration controls whether down-conversion + of message formats is enabled to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: The maximum difference allowed between the timestamp + when a broker receives a message and the timestamp specified + in the message + minimum: 0 + type: integer + log_message_timestamp_type: + description: Define whether the timestamp in the message is + message create time or log append time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: Should pre allocate file when create new segment? + type: boolean + log_retention_bytes: + description: The maximum size of the log before deleting messages + minimum: -1 + type: integer + log_retention_hours: + description: The number of hours to keep a log file before + deleting it + maximum: 2147483647 + minimum: -1 + type: integer + log_retention_ms: + description: The number of milliseconds to keep a log file + before deleting it (in milliseconds), If not set, the value + in log.retention.minutes is used. If set to -1, no time + limit is applied. + minimum: -1 + type: integer + log_roll_jitter_ms: + description: The maximum jitter to subtract from logRollTimeMillis + (in milliseconds). If not set, the value in log.roll.jitter.hours + is used + minimum: 0 + type: integer + log_roll_ms: + description: The maximum time before a new log segment is + rolled out (in milliseconds). + minimum: 1 + type: integer + log_segment_bytes: + description: The maximum size of a single log file + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: The amount of time to wait before deleting a + file from the filesystem + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: The maximum number of connections allowed from + each ip address (defaults to 2147483647). + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: The maximum number of incremental fetch sessions + that the broker will maintain. + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: The maximum size of message that the server can + receive. + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: When a producer sets acks to 'all' (or '-1'), + min.insync.replicas specifies the minimum number of replicas + that must acknowledge a write for the write to be considered + successful. + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: Number of partitions for autocreated topics + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: Log retention window in minutes for offsets topic + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: The purge interval (in number of requests) of + the producer request purgatory(defaults to 1000). + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: The number of bytes of messages to attempt to + fetch for each partition (defaults to 1048576). This is + not an absolute maximum, if the first record batch in the + first non-empty partition of the fetch is larger than this + value, the record batch will still be returned to ensure + that progress can be made. + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: Maximum bytes expected for the entire fetch response + (defaults to 10485760). Records are fetched in batches, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that progress can be made. + As such, this is not an absolute maximum. + maximum: 1048576000 + minimum: 10485760 + type: integer + sasl_oauthbearer_expected_audience: + description: The (optional) comma-delimited setting for the + broker to use to verify that the JWT was issued for one + of the expected audiences. + maxLength: 128 + type: string + sasl_oauthbearer_expected_issuer: + description: Optional setting for the broker to use to verify + that the JWT was created by the expected issuer. + maxLength: 128 + type: string + sasl_oauthbearer_jwks_endpoint_url: + description: OIDC JWKS endpoint URL. By setting this the SASL + SSL OAuth2/OIDC authentication is enabled. See also other + options for SASL OAuth2/OIDC. + maxLength: 2048 type: string - status: - description: status of the condition, one of True, False, Unknown. + sasl_oauthbearer_sub_claim_name: + description: Name of the scope from which to extract the subject + claim from the JWT. Defaults to sub. + maxLength: 128 + type: string + socket_request_max_bytes: + description: The maximum number of bytes in a socket request + (defaults to 104857600). + maximum: 209715200 + minimum: 10485760 + type: integer + transaction_partition_verification_enable: + description: Enable verification that checks that the partition + has been added to the transaction before writing transactional + records to the partition + type: boolean + transaction_remove_expired_transaction_cleanup_interval_ms: + description: The interval at which to remove transactions + that have expired due to transactional.id.expiration.ms + passing (defaults to 3600000 (1 hour)). + maximum: 3600000 + minimum: 600000 + type: integer + transaction_state_log_segment_bytes: + description: The transaction topic segment bytes should be + kept relatively small in order to facilitate faster log + compaction and cache loads (defaults to 104857600 (100 mebibytes)). + maximum: 2147483647 + minimum: 1048576 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: Defines what client configurations can be overridden + by the connector. Default is None enum: - - "True" - - "False" - - Unknown + - None + - All type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + consumer_auto_offset_reset: + description: What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + consumer_max_partition_fetch_bytes: + description: Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: 'This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will ''linger'' + for the specified time waiting for more records to show + up. Defaults to 0.' + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_authorization: + description: Enable authorization in Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: If true the consumer's offset will be periodically + committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: Maximum number of bytes in unencoded message + keys and values by a single request + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: The maximum total time to wait for messages for + a request if the maximum number of messages has not yet + been reached + enum: + - 1000 + - 15000 + - 30000 + maximum: 30000 + minimum: 1000 + type: integer + name_strategy_validation: + description: If true, validate that given schema is registered + under expected subject name by the used name strategy when + producing messages. + type: boolean + producer_acks: + description: The number of acknowledgments the producer requires + the leader to have received before considering a request + complete. If set to 'all' or '-1', the leader will wait + for the full set of in-sync replicas to acknowledge the + record. + enum: + - all + - "-1" + - "0" + - "1" + type: string + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: Wait for up to the given delay to allow batching + records together + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: The maximum size of a request in bytes. Note + that Kafka broker can also cap the record batch size. + maximum: 2147483647 + minimum: 0 + type: integer + simpleconsumer_pool_size_max: + description: Maximum number of SimpleConsumers that can be + instantiated per broker + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + enum: + - "3.3" + - "3.1" + - "3.4" + - "3.5" + - "3.6" + type: string + private_access: + description: Allow access to selected service ports from private + networks + properties: + kafka: + description: Allow clients to connect to kafka with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + kafka_connect: + description: Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + kafka_rest: + description: Allow clients to connect to kafka_rest with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + schema_registry: + description: Allow clients to connect to schema_registry with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka: + description: Enable kafka + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + kafka_rest: + description: Enable kafka_rest + type: boolean + prometheus: + description: Enable prometheus + type: boolean + schema_registry: + description: Enable schema_registry + type: boolean + type: object + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + kafka: + description: Allow clients to connect to kafka from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + kafka_connect: + description: Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_rest: + description: Allow clients to connect to kafka_rest from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + schema_registry: + description: Allow clients to connect to schema_registry from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: If true, Karapace / Schema Registry on the service + nodes can participate in leader election. It might be needed + to disable this when the schemas topic is replicated to + a secondary cluster and Karapace / Schema Registry there + must not participate in leader election. Defaults to `true`. + type: boolean + topic_name: + description: The durable single partition topic that acts + as the durable log for the data. This topic must be compacted + to avoid losing data due to retention policy. Please note + that changing this configuration in an existing Schema Registry + / Karapace setup leads to previous schemas being inaccessible, + data encoded with them potentially unreadable and schema + ID sequence put out of order. It's only possible to do the + switch while Schema Registry / Karapace is disabled. Defaults + to `_schemas`. + maxLength: 249 + minLength: 1 + type: string + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + tiered_storage: + description: Tiered storage configuration + properties: + enabled: + description: Whether to enable the tiered storage functionality + type: boolean + local_cache: + description: Deprecated. Local cache configuration + properties: + size: + description: Deprecated. Local cache size in bytes + maximum: 107374182400 + minimum: 1 + type: integer + type: object + type: object + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml index ffb7aa2e..e96a87bc 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml @@ -15,181 +15,171 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: Conditions represent the latest available observations + of an KafkaSchema state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: - Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: - Conditions represent the latest available observations - of an KafkaSchema state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml index dbddcef8..b48be5eb 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml @@ -15,291 +15,280 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + config: + description: Kafka topic configuration + properties: + cleanup_policy: + description: cleanup.policy value + type: string + compression_type: + description: compression.type value + type: string + delete_retention_ms: + description: delete.retention.ms value + format: int64 + type: integer + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value + type: string + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value + type: string + min_cleanable_dirty_ratio: + description: min.cleanable.dirty.ratio value + type: number + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer + type: object + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: properties: key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 minLength: 1 type: string - name: - minLength: 1 + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 type: string required: - - key - - name + - key type: object - config: - description: Kafka topic configuration + type: array + termination_protection: + description: It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + topicName: + description: Topic name. If provided, is used instead of metadata.name. + This field supports additional characters, has a longer length, + and will replace metadata.name in future releases + maxLength: 249 + minLength: 1 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: Conditions represent the latest available observations + of an KafkaTopic state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - cleanup_policy: - description: cleanup.policy value + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - compression_type: - description: compression.type value + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. format: int64 + minimum: 0 type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - min_cleanable_dirty_ratio: - description: min.cleanable.dirty.ratio value - type: number - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: - properties: - key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 - minLength: 1 - type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 - type: string - required: - - key - type: object - type: array - termination_protection: - description: - It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - topicName: - description: - Topic name. If provided, is used instead of metadata.name. - This field supports additional characters, has a longer length, - and will replace metadata.name in future releases - maxLength: 249 - minLength: 1 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: - Conditions represent the latest available observations - of an KafkaTopic state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml index d9232633..635c30b8 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml @@ -15,735 +15,658 @@ spec: singular: mysql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MySQL is the Schema for the mysqls API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: MySQLSpec defines the desired state of MySQL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, - `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MySQL is the Schema for the mysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MySQLSpec defines the desired state of MySQL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: MySQL specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + admin_username: + description: Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: MySQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - admin_password: - description: - Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: - Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - backup_hour: - description: - The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: - The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - binlog_retention_period: - description: - The minimum amount of time in seconds to keep binlog - entries before deletion. This may be extended for services that - require binlog entries for longer than the default for example - if using the MySQL Debezium Kafka connector. - maximum: 86400 - minimum: 600 - type: integer - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: - Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: - Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: - The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: - Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: - Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: - The server where to migrate data from is secured - with SSL - type: boolean - username: - description: - User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - mysql: - description: mysql.conf configuration values + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + binlog_retention_period: + description: The minimum amount of time in seconds to keep binlog + entries before deletion. This may be extended for services that + require binlog entries for longer than the default for example + if using the MySQL Debezium Kafka connector. + maximum: 86400 + minimum: 600 + type: integer + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - connect_timeout: - description: - The number of seconds that the mysqld server - waits for a connect packet before responding with Bad handshake - maximum: 3600 - minimum: 2 - type: integer - default_time_zone: - description: - Default server time zone as an offset from UTC - (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to - use the MySQL server default. - maxLength: 100 - minLength: 2 - type: string - group_concat_max_len: - description: - The maximum permitted result length in bytes - for the GROUP_CONCAT() function. - minimum: 4 - type: integer - information_schema_stats_expiry: - description: - The time, in seconds, before cached statistics - expire - maximum: 31536000 - minimum: 900 - type: integer - innodb_change_buffer_max_size: - description: - Maximum size for the InnoDB change buffer, as - a percentage of the total size of the buffer pool. Default - is 25 - maximum: 50 - minimum: 0 - type: integer - innodb_flush_neighbors: - description: - "Specifies whether flushing a page from the InnoDB - buffer pool also flushes other dirty pages in the same extent - (default is 1): 0 - dirty pages in the same extent are not - flushed, 1 - flush contiguous dirty pages in the same extent, 2 - - flush dirty pages in the same extent" - maximum: 2 - minimum: 0 - type: integer - innodb_ft_min_token_size: - description: - Minimum length of words that are stored in an - InnoDB FULLTEXT index. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 16 - minimum: 0 - type: integer - innodb_ft_server_stopword_table: - description: - This option is used to specify your own InnoDB - FULLTEXT index stopword list for all InnoDB tables. + description: + description: Description for IP filter list entry maxLength: 1024 - pattern: ^.+/.+$ type: string - innodb_lock_wait_timeout: - description: - The length of time in seconds an InnoDB transaction - waits for a row lock before giving up. Default is 120. - maximum: 3600 - minimum: 1 - type: integer - innodb_log_buffer_size: - description: - The size in bytes of the buffer that InnoDB uses - to write to the log files on disk. - maximum: 4294967295 - minimum: 1048576 - type: integer - innodb_online_alter_log_max_size: - description: - The upper limit in bytes on the size of the temporary - log files used during online DDL operations for InnoDB tables. - maximum: 1099511627776 - minimum: 65536 - type: integer - innodb_print_all_deadlocks: - description: - When enabled, information about all deadlocks - in InnoDB user transactions is recorded in the error log. - Disabled by default. - type: boolean - innodb_read_io_threads: - description: - The number of I/O threads for read operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - innodb_rollback_on_timeout: - description: - When enabled a transaction timeout causes InnoDB - to abort and roll back the entire transaction. Changing - this parameter will lead to a restart of the MySQL service. - type: boolean - innodb_thread_concurrency: - description: - Defines the maximum number of threads permitted - inside of InnoDB. Default is 0 (infinite concurrency - no - limit) - maximum: 1000 - minimum: 0 - type: integer - innodb_write_io_threads: - description: - The number of I/O threads for write operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - interactive_timeout: - description: - The number of seconds the server waits for activity - on an interactive connection before closing it. - maximum: 604800 - minimum: 30 - type: integer - internal_tmp_mem_storage_engine: - description: - The storage engine for in-memory internal temporary - tables. - enum: - - TempTable - - MEMORY + network: + description: CIDR address block + maxLength: 43 type: string - long_query_time: - description: - The slow_query_logs work as SQL statements that - take more than long_query_time seconds to execute. Default - is 10s - maximum: 3600 - minimum: 0 - type: number - max_allowed_packet: - description: - Size of the largest message in bytes that can - be received by the server. Default is 67108864 (64M) - maximum: 1073741824 - minimum: 102400 - type: integer - max_heap_table_size: - description: - Limits the size of internal in-memory tables. - Also set tmp_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - net_buffer_length: - description: - Start sizes of connection buffer and result buffer. - Default is 16384 (16K). Changing this parameter will lead - to a restart of the MySQL service. - maximum: 1048576 - minimum: 1024 - type: integer - net_read_timeout: - description: - The number of seconds to wait for more data from - a connection before aborting the read. - maximum: 3600 - minimum: 1 - type: integer - net_write_timeout: - description: - The number of seconds to wait for a block to - be written to a connection before aborting the write. - maximum: 3600 - minimum: 1 - type: integer - slow_query_log: - description: - Slow query log enables capturing of slow queries. - Setting slow_query_log to false also truncates the mysql.slow_log - table. Default is off - type: boolean - sort_buffer_size: - description: - Sort buffer size in bytes for ORDER BY optimization. - Default is 262144 (256K) - maximum: 1073741824 - minimum: 32768 - type: integer - sql_mode: - description: - Global SQL mode. Set to empty to use MySQL server - defaults. When creating a new service and not setting this - field Aiven default SQL mode (strict, SQL standard compliant) - will be assigned. - maxLength: 1024 - pattern: ^[A-Z_]*(,[A-Z_]+)*$ - type: string - sql_require_primary_key: - description: - Require primary key to be defined for new tables - or old tables modified with ALTER TABLE and fail if missing. - It is recommended to always have primary keys because various - functionality may break if any large table is missing them. - type: boolean - tmp_table_size: - description: - Limits the size of internal in-memory tables. - Also set max_heap_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - wait_timeout: - description: - The number of seconds the server waits for activity - on a noninteractive connection before closing it. - maximum: 2147483 - minimum: 1 - type: integer - type: object - mysql_version: - description: MySQL major version - enum: - - "8" - type: string - private_access: - description: - Allow access to selected service ports from private - networks - properties: - mysql: - description: - Allow clients to connect to mysql with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - mysqlx: - description: - Allow clients to connect to mysqlx with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - mysql: - description: Enable mysql - type: boolean - mysqlx: - description: Enable mysqlx - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - mysql: - description: - Allow clients to connect to mysql from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - mysqlx: - description: - Allow clients to connect to mysqlx from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + required: + - network type: object - recovery_target_time: - description: - Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + host: + description: Hostname or IP address of the server where to + migrate data from + maxLength: 255 type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + ignore_dbs: + description: Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: The server where to migrate data from is secured + with SSL + type: boolean + username: + description: User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + mysql: + description: mysql.conf configuration values + properties: + connect_timeout: + description: The number of seconds that the mysqld server + waits for a connect packet before responding with Bad handshake + maximum: 3600 + minimum: 2 + type: integer + default_time_zone: + description: Default server time zone as an offset from UTC + (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to + use the MySQL server default. + maxLength: 100 + minLength: 2 + type: string + group_concat_max_len: + description: The maximum permitted result length in bytes + for the GROUP_CONCAT() function. + minimum: 4 + type: integer + information_schema_stats_expiry: + description: The time, in seconds, before cached statistics + expire + maximum: 31536000 + minimum: 900 + type: integer + innodb_change_buffer_max_size: + description: Maximum size for the InnoDB change buffer, as + a percentage of the total size of the buffer pool. Default + is 25 + maximum: 50 minimum: 0 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. + innodb_flush_neighbors: + description: 'Specifies whether flushing a page from the InnoDB + buffer pool also flushes other dirty pages in the same extent + (default is 1): 0 - dirty pages in the same extent are not + flushed, 1 - flush contiguous dirty pages in the same extent, 2 + - flush dirty pages in the same extent' + maximum: 2 + minimum: 0 + type: integer + innodb_ft_min_token_size: + description: Minimum length of words that are stored in an + InnoDB FULLTEXT index. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 16 + minimum: 0 + type: integer + innodb_ft_server_stopword_table: + description: This option is used to specify your own InnoDB + FULLTEXT index stopword list for all InnoDB tables. maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + pattern: ^.+/.+$ type: string - status: - description: status of the condition, one of True, False, Unknown. + innodb_lock_wait_timeout: + description: The length of time in seconds an InnoDB transaction + waits for a row lock before giving up. Default is 120. + maximum: 3600 + minimum: 1 + type: integer + innodb_log_buffer_size: + description: The size in bytes of the buffer that InnoDB uses + to write to the log files on disk. + maximum: 4294967295 + minimum: 1048576 + type: integer + innodb_online_alter_log_max_size: + description: The upper limit in bytes on the size of the temporary + log files used during online DDL operations for InnoDB tables. + maximum: 1099511627776 + minimum: 65536 + type: integer + innodb_print_all_deadlocks: + description: When enabled, information about all deadlocks + in InnoDB user transactions is recorded in the error log. + Disabled by default. + type: boolean + innodb_read_io_threads: + description: The number of I/O threads for read operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + innodb_rollback_on_timeout: + description: When enabled a transaction timeout causes InnoDB + to abort and roll back the entire transaction. Changing + this parameter will lead to a restart of the MySQL service. + type: boolean + innodb_thread_concurrency: + description: Defines the maximum number of threads permitted + inside of InnoDB. Default is 0 (infinite concurrency - no + limit) + maximum: 1000 + minimum: 0 + type: integer + innodb_write_io_threads: + description: The number of I/O threads for write operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + interactive_timeout: + description: The number of seconds the server waits for activity + on an interactive connection before closing it. + maximum: 604800 + minimum: 30 + type: integer + internal_tmp_mem_storage_engine: + description: The storage engine for in-memory internal temporary + tables. enum: - - "True" - - "False" - - Unknown + - TempTable + - MEMORY type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + long_query_time: + description: The slow_query_logs work as SQL statements that + take more than long_query_time seconds to execute. Default + is 10s + maximum: 3600 + minimum: 0 + type: number + max_allowed_packet: + description: Size of the largest message in bytes that can + be received by the server. Default is 67108864 (64M) + maximum: 1073741824 + minimum: 102400 + type: integer + max_heap_table_size: + description: Limits the size of internal in-memory tables. + Also set tmp_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + net_buffer_length: + description: Start sizes of connection buffer and result buffer. + Default is 16384 (16K). Changing this parameter will lead + to a restart of the MySQL service. + maximum: 1048576 + minimum: 1024 + type: integer + net_read_timeout: + description: The number of seconds to wait for more data from + a connection before aborting the read. + maximum: 3600 + minimum: 1 + type: integer + net_write_timeout: + description: The number of seconds to wait for a block to + be written to a connection before aborting the write. + maximum: 3600 + minimum: 1 + type: integer + slow_query_log: + description: Slow query log enables capturing of slow queries. + Setting slow_query_log to false also truncates the mysql.slow_log + table. Default is off + type: boolean + sort_buffer_size: + description: Sort buffer size in bytes for ORDER BY optimization. + Default is 262144 (256K) + maximum: 1073741824 + minimum: 32768 + type: integer + sql_mode: + description: Global SQL mode. Set to empty to use MySQL server + defaults. When creating a new service and not setting this + field Aiven default SQL mode (strict, SQL standard compliant) + will be assigned. + maxLength: 1024 + pattern: ^[A-Z_]*(,[A-Z_]+)*$ type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + sql_require_primary_key: + description: Require primary key to be defined for new tables + or old tables modified with ALTER TABLE and fail if missing. + It is recommended to always have primary keys because various + functionality may break if any large table is missing them. + type: boolean + tmp_table_size: + description: Limits the size of internal in-memory tables. + Also set max_heap_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + wait_timeout: + description: The number of seconds the server waits for activity + on a noninteractive connection before closing it. + maximum: 2147483 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + mysql_version: + description: MySQL major version + enum: + - "8" + type: string + private_access: + description: Allow access to selected service ports from private + networks + properties: + mysql: + description: Allow clients to connect to mysql with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + mysqlx: + description: Allow clients to connect to mysqlx with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + mysql: + description: Enable mysql + type: boolean + mysqlx: + description: Enable mysqlx + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + mysql: + description: Allow clients to connect to mysql from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + mysqlx: + description: Allow clients to connect to mysqlx from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index 8a403e83..7fa9b0ac 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -15,1048 +15,946 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - custom_domain: - description: - Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - disable_replication_factor_adjustment: - description: - "DEPRECATED: Disable automatic replication factor - adjustment for multi-node services. By default, Aiven ensures - all indexes are replicated at least to two nodes. Note: Due - to potential data loss in case of losing a service node, this - setting can no longer be activated." - type: boolean - index_patterns: - description: Index patterns - items: - description: - "Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to - keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a - pattern looking like 'logs.?' and then create index logs.1, - logs.2 etc, it will delete logs.1 once you create logs.6. - Do note 'logs.?' does not apply to logs.10. Note: Setting - max_index_count to 0 will do nothing and the pattern gets - ignored." - properties: - max_index_count: - description: Maximum number of indexes to keep - minimum: 0 - type: integer - pattern: - description: fnmatch pattern - maxLength: 1024 - pattern: ^[A-Za-z0-9-_.*?]+$ - type: string - sorting_algorithm: - description: Deletion sorting algorithm - enum: - - alphabetical - - creation_date - type: string - required: - - max_index_count - - pattern - type: object - maxItems: 512 - type: array - index_template: - description: Template settings for all new indexes + maxItems: 1 + type: array + custom_domain: + description: Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: 'DEPRECATED: Disable automatic replication factor + adjustment for multi-node services. By default, Aiven ensures + all indexes are replicated at least to two nodes. Note: Due + to potential data loss in case of losing a service node, this + setting can no longer be activated.' + type: boolean + index_patterns: + description: Index patterns + items: + description: 'Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to + keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a + pattern looking like ''logs.?'' and then create index logs.1, + logs.2 etc, it will delete logs.1 once you create logs.6. + Do note ''logs.?'' does not apply to logs.10. Note: Setting + max_index_count to 0 will do nothing and the pattern gets + ignored.' properties: - mapping_nested_objects_limit: - description: - The maximum number of nested JSON objects that - a single document can contain across all nested types. This - limit helps to prevent out of memory errors when a document - contains too many nested objects. Default is 10000. - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: The number of replicas each primary shard has. - maximum: 29 + max_index_count: + description: Maximum number of indexes to keep minimum: 0 type: integer - number_of_shards: - description: - The number of primary shards that an index should - have. - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - keep_index_refresh_interval: - description: - Aiven automation resets index.refresh_interval to - default value for every index to be sure that indices are always - visible to search. If it doesn't fit your case, you can disable - this by setting up this flag to true. - type: boolean - max_index_count: - description: "DEPRECATED: use index_patterns instead" - minimum: 0 - type: integer - openid: - description: OpenSearch OpenID Connect Configuration - properties: - client_id: - description: - The ID of the OpenID Connect client configured - in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - client_secret: - description: - The client secret of the OpenID Connect client - configured in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - connect_url: - description: - The URL of your IdP where the Security plugin - can find the OpenID Connect metadata/configuration settings. - maxLength: 2048 - type: string - enabled: - description: - Enables or disables OpenID Connect authentication - for OpenSearch. When enabled, users can authenticate using - OpenID Connect with an Identity Provider. - type: boolean - header: - description: - HTTP header name of the JWT token. Optional. - Default is Authorization. - maxLength: 1024 - minLength: 1 - type: string - jwt_header: - description: - "The HTTP header that stores the token. Typically - the Authorization header with the Bearer schema: Authorization: - Bearer . Optional. Default is Authorization." - maxLength: 1024 - minLength: 1 - type: string - jwt_url_parameter: - description: - If the token is not transmitted in the HTTP header, - but as an URL parameter, define the name of the parameter - here. Optional. - maxLength: 1024 - minLength: 1 - type: string - refresh_rate_limit_count: - description: - The maximum number of unknown key IDs in the - time frame. Default is 10. Optional. - minimum: 10 - type: integer - refresh_rate_limit_time_window_ms: - description: - The time frame to use when checking the maximum - number of unknown key IDs, in milliseconds. Optional.Default - is 10000 (10 seconds). - minimum: 10000 - type: integer - roles_key: - description: - The key in the JSON payload that stores the user’s - roles. The value of this key must be a comma-separated list - of roles. Required only if you want to use roles in the - JWT - maxLength: 1024 - minLength: 1 - type: string - scope: - description: - The scope of the identity token issued by the - IdP. Optional. Default is openid profile email address phone. + pattern: + description: fnmatch pattern maxLength: 1024 - minLength: 1 + pattern: ^[A-Za-z0-9-_.*?]+$ type: string - subject_key: - description: - The key in the JSON payload that stores the user’s - name. If not defined, the subject registered claim is used. - Most IdP providers use the preferred_username claim. Optional. - maxLength: 1024 - minLength: 1 + sorting_algorithm: + description: Deletion sorting algorithm + enum: + - alphabetical + - creation_date type: string required: - - client_id - - client_secret - - connect_url - - enabled - type: object - opensearch: - description: OpenSearch settings - properties: - action_auto_create_index_enabled: - description: - Explicitly allow or block automatic creation - of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - auth_failure_listeners: - description: Opensearch Security Plugin Settings - properties: - internal_authentication_backend_limiting: - properties: - allowed_tries: - description: - The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 0 - type: integer - authentication_backend: - description: internal_authentication_backend_limiting.authentication_backend - enum: - - internal - maxLength: 1024 - type: string - block_expiry_seconds: - description: - The duration of time that login remains - blocked after a failed login - maximum: 2147483647 - minimum: 0 - type: integer - max_blocked_clients: - description: internal_authentication_backend_limiting.max_blocked_clients - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: - The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: - The window of time in which the value - for `allowed_tries` is enforced - maximum: 2147483647 - minimum: 0 - type: integer - type: - description: internal_authentication_backend_limiting.type - enum: - - username - maxLength: 1024 - type: string - type: object - ip_rate_limiting: - description: IP address rate limiting settings - properties: - allowed_tries: - description: - The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 1 - type: integer - block_expiry_seconds: - description: - The duration of time that login remains - blocked after a failed login - maximum: 36000 - minimum: 1 - type: integer - max_blocked_clients: - description: The maximum number of blocked IP addresses - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: - The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: - The window of time in which the value - for `allowed_tries` is enforced - maximum: 36000 - minimum: 1 - type: integer - type: - description: The type of rate limiting - enum: - - ip - maxLength: 1024 - type: string - type: object - type: object - cluster_max_shards_per_node: - description: - Controls the number of shards allowed in the - cluster per data node - maximum: 10000 - minimum: 100 - type: integer - cluster_routing_allocation_node_concurrent_recoveries: - description: - How many concurrent incoming/outgoing shard recoveries - (normally replicas) are allowed to happen on a node. Defaults - to 2. - maximum: 16 - minimum: 2 - type: integer - email_sender_name: - description: - Sender name placeholder to be used in Opensearch - Dashboards and Opensearch keystore - maxLength: 40 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - email_sender_password: - description: - Sender password for Opensearch alerts to authenticate - with SMTP server - maxLength: 1024 - pattern: ^[^\x00-\x1F]+$ - type: string - email_sender_username: - description: Sender username for Opensearch alerts - maxLength: 320 - pattern: ^[^\x00-\x1F]+$ - type: string - enable_security_audit: - description: Enable/Disable security audit - type: boolean - http_max_content_length: - description: - Maximum content length for HTTP requests to the - OpenSearch HTTP API, in bytes. - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: The max size of allowed headers, in bytes - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: The max length of an HTTP URL, in bytes - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: - Relative amount. Maximum amount of heap memory - used for field data cache. This is an expert setting; decreasing - the value too much will increase overhead of loading field - data; too much memory used for field data cache will decrease - amount of heap available for other operations. - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: - Percentage value. Default is 10%. Total amount - of heap used for indexing buffer, before writing segments - to disk. This is an expert setting. Too low value will slow - down indexing; too high value will increase indexing performance - but causes performance issues for query performance. - maximum: 40 - minimum: 3 - type: integer - indices_memory_max_index_buffer_size: - description: - Absolute value. Default is unbound. Doesn't work - without indices.memory.index_buffer_size. Maximum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - maximum hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_memory_min_index_buffer_size: - description: - Absolute value. Default is 48mb. Doesn't work - without indices.memory.index_buffer_size. Minimum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - minimal hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_queries_cache_size: - description: - Percentage value. Default is 10%. Maximum amount - of heap used for query cache. This is an expert setting. - Too low value will decrease query performance and increase - performance for other operations; too high value will cause - issues with other OpenSearch functionality. - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: - Maximum number of clauses Lucene BooleanQuery - can have. The default value (1024) is relatively high, and - increasing it may cause performance issues. Investigate - other approaches first before increasing this value. - maximum: 4096 - minimum: 64 - type: integer - indices_recovery_max_bytes_per_sec: - description: - Limits total inbound and outbound recovery traffic - for each node. Applies to both peer recoveries as well as - snapshot recoveries (i.e., restores from a snapshot). Defaults - to 40mb - maximum: 400 - minimum: 40 - type: integer - indices_recovery_max_concurrent_file_chunks: - description: - Number of file chunks sent in parallel for each - recovery. Defaults to 2. - maximum: 5 - minimum: 2 - type: integer - ism_enabled: - description: Specifies whether ISM is enabled or not - type: boolean - ism_history_enabled: - description: - Specifies whether audit history is enabled or - not. The logs from ISM are automatically indexed to a logs - document. - type: boolean - ism_history_max_age: - description: - The maximum age before rolling over the audit - history index in hours - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_max_docs: - description: - The maximum number of documents before rolling - over the audit history index. - minimum: 1 - type: integer - ism_history_rollover_check_period: - description: - The time between rollover checks for the audit - history index in hours. - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_rollover_retention_period: - description: How long audit history indices are kept in days. - maximum: 2147483647 - minimum: 1 - type: integer - override_main_response_version: - description: - Compatibility mode sets OpenSearch to report - its version as 7.10 so clients continue to work. Default - is false - type: boolean - reindex_remote_whitelist: - description: - Whitelisted addresses for reindexing. Changing - this value will cause all OpenSearch instances to restart. - items: - type: string - maxItems: 32 - type: array - script_max_compilations_rate: - description: - Script compilation circuit breaker limits the - number of inline script compilations within a period of - time. Default is use-context - maxLength: 1024 - type: string - search_max_buckets: - description: - Maximum number of aggregation buckets allowed - in a single response. OpenSearch default value is used when - this is not defined. - maximum: 1000000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: - "Limits the maximum amount of memory (in MiB) - the OpenSearch Dashboards process can use. This sets the - max_old_space_size option of the nodejs running the OpenSearch - Dashboards. Note: the memory reserved by OpenSearch Dashboards - is not available for OpenSearch." - maximum: 2048 - minimum: 64 - type: integer - opensearch_request_timeout: - description: - Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - maximum: 120000 - minimum: 5000 - type: integer - type: object - opensearch_version: - description: OpenSearch major version - enum: - - "1" - - "2" - type: string - private_access: - description: - Allow access to selected service ports from private - networks - properties: - opensearch: - description: - Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: - Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - prometheus: - description: Enable prometheus - type: boolean + - max_index_count + - pattern type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: - Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: - Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - saml: - description: OpenSearch SAML configuration + maxItems: 512 + type: array + index_template: + description: Template settings for all new indexes + properties: + mapping_nested_objects_limit: + description: The maximum number of nested JSON objects that + a single document can contain across all nested types. This + limit helps to prevent out of memory errors when a document + contains too many nested objects. Default is 10000. + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: The number of replicas each primary shard has. + maximum: 29 + minimum: 0 + type: integer + number_of_shards: + description: The number of primary shards that an index should + have. + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - enabled: - description: - Enables or disables SAML-based authentication - for OpenSearch. When enabled, users can authenticate using - SAML with an Identity Provider. - type: boolean - idp_entity_id: - description: - The unique identifier for the Identity Provider - (IdP) entity that is used for SAML authentication. This - value is typically provided by the IdP. - maxLength: 1024 - minLength: 1 - type: string - idp_metadata_url: - description: - The URL of the SAML metadata for the Identity - Provider (IdP). This is used to configure SAML-based authentication - with the IdP. - maxLength: 2048 - minLength: 1 - type: string - idp_pemtrustedcas_content: - description: - This parameter specifies the PEM-encoded root - certificate authority (CA) content for the SAML identity - provider (IdP) server verification. The root CA content - is used to verify the SSL/TLS certificate presented by the - server. - maxLength: 16384 - type: string - roles_key: - description: - Optional. Specifies the attribute in the SAML - response where role information is stored, if available. - Role attributes are not required for SAML authentication, - but can be included in SAML assertions by most Identity - Providers (IdPs) to determine user access levels or permissions. - maxLength: 256 - minLength: 1 - type: string - sp_entity_id: - description: - The unique identifier for the Service Provider - (SP) entity that is used for SAML authentication. This value - is typically provided by the SP. + description: + description: Description for IP filter list entry maxLength: 1024 - minLength: 1 type: string - subject_key: - description: - Optional. Specifies the attribute in the SAML - response where the subject identifier is stored. If not - configured, the NameID attribute is used by default. - maxLength: 256 - minLength: 1 + network: + description: CIDR address block + maxLength: 43 type: string required: - - enabled - - idp_entity_id - - idp_metadata_url - - sp_entity_id + - network type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + keep_index_refresh_interval: + description: Aiven automation resets index.refresh_interval to + default value for every index to be sure that indices are always + visible to search. If it doesn't fit your case, you can disable + this by setting up this flag to true. + type: boolean + max_index_count: + description: 'DEPRECATED: use index_patterns instead' + minimum: 0 + type: integer + openid: + description: OpenSearch OpenID Connect Configuration properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + client_id: + description: The ID of the OpenID Connect client configured + in your IdP. Required. + maxLength: 1024 + minLength: 1 type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + client_secret: + description: The client secret of the OpenID Connect client + configured in your IdP. Required. + maxLength: 1024 + minLength: 1 type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 + connect_url: + description: The URL of your IdP where the Security plugin + can find the OpenID Connect metadata/configuration settings. + maxLength: 2048 + type: string + enabled: + description: Enables or disables OpenID Connect authentication + for OpenSearch. When enabled, users can authenticate using + OpenID Connect with an Identity Provider. + type: boolean + header: + description: HTTP header name of the JWT token. Optional. + Default is Authorization. + maxLength: 1024 + minLength: 1 + type: string + jwt_header: + description: 'The HTTP header that stores the token. Typically + the Authorization header with the Bearer schema: Authorization: + Bearer . Optional. Default is Authorization.' + maxLength: 1024 + minLength: 1 + type: string + jwt_url_parameter: + description: If the token is not transmitted in the HTTP header, + but as an URL parameter, define the name of the parameter + here. Optional. + maxLength: 1024 + minLength: 1 + type: string + refresh_rate_limit_count: + description: The maximum number of unknown key IDs in the + time frame. Default is 10. Optional. + minimum: 10 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. + refresh_rate_limit_time_window_ms: + description: The time frame to use when checking the maximum + number of unknown key IDs, in milliseconds. Optional.Default + is 10000 (10 seconds). + minimum: 10000 + type: integer + roles_key: + description: The key in the JSON payload that stores the user’s + roles. The value of this key must be a comma-separated list + of roles. Required only if you want to use roles in the + JWT maxLength: 1024 minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + scope: + description: The scope of the identity token issued by the + IdP. Optional. Default is openid profile email address phone. + maxLength: 1024 + minLength: 1 type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + subject_key: + description: The key in the JSON payload that stores the user’s + name. If not defined, the subject registered claim is used. + Most IdP providers use the preferred_username claim. Optional. + maxLength: 1024 + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - client_id + - client_secret + - connect_url + - enabled type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + opensearch: + description: OpenSearch settings + properties: + action_auto_create_index_enabled: + description: Explicitly allow or block automatic creation + of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + enum: + - internal + maxLength: 1024 + type: string + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + enum: + - username + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + enum: + - ip + maxLength: 1024 + type: string + type: object + type: object + cluster_max_shards_per_node: + description: Controls the number of shards allowed in the + cluster per data node + maximum: 10000 + minimum: 100 + type: integer + cluster_routing_allocation_node_concurrent_recoveries: + description: How many concurrent incoming/outgoing shard recoveries + (normally replicas) are allowed to happen on a node. Defaults + to 2. + maximum: 16 + minimum: 2 + type: integer + email_sender_name: + description: Sender name placeholder to be used in Opensearch + Dashboards and Opensearch keystore + maxLength: 40 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + email_sender_password: + description: Sender password for Opensearch alerts to authenticate + with SMTP server + maxLength: 1024 + pattern: ^[^\x00-\x1F]+$ + type: string + email_sender_username: + description: Sender username for Opensearch alerts + maxLength: 320 + pattern: ^[^\x00-\x1F]+$ + type: string + enable_security_audit: + description: Enable/Disable security audit + type: boolean + http_max_content_length: + description: Maximum content length for HTTP requests to the + OpenSearch HTTP API, in bytes. + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: The max size of allowed headers, in bytes + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: The max length of an HTTP URL, in bytes + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: Relative amount. Maximum amount of heap memory + used for field data cache. This is an expert setting; decreasing + the value too much will increase overhead of loading field + data; too much memory used for field data cache will decrease + amount of heap available for other operations. + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: Percentage value. Default is 10%. Total amount + of heap used for indexing buffer, before writing segments + to disk. This is an expert setting. Too low value will slow + down indexing; too high value will increase indexing performance + but causes performance issues for query performance. + maximum: 40 + minimum: 3 + type: integer + indices_memory_max_index_buffer_size: + description: Absolute value. Default is unbound. Doesn't work + without indices.memory.index_buffer_size. Maximum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + maximum hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_memory_min_index_buffer_size: + description: Absolute value. Default is 48mb. Doesn't work + without indices.memory.index_buffer_size. Minimum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + minimal hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_queries_cache_size: + description: Percentage value. Default is 10%. Maximum amount + of heap used for query cache. This is an expert setting. + Too low value will decrease query performance and increase + performance for other operations; too high value will cause + issues with other OpenSearch functionality. + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: Maximum number of clauses Lucene BooleanQuery + can have. The default value (1024) is relatively high, and + increasing it may cause performance issues. Investigate + other approaches first before increasing this value. + maximum: 4096 + minimum: 64 + type: integer + indices_recovery_max_bytes_per_sec: + description: Limits total inbound and outbound recovery traffic + for each node. Applies to both peer recoveries as well as + snapshot recoveries (i.e., restores from a snapshot). Defaults + to 40mb + maximum: 400 + minimum: 40 + type: integer + indices_recovery_max_concurrent_file_chunks: + description: Number of file chunks sent in parallel for each + recovery. Defaults to 2. + maximum: 5 + minimum: 2 + type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer + override_main_response_version: + description: Compatibility mode sets OpenSearch to report + its version as 7.10 so clients continue to work. Default + is false + type: boolean + reindex_remote_whitelist: + description: Whitelisted addresses for reindexing. Changing + this value will cause all OpenSearch instances to restart. + items: + type: string + maxItems: 32 + type: array + script_max_compilations_rate: + description: Script compilation circuit breaker limits the + number of inline script compilations within a period of + time. Default is use-context + maxLength: 1024 + type: string + search_max_buckets: + description: Maximum number of aggregation buckets allowed + in a single response. OpenSearch default value is used when + this is not defined. + maximum: 1000000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: 'Limits the maximum amount of memory (in MiB) + the OpenSearch Dashboards process can use. This sets the + max_old_space_size option of the nodejs running the OpenSearch + Dashboards. Note: the memory reserved by OpenSearch Dashboards + is not available for OpenSearch.' + maximum: 2048 + minimum: 64 + type: integer + opensearch_request_timeout: + description: Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + enum: + - "1" + - "2" + type: string + private_access: + description: Allow access to selected service ports from private + networks + properties: + opensearch: + description: Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + saml: + description: OpenSearch SAML configuration + properties: + enabled: + description: Enables or disables SAML-based authentication + for OpenSearch. When enabled, users can authenticate using + SAML with an Identity Provider. + type: boolean + idp_entity_id: + description: The unique identifier for the Identity Provider + (IdP) entity that is used for SAML authentication. This + value is typically provided by the IdP. + maxLength: 1024 + minLength: 1 + type: string + idp_metadata_url: + description: The URL of the SAML metadata for the Identity + Provider (IdP). This is used to configure SAML-based authentication + with the IdP. + maxLength: 2048 + minLength: 1 + type: string + idp_pemtrustedcas_content: + description: This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string + roles_key: + description: Optional. Specifies the attribute in the SAML + response where role information is stored, if available. + Role attributes are not required for SAML authentication, + but can be included in SAML assertions by most Identity + Providers (IdPs) to determine user access levels or permissions. + maxLength: 256 + minLength: 1 + type: string + sp_entity_id: + description: The unique identifier for the Service Provider + (SP) entity that is used for SAML authentication. This value + is typically provided by the SP. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: Optional. Specifies the attribute in the SAML + response where the subject identifier is stored. If not + configured, the NameID attribute is used by default. + maxLength: 256 + minLength: 1 + type: string + required: + - enabled + - idp_entity_id + - idp_metadata_url + - sp_entity_id + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml index 75804c65..d22d4d69 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml @@ -15,1056 +15,951 @@ spec: singular: postgresql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: PostgreSQL is the Schema for the postgresql API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: PostgreSQLSpec defines the desired state of postgres instance - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: PostgreSQL is the Schema for the postgresql API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PostgreSQLSpec defines the desired state of postgres instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`' + properties: + annotations: + additionalProperties: type: string - name: - minLength: 1 + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, - `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + integrationType: + enum: + - read_replica type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + admin_username: + description: Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server properties: - integrationType: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) enum: - - read_replica + - dump + - replication type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + password: + description: Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: The server where to migrate data from is secured + with SSL + type: boolean + username: + description: User name for authentication with the server + where to migrate data from + maxLength: 256 type: string required: - - integrationType - - sourceServiceName + - host + - port + type: object + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: Controls the amount of detail written in the + server log for each message that is logged. + enum: + - TERSE + - DEFAULT + - VERBOSE + type: string + log_line_prefix: + description: Choose from one of the available log-formats. + These can support popular log analyzers like pgbadger, pganalyze + etc. + enum: + - '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' + - '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' + - '''%m [%p] %q[user=%u,db=%d,app=%a] ''' + type: string + log_min_duration_statement: + description: Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_monitor.pgsm_enable_query_plan: + description: Enables or disables query plan monitoring + type: boolean + pg_stat_monitor.pgsm_max_buckets: + description: Sets the maximum number of buckets + maximum: 10 + minimum: 1 + type: integer + pg_stat_statements.track: + description: Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - top + - none + type: string + temp_file_limit: + description: PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + type: string + track_activity_query_size: + description: Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: Enables tracking of function call counts and + time used. + enum: + - all + - pl + - none + type: string + track_io_timing: + description: Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_qualstats: + description: Deprecated. System-wide settings for the pg_qualstats + extension + properties: + enabled: + description: Deprecated. Enable / Disable pg_qualstats + type: boolean + min_err_estimate_num: + description: Deprecated. Error estimation num threshold to + save quals + minimum: 0 + type: integer + min_err_estimate_ratio: + description: Deprecated. Error estimation ratio threshold + to save quals + minimum: 0 + type: integer + track_constants: + description: Deprecated. Enable / Disable pg_qualstats constants + tracking + type: boolean + track_pg_catalog: + description: Deprecated. Track quals on system catalogs too. + type: boolean type: object - maxItems: 1 - type: array - x-kubernetes-validations: + pg_read_replica: + description: Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + pg_stat_monitor_enable: + description: Enable the pg_stat_monitor extension. Enabling this + extension will cause the cluster to be restarted.When this extension + is enabled, pg_stat_statements results for utility commands + are unreliable + type: boolean + pg_version: + description: PostgreSQL major version + enum: + - "11" + - "12" + - "13" + - "14" + - "15" type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - transaction + - statement type: string - maxItems: 1 - type: array - admin_password: - description: - Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ + autodb_pool_size: + description: If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + min_pool_size: + description: Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: Allow access to selected service ports from private + networks + properties: + pg: + description: Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + pg: + description: Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - quorum + - "off" + type: string + timescaledb: + description: System-wide settings for the timescaledb extension + properties: + max_background_workers: + description: The number of background workers for timescaledb + operations. You should configure this setting to the sum + of your number of databases and the total number of concurrent + background workers you want running at any given point in + time. + maximum: 4096 + minimum: 1 + type: integer + type: object + variant: + description: Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: - Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - backup_hour: - description: - The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: - The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - enable_ipv6: - description: - Register AAAA DNS records for the service, and allow - IPv6 packets to service ports - type: boolean - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: - Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: - Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: - The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: - Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: - Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: - The server where to migrate data from is secured - with SSL - type: boolean - username: - description: - User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - pg: - description: postgresql.conf configuration values - properties: - autovacuum_analyze_scale_factor: - description: - Specifies a fraction of the table size to add - to autovacuum_analyze_threshold when deciding whether to - trigger an ANALYZE. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_analyze_threshold: - description: - Specifies the minimum number of inserted, updated - or deleted tuples needed to trigger an ANALYZE in any one - table. The default is 50 tuples. - maximum: 2147483647 - minimum: 0 - type: integer - autovacuum_freeze_max_age: - description: - Specifies the maximum age (in transactions) that - a table's pg_class.relfrozenxid field can attain before - a VACUUM operation is forced to prevent transaction ID wraparound - within the table. Note that the system will launch autovacuum - processes to prevent wraparound even when autovacuum is - otherwise disabled. This parameter will cause the server - to be restarted. - maximum: 1500000000 - minimum: 200000000 - type: integer - autovacuum_max_workers: - description: - Specifies the maximum number of autovacuum processes - (other than the autovacuum launcher) that may be running - at any one time. The default is three. This parameter can - only be set at server start. - maximum: 20 - minimum: 1 - type: integer - autovacuum_naptime: - description: - Specifies the minimum delay between autovacuum - runs on any given database. The delay is measured in seconds, - and the default is one minute - maximum: 86400 - minimum: 1 - type: integer - autovacuum_vacuum_cost_delay: - description: - Specifies the cost delay value that will be used - in automatic VACUUM operations. If -1 is specified, the - regular vacuum_cost_delay value will be used. The default - value is 20 milliseconds - maximum: 100 - minimum: -1 - type: integer - autovacuum_vacuum_cost_limit: - description: - Specifies the cost limit value that will be used - in automatic VACUUM operations. If -1 is specified (which - is the default), the regular vacuum_cost_limit value will - be used. - maximum: 10000 - minimum: -1 - type: integer - autovacuum_vacuum_scale_factor: - description: - Specifies a fraction of the table size to add - to autovacuum_vacuum_threshold when deciding whether to - trigger a VACUUM. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_vacuum_threshold: - description: - Specifies the minimum number of updated or deleted - tuples needed to trigger a VACUUM in any one table. The - default is 50 tuples - maximum: 2147483647 - minimum: 0 - type: integer - bgwriter_delay: - description: - Specifies the delay between activity rounds for - the background writer in milliseconds. Default is 200. - maximum: 10000 - minimum: 10 - type: integer - bgwriter_flush_after: - description: - Whenever more than bgwriter_flush_after bytes - have been written by the background writer, attempt to force - the OS to issue these writes to the underlying storage. - Specified in kilobytes, default is 512. Setting of 0 disables - forced writeback. - maximum: 2048 - minimum: 0 - type: integer - bgwriter_lru_maxpages: - description: - In each round, no more than this many buffers - will be written by the background writer. Setting this to - zero disables background writing. Default is 100. - maximum: 1073741823 - minimum: 0 - type: integer - bgwriter_lru_multiplier: - description: - The average recent need for new buffers is multiplied - by bgwriter_lru_multiplier to arrive at an estimate of the - number that will be needed during the next round, (up to - bgwriter_lru_maxpages). 1.0 represents a “just in time” - policy of writing exactly the number of buffers predicted - to be needed. Larger values provide some cushion against - spikes in demand, while smaller values intentionally leave - writes to be done by server processes. The default is 2.0. - maximum: 10 - minimum: 0 - type: number - deadlock_timeout: - description: - This is the amount of time, in milliseconds, - to wait on a lock before checking to see if there is a deadlock - condition. - maximum: 1800000 - minimum: 500 - type: integer - default_toast_compression: - description: - Specifies the default TOAST compression method - for values of compressible columns (the default is lz4). - enum: - - lz4 - - pglz - type: string - idle_in_transaction_session_timeout: - description: - Time out sessions with open transactions after - this number of milliseconds - maximum: 604800000 - minimum: 0 - type: integer - jit: - description: - Controls system-wide use of Just-in-Time Compilation - (JIT). - type: boolean - log_autovacuum_min_duration: - description: - Causes each action executed by autovacuum to - be logged if it ran for at least the specified number of - milliseconds. Setting this to zero logs all autovacuum actions. - Minus-one (the default) disables logging autovacuum actions. - maximum: 2147483647 - minimum: -1 - type: integer - log_error_verbosity: - description: - Controls the amount of detail written in the - server log for each message that is logged. - enum: - - TERSE - - DEFAULT - - VERBOSE - type: string - log_line_prefix: - description: - Choose from one of the available log-formats. - These can support popular log analyzers like pgbadger, pganalyze - etc. - enum: - - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" - - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" - - "'%m [%p] %q[user=%u,db=%d,app=%a] '" - type: string - log_min_duration_statement: - description: - Log statements that take more than this number - of milliseconds to run, -1 disables - maximum: 86400000 - minimum: -1 - type: integer - log_temp_files: - description: - Log statements for each temporary file created - larger than this number of kilobytes, -1 disables - maximum: 2147483647 - minimum: -1 - type: integer - max_files_per_process: - description: - PostgreSQL maximum number of files that can be - open per process - maximum: 4096 - minimum: 1000 - type: integer - max_locks_per_transaction: - description: PostgreSQL maximum locks per transaction - maximum: 6400 - minimum: 64 - type: integer - max_logical_replication_workers: - description: - PostgreSQL maximum logical replication workers - (taken from the pool of max_parallel_workers) - maximum: 64 - minimum: 4 - type: integer - max_parallel_workers: - description: - Sets the maximum number of workers that the system - can support for parallel queries - maximum: 96 - minimum: 0 - type: integer - max_parallel_workers_per_gather: - description: - Sets the maximum number of workers that can be - started by a single Gather or Gather Merge node - maximum: 96 - minimum: 0 - type: integer - max_pred_locks_per_transaction: - description: PostgreSQL maximum predicate locks per transaction - maximum: 5120 - minimum: 64 - type: integer - max_prepared_transactions: - description: PostgreSQL maximum prepared transactions - maximum: 10000 - minimum: 0 - type: integer - max_replication_slots: - description: PostgreSQL maximum replication slots - maximum: 64 - minimum: 8 - type: integer - max_slot_wal_keep_size: - description: - PostgreSQL maximum WAL size (MB) reserved for - replication slots. Default is -1 (unlimited). wal_keep_size - minimum WAL size setting takes precedence over this. - maximum: 2147483647 - minimum: -1 - type: integer - max_stack_depth: - description: Maximum depth of the stack in bytes - maximum: 6291456 - minimum: 2097152 - type: integer - max_standby_archive_delay: - description: Max standby archive delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_standby_streaming_delay: - description: Max standby streaming delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_wal_senders: - description: PostgreSQL maximum WAL senders - maximum: 64 - minimum: 20 - type: integer - max_worker_processes: - description: - Sets the maximum number of background processes - that the system can support - maximum: 96 - minimum: 8 - type: integer - pg_partman_bgw.interval: - description: - Sets the time interval to run pg_partman's scheduled - tasks - maximum: 604800 - minimum: 3600 - type: integer - pg_partman_bgw.role: - description: - Controls which role to use for pg_partman's scheduled - background tasks. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - pg_stat_monitor.pgsm_enable_query_plan: - description: Enables or disables query plan monitoring - type: boolean - pg_stat_monitor.pgsm_max_buckets: - description: Sets the maximum number of buckets - maximum: 10 - minimum: 1 - type: integer - pg_stat_statements.track: - description: - Controls which statements are counted. Specify - top to track top-level statements (those issued directly - by clients), all to also track nested statements (such as - statements invoked within functions), or none to disable - statement statistics collection. The default value is top. - enum: - - all - - top - - none - type: string - temp_file_limit: - description: - PostgreSQL temporary file limit in KiB, -1 for - unlimited - maximum: 2147483647 - minimum: -1 - type: integer - timezone: - description: PostgreSQL service timezone - maxLength: 64 - type: string - track_activity_query_size: - description: - Specifies the number of bytes reserved to track - the currently executing command for each active session. - maximum: 10240 - minimum: 1024 - type: integer - track_commit_timestamp: - description: Record commit time of transactions. - enum: - - "off" - - "on" - type: string - track_functions: - description: - Enables tracking of function call counts and - time used. - enum: - - all - - pl - - none - type: string - track_io_timing: - description: - Enables timing of database I/O calls. This parameter - is off by default, because it will repeatedly query the - operating system for the current time, which may cause significant - overhead on some platforms. - enum: - - "off" - - "on" - type: string - wal_sender_timeout: - description: - Terminate replication connections that are inactive - for longer than this amount of time, in milliseconds. Setting - this value to zero disables the timeout. - type: integer - wal_writer_delay: - description: - WAL flush interval in milliseconds. Note that - setting this value to lower than the default 200ms may negatively - impact performance - maximum: 200 - minimum: 10 - type: integer - type: object - pg_qualstats: - description: - Deprecated. System-wide settings for the pg_qualstats - extension - properties: - enabled: - description: Deprecated. Enable / Disable pg_qualstats - type: boolean - min_err_estimate_num: - description: - Deprecated. Error estimation num threshold to - save quals - minimum: 0 - type: integer - min_err_estimate_ratio: - description: - Deprecated. Error estimation ratio threshold - to save quals - minimum: 0 - type: integer - track_constants: - description: - Deprecated. Enable / Disable pg_qualstats constants - tracking - type: boolean - track_pg_catalog: - description: Deprecated. Track quals on system catalogs too. - type: boolean - type: object - pg_read_replica: - description: - Should the service which is being forked be a read - replica (deprecated, use read_replica service integration instead). - type: boolean - pg_service_to_fork_from: - description: - Name of the PG Service from which to fork (deprecated, - use service_to_fork_from). This has effect only when a new service - is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - pg_stat_monitor_enable: - description: - Enable the pg_stat_monitor extension. Enabling this - extension will cause the cluster to be restarted.When this extension - is enabled, pg_stat_statements results for utility commands - are unreliable - type: boolean - pg_version: - description: PostgreSQL major version - enum: - - "11" - - "12" - - "13" - - "14" - - "15" - type: string - pgbouncer: - description: PGBouncer connection pooling settings - properties: - autodb_idle_timeout: - description: - If the automatically created database pools have - been unused this many seconds, they are freed. If 0 then - timeout is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - autodb_max_db_connections: - description: - Do not allow more than this many server connections - per database (regardless of user). Setting it to 0 means - unlimited. - maximum: 2147483647 - minimum: 0 - type: integer - autodb_pool_mode: - description: PGBouncer pool mode - enum: - - session - - transaction - - statement - type: string - autodb_pool_size: - description: - If non-zero then create automatically a pool - of that size per user when a pool doesn't exist. - maximum: 10000 - minimum: 0 - type: integer - ignore_startup_parameters: - description: - List of parameters to ignore when given in startup - packet - items: - type: string - maxItems: 32 - type: array - min_pool_size: - description: - Add more server connections to pool if below - this number. Improves behavior when usual load comes suddenly - back after period of total inactivity. The value is effectively - capped at the pool size. - maximum: 10000 - minimum: 0 - type: integer - server_idle_timeout: - description: - If a server connection has been idle more than - this many seconds it will be dropped. If 0 then timeout - is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - server_lifetime: - description: - The pooler will close an unused server connection - that has been connected longer than this. [seconds] - maximum: 86400 - minimum: 60 - type: integer - server_reset_query_always: - description: - Run server_reset_query (DISCARD ALL) in all pooling - modes - type: boolean - type: object - pglookout: - description: System-wide settings for pglookout. - properties: - max_failover_replication_time_lag: - description: - Number of seconds of master unavailability before - triggering database failover to standby - minimum: 10 - type: integer - type: object - private_access: - description: - Allow access to selected service ports from private - networks - properties: - pg: - description: - Allow clients to connect to pg with a DNS name - that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - pgbouncer: - description: - Allow clients to connect to pgbouncer with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - pg: - description: Enable pg - type: boolean - pgbouncer: - description: Enable pgbouncer - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - pg: - description: - Allow clients to connect to pg from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - pgbouncer: - description: - Allow clients to connect to pgbouncer from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_target_time: - description: - Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - shared_buffers_percentage: - description: - Percentage of total RAM that the database server - uses for shared memory buffers. Valid range is 20-60 (float), - which corresponds to 20% - 60%. This setting adjusts the shared_buffers - configuration value. - maximum: 60 - minimum: 20 - type: number - static_ips: - description: Use static public IP addresses - type: boolean - synchronous_replication: - description: - Synchronous replication type. Note that the service - plan also needs to support synchronous replication. + status: + description: status of the condition, one of True, False, Unknown. enum: - - quorum - - "off" + - "True" + - "False" + - Unknown type: string - timescaledb: - description: System-wide settings for the timescaledb extension - properties: - max_background_workers: - description: - The number of background workers for timescaledb - operations. You should configure this setting to the sum - of your number of databases and the total number of concurrent - background workers you want running at any given point in - time. - maximum: 4096 - minimum: 1 - type: integer - type: object - variant: - description: - Variant of the PostgreSQL service, may affect the - features that are exposed by default - enum: - - aiven - - timescale + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - work_mem: - description: - Sets the maximum amount of memory to be used by a - query operation (such as a sort or hash table) before writing - to temporary disk files, in MB. Default is 1MB + 0.075% of total - RAM (up to 32MB). - maximum: 1024 - minimum: 1 - type: integer + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml index 5256e9c1..0bf1f9fc 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml @@ -15,244 +15,229 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 + type: string + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 + maxItems: 10 + type: array + billingExtraText: + description: Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 + type: string + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 + type: string + cardId: + description: Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: 'Target cloud, example: aws-eu-central-1' + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `PROJECT_CA_CERT`' + properties: + annotations: + additionalProperties: type: string - name: - minLength: 1 + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 10 - type: array - billingExtraText: - description: - Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: - Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: type: string - cloud: - description: "Target cloud, example: aws-eu-central-1" - maxLength: 256 + description: Tags are key-value pairs that allow you to categorize + projects + type: object + technicalEmails: + description: Technical contact emails of the project + items: type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `PROJECT_CA_CERT`" + maxItems: 10 + type: array + type: object + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: Conditions represent the latest available observations + of an Project state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - projects + - lastTransitionTime + - message + - reason + - status + - type type: object - technicalEmails: - description: Technical contact emails of the project - items: - type: string - maxItems: 10 - type: array - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: - Conditions represent the latest available observations - of an Project state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml index f6b08d0a..720040e8 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml @@ -15,174 +15,165 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: Conditions represent the latest available observations + of an ProjectVPC state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: - Conditions represent the latest available observations - of an ProjectVPC state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml index bd6c988d..2b665d1c 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml @@ -15,509 +15,464 @@ spec: singular: redis scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redis is the Schema for the redis API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: RedisSpec defines the desired state of Redis - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Redis specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server properties: - integrationType: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) enum: - - read_replica + - dump + - replication type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + password: + description: Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: The server where to migrate data from is secured + with SSL + type: boolean + username: + description: User name for authentication with the server + where to migrate data from + maxLength: 256 type: string required: - - integrationType - - sourceServiceName + - host + - port type: object - maxItems: 1 - type: array - x-kubernetes-validations: + private_access: + description: Allow access to selected service ports from private + networks + properties: + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + redis: + description: Allow clients to connect to redis with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + prometheus: + description: Enable prometheus + type: boolean + redis: + description: Enable redis + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + redis: + description: Allow clients to connect to redis from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Redis specific user configuration options + redis_acl_channels_default: + description: Determines default pub/sub channels' ACL for new + users if ACL is not supplied. When this option is not defined, + all_channels is assumed to keep backward compatibility. This + option doesn't affect Redis configuration acl-pubsub-default. + enum: + - allchannels + - resetchannels + type: string + redis_io_threads: + description: Set Redis IO thread count. Changing this will cause + a restart of the Redis service. + maximum: 32 + minimum: 1 + type: integer + redis_lfu_decay_time: + description: LFU maxmemory-policy counter decay time in minutes + maximum: 120 + minimum: 1 + type: integer + redis_lfu_log_factor: + description: Counter logarithm factor for volatile-lfu and allkeys-lfu + maxmemory-policies + maximum: 100 + minimum: 0 + type: integer + redis_maxmemory_policy: + description: Redis maxmemory-policy + enum: + - noeviction + - allkeys-lru + - volatile-lru + - allkeys-random + - volatile-random + - volatile-ttl + - volatile-lfu + - allkeys-lfu + type: string + redis_notify_keyspace_events: + description: Set notify-keyspace-events option + maxLength: 32 + pattern: ^[KEg\$lshzxeA]*$ + type: string + redis_number_of_databases: + description: Set number of Redis databases. Changing this will + cause a restart of the Redis service. + maximum: 128 + minimum: 1 + type: integer + redis_persistence: + description: When persistence is 'rdb', Redis does RDB dumps each + 10 minutes if any key is changed. Also RDB dumps are done according + to backup schedule for backup purposes. When persistence is + 'off', no RDB dumps and backups are done, so data can be lost + at any moment if service is restarted for any reason, or if + service is powered off. Also service can't be forked. + enum: + - "off" + - rdb + type: string + redis_pubsub_client_output_buffer_limit: + description: Set output buffer limit for pub / sub clients in + MB. The value is the hard limit, the soft limit is 1/4 of the + hard limit. When setting the limit, be mindful of the available + memory in the selected service plan. + maximum: 512 + minimum: 32 + type: integer + redis_ssl: + description: Require SSL to access Redis + type: boolean + redis_timeout: + description: Redis idle connection timeout in seconds + maximum: 31536000 + minimum: 0 + type: integer + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: - Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: - Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: - The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: - Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: - Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: - The server where to migrate data from is secured - with SSL - type: boolean - username: - description: - User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - private_access: - description: - Allow access to selected service ports from private - networks - properties: - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - redis: - description: - Allow clients to connect to redis with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - prometheus: - description: Enable prometheus - type: boolean - redis: - description: Enable redis - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - redis: - description: - Allow clients to connect to redis from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - redis_acl_channels_default: - description: - Determines default pub/sub channels' ACL for new - users if ACL is not supplied. When this option is not defined, - all_channels is assumed to keep backward compatibility. This - option doesn't affect Redis configuration acl-pubsub-default. - enum: - - allchannels - - resetchannels + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - redis_io_threads: - description: - Set Redis IO thread count. Changing this will cause - a restart of the Redis service. - maximum: 32 - minimum: 1 - type: integer - redis_lfu_decay_time: - description: LFU maxmemory-policy counter decay time in minutes - maximum: 120 - minimum: 1 - type: integer - redis_lfu_log_factor: - description: - Counter logarithm factor for volatile-lfu and allkeys-lfu - maxmemory-policies - maximum: 100 + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - redis_maxmemory_policy: - description: Redis maxmemory-policy - enum: - - noeviction - - allkeys-lru - - volatile-lru - - allkeys-random - - volatile-random - - volatile-ttl - - volatile-lfu - - allkeys-lfu - type: string - redis_notify_keyspace_events: - description: Set notify-keyspace-events option - maxLength: 32 - pattern: ^[KEg\$lshzxeA]*$ + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - redis_number_of_databases: - description: - Set number of Redis databases. Changing this will - cause a restart of the Redis service. - maximum: 128 - minimum: 1 - type: integer - redis_persistence: - description: - When persistence is 'rdb', Redis does RDB dumps each - 10 minutes if any key is changed. Also RDB dumps are done according - to backup schedule for backup purposes. When persistence is - 'off', no RDB dumps and backups are done, so data can be lost - at any moment if service is restarted for any reason, or if - service is powered off. Also service can't be forked. + status: + description: status of the condition, one of True, False, Unknown. enum: - - "off" - - rdb + - "True" + - "False" + - Unknown type: string - redis_pubsub_client_output_buffer_limit: - description: - Set output buffer limit for pub / sub clients in - MB. The value is the hard limit, the soft limit is 1/4 of the - hard limit. When setting the limit, be mindful of the available - memory in the selected service plan. - maximum: 512 - minimum: 32 - type: integer - redis_ssl: - description: Require SSL to access Redis - type: boolean - redis_timeout: - description: Redis idle connection timeout in seconds - maximum: 31536000 - minimum: 0 - type: integer - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml index 7ddcb94b..7ba61edd 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml @@ -15,790 +15,748 @@ spec: singular: serviceintegration scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.integrationType - name: Type - type: string - - jsonPath: .spec.sourceServiceName - name: Source Service Name - type: string - - jsonPath: .spec.destinationServiceName - name: Destination Service Name - type: string - - jsonPath: .spec.sourceEndpointId - name: Source Endpoint ID - type: string - - jsonPath: .spec.destinationEndpointId - name: Destination Endpoint ID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: - ServiceIntegration is the Schema for the serviceintegrations - API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ServiceIntegrationSpec defines the desired state of ServiceIntegration - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - clickhouseKafka: - description: Clickhouse Kafka configuration values - properties: - tables: - description: Tables to create - items: - description: Table to create - properties: - auto_offset_reset: - description: - Action to take when there is no initial offset - in offset store or the desired offset is out of range - enum: - - smallest - - earliest - - beginning - - largest - - latest - - end - type: string - columns: - description: Table columns - items: - description: Table column - properties: - name: - description: Column name - maxLength: 40 - minLength: 1 - type: string - type: - description: Column type - maxLength: 1000 - minLength: 1 - type: string - required: - - name - - type - type: object - maxItems: 100 - type: array - data_format: - description: Message data format - enum: - - Avro - - CSV - - JSONAsString - - JSONCompactEachRow - - JSONCompactStringsEachRow - - JSONEachRow - - JSONStringsEachRow - - MsgPack - - TSKV - - TSV - - TabSeparated - - RawBLOB - - AvroConfluent - type: string - date_time_input_format: - description: Method to read DateTime from text input formats - enum: - - basic - - best_effort - - best_effort_us - type: string - group_name: - description: Kafka consumers group - maxLength: 249 - minLength: 1 - type: string - handle_error_mode: - description: How to handle errors for Kafka engine - enum: - - default - - stream - type: string - max_block_size: - description: - Number of row collected by poll(s) for flushing - data from Kafka - maximum: 1000000000 - minimum: 0 - type: integer - max_rows_per_message: - description: - The maximum number of rows produced in one - kafka message for row-based formats - maximum: 1000000000 - minimum: 1 - type: integer - name: - description: Name of the table - maxLength: 40 - minLength: 1 - type: string - num_consumers: - description: The number of consumers per table per replica - maximum: 10 - minimum: 1 - type: integer - poll_max_batch_size: - description: - Maximum amount of messages to be polled in - a single Kafka poll - maximum: 1000000000 - minimum: 0 - type: integer - skip_broken_messages: - description: - Skip at least this number of broken messages - from Kafka topic per block - maximum: 1000000000 - minimum: 0 - type: integer - topics: - description: Kafka topics - items: - description: Kafka topic - properties: - name: - description: Name of the topic - maxLength: 249 - minLength: 1 - type: string - required: - - name - type: object - maxItems: 100 - type: array - required: - - columns - - data_format - - group_name - - name - - topics - type: object - maxItems: 100 - type: array - type: object - clickhousePostgresql: - description: Clickhouse PostgreSQL configuration values - properties: - databases: - description: Databases to expose - items: - description: Database to expose - properties: - database: - description: PostgreSQL database to expose - maxLength: 63 - minLength: 1 - type: string - schema: - description: PostgreSQL schema to expose - maxLength: 63 - minLength: 1 - type: string - type: object - maxItems: 10 - type: array - type: object - datadog: - description: Datadog specific user configuration options - properties: - datadog_dbm_enabled: - description: Enable Datadog Database Monitoring - type: boolean - datadog_tags: - description: Custom tags provided by user - items: - description: Datadog tag defined by user - properties: - comment: - description: Optional tag explanation - maxLength: 1024 - type: string - tag: - description: - "Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. - Tags with prefix 'aiven-' are reserved for Aiven." - maxLength: 200 - minLength: 1 - type: string - required: - - tag - type: object - maxItems: 32 - type: array - exclude_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - exclude_topics: - description: List of topics to exclude - items: - type: string - maxItems: 1024 - type: array - include_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - include_topics: - description: List of topics to include - items: - type: string - maxItems: 1024 - type: array - kafka_custom_metrics: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - max_jmx_metrics: - description: Maximum number of JMX metrics to send - maximum: 100000 - minimum: 10 - type: integer - opensearch: - description: Datadog Opensearch Options - properties: - index_stats_enabled: - description: Enable Datadog Opensearch Index Monitoring - type: boolean - pending_task_stats_enabled: - description: Enable Datadog Opensearch Pending Task Monitoring - type: boolean - pshard_stats_enabled: - description: Enable Datadog Opensearch Primary Shard Monitoring - type: boolean - type: object - redis: - description: Datadog Redis Options - properties: - command_stats_enabled: - description: Enable command_stats option in the agent's configuration - type: boolean - type: object - type: object - destinationEndpointId: - description: Destination endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationProjectName: - description: Destination project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationServiceName: - description: Destination service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - externalAWSCloudwatchMetrics: - description: - External AWS CloudWatch Metrics integration Logs configuration - values - properties: - dropped_metrics: - description: - Metrics to not send to AWS CloudWatch (takes precedence - over extra_metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - extra_metrics: - description: - Metrics to allow through to AWS CloudWatch (in addition - to default metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - type: object - integrationType: - description: - Type of the service integration accepted by Aiven API. - Some values may not be supported by the operator - enum: - - alertmanager - - autoscaler - - caching - - cassandra_cross_service_cluster - - clickhouse_kafka - - clickhouse_postgresql - - dashboard - - datadog - - datasource - - external_aws_cloudwatch_logs - - external_aws_cloudwatch_metrics - - external_elasticsearch_logs - - external_google_cloud_logging - - external_opensearch_logs - - flink - - flink_external_kafka - - internal_connectivity - - jolokia - - kafka_connect - - kafka_logs - - kafka_mirrormaker - - logs - - m3aggregator - - m3coordinator - - metrics - - opensearch_cross_cluster_replication - - opensearch_cross_cluster_search - - prometheus - - read_replica - - rsyslog - - schema_registry_proxy - - stresstester - - thanosquery - - thanosstore - - vmalert - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - kafkaConnect: - description: Kafka Connect service configuration values - properties: - kafka_connect: - description: Kafka Connect service configuration values + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.integrationType + name: Type + type: string + - jsonPath: .spec.sourceServiceName + name: Source Service Name + type: string + - jsonPath: .spec.destinationServiceName + name: Destination Service Name + type: string + - jsonPath: .spec.sourceEndpointId + name: Source Endpoint ID + type: string + - jsonPath: .spec.destinationEndpointId + name: Destination Endpoint ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceIntegration is the Schema for the serviceintegrations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceIntegrationSpec defines the desired state of ServiceIntegration + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + clickhouseKafka: + description: Clickhouse Kafka configuration values + properties: + tables: + description: Tables to create + items: + description: Table to create properties: - config_storage_topic: - description: - The name of the topic where connector and task - configuration data are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + auto_offset_reset: + description: Action to take when there is no initial offset + in offset store or the desired offset is out of range + enum: + - smallest + - earliest + - beginning + - largest + - latest + - end type: string - group_id: - description: - A unique string that identifies the Connect cluster - group this worker belongs to. - maxLength: 249 + columns: + description: Table columns + items: + description: Table column + properties: + name: + description: Column name + maxLength: 40 + minLength: 1 + type: string + type: + description: Column type + maxLength: 1000 + minLength: 1 + type: string + required: + - name + - type + type: object + maxItems: 100 + type: array + data_format: + description: Message data format + enum: + - Avro + - CSV + - JSONAsString + - JSONCompactEachRow + - JSONCompactStringsEachRow + - JSONEachRow + - JSONStringsEachRow + - MsgPack + - TSKV + - TSV + - TabSeparated + - RawBLOB + - AvroConfluent type: string - offset_storage_topic: - description: - The name of the topic where connector and task - configuration offsets are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + date_time_input_format: + description: Method to read DateTime from text input formats + enum: + - basic + - best_effort + - best_effort_us type: string - status_storage_topic: - description: - The name of the topic where connector and task - configuration status updates are stored.This must be the - same for all workers with the same group_id. + group_name: + description: Kafka consumers group maxLength: 249 + minLength: 1 type: string - type: object - type: object - kafkaLogs: - description: Kafka logs configuration values - properties: - kafka_topic: - description: Topic name - maxLength: 249 - minLength: 1 - type: string - selected_log_fields: - description: - The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - required: - - kafka_topic - type: object - kafkaMirrormaker: - description: Kafka MirrorMaker configuration values - properties: - cluster_alias: - description: - "The alias under which the Kafka cluster is known - to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, - '.', '_', and '-'." - maxLength: 128 - pattern: ^[a-zA-Z0-9_.-]+$ - type: string - kafka_mirrormaker: - description: Kafka MirrorMaker configuration values - properties: - consumer_fetch_min_bytes: - description: - The minimum amount of data the server should - return for a fetch request - maximum: 5242880 - minimum: 1 - type: integer - producer_batch_size: - description: - The batch size in bytes producer will attempt - to collect before publishing to broker. - maximum: 5242880 + handle_error_mode: + description: How to handle errors for Kafka engine + enum: + - default + - stream + type: string + max_block_size: + description: Number of row collected by poll(s) for flushing + data from Kafka + maximum: 1000000000 minimum: 0 type: integer - producer_buffer_memory: - description: - The amount of bytes producer can use for buffering - data before publishing to broker. - maximum: 134217728 - minimum: 5242880 + max_rows_per_message: + description: The maximum number of rows produced in one + kafka message for row-based formats + maximum: 1000000000 + minimum: 1 type: integer - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + name: + description: Name of the table + maxLength: 40 + minLength: 1 type: string - producer_linger_ms: - description: - The linger time (ms) for waiting new data to - arrive for publishing. - maximum: 5000 + num_consumers: + description: The number of consumers per table per replica + maximum: 10 + minimum: 1 + type: integer + poll_max_batch_size: + description: Maximum amount of messages to be polled in + a single Kafka poll + maximum: 1000000000 minimum: 0 type: integer - producer_max_request_size: - description: The maximum request size in bytes. - maximum: 268435456 + skip_broken_messages: + description: Skip at least this number of broken messages + from Kafka topic per block + maximum: 1000000000 minimum: 0 type: integer + topics: + description: Kafka topics + items: + description: Kafka topic + properties: + name: + description: Name of the topic + maxLength: 249 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 100 + type: array + required: + - columns + - data_format + - group_name + - name + - topics type: object - type: object - logs: - description: Logs configuration values - properties: - elasticsearch_index_days_max: - description: Elasticsearch index retention limit - maximum: 10000 - minimum: 1 - type: integer - elasticsearch_index_prefix: - description: Elasticsearch index prefix - maxLength: 1024 - minLength: 1 + maxItems: 100 + type: array + type: object + clickhousePostgresql: + description: Clickhouse PostgreSQL configuration values + properties: + databases: + description: Databases to expose + items: + description: Database to expose + properties: + database: + description: PostgreSQL database to expose + maxLength: 63 + minLength: 1 + type: string + schema: + description: PostgreSQL schema to expose + maxLength: 63 + minLength: 1 + type: string + type: object + maxItems: 10 + type: array + type: object + datadog: + description: Datadog specific user configuration options + properties: + datadog_dbm_enabled: + description: Enable Datadog Database Monitoring + type: boolean + datadog_tags: + description: Custom tags provided by user + items: + description: Datadog tag defined by user + properties: + comment: + description: Optional tag explanation + maxLength: 1024 + type: string + tag: + description: 'Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. + Tags with prefix ''aiven-'' are reserved for Aiven.' + maxLength: 200 + minLength: 1 + type: string + required: + - tag + type: object + maxItems: 32 + type: array + exclude_consumer_groups: + description: List of custom metrics + items: type: string - selected_log_fields: - description: - The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - type: object - metrics: - description: Metrics configuration values - properties: - database: - description: - Name of the database where to store metric datapoints. - Only affects PostgreSQL destinations. Defaults to 'metrics'. - Note that this must be the same for all metrics integrations - that write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ + maxItems: 1024 + type: array + exclude_topics: + description: List of topics to exclude + items: type: string - retention_days: - description: - Number of days to keep old metrics. Only affects - PostgreSQL destinations. Set to 0 for no automatic cleanup. - Defaults to 30 days. - maximum: 10000 - minimum: 0 - type: integer - ro_username: - description: - Name of a user that can be used to read metrics. - This will be used for Grafana integration (if enabled) to prevent - Grafana users from making undesired changes. Only affects PostgreSQL - destinations. Defaults to 'metrics_reader'. Note that this must - be the same for all metrics integrations that write data to - the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + maxItems: 1024 + type: array + include_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + include_topics: + description: List of topics to include + items: + type: string + maxItems: 1024 + type: array + kafka_custom_metrics: + description: List of custom metrics + items: type: string - source_mysql: - description: - Configuration options for metrics where source service - is MySQL + maxItems: 1024 + type: array + max_jmx_metrics: + description: Maximum number of JMX metrics to send + maximum: 100000 + minimum: 10 + type: integer + opensearch: + description: Datadog Opensearch Options + properties: + index_stats_enabled: + description: Enable Datadog Opensearch Index Monitoring + type: boolean + pending_task_stats_enabled: + description: Enable Datadog Opensearch Pending Task Monitoring + type: boolean + pshard_stats_enabled: + description: Enable Datadog Opensearch Primary Shard Monitoring + type: boolean + type: object + redis: + description: Datadog Redis Options + properties: + command_stats_enabled: + description: Enable command_stats option in the agent's configuration + type: boolean + type: object + type: object + destinationEndpointId: + description: Destination endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationProjectName: + description: Destination project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationServiceName: + description: Destination service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + externalAWSCloudwatchMetrics: + description: External AWS CloudWatch Metrics integration Logs configuration + values + properties: + dropped_metrics: + description: Metrics to not send to AWS CloudWatch (takes precedence + over extra_metrics) + items: + description: Metric name and subfield properties: - telegraf: - description: - Configuration options for Telegraf MySQL input - plugin - properties: - gather_event_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS - type: boolean - gather_file_events_stats: - description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME - type: boolean - gather_index_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE - type: boolean - gather_info_schema_auto_inc: - description: - Gather auto_increment columns and max values - from information schema - type: boolean - gather_innodb_metrics: - description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS - type: boolean - gather_perf_events_statements: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST - type: boolean - gather_process_list: - description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST - type: boolean - gather_slave_status: - description: - Gather metrics from SHOW SLAVE STATUS command - output - type: boolean - gather_table_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE - type: boolean - gather_table_lock_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS - type: boolean - gather_table_schema: - description: Gather metrics from INFORMATION_SCHEMA.TABLES - type: boolean - perf_events_statements_digest_text_limit: - description: - Truncates digest text from perf_events_statements - into this many characters - maximum: 2048 - minimum: 1 - type: integer - perf_events_statements_limit: - description: Limits metrics from perf_events_statements - maximum: 4000 - minimum: 1 - type: integer - perf_events_statements_time_limit: - description: - Only include perf_events_statements whose - last seen is less than this many seconds - maximum: 2592000 - minimum: 1 - type: integer - type: object + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric type: object - username: - description: - Name of the user used to write metrics. Only affects - PostgreSQL destinations. Defaults to 'metrics_writer'. Note - that this must be the same for all metrics integrations that - write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - type: object - project: - description: Project the integration belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceEndpointID: - description: Source endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceProjectName: - description: Source project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceServiceName: - description: Source service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - integrationType - - project - type: object - status: - description: ServiceIntegrationStatus defines the observed state of ServiceIntegration - properties: - conditions: - description: - Conditions represent the latest available observations - of an ServiceIntegration state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + extra_metrics: + description: Metrics to allow through to AWS CloudWatch (in addition + to default metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + type: object + integrationType: + description: Type of the service integration accepted by Aiven API. + Some values may not be supported by the operator + enum: + - alertmanager + - autoscaler + - caching + - cassandra_cross_service_cluster + - clickhouse_kafka + - clickhouse_postgresql + - dashboard + - datadog + - datasource + - external_aws_cloudwatch_logs + - external_aws_cloudwatch_metrics + - external_elasticsearch_logs + - external_google_cloud_logging + - external_opensearch_logs + - flink + - flink_external_kafka + - internal_connectivity + - jolokia + - kafka_connect + - kafka_logs + - kafka_mirrormaker + - logs + - m3aggregator + - m3coordinator + - metrics + - opensearch_cross_cluster_replication + - opensearch_cross_cluster_search + - prometheus + - read_replica + - rsyslog + - schema_registry_proxy + - stresstester + - thanosquery + - thanosstore + - vmalert + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + kafkaConnect: + description: Kafka Connect service configuration values + properties: + kafka_connect: + description: Kafka Connect service configuration values properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + config_storage_topic: + description: The name of the topic where connector and task + configuration data are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 + type: string + group_id: + description: A unique string that identifies the Connect cluster + group this worker belongs to. + maxLength: 249 + type: string + offset_storage_topic: + description: The name of the topic where connector and task + configuration offsets are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + status_storage_topic: + description: The name of the topic where connector and task + configuration status updates are stored.This must be the + same for all workers with the same group_id. + maxLength: 249 type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + type: object + type: object + kafkaLogs: + description: Kafka logs configuration values + properties: + kafka_topic: + description: Topic name + maxLength: 249 + minLength: 1 + type: string + selected_log_fields: + description: The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + required: + - kafka_topic + type: object + kafkaMirrormaker: + description: Kafka MirrorMaker configuration values + properties: + cluster_alias: + description: 'The alias under which the Kafka cluster is known + to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, + ''.'', ''_'', and ''-''.' + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + type: string + kafka_mirrormaker: + description: Kafka MirrorMaker configuration values + properties: + consumer_fetch_min_bytes: + description: The minimum amount of data the server should + return for a fetch request + maximum: 5242880 + minimum: 1 + type: integer + producer_batch_size: + description: The batch size in bytes producer will attempt + to collect before publishing to broker. + maximum: 5242880 minimum: 0 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + producer_buffer_memory: + description: The amount of bytes producer can use for buffering + data before publishing to broker. + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - gzip + - snappy + - lz4 + - zstd + - none type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + producer_linger_ms: + description: The linger time (ms) for waiting new data to + arrive for publishing. + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: The maximum request size in bytes. + maximum: 268435456 + minimum: 0 + type: integer + type: object + type: object + logs: + description: Logs configuration values + properties: + elasticsearch_index_days_max: + description: Elasticsearch index retention limit + maximum: 10000 + minimum: 1 + type: integer + elasticsearch_index_prefix: + description: Elasticsearch index prefix + maxLength: 1024 + minLength: 1 + type: string + selected_log_fields: + description: The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + type: object + metrics: + description: Metrics configuration values + properties: + database: + description: Name of the database where to store metric datapoints. + Only affects PostgreSQL destinations. Defaults to 'metrics'. + Note that this must be the same for all metrics integrations + that write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ + type: string + retention_days: + description: Number of days to keep old metrics. Only affects + PostgreSQL destinations. Set to 0 for no automatic cleanup. + Defaults to 30 days. + maximum: 10000 + minimum: 0 + type: integer + ro_username: + description: Name of a user that can be used to read metrics. + This will be used for Grafana integration (if enabled) to prevent + Grafana users from making undesired changes. Only affects PostgreSQL + destinations. Defaults to 'metrics_reader'. Note that this must + be the same for all metrics integrations that write data to + the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + source_mysql: + description: Configuration options for metrics where source service + is MySQL + properties: + telegraf: + description: Configuration options for Telegraf MySQL input + plugin + properties: + gather_event_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS + type: boolean + gather_file_events_stats: + description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME + type: boolean + gather_index_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE + type: boolean + gather_info_schema_auto_inc: + description: Gather auto_increment columns and max values + from information schema + type: boolean + gather_innodb_metrics: + description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS + type: boolean + gather_perf_events_statements: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST + type: boolean + gather_process_list: + description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST + type: boolean + gather_slave_status: + description: Gather metrics from SHOW SLAVE STATUS command + output + type: boolean + gather_table_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE + type: boolean + gather_table_lock_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS + type: boolean + gather_table_schema: + description: Gather metrics from INFORMATION_SCHEMA.TABLES + type: boolean + perf_events_statements_digest_text_limit: + description: Truncates digest text from perf_events_statements + into this many characters + maximum: 2048 + minimum: 1 + type: integer + perf_events_statements_limit: + description: Limits metrics from perf_events_statements + maximum: 4000 + minimum: 1 + type: integer + perf_events_statements_time_limit: + description: Only include perf_events_statements whose + last seen is less than this many seconds + maximum: 2592000 + minimum: 1 + type: integer + type: object type: object - type: array - id: - description: Service integration ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + username: + description: Name of the user used to write metrics. Only affects + PostgreSQL destinations. Defaults to 'metrics_writer'. Note + that this must be the same for all metrics integrations that + write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + type: object + project: + description: Project the integration belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceEndpointID: + description: Source endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceProjectName: + description: Source project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceServiceName: + description: Source service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - integrationType + - project + type: object + status: + description: ServiceIntegrationStatus defines the observed state of ServiceIntegration + properties: + conditions: + description: Conditions represent the latest available observations + of an ServiceIntegration state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Service integration ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml index b71e03fb..e188b02d 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml @@ -15,191 +15,179 @@ spec: singular: serviceuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceUser is the Schema for the serviceusers API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ServiceUserSpec defines the desired state of ServiceUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceUser is the Schema for the serviceusers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceUserSpec defines the desired state of ServiceUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - project + - serviceName + type: object + status: + description: ServiceUserStatus defines the observed state of ServiceUser + properties: + conditions: + description: Conditions represent the latest available observations + of an ServiceUser state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - name: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - required: - - key - - name - type: object - authentication: - description: Authentication details - enum: - - caching_sha2_password - - mysql_native_password - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, - `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, - `SERVICEUSER_ACCESS_KEY`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - required: - - project - - serviceName - type: object - status: - description: ServiceUserStatus defines the observed state of ServiceUser - properties: - conditions: - description: - Conditions represent the latest available observations - of an ServiceUser state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: - description: Type of the user account - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + type: + description: Type of the user account + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_cassandras.yaml b/config/crd/bases/aiven.io_cassandras.yaml index c77cf9c8..b92c2e97 100644 --- a/config/crd/bases/aiven.io_cassandras.yaml +++ b/config/crd/bases/aiven.io_cassandras.yaml @@ -15,417 +15,381 @@ spec: singular: cassandra scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cassandra is the Schema for the cassandras API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: CassandraSpec defines the desired state of Cassandra - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cassandra is the Schema for the cassandras API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CassandraSpec defines the desired state of Cassandra + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - key: - minLength: 1 + integrationType: + enum: + - read_replica type: string - name: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - key - - name + - integrationType + - sourceServiceName type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, - `CASSANDRA_URI`, `CASSANDRA_HOSTS`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + backup_hour: + description: The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + cassandra: + description: cassandra configuration values + properties: + batch_size_fail_threshold_in_kb: + description: Fail any multiple-partition batch exceeding this + value. 50kb (10x warn threshold) by default. + maximum: 1000000 + minimum: 1 + type: integer + batch_size_warn_threshold_in_kb: + description: Log a warning message on any multiple-partition + batch size exceeding this value.5kb per batch by default.Caution + should be taken on increasing the size of this thresholdas + it can lead to node instability. + maximum: 1000000 + minimum: 1 + type: integer + datacenter: + description: Name of the datacenter to which nodes of this + service belong. Can be set only when creating the service. + maxLength: 128 type: string - description: Labels added to the secret + type: object + cassandra_version: + description: Cassandra major version + enum: + - "4" + - "3" + type: string + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1024 + type: array + migrate_sstableloader: + description: Sets the service into migration mode enabling the + sstableloader utility to be used to upload Cassandra data files. + Available only on service create. + type: boolean + private_access: + description: Allow access to selected service ports from private + networks + properties: + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + public_access: + description: Allow access to selected service ports from the public + Internet properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean type: object - maxItems: 1 - type: array - x-kubernetes-validations: + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + service_to_join_with: + description: When bootstrapping, instead of creating a new Cassandra + cluster try to join an existing one from another service. Can + only be set on service creation. + maxLength: 64 type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - additional_backup_regions: - description: Deprecated. Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - backup_hour: - description: - The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: - The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - cassandra: - description: cassandra configuration values - properties: - batch_size_fail_threshold_in_kb: - description: - Fail any multiple-partition batch exceeding this - value. 50kb (10x warn threshold) by default. - maximum: 1000000 - minimum: 1 - type: integer - batch_size_warn_threshold_in_kb: - description: - Log a warning message on any multiple-partition - batch size exceeding this value.5kb per batch by default.Caution - should be taken on increasing the size of this thresholdas - it can lead to node instability. - maximum: 1000000 - minimum: 1 - type: integer - datacenter: - description: - Name of the datacenter to which nodes of this - service belong. Can be set only when creating the service. - maxLength: 128 - type: string - type: object - cassandra_version: - description: Cassandra major version - enum: - - "4" - - "3" - type: string - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migrate_sstableloader: - description: - Sets the service into migration mode enabling the - sstableloader utility to be used to upload Cassandra data files. - Available only on service create. - type: boolean - private_access: - description: - Allow access to selected service ports from private - networks - properties: - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_to_join_with: - description: - When bootstrapping, instead of creating a new Cassandra - cluster try to join an existing one from another service. Can - only be set on service creation. - maxLength: 64 + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - static_ips: - description: Use static public IP addresses - type: boolean + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_clickhouses.yaml b/config/crd/bases/aiven.io_clickhouses.yaml index 631948cd..6fbd5c4e 100644 --- a/config/crd/bases/aiven.io_clickhouses.yaml +++ b/config/crd/bases/aiven.io_clickhouses.yaml @@ -15,396 +15,360 @@ spec: singular: clickhouse scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Clickhouse is the Schema for the clickhouses API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ClickhouseSpec defines the desired state of Clickhouse - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + private_access: + description: Allow access to selected service ports from private + networks + properties: + clickhouse: + description: Allow clients to connect to clickhouse with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + clickhouse_https: + description: Allow clients to connect to clickhouse_https + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + clickhouse_mysql: + description: Allow clients to connect to clickhouse_mysql + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName + clickhouse: + description: Enable clickhouse + type: boolean + clickhouse_https: + description: Enable clickhouse_https + type: boolean + clickhouse_mysql: + description: Enable clickhouse_mysql + type: boolean + prometheus: + description: Enable prometheus + type: boolean type: object - maxItems: 1 - type: array - x-kubernetes-validations: + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + clickhouse: + description: Allow clients to connect to clickhouse from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + clickhouse_https: + description: Allow clients to connect to clickhouse_https + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + clickhouse_mysql: + description: Allow clients to connect to clickhouse_mysql + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - private_access: - description: - Allow access to selected service ports from private - networks - properties: - clickhouse: - description: - Allow clients to connect to clickhouse with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - clickhouse_https: - description: - Allow clients to connect to clickhouse_https - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - clickhouse_mysql: - description: - Allow clients to connect to clickhouse_mysql - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - clickhouse: - description: Enable clickhouse - type: boolean - clickhouse_https: - description: Enable clickhouse_https - type: boolean - clickhouse_mysql: - description: Enable clickhouse_mysql - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - clickhouse: - description: - Allow clients to connect to clickhouse from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - clickhouse_https: - description: - Allow clients to connect to clickhouse_https - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - clickhouse_mysql: - description: - Allow clients to connect to clickhouse_mysql - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_clickhouseusers.yaml b/config/crd/bases/aiven.io_clickhouseusers.yaml index 87435b42..d28df3a9 100644 --- a/config/crd/bases/aiven.io_clickhouseusers.yaml +++ b/config/crd/bases/aiven.io_clickhouseusers.yaml @@ -15,191 +15,179 @@ spec: singular: clickhouseuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClickhouseUser is the Schema for the clickhouseusers API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ClickhouseUserSpec defines the desired state of ClickhouseUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - project + - serviceName + type: object + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - name: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, - `CLICKHOUSEUSER_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - project - - serviceName - type: object - status: - description: ClickhouseUserStatus defines the observed state of ClickhouseUser - properties: - conditions: - description: - Conditions represent the latest available observations - of an ClickhouseUser state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - uuid: - description: Clickhouse user UUID - type: string - required: - - conditions - - uuid - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_connectionpools.yaml b/config/crd/bases/aiven.io_connectionpools.yaml index 8c40c19c..f8b3d439 100644 --- a/config/crd/bases/aiven.io_connectionpools.yaml +++ b/config/crd/bases/aiven.io_connectionpools.yaml @@ -15,213 +15,200 @@ spec: singular: connectionpool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.databaseName - name: Database - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.poolSize - name: Pool Size - type: string - - jsonPath: .spec.poolMode - name: Pool Mode - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ConnectionPool is the Schema for the connectionpools API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ConnectionPoolSpec defines the desired state of ConnectionPool - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.databaseName + name: Database + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.poolSize + name: Pool Size + type: string + - jsonPath: .spec.poolMode + name: Pool Mode + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ConnectionPool is the Schema for the connectionpools API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConnectionPoolSpec defines the desired state of ConnectionPool + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, + `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, + `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + databaseName: + description: Name of the database the pool connects to + maxLength: 40 + type: string + poolMode: + description: Mode the pool operates in (session, transaction, statement) + enum: + - session + - transaction + - statement + type: string + poolSize: + description: Number of connections the pool may create towards the + backend server + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + username: + description: Name of the service user used to connect to the database + maxLength: 64 + type: string + required: + - databaseName + - project + - serviceName + - username + type: object + status: + description: ConnectionPoolStatus defines the observed state of ConnectionPool + properties: + conditions: + description: Conditions represent the latest available observations + of an ConnectionPool state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - name: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, - `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, - `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - databaseName: - description: Name of the database the pool connects to - maxLength: 40 - type: string - poolMode: - description: Mode the pool operates in (session, transaction, statement) - enum: - - session - - transaction - - statement - type: string - poolSize: - description: - Number of connections the pool may create towards the - backend server - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - username: - description: Name of the service user used to connect to the database - maxLength: 64 - type: string - required: - - databaseName - - project - - serviceName - - username - type: object - status: - description: ConnectionPoolStatus defines the observed state of ConnectionPool - properties: - conditions: - description: - Conditions represent the latest available observations - of an ConnectionPool state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_databases.yaml b/config/crd/bases/aiven.io_databases.yaml index eb5e09e0..8a25500c 100644 --- a/config/crd/bases/aiven.io_databases.yaml +++ b/config/crd/bases/aiven.io_databases.yaml @@ -15,165 +15,153 @@ spec: singular: database scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Database is the Schema for the databases API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: DatabaseSpec defines the desired state of Database - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Database is the Schema for the databases API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DatabaseSpec defines the desired state of Database + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + lcCollate: + description: 'Default string sort order (LC_COLLATE) of the database. + Default value: en_US.UTF-8' + maxLength: 128 + type: string + lcCtype: + description: 'Default character classification (LC_CTYPE) of the database. + Default value: en_US.UTF-8' + maxLength: 128 + type: string + project: + description: Project to link the database to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: PostgreSQL service to link the database to + maxLength: 63 + type: string + terminationProtection: + description: It is a Kubernetes side deletion protections, which prevents + the database from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - project + - serviceName + type: object + status: + description: DatabaseStatus defines the observed state of Database + properties: + conditions: + description: Conditions represent the latest available observations + of an Database state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - lcCollate: - description: - "Default string sort order (LC_COLLATE) of the database. - Default value: en_US.UTF-8" - maxLength: 128 - type: string - lcCtype: - description: - "Default character classification (LC_CTYPE) of the database. - Default value: en_US.UTF-8" - maxLength: 128 - type: string - project: - description: Project to link the database to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: PostgreSQL service to link the database to - maxLength: 63 - type: string - terminationProtection: - description: - It is a Kubernetes side deletion protections, which prevents - the database from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - project - - serviceName - type: object - status: - description: DatabaseStatus defines the observed state of Database - properties: - conditions: - description: - Conditions represent the latest available observations - of an Database state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_grafanas.yaml b/config/crd/bases/aiven.io_grafanas.yaml index 17a7362e..7a9247f9 100644 --- a/config/crd/bases/aiven.io_grafanas.yaml +++ b/config/crd/bases/aiven.io_grafanas.yaml @@ -15,869 +15,799 @@ spec: singular: grafana scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Grafana is the Schema for the grafanas API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: GrafanaSpec defines the desired state of Grafana - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + alerting_enabled: + description: Enable or disable Grafana legacy alerting functionality. + This should not be enabled with unified_alerting_enabled. + type: boolean + alerting_error_or_timeout: + description: Default error or timeout setting for new alerting + rules + enum: + - alerting + - keep_state + type: string + alerting_max_annotations_to_keep: + description: Max number of alert annotations that Grafana stores. + 0 (default) keeps all alert annotations. + maximum: 1000000 + minimum: 0 + type: integer + alerting_nodata_or_nullvalues: + description: Default value for 'no data or null values' for new + alerting rules + enum: + - alerting + - no_data + - keep_state + - ok + type: string + allow_embedding: + description: Allow embedding Grafana dashboards with iframe/frame/object/embed + tags. Disabled by default to limit impact of clickjacking + type: boolean + auth_azuread: + description: Azure AD OAuth integration properties: - integrationType: - enum: - - read_replica + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ type: string - sourceServiceName: + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_basic_enabled: + description: Enable or disable basic authentication form, used + by Grafana built-in login + type: boolean + auth_generic_oauth: + description: Generic OAuth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_organizations: + description: Require user to be member of one of the listed + organizations + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL + maxLength: 2048 + type: string + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + auto_login: + description: Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + name: + description: Name of the OAuth integration + maxLength: 128 + pattern: ^[a-zA-Z0-9_\- ]+$ + type: string + scopes: + description: OAuth scopes + items: + type: string + maxItems: 50 + type: array + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - api_url + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_github: + description: Github Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_organizations: + description: Require users to belong to one of given organizations + items: + type: string + maxItems: 50 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + team_ids: + description: Require users to belong to one of given team + IDs + items: + type: integer + maxItems: 50 + type: array + required: + - client_id + - client_secret + type: object + auth_gitlab: + description: GitLab Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + auth_url: + description: Authorization URL. This only needs to be set + when using self hosted GitLab + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: Token URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + required: + - allowed_groups + - client_id + - client_secret + type: object + auth_google: + description: Google Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Domains allowed to sign-in to this Grafana + items: + type: string + maxItems: 64 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + required: + - allowed_domains + - client_id + - client_secret + type: object + cookie_samesite: + description: 'Cookie SameSite attribute: ''strict'' prevents sending + cookie for cross-site requests, effectively disabling direct + linking from other sites to Grafana. ''lax'' is the default + value.' + enum: + - lax + - strict + - none + type: string + custom_domain: + description: Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + dashboard_previews_enabled: + description: This feature is new in Grafana 9 and is quite resource + intensive. It may cause low-end plans to work more slowly while + the dashboard previews are rendering. + type: boolean + dashboards_min_refresh_interval: + description: Signed sequence of decimal numbers, followed by a + unit suffix (ms, s, m, h, d), e.g. 30s, 1h + maxLength: 16 + pattern: ^[0-9]+(ms|s|m|h|d)$ + type: string + dashboards_versions_to_keep: + description: Dashboard versions to keep per dashboard + maximum: 100 + minimum: 1 + type: integer + dataproxy_send_user_header: + description: Send 'X-Grafana-User' header to data source + type: boolean + dataproxy_timeout: + description: Timeout for data proxy requests in seconds + maximum: 90 + minimum: 15 + type: integer + date_formats: + description: Grafana date format specifications + properties: + default_timezone: + description: Default time zone for user preferences. Value + 'browser' uses browser local time zone. maxLength: 64 - minLength: 1 + pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ + type: string + full_date: + description: Moment.js style format string for cases where + full date is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_day: + description: Moment.js style format string used when a time + requiring day accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_hour: + description: Moment.js style format string used when a time + requiring hour accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_minute: + description: Moment.js style format string used when a time + requiring minute accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_month: + description: Moment.js style format string used when a time + requiring month accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_second: + description: Moment.js style format string used when a time + requiring second accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + interval_year: + description: Moment.js style format string used when a time + requiring year accuracy is shown + maxLength: 128 + pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$' + type: string + type: object + disable_gravatar: + description: Set to true to disable gravatar. Defaults to false + (gravatar is enabled) + type: boolean + editors_can_admin: + description: Editors can manage folders, teams and dashboards + created by them + type: boolean + external_image_storage: + description: External image store settings + properties: + access_key: + description: S3 access key. Requires permissions to the S3 + bucket for the s3:PutObject and s3:PutObjectAcl actions + maxLength: 4096 + pattern: ^[A-Z0-9]+$ + type: string + bucket_url: + description: Bucket URL for S3 + maxLength: 2048 + type: string + provider: + description: Provider type + enum: + - s3 + type: string + secret_key: + description: S3 secret key + maxLength: 4096 + pattern: ^[A-Za-z0-9/+=]+$ type: string required: - - integrationType - - sourceServiceName + - access_key + - bucket_url + - provider + - secret_key type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + google_analytics_ua_id: + description: Google Analytics ID + maxLength: 64 + pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - alerting_enabled: - description: - Enable or disable Grafana legacy alerting functionality. - This should not be enabled with unified_alerting_enabled. - type: boolean - alerting_error_or_timeout: - description: - Default error or timeout setting for new alerting - rules - enum: - - alerting - - keep_state - type: string - alerting_max_annotations_to_keep: - description: - Max number of alert annotations that Grafana stores. - 0 (default) keeps all alert annotations. - maximum: 1000000 - minimum: 0 - type: integer - alerting_nodata_or_nullvalues: - description: - Default value for 'no data or null values' for new - alerting rules - enum: - - alerting - - no_data - - keep_state - - ok - type: string - allow_embedding: - description: - Allow embedding Grafana dashboards with iframe/frame/object/embed - tags. Disabled by default to limit impact of clickjacking - type: boolean - auth_azuread: - description: Azure AD OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_basic_enabled: - description: - Enable or disable basic authentication form, used - by Grafana built-in login - type: boolean - auth_generic_oauth: - description: Generic OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_organizations: - description: - Require user to be member of one of the listed - organizations - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL - maxLength: 2048 - type: string - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - auto_login: - description: - Allow users to bypass the login screen and automatically - log in - type: boolean - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - name: - description: Name of the OAuth integration - maxLength: 128 - pattern: ^[a-zA-Z0-9_\- ]+$ - type: string - scopes: - description: OAuth scopes - items: - type: string - maxItems: 50 - type: array - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - api_url - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_github: - description: Github Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_organizations: - description: Require users to belong to one of given organizations - items: - type: string - maxItems: 50 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - team_ids: - description: - Require users to belong to one of given team - IDs - items: - type: integer - maxItems: 50 - type: array - required: - - client_id - - client_secret - type: object - auth_gitlab: - description: GitLab Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - api_url: - description: - API URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - auth_url: - description: - Authorization URL. This only needs to be set - when using self hosted GitLab - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: - Token URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - required: - - allowed_groups - - client_id - - client_secret - type: object - auth_google: - description: Google Auth integration + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Domains allowed to sign-in to this Grafana - items: - type: string - maxItems: 64 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - required: - - allowed_domains - - client_id - - client_secret - type: object - cookie_samesite: - description: - "Cookie SameSite attribute: 'strict' prevents sending - cookie for cross-site requests, effectively disabling direct - linking from other sites to Grafana. 'lax' is the default - value." - enum: - - lax - - strict - - none - type: string - custom_domain: - description: - Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - dashboard_previews_enabled: - description: - This feature is new in Grafana 9 and is quite resource - intensive. It may cause low-end plans to work more slowly while - the dashboard previews are rendering. - type: boolean - dashboards_min_refresh_interval: - description: - Signed sequence of decimal numbers, followed by a - unit suffix (ms, s, m, h, d), e.g. 30s, 1h - maxLength: 16 - pattern: ^[0-9]+(ms|s|m|h|d)$ - type: string - dashboards_versions_to_keep: - description: Dashboard versions to keep per dashboard - maximum: 100 - minimum: 1 - type: integer - dataproxy_send_user_header: - description: Send 'X-Grafana-User' header to data source - type: boolean - dataproxy_timeout: - description: Timeout for data proxy requests in seconds - maximum: 90 - minimum: 15 - type: integer - date_formats: - description: Grafana date format specifications - properties: - default_timezone: - description: - Default time zone for user preferences. Value - 'browser' uses browser local time zone. - maxLength: 64 - pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ - type: string - full_date: - description: - Moment.js style format string for cases where - full date is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_day: - description: - Moment.js style format string used when a time - requiring day accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_hour: - description: - Moment.js style format string used when a time - requiring hour accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_minute: - description: - Moment.js style format string used when a time - requiring minute accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_month: - description: - Moment.js style format string used when a time - requiring month accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_second: - description: - Moment.js style format string used when a time - requiring second accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - interval_year: - description: - Moment.js style format string used when a time - requiring year accuracy is shown - maxLength: 128 - pattern: - "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$" - type: string - type: object - disable_gravatar: - description: - Set to true to disable gravatar. Defaults to false - (gravatar is enabled) - type: boolean - editors_can_admin: - description: - Editors can manage folders, teams and dashboards - created by them - type: boolean - external_image_storage: - description: External image store settings - properties: - access_key: - description: - S3 access key. Requires permissions to the S3 - bucket for the s3:PutObject and s3:PutObjectAcl actions - maxLength: 4096 - pattern: ^[A-Z0-9]+$ - type: string - bucket_url: - description: Bucket URL for S3 - maxLength: 2048 - type: string - provider: - description: Provider type - enum: - - s3 - type: string - secret_key: - description: S3 secret key - maxLength: 4096 - pattern: ^[A-Za-z0-9/+=]+$ - type: string - required: - - access_key - - bucket_url - - provider - - secret_key - type: object - google_analytics_ua_id: - description: Google Analytics ID - maxLength: 64 - pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ - type: string - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - metrics_enabled: - description: Enable Grafana /metrics endpoint - type: boolean - oauth_allow_insecure_email_lookup: - description: - Enforce user lookup based on email instead of the - unique ID provided by the IdP - type: boolean - private_access: - description: - Allow access to selected service ports from private - networks - properties: - grafana: - description: - Allow clients to connect to grafana with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - grafana: - description: Enable grafana - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - grafana: - description: - Allow clients to connect to grafana from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - smtp_server: - description: SMTP server settings - properties: - from_address: - description: Address used for sending emails - maxLength: 319 - pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ - type: string - from_name: - description: Name used in outgoing emails, defaults to Grafana - maxLength: 128 - pattern: ^[^\x00-\x1F]+$ - type: string - host: - description: Server hostname or IP - maxLength: 255 - type: string - password: - description: Password for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ - type: string - port: - description: SMTP server port - maximum: 65535 - minimum: 1 - type: integer - skip_verify: - description: - Skip verifying server certificate. Defaults to - false - type: boolean - starttls_policy: - description: - Either OpportunisticStartTLS, MandatoryStartTLS - or NoStartTLS. Default is OpportunisticStartTLS. - enum: - - OpportunisticStartTLS - - MandatoryStartTLS - - NoStartTLS + description: Description for IP filter list entry + maxLength: 1024 type: string - username: - description: Username for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + network: + description: CIDR address block + maxLength: 43 type: string required: - - from_address - - host - - port + - network type: object - static_ips: - description: Use static public IP addresses - type: boolean - unified_alerting_enabled: - description: - Enable or disable Grafana unified alerting functionality. - By default this is enabled and any legacy alerts will be migrated - on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled - to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ - for more details. - type: boolean - user_auto_assign_org: - description: - Auto-assign new users on signup to main organization. - Defaults to false - type: boolean - user_auto_assign_org_role: - description: Set role for new signups. Defaults to Viewer - enum: - - Viewer - - Admin - - Editor - type: string - viewers_can_edit: - description: - Users with view-only permission can edit but not - save dashboards - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + metrics_enabled: + description: Enable Grafana /metrics endpoint + type: boolean + oauth_allow_insecure_email_lookup: + description: Enforce user lookup based on email instead of the + unique ID provided by the IdP + type: boolean + private_access: + description: Allow access to selected service ports from private + networks properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + grafana: + description: Allow clients to connect to grafana with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + grafana: + description: Enable grafana + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + grafana: + description: Allow clients to connect to grafana from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + smtp_server: + description: SMTP server settings + properties: + from_address: + description: Address used for sending emails + maxLength: 319 + pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + from_name: + description: Name used in outgoing emails, defaults to Grafana + maxLength: 128 + pattern: ^[^\x00-\x1F]+$ type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + host: + description: Server hostname or IP + maxLength: 255 type: string - status: - description: status of the condition, one of True, False, Unknown. + password: + description: Password for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + port: + description: SMTP server port + maximum: 65535 + minimum: 1 + type: integer + skip_verify: + description: Skip verifying server certificate. Defaults to + false + type: boolean + starttls_policy: + description: Either OpportunisticStartTLS, MandatoryStartTLS + or NoStartTLS. Default is OpportunisticStartTLS. enum: - - "True" - - "False" - - Unknown + - OpportunisticStartTLS + - MandatoryStartTLS + - NoStartTLS type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + username: + description: Username for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - from_address + - host + - port type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + static_ips: + description: Use static public IP addresses + type: boolean + unified_alerting_enabled: + description: Enable or disable Grafana unified alerting functionality. + By default this is enabled and any legacy alerts will be migrated + on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled + to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ + for more details. + type: boolean + user_auto_assign_org: + description: Auto-assign new users on signup to main organization. + Defaults to false + type: boolean + user_auto_assign_org_role: + description: Set role for new signups. Defaults to Viewer + enum: + - Viewer + - Admin + - Editor + type: string + viewers_can_edit: + description: Users with view-only permission can edit but not + save dashboards + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaacls.yaml b/config/crd/bases/aiven.io_kafkaacls.yaml index 6f031472..30e2e2b5 100644 --- a/config/crd/bases/aiven.io_kafkaacls.yaml +++ b/config/crd/bases/aiven.io_kafkaacls.yaml @@ -15,176 +15,167 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: Conditions represent the latest available observations + of an KafkaACL state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: - Conditions represent the latest available observations - of an KafkaACL state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaconnectors.yaml b/config/crd/bases/aiven.io_kafkaconnectors.yaml index 320141aa..d7b5b41f 100644 --- a/config/crd/bases/aiven.io_kafkaconnectors.yaml +++ b/config/crd/bases/aiven.io_kafkaconnectors.yaml @@ -15,223 +15,212 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: - The connector specific configuration To build config - values from secret the template function `{{ fromSecret "name" "key" - }}` is provided when interpreting the keys - type: object - required: - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: - Conditions represent the latest available observations - of an kafka connector state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - pluginStatus: - description: - PluginStatus contains metadata about the configured connector - plugin + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: The connector specific configuration To build config + values from secret the template function `{{ fromSecret "name" "key" + }}` is provided when interpreting the keys + type: object + required: + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: Conditions represent the latest available observations + of an kafka connector state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - author: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - class: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - docUrl: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - title: + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer required: - - total + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + pluginStatus: + description: PluginStatus contains metadata about the configured connector + plugin + properties: + author: + type: string + class: + type: string + docUrl: + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - author + - class + - docUrl + - title + - type + - version + type: object + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaconnects.yaml b/config/crd/bases/aiven.io_kafkaconnects.yaml index 8ff70dac..2abf81ff 100644 --- a/config/crd/bases/aiven.io_kafkaconnects.yaml +++ b/config/crd/bases/aiven.io_kafkaconnects.yaml @@ -15,468 +15,426 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - key: - minLength: 1 + integrationType: + enum: + - read_replica type: string - name: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - key - - name + - integrationType + - sourceServiceName type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: KafkaConnect specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: KafkaConnect specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka_connect: - description: Kafka Connect configuration values + maxItems: 1 + type: array + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - connector_client_config_override_policy: - description: - Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: - What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest - type: string - consumer_fetch_max_bytes: - description: - Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: - Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + description: + description: Description for IP filter list entry + maxLength: 1024 type: string - consumer_max_partition_fetch_bytes: - description: - Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: - The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: - The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: - The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: - Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: - This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: - The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + network: + description: CIDR address block + maxLength: 43 type: string - producer_linger_ms: - description: - "This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will 'linger' - for the specified time waiting for more records to show - up. Defaults to 0." - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: - This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: - The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: - The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - private_access: - description: - Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: - Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - prometheus: - description: Enable prometheus - type: boolean + required: + - network type: object - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: - Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + kafka_connect: + description: Kafka Connect configuration values properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + connector_client_config_override_policy: + description: Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + consumer_auto_offset_reset: + description: What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 + consumer_fetch_max_bytes: + description: Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + consumer_isolation_level: + description: Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. enum: - - "True" - - "False" - - Unknown + - read_uncommitted + - read_committed type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + consumer_max_partition_fetch_bytes: + description: Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + producer_linger_ms: + description: 'This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will ''linger'' + for the specified time waiting for more records to show + up. Defaults to 0.' + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + private_access: + description: Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkas.yaml b/config/crd/bases/aiven.io_kafkas.yaml index ea73fcba..d359f376 100644 --- a/config/crd/bases/aiven.io_kafkas.yaml +++ b/config/crd/bases/aiven.io_kafkas.yaml @@ -15,1069 +15,966 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, - `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, - `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, - `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, + `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, + `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: - Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - aiven_kafka_topic_messages: - description: - Allow access to read Kafka topic messages in the - Aiven Console and REST API. - type: boolean - custom_domain: - description: - Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka: - description: Kafka broker configuration values - properties: - auto_create_topics_enable: - description: Enable auto creation of topics - type: boolean - compression_type: - description: - Specify the final compression type for a given - topic. This configuration accepts the standard compression - codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally - accepts 'uncompressed' which is equivalent to no compression; - and 'producer' which means retain the original compression - codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: - "Idle connections timeout: the server socket - processor threads close the connections that idle for longer - than this." - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: Replication factor for autocreated topics - maximum: 10 - minimum: 1 - type: integer - group_initial_rebalance_delay_ms: - description: - The amount of time, in milliseconds, the group - coordinator will wait for more consumers to join a new group - before performing the first rebalance. A longer delay means - potentially fewer rebalances, but increases the time until - processing begins. The default value for this is 3 seconds. - During development and testing it might be desirable to - set this to 0 in order to not delay test execution time. - maximum: 300000 - minimum: 0 - type: integer - group_max_session_timeout_ms: - description: - The maximum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: - The minimum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: How long are delete records retained? - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: - The maximum amount of time message will remain - uncompacted. Only applicable for logs that are being compacted - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: - Controls log compactor frequency. Larger value - means more frequent compactions but also more space wasted - for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - maximum: 0.9 - minimum: 0.2 - type: number - log_cleaner_min_compaction_lag_ms: - description: - The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. - minimum: 0 - type: integer - log_cleanup_policy: - description: - The default cleanup policy for segments beyond - the retention window - enum: - - delete - - compact - - compact,delete - type: string - log_flush_interval_messages: - description: - The number of messages accumulated on a log partition - before messages are flushed to disk - minimum: 1 - type: integer - log_flush_interval_ms: - description: - The maximum time in ms that a message in any - topic is kept in memory before flushed to disk. If not set, - the value in log.flush.scheduler.interval.ms is used - minimum: 0 - type: integer - log_index_interval_bytes: - description: - The interval with which Kafka adds an entry to - the offset index - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: The maximum size in bytes of the offset index - maximum: 104857600 - minimum: 1048576 - type: integer - log_local_retention_bytes: - description: - The maximum size of local log segments that can - grow for a partition before it gets eligible for deletion. - If set to -2, the value of log.retention.bytes is used. - The effective value should always be less than or equal - to log.retention.bytes value. - minimum: -2 - type: integer - log_local_retention_ms: - description: - The number of milliseconds to keep the local - log segments before it gets eligible for deletion. If set - to -2, the value of log.retention.ms is used. The effective - value should always be less than or equal to log.retention.ms - value. - minimum: -2 - type: integer - log_message_downconversion_enable: - description: - This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: - The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message - minimum: 0 - type: integer - log_message_timestamp_type: - description: - Define whether the timestamp in the message is - message create time or log append time. - enum: - - CreateTime - - LogAppendTime - type: string - log_preallocate: - description: Should pre allocate file when create new segment? - type: boolean - log_retention_bytes: - description: The maximum size of the log before deleting messages - minimum: -1 - type: integer - log_retention_hours: - description: - The number of hours to keep a log file before - deleting it - maximum: 2147483647 - minimum: -1 - type: integer - log_retention_ms: - description: - The number of milliseconds to keep a log file - before deleting it (in milliseconds), If not set, the value - in log.retention.minutes is used. If set to -1, no time - limit is applied. - minimum: -1 - type: integer - log_roll_jitter_ms: - description: - The maximum jitter to subtract from logRollTimeMillis - (in milliseconds). If not set, the value in log.roll.jitter.hours - is used - minimum: 0 - type: integer - log_roll_ms: - description: - The maximum time before a new log segment is - rolled out (in milliseconds). - minimum: 1 - type: integer - log_segment_bytes: - description: The maximum size of a single log file - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: - The amount of time to wait before deleting a - file from the filesystem - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: - The maximum number of connections allowed from - each ip address (defaults to 2147483647). - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: - The maximum number of incremental fetch sessions - that the broker will maintain. - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: - The maximum size of message that the server can - receive. - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: - When a producer sets acks to 'all' (or '-1'), - min.insync.replicas specifies the minimum number of replicas - that must acknowledge a write for the write to be considered - successful. - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: Number of partitions for autocreated topics - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: Log retention window in minutes for offsets topic - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: - The purge interval (in number of requests) of - the producer request purgatory(defaults to 1000). - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: - The number of bytes of messages to attempt to - fetch for each partition (defaults to 1048576). This is - not an absolute maximum, if the first record batch in the - first non-empty partition of the fetch is larger than this - value, the record batch will still be returned to ensure - that progress can be made. - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: - Maximum bytes expected for the entire fetch response - (defaults to 10485760). Records are fetched in batches, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that progress can be made. - As such, this is not an absolute maximum. - maximum: 1048576000 - minimum: 10485760 - type: integer - sasl_oauthbearer_expected_audience: - description: - The (optional) comma-delimited setting for the - broker to use to verify that the JWT was issued for one - of the expected audiences. - maxLength: 128 - type: string - sasl_oauthbearer_expected_issuer: - description: - Optional setting for the broker to use to verify - that the JWT was created by the expected issuer. - maxLength: 128 - type: string - sasl_oauthbearer_jwks_endpoint_url: - description: - OIDC JWKS endpoint URL. By setting this the SASL - SSL OAuth2/OIDC authentication is enabled. See also other - options for SASL OAuth2/OIDC. - maxLength: 2048 - type: string - sasl_oauthbearer_sub_claim_name: - description: - Name of the scope from which to extract the subject - claim from the JWT. Defaults to sub. - maxLength: 128 - type: string - socket_request_max_bytes: - description: - The maximum number of bytes in a socket request - (defaults to 104857600). - maximum: 209715200 - minimum: 10485760 - type: integer - transaction_partition_verification_enable: - description: - Enable verification that checks that the partition - has been added to the transaction before writing transactional - records to the partition - type: boolean - transaction_remove_expired_transaction_cleanup_interval_ms: - description: - The interval at which to remove transactions - that have expired due to transactional.id.expiration.ms - passing (defaults to 3600000 (1 hour)). - maximum: 3600000 - minimum: 600000 - type: integer - transaction_state_log_segment_bytes: - description: - The transaction topic segment bytes should be - kept relatively small in order to facilitate faster log - compaction and cache loads (defaults to 104857600 (100 mebibytes)). - maximum: 2147483647 - minimum: 1048576 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean - type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_config: - description: Kafka Connect configuration values - properties: - connector_client_config_override_policy: - description: - Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: - What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest - type: string - consumer_fetch_max_bytes: - description: - Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: - Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed - type: string - consumer_max_partition_fetch_bytes: - description: - Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: - The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: - The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: - The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: - Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: - This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: - The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none - type: string - producer_linger_ms: - description: - "This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will 'linger' - for the specified time waiting for more records to show - up. Defaults to 0." - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: - This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: - The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: - The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_authorization: - description: Enable authorization in Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration + maxItems: 1 + type: array + aiven_kafka_topic_messages: + description: Allow access to read Kafka topic messages in the + Aiven Console and REST API. + type: boolean + custom_domain: + description: Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - consumer_enable_auto_commit: - description: - If true the consumer's offset will be periodically - committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: - Maximum number of bytes in unencoded message - keys and values by a single request - maximum: 671088640 - minimum: 0 - type: integer - consumer_request_timeout_ms: - description: - The maximum total time to wait for messages for - a request if the maximum number of messages has not yet - been reached - enum: - - 1000 - - 15000 - - 30000 - maximum: 30000 - minimum: 1000 - type: integer - name_strategy_validation: - description: - If true, validate that given schema is registered - under expected subject name by the used name strategy when - producing messages. - type: boolean - producer_acks: - description: - The number of acknowledgments the producer requires - the leader to have received before considering a request - complete. If set to 'all' or '-1', the leader will wait - for the full set of in-sync replicas to acknowledge the - record. - enum: - - all - - "-1" - - "0" - - "1" - type: string - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + description: + description: Description for IP filter list entry + maxLength: 1024 type: string - producer_linger_ms: - description: - Wait for up to the given delay to allow batching - records together - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: - The maximum size of a request in bytes. Note - that Kafka broker can also cap the record batch size. - maximum: 2147483647 - minimum: 0 - type: integer - simpleconsumer_pool_size_max: - description: - Maximum number of SimpleConsumers that can be - instantiated per broker - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - enum: - - "3.3" - - "3.1" - - "3.4" - - "3.5" - - "3.6" - type: string - private_access: - description: - Allow access to selected service ports from private - networks - properties: - kafka: - description: - Allow clients to connect to kafka with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - kafka_connect: - description: - Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - kafka_rest: - description: - Allow clients to connect to kafka_rest with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - schema_registry: - description: - Allow clients to connect to schema_registry with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka: - description: Enable kafka - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - kafka_rest: - description: Enable kafka_rest - type: boolean - prometheus: - description: Enable prometheus - type: boolean - schema_registry: - description: Enable schema_registry - type: boolean - type: object - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - kafka: - description: - Allow clients to connect to kafka from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - kafka_connect: - description: - Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_rest: - description: - Allow clients to connect to kafka_rest from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - schema_registry: - description: - Allow clients to connect to schema_registry from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: - If true, Karapace / Schema Registry on the service - nodes can participate in leader election. It might be needed - to disable this when the schemas topic is replicated to - a secondary cluster and Karapace / Schema Registry there - must not participate in leader election. Defaults to `true`. - type: boolean - topic_name: - description: - The durable single partition topic that acts - as the durable log for the data. This topic must be compacted - to avoid losing data due to retention policy. Please note - that changing this configuration in an existing Schema Registry - / Karapace setup leads to previous schemas being inaccessible, - data encoded with them potentially unreadable and schema - ID sequence put out of order. It's only possible to do the - switch while Schema Registry / Karapace is disabled. Defaults - to `_schemas`. - maxLength: 249 - minLength: 1 + network: + description: CIDR address block + maxLength: 43 type: string + required: + - network type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - tiered_storage: - description: Tiered storage configuration - properties: - enabled: - description: Whether to enable the tiered storage functionality - type: boolean - local_cache: - description: Deprecated. Local cache configuration - properties: - size: - description: Deprecated. Local cache size in bytes - maximum: 107374182400 - minimum: 1 - type: integer - type: object - type: object - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + kafka: + description: Kafka broker configuration values properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + auto_create_topics_enable: + description: Enable auto creation of topics + type: boolean + compression_type: + description: Specify the final compression type for a given + topic. This configuration accepts the standard compression + codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally + accepts 'uncompressed' which is equivalent to no compression; + and 'producer' which means retain the original compression + codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + connections_max_idle_ms: + description: 'Idle connections timeout: the server socket + processor threads close the connections that idle for longer + than this.' + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: Replication factor for autocreated topics + maximum: 10 + minimum: 1 + type: integer + group_initial_rebalance_delay_ms: + description: The amount of time, in milliseconds, the group + coordinator will wait for more consumers to join a new group + before performing the first rebalance. A longer delay means + potentially fewer rebalances, but increases the time until + processing begins. The default value for this is 3 seconds. + During development and testing it might be desirable to + set this to 0 in order to not delay test execution time. + maximum: 300000 + minimum: 0 + type: integer + group_max_session_timeout_ms: + description: The maximum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: The minimum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: How long are delete records retained? + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: The maximum amount of time message will remain + uncompacted. Only applicable for logs that are being compacted + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: Controls log compactor frequency. Larger value + means more frequent compactions but also more space wasted + for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + maximum: 0.9 + minimum: 0.2 + type: number + log_cleaner_min_compaction_lag_ms: + description: The minimum time a message will remain uncompacted + in the log. Only applicable for logs that are being compacted. + minimum: 0 + type: integer + log_cleanup_policy: + description: The default cleanup policy for segments beyond + the retention window + enum: + - delete + - compact + - compact,delete type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + log_flush_interval_messages: + description: The number of messages accumulated on a log partition + before messages are flushed to disk + minimum: 1 + type: integer + log_flush_interval_ms: + description: The maximum time in ms that a message in any + topic is kept in memory before flushed to disk. If not set, + the value in log.flush.scheduler.interval.ms is used minimum: 0 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + log_index_interval_bytes: + description: The interval with which Kafka adds an entry to + the offset index + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: The maximum size in bytes of the offset index + maximum: 104857600 + minimum: 1048576 + type: integer + log_local_retention_bytes: + description: The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer + log_message_downconversion_enable: + description: This configuration controls whether down-conversion + of message formats is enabled to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: The maximum difference allowed between the timestamp + when a broker receives a message and the timestamp specified + in the message + minimum: 0 + type: integer + log_message_timestamp_type: + description: Define whether the timestamp in the message is + message create time or log append time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: Should pre allocate file when create new segment? + type: boolean + log_retention_bytes: + description: The maximum size of the log before deleting messages + minimum: -1 + type: integer + log_retention_hours: + description: The number of hours to keep a log file before + deleting it + maximum: 2147483647 + minimum: -1 + type: integer + log_retention_ms: + description: The number of milliseconds to keep a log file + before deleting it (in milliseconds), If not set, the value + in log.retention.minutes is used. If set to -1, no time + limit is applied. + minimum: -1 + type: integer + log_roll_jitter_ms: + description: The maximum jitter to subtract from logRollTimeMillis + (in milliseconds). If not set, the value in log.roll.jitter.hours + is used + minimum: 0 + type: integer + log_roll_ms: + description: The maximum time before a new log segment is + rolled out (in milliseconds). + minimum: 1 + type: integer + log_segment_bytes: + description: The maximum size of a single log file + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: The amount of time to wait before deleting a + file from the filesystem + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: The maximum number of connections allowed from + each ip address (defaults to 2147483647). + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: The maximum number of incremental fetch sessions + that the broker will maintain. + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: The maximum size of message that the server can + receive. + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: When a producer sets acks to 'all' (or '-1'), + min.insync.replicas specifies the minimum number of replicas + that must acknowledge a write for the write to be considered + successful. + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: Number of partitions for autocreated topics + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: Log retention window in minutes for offsets topic + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: The purge interval (in number of requests) of + the producer request purgatory(defaults to 1000). + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: The number of bytes of messages to attempt to + fetch for each partition (defaults to 1048576). This is + not an absolute maximum, if the first record batch in the + first non-empty partition of the fetch is larger than this + value, the record batch will still be returned to ensure + that progress can be made. + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: Maximum bytes expected for the entire fetch response + (defaults to 10485760). Records are fetched in batches, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that progress can be made. + As such, this is not an absolute maximum. + maximum: 1048576000 + minimum: 10485760 + type: integer + sasl_oauthbearer_expected_audience: + description: The (optional) comma-delimited setting for the + broker to use to verify that the JWT was issued for one + of the expected audiences. + maxLength: 128 + type: string + sasl_oauthbearer_expected_issuer: + description: Optional setting for the broker to use to verify + that the JWT was created by the expected issuer. + maxLength: 128 + type: string + sasl_oauthbearer_jwks_endpoint_url: + description: OIDC JWKS endpoint URL. By setting this the SASL + SSL OAuth2/OIDC authentication is enabled. See also other + options for SASL OAuth2/OIDC. + maxLength: 2048 type: string - status: - description: status of the condition, one of True, False, Unknown. + sasl_oauthbearer_sub_claim_name: + description: Name of the scope from which to extract the subject + claim from the JWT. Defaults to sub. + maxLength: 128 + type: string + socket_request_max_bytes: + description: The maximum number of bytes in a socket request + (defaults to 104857600). + maximum: 209715200 + minimum: 10485760 + type: integer + transaction_partition_verification_enable: + description: Enable verification that checks that the partition + has been added to the transaction before writing transactional + records to the partition + type: boolean + transaction_remove_expired_transaction_cleanup_interval_ms: + description: The interval at which to remove transactions + that have expired due to transactional.id.expiration.ms + passing (defaults to 3600000 (1 hour)). + maximum: 3600000 + minimum: 600000 + type: integer + transaction_state_log_segment_bytes: + description: The transaction topic segment bytes should be + kept relatively small in order to facilitate faster log + compaction and cache loads (defaults to 104857600 (100 mebibytes)). + maximum: 2147483647 + minimum: 1048576 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: Defines what client configurations can be overridden + by the connector. Default is None enum: - - "True" - - "False" - - Unknown + - None + - All type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + consumer_auto_offset_reset: + description: What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + consumer_max_partition_fetch_bytes: + description: Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: 'This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will ''linger'' + for the specified time waiting for more records to show + up. Defaults to 0.' + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_authorization: + description: Enable authorization in Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: If true the consumer's offset will be periodically + committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: Maximum number of bytes in unencoded message + keys and values by a single request + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: The maximum total time to wait for messages for + a request if the maximum number of messages has not yet + been reached + enum: + - 1000 + - 15000 + - 30000 + maximum: 30000 + minimum: 1000 + type: integer + name_strategy_validation: + description: If true, validate that given schema is registered + under expected subject name by the used name strategy when + producing messages. + type: boolean + producer_acks: + description: The number of acknowledgments the producer requires + the leader to have received before considering a request + complete. If set to 'all' or '-1', the leader will wait + for the full set of in-sync replicas to acknowledge the + record. + enum: + - all + - "-1" + - "0" + - "1" + type: string + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: Wait for up to the given delay to allow batching + records together + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: The maximum size of a request in bytes. Note + that Kafka broker can also cap the record batch size. + maximum: 2147483647 + minimum: 0 + type: integer + simpleconsumer_pool_size_max: + description: Maximum number of SimpleConsumers that can be + instantiated per broker + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + enum: + - "3.3" + - "3.1" + - "3.4" + - "3.5" + - "3.6" + type: string + private_access: + description: Allow access to selected service ports from private + networks + properties: + kafka: + description: Allow clients to connect to kafka with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + kafka_connect: + description: Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + kafka_rest: + description: Allow clients to connect to kafka_rest with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + schema_registry: + description: Allow clients to connect to schema_registry with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka: + description: Enable kafka + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + kafka_rest: + description: Enable kafka_rest + type: boolean + prometheus: + description: Enable prometheus + type: boolean + schema_registry: + description: Enable schema_registry + type: boolean + type: object + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + kafka: + description: Allow clients to connect to kafka from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + kafka_connect: + description: Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_rest: + description: Allow clients to connect to kafka_rest from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + schema_registry: + description: Allow clients to connect to schema_registry from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: If true, Karapace / Schema Registry on the service + nodes can participate in leader election. It might be needed + to disable this when the schemas topic is replicated to + a secondary cluster and Karapace / Schema Registry there + must not participate in leader election. Defaults to `true`. + type: boolean + topic_name: + description: The durable single partition topic that acts + as the durable log for the data. This topic must be compacted + to avoid losing data due to retention policy. Please note + that changing this configuration in an existing Schema Registry + / Karapace setup leads to previous schemas being inaccessible, + data encoded with them potentially unreadable and schema + ID sequence put out of order. It's only possible to do the + switch while Schema Registry / Karapace is disabled. Defaults + to `_schemas`. + maxLength: 249 + minLength: 1 + type: string + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + tiered_storage: + description: Tiered storage configuration + properties: + enabled: + description: Whether to enable the tiered storage functionality + type: boolean + local_cache: + description: Deprecated. Local cache configuration + properties: + size: + description: Deprecated. Local cache size in bytes + maximum: 107374182400 + minimum: 1 + type: integer + type: object + type: object + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaschemas.yaml b/config/crd/bases/aiven.io_kafkaschemas.yaml index ffb7aa2e..e96a87bc 100644 --- a/config/crd/bases/aiven.io_kafkaschemas.yaml +++ b/config/crd/bases/aiven.io_kafkaschemas.yaml @@ -15,181 +15,171 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: Conditions represent the latest available observations + of an KafkaSchema state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: - Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: - Conditions represent the latest available observations - of an KafkaSchema state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkatopics.yaml b/config/crd/bases/aiven.io_kafkatopics.yaml index dbddcef8..b48be5eb 100644 --- a/config/crd/bases/aiven.io_kafkatopics.yaml +++ b/config/crd/bases/aiven.io_kafkatopics.yaml @@ -15,291 +15,280 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + config: + description: Kafka topic configuration + properties: + cleanup_policy: + description: cleanup.policy value + type: string + compression_type: + description: compression.type value + type: string + delete_retention_ms: + description: delete.retention.ms value + format: int64 + type: integer + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value + type: string + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value + type: string + min_cleanable_dirty_ratio: + description: min.cleanable.dirty.ratio value + type: number + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer + type: object + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: properties: key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 minLength: 1 type: string - name: - minLength: 1 + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 type: string required: - - key - - name + - key type: object - config: - description: Kafka topic configuration + type: array + termination_protection: + description: It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + topicName: + description: Topic name. If provided, is used instead of metadata.name. + This field supports additional characters, has a longer length, + and will replace metadata.name in future releases + maxLength: 249 + minLength: 1 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: Conditions represent the latest available observations + of an KafkaTopic state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - cleanup_policy: - description: cleanup.policy value + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - compression_type: - description: compression.type value + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. format: int64 + minimum: 0 type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - min_cleanable_dirty_ratio: - description: min.cleanable.dirty.ratio value - type: number - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: - properties: - key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 - minLength: 1 - type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 - type: string - required: - - key - type: object - type: array - termination_protection: - description: - It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - topicName: - description: - Topic name. If provided, is used instead of metadata.name. - This field supports additional characters, has a longer length, - and will replace metadata.name in future releases - maxLength: 249 - minLength: 1 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: - Conditions represent the latest available observations - of an KafkaTopic state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_mysqls.yaml b/config/crd/bases/aiven.io_mysqls.yaml index d9232633..635c30b8 100644 --- a/config/crd/bases/aiven.io_mysqls.yaml +++ b/config/crd/bases/aiven.io_mysqls.yaml @@ -15,735 +15,658 @@ spec: singular: mysql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MySQL is the Schema for the mysqls API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: MySQLSpec defines the desired state of MySQL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, - `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MySQL is the Schema for the mysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MySQLSpec defines the desired state of MySQL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: MySQL specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + admin_username: + description: Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: MySQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - admin_password: - description: - Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: - Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - backup_hour: - description: - The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: - The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - binlog_retention_period: - description: - The minimum amount of time in seconds to keep binlog - entries before deletion. This may be extended for services that - require binlog entries for longer than the default for example - if using the MySQL Debezium Kafka connector. - maximum: 86400 - minimum: 600 - type: integer - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: - Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: - Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: - The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: - Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: - Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: - The server where to migrate data from is secured - with SSL - type: boolean - username: - description: - User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - mysql: - description: mysql.conf configuration values + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + binlog_retention_period: + description: The minimum amount of time in seconds to keep binlog + entries before deletion. This may be extended for services that + require binlog entries for longer than the default for example + if using the MySQL Debezium Kafka connector. + maximum: 86400 + minimum: 600 + type: integer + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - connect_timeout: - description: - The number of seconds that the mysqld server - waits for a connect packet before responding with Bad handshake - maximum: 3600 - minimum: 2 - type: integer - default_time_zone: - description: - Default server time zone as an offset from UTC - (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to - use the MySQL server default. - maxLength: 100 - minLength: 2 - type: string - group_concat_max_len: - description: - The maximum permitted result length in bytes - for the GROUP_CONCAT() function. - minimum: 4 - type: integer - information_schema_stats_expiry: - description: - The time, in seconds, before cached statistics - expire - maximum: 31536000 - minimum: 900 - type: integer - innodb_change_buffer_max_size: - description: - Maximum size for the InnoDB change buffer, as - a percentage of the total size of the buffer pool. Default - is 25 - maximum: 50 - minimum: 0 - type: integer - innodb_flush_neighbors: - description: - "Specifies whether flushing a page from the InnoDB - buffer pool also flushes other dirty pages in the same extent - (default is 1): 0 - dirty pages in the same extent are not - flushed, 1 - flush contiguous dirty pages in the same extent, 2 - - flush dirty pages in the same extent" - maximum: 2 - minimum: 0 - type: integer - innodb_ft_min_token_size: - description: - Minimum length of words that are stored in an - InnoDB FULLTEXT index. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 16 - minimum: 0 - type: integer - innodb_ft_server_stopword_table: - description: - This option is used to specify your own InnoDB - FULLTEXT index stopword list for all InnoDB tables. + description: + description: Description for IP filter list entry maxLength: 1024 - pattern: ^.+/.+$ type: string - innodb_lock_wait_timeout: - description: - The length of time in seconds an InnoDB transaction - waits for a row lock before giving up. Default is 120. - maximum: 3600 - minimum: 1 - type: integer - innodb_log_buffer_size: - description: - The size in bytes of the buffer that InnoDB uses - to write to the log files on disk. - maximum: 4294967295 - minimum: 1048576 - type: integer - innodb_online_alter_log_max_size: - description: - The upper limit in bytes on the size of the temporary - log files used during online DDL operations for InnoDB tables. - maximum: 1099511627776 - minimum: 65536 - type: integer - innodb_print_all_deadlocks: - description: - When enabled, information about all deadlocks - in InnoDB user transactions is recorded in the error log. - Disabled by default. - type: boolean - innodb_read_io_threads: - description: - The number of I/O threads for read operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - innodb_rollback_on_timeout: - description: - When enabled a transaction timeout causes InnoDB - to abort and roll back the entire transaction. Changing - this parameter will lead to a restart of the MySQL service. - type: boolean - innodb_thread_concurrency: - description: - Defines the maximum number of threads permitted - inside of InnoDB. Default is 0 (infinite concurrency - no - limit) - maximum: 1000 - minimum: 0 - type: integer - innodb_write_io_threads: - description: - The number of I/O threads for write operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - interactive_timeout: - description: - The number of seconds the server waits for activity - on an interactive connection before closing it. - maximum: 604800 - minimum: 30 - type: integer - internal_tmp_mem_storage_engine: - description: - The storage engine for in-memory internal temporary - tables. - enum: - - TempTable - - MEMORY + network: + description: CIDR address block + maxLength: 43 type: string - long_query_time: - description: - The slow_query_logs work as SQL statements that - take more than long_query_time seconds to execute. Default - is 10s - maximum: 3600 - minimum: 0 - type: number - max_allowed_packet: - description: - Size of the largest message in bytes that can - be received by the server. Default is 67108864 (64M) - maximum: 1073741824 - minimum: 102400 - type: integer - max_heap_table_size: - description: - Limits the size of internal in-memory tables. - Also set tmp_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - net_buffer_length: - description: - Start sizes of connection buffer and result buffer. - Default is 16384 (16K). Changing this parameter will lead - to a restart of the MySQL service. - maximum: 1048576 - minimum: 1024 - type: integer - net_read_timeout: - description: - The number of seconds to wait for more data from - a connection before aborting the read. - maximum: 3600 - minimum: 1 - type: integer - net_write_timeout: - description: - The number of seconds to wait for a block to - be written to a connection before aborting the write. - maximum: 3600 - minimum: 1 - type: integer - slow_query_log: - description: - Slow query log enables capturing of slow queries. - Setting slow_query_log to false also truncates the mysql.slow_log - table. Default is off - type: boolean - sort_buffer_size: - description: - Sort buffer size in bytes for ORDER BY optimization. - Default is 262144 (256K) - maximum: 1073741824 - minimum: 32768 - type: integer - sql_mode: - description: - Global SQL mode. Set to empty to use MySQL server - defaults. When creating a new service and not setting this - field Aiven default SQL mode (strict, SQL standard compliant) - will be assigned. - maxLength: 1024 - pattern: ^[A-Z_]*(,[A-Z_]+)*$ - type: string - sql_require_primary_key: - description: - Require primary key to be defined for new tables - or old tables modified with ALTER TABLE and fail if missing. - It is recommended to always have primary keys because various - functionality may break if any large table is missing them. - type: boolean - tmp_table_size: - description: - Limits the size of internal in-memory tables. - Also set max_heap_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - wait_timeout: - description: - The number of seconds the server waits for activity - on a noninteractive connection before closing it. - maximum: 2147483 - minimum: 1 - type: integer - type: object - mysql_version: - description: MySQL major version - enum: - - "8" - type: string - private_access: - description: - Allow access to selected service ports from private - networks - properties: - mysql: - description: - Allow clients to connect to mysql with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - mysqlx: - description: - Allow clients to connect to mysqlx with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - mysql: - description: Enable mysql - type: boolean - mysqlx: - description: Enable mysqlx - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - mysql: - description: - Allow clients to connect to mysql from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - mysqlx: - description: - Allow clients to connect to mysqlx from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + required: + - network type: object - recovery_target_time: - description: - Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + host: + description: Hostname or IP address of the server where to + migrate data from + maxLength: 255 type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + ignore_dbs: + description: Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: The server where to migrate data from is secured + with SSL + type: boolean + username: + description: User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + mysql: + description: mysql.conf configuration values + properties: + connect_timeout: + description: The number of seconds that the mysqld server + waits for a connect packet before responding with Bad handshake + maximum: 3600 + minimum: 2 + type: integer + default_time_zone: + description: Default server time zone as an offset from UTC + (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to + use the MySQL server default. + maxLength: 100 + minLength: 2 + type: string + group_concat_max_len: + description: The maximum permitted result length in bytes + for the GROUP_CONCAT() function. + minimum: 4 + type: integer + information_schema_stats_expiry: + description: The time, in seconds, before cached statistics + expire + maximum: 31536000 + minimum: 900 + type: integer + innodb_change_buffer_max_size: + description: Maximum size for the InnoDB change buffer, as + a percentage of the total size of the buffer pool. Default + is 25 + maximum: 50 minimum: 0 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. + innodb_flush_neighbors: + description: 'Specifies whether flushing a page from the InnoDB + buffer pool also flushes other dirty pages in the same extent + (default is 1): 0 - dirty pages in the same extent are not + flushed, 1 - flush contiguous dirty pages in the same extent, 2 + - flush dirty pages in the same extent' + maximum: 2 + minimum: 0 + type: integer + innodb_ft_min_token_size: + description: Minimum length of words that are stored in an + InnoDB FULLTEXT index. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 16 + minimum: 0 + type: integer + innodb_ft_server_stopword_table: + description: This option is used to specify your own InnoDB + FULLTEXT index stopword list for all InnoDB tables. maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + pattern: ^.+/.+$ type: string - status: - description: status of the condition, one of True, False, Unknown. + innodb_lock_wait_timeout: + description: The length of time in seconds an InnoDB transaction + waits for a row lock before giving up. Default is 120. + maximum: 3600 + minimum: 1 + type: integer + innodb_log_buffer_size: + description: The size in bytes of the buffer that InnoDB uses + to write to the log files on disk. + maximum: 4294967295 + minimum: 1048576 + type: integer + innodb_online_alter_log_max_size: + description: The upper limit in bytes on the size of the temporary + log files used during online DDL operations for InnoDB tables. + maximum: 1099511627776 + minimum: 65536 + type: integer + innodb_print_all_deadlocks: + description: When enabled, information about all deadlocks + in InnoDB user transactions is recorded in the error log. + Disabled by default. + type: boolean + innodb_read_io_threads: + description: The number of I/O threads for read operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + innodb_rollback_on_timeout: + description: When enabled a transaction timeout causes InnoDB + to abort and roll back the entire transaction. Changing + this parameter will lead to a restart of the MySQL service. + type: boolean + innodb_thread_concurrency: + description: Defines the maximum number of threads permitted + inside of InnoDB. Default is 0 (infinite concurrency - no + limit) + maximum: 1000 + minimum: 0 + type: integer + innodb_write_io_threads: + description: The number of I/O threads for write operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + interactive_timeout: + description: The number of seconds the server waits for activity + on an interactive connection before closing it. + maximum: 604800 + minimum: 30 + type: integer + internal_tmp_mem_storage_engine: + description: The storage engine for in-memory internal temporary + tables. enum: - - "True" - - "False" - - Unknown + - TempTable + - MEMORY type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + long_query_time: + description: The slow_query_logs work as SQL statements that + take more than long_query_time seconds to execute. Default + is 10s + maximum: 3600 + minimum: 0 + type: number + max_allowed_packet: + description: Size of the largest message in bytes that can + be received by the server. Default is 67108864 (64M) + maximum: 1073741824 + minimum: 102400 + type: integer + max_heap_table_size: + description: Limits the size of internal in-memory tables. + Also set tmp_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + net_buffer_length: + description: Start sizes of connection buffer and result buffer. + Default is 16384 (16K). Changing this parameter will lead + to a restart of the MySQL service. + maximum: 1048576 + minimum: 1024 + type: integer + net_read_timeout: + description: The number of seconds to wait for more data from + a connection before aborting the read. + maximum: 3600 + minimum: 1 + type: integer + net_write_timeout: + description: The number of seconds to wait for a block to + be written to a connection before aborting the write. + maximum: 3600 + minimum: 1 + type: integer + slow_query_log: + description: Slow query log enables capturing of slow queries. + Setting slow_query_log to false also truncates the mysql.slow_log + table. Default is off + type: boolean + sort_buffer_size: + description: Sort buffer size in bytes for ORDER BY optimization. + Default is 262144 (256K) + maximum: 1073741824 + minimum: 32768 + type: integer + sql_mode: + description: Global SQL mode. Set to empty to use MySQL server + defaults. When creating a new service and not setting this + field Aiven default SQL mode (strict, SQL standard compliant) + will be assigned. + maxLength: 1024 + pattern: ^[A-Z_]*(,[A-Z_]+)*$ type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + sql_require_primary_key: + description: Require primary key to be defined for new tables + or old tables modified with ALTER TABLE and fail if missing. + It is recommended to always have primary keys because various + functionality may break if any large table is missing them. + type: boolean + tmp_table_size: + description: Limits the size of internal in-memory tables. + Also set max_heap_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + wait_timeout: + description: The number of seconds the server waits for activity + on a noninteractive connection before closing it. + maximum: 2147483 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + mysql_version: + description: MySQL major version + enum: + - "8" + type: string + private_access: + description: Allow access to selected service ports from private + networks + properties: + mysql: + description: Allow clients to connect to mysql with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + mysqlx: + description: Allow clients to connect to mysqlx with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + mysql: + description: Enable mysql + type: boolean + mysqlx: + description: Enable mysqlx + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + mysql: + description: Allow clients to connect to mysql from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + mysqlx: + description: Allow clients to connect to mysqlx from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_opensearches.yaml b/config/crd/bases/aiven.io_opensearches.yaml index 8a403e83..7fa9b0ac 100644 --- a/config/crd/bases/aiven.io_opensearches.yaml +++ b/config/crd/bases/aiven.io_opensearches.yaml @@ -15,1048 +15,946 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - properties: - integrationType: - enum: - - read_replica - type: string - sourceServiceName: - maxLength: 64 - minLength: 1 - type: string - required: - - integrationType - - sourceServiceName - type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - custom_domain: - description: - Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - disable_replication_factor_adjustment: - description: - "DEPRECATED: Disable automatic replication factor - adjustment for multi-node services. By default, Aiven ensures - all indexes are replicated at least to two nodes. Note: Due - to potential data loss in case of losing a service node, this - setting can no longer be activated." - type: boolean - index_patterns: - description: Index patterns - items: - description: - "Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to - keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a - pattern looking like 'logs.?' and then create index logs.1, - logs.2 etc, it will delete logs.1 once you create logs.6. - Do note 'logs.?' does not apply to logs.10. Note: Setting - max_index_count to 0 will do nothing and the pattern gets - ignored." - properties: - max_index_count: - description: Maximum number of indexes to keep - minimum: 0 - type: integer - pattern: - description: fnmatch pattern - maxLength: 1024 - pattern: ^[A-Za-z0-9-_.*?]+$ - type: string - sorting_algorithm: - description: Deletion sorting algorithm - enum: - - alphabetical - - creation_date - type: string - required: - - max_index_count - - pattern - type: object - maxItems: 512 - type: array - index_template: - description: Template settings for all new indexes + maxItems: 1 + type: array + custom_domain: + description: Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: 'DEPRECATED: Disable automatic replication factor + adjustment for multi-node services. By default, Aiven ensures + all indexes are replicated at least to two nodes. Note: Due + to potential data loss in case of losing a service node, this + setting can no longer be activated.' + type: boolean + index_patterns: + description: Index patterns + items: + description: 'Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to + keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a + pattern looking like ''logs.?'' and then create index logs.1, + logs.2 etc, it will delete logs.1 once you create logs.6. + Do note ''logs.?'' does not apply to logs.10. Note: Setting + max_index_count to 0 will do nothing and the pattern gets + ignored.' properties: - mapping_nested_objects_limit: - description: - The maximum number of nested JSON objects that - a single document can contain across all nested types. This - limit helps to prevent out of memory errors when a document - contains too many nested objects. Default is 10000. - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: The number of replicas each primary shard has. - maximum: 29 + max_index_count: + description: Maximum number of indexes to keep minimum: 0 type: integer - number_of_shards: - description: - The number of primary shards that an index should - have. - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - keep_index_refresh_interval: - description: - Aiven automation resets index.refresh_interval to - default value for every index to be sure that indices are always - visible to search. If it doesn't fit your case, you can disable - this by setting up this flag to true. - type: boolean - max_index_count: - description: "DEPRECATED: use index_patterns instead" - minimum: 0 - type: integer - openid: - description: OpenSearch OpenID Connect Configuration - properties: - client_id: - description: - The ID of the OpenID Connect client configured - in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - client_secret: - description: - The client secret of the OpenID Connect client - configured in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - connect_url: - description: - The URL of your IdP where the Security plugin - can find the OpenID Connect metadata/configuration settings. - maxLength: 2048 - type: string - enabled: - description: - Enables or disables OpenID Connect authentication - for OpenSearch. When enabled, users can authenticate using - OpenID Connect with an Identity Provider. - type: boolean - header: - description: - HTTP header name of the JWT token. Optional. - Default is Authorization. - maxLength: 1024 - minLength: 1 - type: string - jwt_header: - description: - "The HTTP header that stores the token. Typically - the Authorization header with the Bearer schema: Authorization: - Bearer . Optional. Default is Authorization." - maxLength: 1024 - minLength: 1 - type: string - jwt_url_parameter: - description: - If the token is not transmitted in the HTTP header, - but as an URL parameter, define the name of the parameter - here. Optional. - maxLength: 1024 - minLength: 1 - type: string - refresh_rate_limit_count: - description: - The maximum number of unknown key IDs in the - time frame. Default is 10. Optional. - minimum: 10 - type: integer - refresh_rate_limit_time_window_ms: - description: - The time frame to use when checking the maximum - number of unknown key IDs, in milliseconds. Optional.Default - is 10000 (10 seconds). - minimum: 10000 - type: integer - roles_key: - description: - The key in the JSON payload that stores the user’s - roles. The value of this key must be a comma-separated list - of roles. Required only if you want to use roles in the - JWT - maxLength: 1024 - minLength: 1 - type: string - scope: - description: - The scope of the identity token issued by the - IdP. Optional. Default is openid profile email address phone. + pattern: + description: fnmatch pattern maxLength: 1024 - minLength: 1 + pattern: ^[A-Za-z0-9-_.*?]+$ type: string - subject_key: - description: - The key in the JSON payload that stores the user’s - name. If not defined, the subject registered claim is used. - Most IdP providers use the preferred_username claim. Optional. - maxLength: 1024 - minLength: 1 + sorting_algorithm: + description: Deletion sorting algorithm + enum: + - alphabetical + - creation_date type: string required: - - client_id - - client_secret - - connect_url - - enabled - type: object - opensearch: - description: OpenSearch settings - properties: - action_auto_create_index_enabled: - description: - Explicitly allow or block automatic creation - of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - auth_failure_listeners: - description: Opensearch Security Plugin Settings - properties: - internal_authentication_backend_limiting: - properties: - allowed_tries: - description: - The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 0 - type: integer - authentication_backend: - description: internal_authentication_backend_limiting.authentication_backend - enum: - - internal - maxLength: 1024 - type: string - block_expiry_seconds: - description: - The duration of time that login remains - blocked after a failed login - maximum: 2147483647 - minimum: 0 - type: integer - max_blocked_clients: - description: internal_authentication_backend_limiting.max_blocked_clients - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: - The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: - The window of time in which the value - for `allowed_tries` is enforced - maximum: 2147483647 - minimum: 0 - type: integer - type: - description: internal_authentication_backend_limiting.type - enum: - - username - maxLength: 1024 - type: string - type: object - ip_rate_limiting: - description: IP address rate limiting settings - properties: - allowed_tries: - description: - The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 1 - type: integer - block_expiry_seconds: - description: - The duration of time that login remains - blocked after a failed login - maximum: 36000 - minimum: 1 - type: integer - max_blocked_clients: - description: The maximum number of blocked IP addresses - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: - The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: - The window of time in which the value - for `allowed_tries` is enforced - maximum: 36000 - minimum: 1 - type: integer - type: - description: The type of rate limiting - enum: - - ip - maxLength: 1024 - type: string - type: object - type: object - cluster_max_shards_per_node: - description: - Controls the number of shards allowed in the - cluster per data node - maximum: 10000 - minimum: 100 - type: integer - cluster_routing_allocation_node_concurrent_recoveries: - description: - How many concurrent incoming/outgoing shard recoveries - (normally replicas) are allowed to happen on a node. Defaults - to 2. - maximum: 16 - minimum: 2 - type: integer - email_sender_name: - description: - Sender name placeholder to be used in Opensearch - Dashboards and Opensearch keystore - maxLength: 40 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - email_sender_password: - description: - Sender password for Opensearch alerts to authenticate - with SMTP server - maxLength: 1024 - pattern: ^[^\x00-\x1F]+$ - type: string - email_sender_username: - description: Sender username for Opensearch alerts - maxLength: 320 - pattern: ^[^\x00-\x1F]+$ - type: string - enable_security_audit: - description: Enable/Disable security audit - type: boolean - http_max_content_length: - description: - Maximum content length for HTTP requests to the - OpenSearch HTTP API, in bytes. - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: The max size of allowed headers, in bytes - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: The max length of an HTTP URL, in bytes - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: - Relative amount. Maximum amount of heap memory - used for field data cache. This is an expert setting; decreasing - the value too much will increase overhead of loading field - data; too much memory used for field data cache will decrease - amount of heap available for other operations. - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: - Percentage value. Default is 10%. Total amount - of heap used for indexing buffer, before writing segments - to disk. This is an expert setting. Too low value will slow - down indexing; too high value will increase indexing performance - but causes performance issues for query performance. - maximum: 40 - minimum: 3 - type: integer - indices_memory_max_index_buffer_size: - description: - Absolute value. Default is unbound. Doesn't work - without indices.memory.index_buffer_size. Maximum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - maximum hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_memory_min_index_buffer_size: - description: - Absolute value. Default is 48mb. Doesn't work - without indices.memory.index_buffer_size. Minimum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - minimal hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_queries_cache_size: - description: - Percentage value. Default is 10%. Maximum amount - of heap used for query cache. This is an expert setting. - Too low value will decrease query performance and increase - performance for other operations; too high value will cause - issues with other OpenSearch functionality. - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: - Maximum number of clauses Lucene BooleanQuery - can have. The default value (1024) is relatively high, and - increasing it may cause performance issues. Investigate - other approaches first before increasing this value. - maximum: 4096 - minimum: 64 - type: integer - indices_recovery_max_bytes_per_sec: - description: - Limits total inbound and outbound recovery traffic - for each node. Applies to both peer recoveries as well as - snapshot recoveries (i.e., restores from a snapshot). Defaults - to 40mb - maximum: 400 - minimum: 40 - type: integer - indices_recovery_max_concurrent_file_chunks: - description: - Number of file chunks sent in parallel for each - recovery. Defaults to 2. - maximum: 5 - minimum: 2 - type: integer - ism_enabled: - description: Specifies whether ISM is enabled or not - type: boolean - ism_history_enabled: - description: - Specifies whether audit history is enabled or - not. The logs from ISM are automatically indexed to a logs - document. - type: boolean - ism_history_max_age: - description: - The maximum age before rolling over the audit - history index in hours - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_max_docs: - description: - The maximum number of documents before rolling - over the audit history index. - minimum: 1 - type: integer - ism_history_rollover_check_period: - description: - The time between rollover checks for the audit - history index in hours. - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_rollover_retention_period: - description: How long audit history indices are kept in days. - maximum: 2147483647 - minimum: 1 - type: integer - override_main_response_version: - description: - Compatibility mode sets OpenSearch to report - its version as 7.10 so clients continue to work. Default - is false - type: boolean - reindex_remote_whitelist: - description: - Whitelisted addresses for reindexing. Changing - this value will cause all OpenSearch instances to restart. - items: - type: string - maxItems: 32 - type: array - script_max_compilations_rate: - description: - Script compilation circuit breaker limits the - number of inline script compilations within a period of - time. Default is use-context - maxLength: 1024 - type: string - search_max_buckets: - description: - Maximum number of aggregation buckets allowed - in a single response. OpenSearch default value is used when - this is not defined. - maximum: 1000000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: - Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: - Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: - "Limits the maximum amount of memory (in MiB) - the OpenSearch Dashboards process can use. This sets the - max_old_space_size option of the nodejs running the OpenSearch - Dashboards. Note: the memory reserved by OpenSearch Dashboards - is not available for OpenSearch." - maximum: 2048 - minimum: 64 - type: integer - opensearch_request_timeout: - description: - Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - maximum: 120000 - minimum: 5000 - type: integer - type: object - opensearch_version: - description: OpenSearch major version - enum: - - "1" - - "2" - type: string - private_access: - description: - Allow access to selected service ports from private - networks - properties: - opensearch: - description: - Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: - Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - prometheus: - description: Enable prometheus - type: boolean + - max_index_count + - pattern type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: - Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: - Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - saml: - description: OpenSearch SAML configuration + maxItems: 512 + type: array + index_template: + description: Template settings for all new indexes + properties: + mapping_nested_objects_limit: + description: The maximum number of nested JSON objects that + a single document can contain across all nested types. This + limit helps to prevent out of memory errors when a document + contains too many nested objects. Default is 10000. + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: The number of replicas each primary shard has. + maximum: 29 + minimum: 0 + type: integer + number_of_shards: + description: The number of primary shards that an index should + have. + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field properties: - enabled: - description: - Enables or disables SAML-based authentication - for OpenSearch. When enabled, users can authenticate using - SAML with an Identity Provider. - type: boolean - idp_entity_id: - description: - The unique identifier for the Identity Provider - (IdP) entity that is used for SAML authentication. This - value is typically provided by the IdP. - maxLength: 1024 - minLength: 1 - type: string - idp_metadata_url: - description: - The URL of the SAML metadata for the Identity - Provider (IdP). This is used to configure SAML-based authentication - with the IdP. - maxLength: 2048 - minLength: 1 - type: string - idp_pemtrustedcas_content: - description: - This parameter specifies the PEM-encoded root - certificate authority (CA) content for the SAML identity - provider (IdP) server verification. The root CA content - is used to verify the SSL/TLS certificate presented by the - server. - maxLength: 16384 - type: string - roles_key: - description: - Optional. Specifies the attribute in the SAML - response where role information is stored, if available. - Role attributes are not required for SAML authentication, - but can be included in SAML assertions by most Identity - Providers (IdPs) to determine user access levels or permissions. - maxLength: 256 - minLength: 1 - type: string - sp_entity_id: - description: - The unique identifier for the Service Provider - (SP) entity that is used for SAML authentication. This value - is typically provided by the SP. + description: + description: Description for IP filter list entry maxLength: 1024 - minLength: 1 type: string - subject_key: - description: - Optional. Specifies the attribute in the SAML - response where the subject identifier is stored. If not - configured, the NameID attribute is used by default. - maxLength: 256 - minLength: 1 + network: + description: CIDR address block + maxLength: 43 type: string required: - - enabled - - idp_entity_id - - idp_metadata_url - - sp_entity_id + - network type: object - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + keep_index_refresh_interval: + description: Aiven automation resets index.refresh_interval to + default value for every index to be sure that indices are always + visible to search. If it doesn't fit your case, you can disable + this by setting up this flag to true. + type: boolean + max_index_count: + description: 'DEPRECATED: use index_patterns instead' + minimum: 0 + type: integer + openid: + description: OpenSearch OpenID Connect Configuration properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + client_id: + description: The ID of the OpenID Connect client configured + in your IdP. Required. + maxLength: 1024 + minLength: 1 type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + client_secret: + description: The client secret of the OpenID Connect client + configured in your IdP. Required. + maxLength: 1024 + minLength: 1 type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 + connect_url: + description: The URL of your IdP where the Security plugin + can find the OpenID Connect metadata/configuration settings. + maxLength: 2048 + type: string + enabled: + description: Enables or disables OpenID Connect authentication + for OpenSearch. When enabled, users can authenticate using + OpenID Connect with an Identity Provider. + type: boolean + header: + description: HTTP header name of the JWT token. Optional. + Default is Authorization. + maxLength: 1024 + minLength: 1 + type: string + jwt_header: + description: 'The HTTP header that stores the token. Typically + the Authorization header with the Bearer schema: Authorization: + Bearer . Optional. Default is Authorization.' + maxLength: 1024 + minLength: 1 + type: string + jwt_url_parameter: + description: If the token is not transmitted in the HTTP header, + but as an URL parameter, define the name of the parameter + here. Optional. + maxLength: 1024 + minLength: 1 + type: string + refresh_rate_limit_count: + description: The maximum number of unknown key IDs in the + time frame. Default is 10. Optional. + minimum: 10 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. + refresh_rate_limit_time_window_ms: + description: The time frame to use when checking the maximum + number of unknown key IDs, in milliseconds. Optional.Default + is 10000 (10 seconds). + minimum: 10000 + type: integer + roles_key: + description: The key in the JSON payload that stores the user’s + roles. The value of this key must be a comma-separated list + of roles. Required only if you want to use roles in the + JWT maxLength: 1024 minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + scope: + description: The scope of the identity token issued by the + IdP. Optional. Default is openid profile email address phone. + maxLength: 1024 + minLength: 1 type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + subject_key: + description: The key in the JSON payload that stores the user’s + name. If not defined, the subject registered claim is used. + Most IdP providers use the preferred_username claim. Optional. + maxLength: 1024 + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - client_id + - client_secret + - connect_url + - enabled type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + opensearch: + description: OpenSearch settings + properties: + action_auto_create_index_enabled: + description: Explicitly allow or block automatic creation + of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + enum: + - internal + maxLength: 1024 + type: string + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + enum: + - username + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + enum: + - ip + maxLength: 1024 + type: string + type: object + type: object + cluster_max_shards_per_node: + description: Controls the number of shards allowed in the + cluster per data node + maximum: 10000 + minimum: 100 + type: integer + cluster_routing_allocation_node_concurrent_recoveries: + description: How many concurrent incoming/outgoing shard recoveries + (normally replicas) are allowed to happen on a node. Defaults + to 2. + maximum: 16 + minimum: 2 + type: integer + email_sender_name: + description: Sender name placeholder to be used in Opensearch + Dashboards and Opensearch keystore + maxLength: 40 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + email_sender_password: + description: Sender password for Opensearch alerts to authenticate + with SMTP server + maxLength: 1024 + pattern: ^[^\x00-\x1F]+$ + type: string + email_sender_username: + description: Sender username for Opensearch alerts + maxLength: 320 + pattern: ^[^\x00-\x1F]+$ + type: string + enable_security_audit: + description: Enable/Disable security audit + type: boolean + http_max_content_length: + description: Maximum content length for HTTP requests to the + OpenSearch HTTP API, in bytes. + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: The max size of allowed headers, in bytes + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: The max length of an HTTP URL, in bytes + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: Relative amount. Maximum amount of heap memory + used for field data cache. This is an expert setting; decreasing + the value too much will increase overhead of loading field + data; too much memory used for field data cache will decrease + amount of heap available for other operations. + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: Percentage value. Default is 10%. Total amount + of heap used for indexing buffer, before writing segments + to disk. This is an expert setting. Too low value will slow + down indexing; too high value will increase indexing performance + but causes performance issues for query performance. + maximum: 40 + minimum: 3 + type: integer + indices_memory_max_index_buffer_size: + description: Absolute value. Default is unbound. Doesn't work + without indices.memory.index_buffer_size. Maximum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + maximum hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_memory_min_index_buffer_size: + description: Absolute value. Default is 48mb. Doesn't work + without indices.memory.index_buffer_size. Minimum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + minimal hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_queries_cache_size: + description: Percentage value. Default is 10%. Maximum amount + of heap used for query cache. This is an expert setting. + Too low value will decrease query performance and increase + performance for other operations; too high value will cause + issues with other OpenSearch functionality. + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: Maximum number of clauses Lucene BooleanQuery + can have. The default value (1024) is relatively high, and + increasing it may cause performance issues. Investigate + other approaches first before increasing this value. + maximum: 4096 + minimum: 64 + type: integer + indices_recovery_max_bytes_per_sec: + description: Limits total inbound and outbound recovery traffic + for each node. Applies to both peer recoveries as well as + snapshot recoveries (i.e., restores from a snapshot). Defaults + to 40mb + maximum: 400 + minimum: 40 + type: integer + indices_recovery_max_concurrent_file_chunks: + description: Number of file chunks sent in parallel for each + recovery. Defaults to 2. + maximum: 5 + minimum: 2 + type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer + override_main_response_version: + description: Compatibility mode sets OpenSearch to report + its version as 7.10 so clients continue to work. Default + is false + type: boolean + reindex_remote_whitelist: + description: Whitelisted addresses for reindexing. Changing + this value will cause all OpenSearch instances to restart. + items: + type: string + maxItems: 32 + type: array + script_max_compilations_rate: + description: Script compilation circuit breaker limits the + number of inline script compilations within a period of + time. Default is use-context + maxLength: 1024 + type: string + search_max_buckets: + description: Maximum number of aggregation buckets allowed + in a single response. OpenSearch default value is used when + this is not defined. + maximum: 1000000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: 'Limits the maximum amount of memory (in MiB) + the OpenSearch Dashboards process can use. This sets the + max_old_space_size option of the nodejs running the OpenSearch + Dashboards. Note: the memory reserved by OpenSearch Dashboards + is not available for OpenSearch.' + maximum: 2048 + minimum: 64 + type: integer + opensearch_request_timeout: + description: Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + enum: + - "1" + - "2" + type: string + private_access: + description: Allow access to selected service ports from private + networks + properties: + opensearch: + description: Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + saml: + description: OpenSearch SAML configuration + properties: + enabled: + description: Enables or disables SAML-based authentication + for OpenSearch. When enabled, users can authenticate using + SAML with an Identity Provider. + type: boolean + idp_entity_id: + description: The unique identifier for the Identity Provider + (IdP) entity that is used for SAML authentication. This + value is typically provided by the IdP. + maxLength: 1024 + minLength: 1 + type: string + idp_metadata_url: + description: The URL of the SAML metadata for the Identity + Provider (IdP). This is used to configure SAML-based authentication + with the IdP. + maxLength: 2048 + minLength: 1 + type: string + idp_pemtrustedcas_content: + description: This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string + roles_key: + description: Optional. Specifies the attribute in the SAML + response where role information is stored, if available. + Role attributes are not required for SAML authentication, + but can be included in SAML assertions by most Identity + Providers (IdPs) to determine user access levels or permissions. + maxLength: 256 + minLength: 1 + type: string + sp_entity_id: + description: The unique identifier for the Service Provider + (SP) entity that is used for SAML authentication. This value + is typically provided by the SP. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: Optional. Specifies the attribute in the SAML + response where the subject identifier is stored. If not + configured, the NameID attribute is used by default. + maxLength: 256 + minLength: 1 + type: string + required: + - enabled + - idp_entity_id + - idp_metadata_url + - sp_entity_id + type: object + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_postgresqls.yaml b/config/crd/bases/aiven.io_postgresqls.yaml index 75804c65..d22d4d69 100644 --- a/config/crd/bases/aiven.io_postgresqls.yaml +++ b/config/crd/bases/aiven.io_postgresqls.yaml @@ -15,1056 +15,951 @@ spec: singular: postgresql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: PostgreSQL is the Schema for the postgresql API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: PostgreSQLSpec defines the desired state of postgres instance - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: PostgreSQL is the Schema for the postgresql API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PostgreSQLSpec defines the desired state of postgres instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`' + properties: + annotations: + additionalProperties: type: string - name: - minLength: 1 + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, - `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + integrationType: + enum: + - read_replica type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + admin_username: + description: Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server properties: - integrationType: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) enum: - - read_replica + - dump + - replication type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + password: + description: Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: The server where to migrate data from is secured + with SSL + type: boolean + username: + description: User name for authentication with the server + where to migrate data from + maxLength: 256 type: string required: - - integrationType - - sourceServiceName + - host + - port + type: object + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: Controls the amount of detail written in the + server log for each message that is logged. + enum: + - TERSE + - DEFAULT + - VERBOSE + type: string + log_line_prefix: + description: Choose from one of the available log-formats. + These can support popular log analyzers like pgbadger, pganalyze + etc. + enum: + - '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' + - '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' + - '''%m [%p] %q[user=%u,db=%d,app=%a] ''' + type: string + log_min_duration_statement: + description: Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_monitor.pgsm_enable_query_plan: + description: Enables or disables query plan monitoring + type: boolean + pg_stat_monitor.pgsm_max_buckets: + description: Sets the maximum number of buckets + maximum: 10 + minimum: 1 + type: integer + pg_stat_statements.track: + description: Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - top + - none + type: string + temp_file_limit: + description: PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + type: string + track_activity_query_size: + description: Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: Enables tracking of function call counts and + time used. + enum: + - all + - pl + - none + type: string + track_io_timing: + description: Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_qualstats: + description: Deprecated. System-wide settings for the pg_qualstats + extension + properties: + enabled: + description: Deprecated. Enable / Disable pg_qualstats + type: boolean + min_err_estimate_num: + description: Deprecated. Error estimation num threshold to + save quals + minimum: 0 + type: integer + min_err_estimate_ratio: + description: Deprecated. Error estimation ratio threshold + to save quals + minimum: 0 + type: integer + track_constants: + description: Deprecated. Enable / Disable pg_qualstats constants + tracking + type: boolean + track_pg_catalog: + description: Deprecated. Track quals on system catalogs too. + type: boolean type: object - maxItems: 1 - type: array - x-kubernetes-validations: + pg_read_replica: + description: Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + pg_stat_monitor_enable: + description: Enable the pg_stat_monitor extension. Enabling this + extension will cause the cluster to be restarted.When this extension + is enabled, pg_stat_statements results for utility commands + are unreliable + type: boolean + pg_version: + description: PostgreSQL major version + enum: + - "11" + - "12" + - "13" + - "14" + - "15" type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - transaction + - statement type: string - maxItems: 1 - type: array - admin_password: - description: - Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ + autodb_pool_size: + description: If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + min_pool_size: + description: Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: Allow access to selected service ports from private + networks + properties: + pg: + description: Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + pg: + description: Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - quorum + - "off" + type: string + timescaledb: + description: System-wide settings for the timescaledb extension + properties: + max_background_workers: + description: The number of background workers for timescaledb + operations. You should configure this setting to the sum + of your number of databases and the total number of concurrent + background workers you want running at any given point in + time. + maximum: 4096 + minimum: 1 + type: integer + type: object + variant: + description: Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: - Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - backup_hour: - description: - The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: - The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - enable_ipv6: - description: - Register AAAA DNS records for the service, and allow - IPv6 packets to service ports - type: boolean - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: - Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: - Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: - The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: - Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: - Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: - The server where to migrate data from is secured - with SSL - type: boolean - username: - description: - User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - pg: - description: postgresql.conf configuration values - properties: - autovacuum_analyze_scale_factor: - description: - Specifies a fraction of the table size to add - to autovacuum_analyze_threshold when deciding whether to - trigger an ANALYZE. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_analyze_threshold: - description: - Specifies the minimum number of inserted, updated - or deleted tuples needed to trigger an ANALYZE in any one - table. The default is 50 tuples. - maximum: 2147483647 - minimum: 0 - type: integer - autovacuum_freeze_max_age: - description: - Specifies the maximum age (in transactions) that - a table's pg_class.relfrozenxid field can attain before - a VACUUM operation is forced to prevent transaction ID wraparound - within the table. Note that the system will launch autovacuum - processes to prevent wraparound even when autovacuum is - otherwise disabled. This parameter will cause the server - to be restarted. - maximum: 1500000000 - minimum: 200000000 - type: integer - autovacuum_max_workers: - description: - Specifies the maximum number of autovacuum processes - (other than the autovacuum launcher) that may be running - at any one time. The default is three. This parameter can - only be set at server start. - maximum: 20 - minimum: 1 - type: integer - autovacuum_naptime: - description: - Specifies the minimum delay between autovacuum - runs on any given database. The delay is measured in seconds, - and the default is one minute - maximum: 86400 - minimum: 1 - type: integer - autovacuum_vacuum_cost_delay: - description: - Specifies the cost delay value that will be used - in automatic VACUUM operations. If -1 is specified, the - regular vacuum_cost_delay value will be used. The default - value is 20 milliseconds - maximum: 100 - minimum: -1 - type: integer - autovacuum_vacuum_cost_limit: - description: - Specifies the cost limit value that will be used - in automatic VACUUM operations. If -1 is specified (which - is the default), the regular vacuum_cost_limit value will - be used. - maximum: 10000 - minimum: -1 - type: integer - autovacuum_vacuum_scale_factor: - description: - Specifies a fraction of the table size to add - to autovacuum_vacuum_threshold when deciding whether to - trigger a VACUUM. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_vacuum_threshold: - description: - Specifies the minimum number of updated or deleted - tuples needed to trigger a VACUUM in any one table. The - default is 50 tuples - maximum: 2147483647 - minimum: 0 - type: integer - bgwriter_delay: - description: - Specifies the delay between activity rounds for - the background writer in milliseconds. Default is 200. - maximum: 10000 - minimum: 10 - type: integer - bgwriter_flush_after: - description: - Whenever more than bgwriter_flush_after bytes - have been written by the background writer, attempt to force - the OS to issue these writes to the underlying storage. - Specified in kilobytes, default is 512. Setting of 0 disables - forced writeback. - maximum: 2048 - minimum: 0 - type: integer - bgwriter_lru_maxpages: - description: - In each round, no more than this many buffers - will be written by the background writer. Setting this to - zero disables background writing. Default is 100. - maximum: 1073741823 - minimum: 0 - type: integer - bgwriter_lru_multiplier: - description: - The average recent need for new buffers is multiplied - by bgwriter_lru_multiplier to arrive at an estimate of the - number that will be needed during the next round, (up to - bgwriter_lru_maxpages). 1.0 represents a “just in time” - policy of writing exactly the number of buffers predicted - to be needed. Larger values provide some cushion against - spikes in demand, while smaller values intentionally leave - writes to be done by server processes. The default is 2.0. - maximum: 10 - minimum: 0 - type: number - deadlock_timeout: - description: - This is the amount of time, in milliseconds, - to wait on a lock before checking to see if there is a deadlock - condition. - maximum: 1800000 - minimum: 500 - type: integer - default_toast_compression: - description: - Specifies the default TOAST compression method - for values of compressible columns (the default is lz4). - enum: - - lz4 - - pglz - type: string - idle_in_transaction_session_timeout: - description: - Time out sessions with open transactions after - this number of milliseconds - maximum: 604800000 - minimum: 0 - type: integer - jit: - description: - Controls system-wide use of Just-in-Time Compilation - (JIT). - type: boolean - log_autovacuum_min_duration: - description: - Causes each action executed by autovacuum to - be logged if it ran for at least the specified number of - milliseconds. Setting this to zero logs all autovacuum actions. - Minus-one (the default) disables logging autovacuum actions. - maximum: 2147483647 - minimum: -1 - type: integer - log_error_verbosity: - description: - Controls the amount of detail written in the - server log for each message that is logged. - enum: - - TERSE - - DEFAULT - - VERBOSE - type: string - log_line_prefix: - description: - Choose from one of the available log-formats. - These can support popular log analyzers like pgbadger, pganalyze - etc. - enum: - - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" - - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" - - "'%m [%p] %q[user=%u,db=%d,app=%a] '" - type: string - log_min_duration_statement: - description: - Log statements that take more than this number - of milliseconds to run, -1 disables - maximum: 86400000 - minimum: -1 - type: integer - log_temp_files: - description: - Log statements for each temporary file created - larger than this number of kilobytes, -1 disables - maximum: 2147483647 - minimum: -1 - type: integer - max_files_per_process: - description: - PostgreSQL maximum number of files that can be - open per process - maximum: 4096 - minimum: 1000 - type: integer - max_locks_per_transaction: - description: PostgreSQL maximum locks per transaction - maximum: 6400 - minimum: 64 - type: integer - max_logical_replication_workers: - description: - PostgreSQL maximum logical replication workers - (taken from the pool of max_parallel_workers) - maximum: 64 - minimum: 4 - type: integer - max_parallel_workers: - description: - Sets the maximum number of workers that the system - can support for parallel queries - maximum: 96 - minimum: 0 - type: integer - max_parallel_workers_per_gather: - description: - Sets the maximum number of workers that can be - started by a single Gather or Gather Merge node - maximum: 96 - minimum: 0 - type: integer - max_pred_locks_per_transaction: - description: PostgreSQL maximum predicate locks per transaction - maximum: 5120 - minimum: 64 - type: integer - max_prepared_transactions: - description: PostgreSQL maximum prepared transactions - maximum: 10000 - minimum: 0 - type: integer - max_replication_slots: - description: PostgreSQL maximum replication slots - maximum: 64 - minimum: 8 - type: integer - max_slot_wal_keep_size: - description: - PostgreSQL maximum WAL size (MB) reserved for - replication slots. Default is -1 (unlimited). wal_keep_size - minimum WAL size setting takes precedence over this. - maximum: 2147483647 - minimum: -1 - type: integer - max_stack_depth: - description: Maximum depth of the stack in bytes - maximum: 6291456 - minimum: 2097152 - type: integer - max_standby_archive_delay: - description: Max standby archive delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_standby_streaming_delay: - description: Max standby streaming delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_wal_senders: - description: PostgreSQL maximum WAL senders - maximum: 64 - minimum: 20 - type: integer - max_worker_processes: - description: - Sets the maximum number of background processes - that the system can support - maximum: 96 - minimum: 8 - type: integer - pg_partman_bgw.interval: - description: - Sets the time interval to run pg_partman's scheduled - tasks - maximum: 604800 - minimum: 3600 - type: integer - pg_partman_bgw.role: - description: - Controls which role to use for pg_partman's scheduled - background tasks. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - pg_stat_monitor.pgsm_enable_query_plan: - description: Enables or disables query plan monitoring - type: boolean - pg_stat_monitor.pgsm_max_buckets: - description: Sets the maximum number of buckets - maximum: 10 - minimum: 1 - type: integer - pg_stat_statements.track: - description: - Controls which statements are counted. Specify - top to track top-level statements (those issued directly - by clients), all to also track nested statements (such as - statements invoked within functions), or none to disable - statement statistics collection. The default value is top. - enum: - - all - - top - - none - type: string - temp_file_limit: - description: - PostgreSQL temporary file limit in KiB, -1 for - unlimited - maximum: 2147483647 - minimum: -1 - type: integer - timezone: - description: PostgreSQL service timezone - maxLength: 64 - type: string - track_activity_query_size: - description: - Specifies the number of bytes reserved to track - the currently executing command for each active session. - maximum: 10240 - minimum: 1024 - type: integer - track_commit_timestamp: - description: Record commit time of transactions. - enum: - - "off" - - "on" - type: string - track_functions: - description: - Enables tracking of function call counts and - time used. - enum: - - all - - pl - - none - type: string - track_io_timing: - description: - Enables timing of database I/O calls. This parameter - is off by default, because it will repeatedly query the - operating system for the current time, which may cause significant - overhead on some platforms. - enum: - - "off" - - "on" - type: string - wal_sender_timeout: - description: - Terminate replication connections that are inactive - for longer than this amount of time, in milliseconds. Setting - this value to zero disables the timeout. - type: integer - wal_writer_delay: - description: - WAL flush interval in milliseconds. Note that - setting this value to lower than the default 200ms may negatively - impact performance - maximum: 200 - minimum: 10 - type: integer - type: object - pg_qualstats: - description: - Deprecated. System-wide settings for the pg_qualstats - extension - properties: - enabled: - description: Deprecated. Enable / Disable pg_qualstats - type: boolean - min_err_estimate_num: - description: - Deprecated. Error estimation num threshold to - save quals - minimum: 0 - type: integer - min_err_estimate_ratio: - description: - Deprecated. Error estimation ratio threshold - to save quals - minimum: 0 - type: integer - track_constants: - description: - Deprecated. Enable / Disable pg_qualstats constants - tracking - type: boolean - track_pg_catalog: - description: Deprecated. Track quals on system catalogs too. - type: boolean - type: object - pg_read_replica: - description: - Should the service which is being forked be a read - replica (deprecated, use read_replica service integration instead). - type: boolean - pg_service_to_fork_from: - description: - Name of the PG Service from which to fork (deprecated, - use service_to_fork_from). This has effect only when a new service - is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - pg_stat_monitor_enable: - description: - Enable the pg_stat_monitor extension. Enabling this - extension will cause the cluster to be restarted.When this extension - is enabled, pg_stat_statements results for utility commands - are unreliable - type: boolean - pg_version: - description: PostgreSQL major version - enum: - - "11" - - "12" - - "13" - - "14" - - "15" - type: string - pgbouncer: - description: PGBouncer connection pooling settings - properties: - autodb_idle_timeout: - description: - If the automatically created database pools have - been unused this many seconds, they are freed. If 0 then - timeout is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - autodb_max_db_connections: - description: - Do not allow more than this many server connections - per database (regardless of user). Setting it to 0 means - unlimited. - maximum: 2147483647 - minimum: 0 - type: integer - autodb_pool_mode: - description: PGBouncer pool mode - enum: - - session - - transaction - - statement - type: string - autodb_pool_size: - description: - If non-zero then create automatically a pool - of that size per user when a pool doesn't exist. - maximum: 10000 - minimum: 0 - type: integer - ignore_startup_parameters: - description: - List of parameters to ignore when given in startup - packet - items: - type: string - maxItems: 32 - type: array - min_pool_size: - description: - Add more server connections to pool if below - this number. Improves behavior when usual load comes suddenly - back after period of total inactivity. The value is effectively - capped at the pool size. - maximum: 10000 - minimum: 0 - type: integer - server_idle_timeout: - description: - If a server connection has been idle more than - this many seconds it will be dropped. If 0 then timeout - is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - server_lifetime: - description: - The pooler will close an unused server connection - that has been connected longer than this. [seconds] - maximum: 86400 - minimum: 60 - type: integer - server_reset_query_always: - description: - Run server_reset_query (DISCARD ALL) in all pooling - modes - type: boolean - type: object - pglookout: - description: System-wide settings for pglookout. - properties: - max_failover_replication_time_lag: - description: - Number of seconds of master unavailability before - triggering database failover to standby - minimum: 10 - type: integer - type: object - private_access: - description: - Allow access to selected service ports from private - networks - properties: - pg: - description: - Allow clients to connect to pg with a DNS name - that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - pgbouncer: - description: - Allow clients to connect to pgbouncer with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - pg: - description: Enable pg - type: boolean - pgbouncer: - description: Enable pgbouncer - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - pg: - description: - Allow clients to connect to pg from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - pgbouncer: - description: - Allow clients to connect to pgbouncer from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_target_time: - description: - Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - shared_buffers_percentage: - description: - Percentage of total RAM that the database server - uses for shared memory buffers. Valid range is 20-60 (float), - which corresponds to 20% - 60%. This setting adjusts the shared_buffers - configuration value. - maximum: 60 - minimum: 20 - type: number - static_ips: - description: Use static public IP addresses - type: boolean - synchronous_replication: - description: - Synchronous replication type. Note that the service - plan also needs to support synchronous replication. + status: + description: status of the condition, one of True, False, Unknown. enum: - - quorum - - "off" + - "True" + - "False" + - Unknown type: string - timescaledb: - description: System-wide settings for the timescaledb extension - properties: - max_background_workers: - description: - The number of background workers for timescaledb - operations. You should configure this setting to the sum - of your number of databases and the total number of concurrent - background workers you want running at any given point in - time. - maximum: 4096 - minimum: 1 - type: integer - type: object - variant: - description: - Variant of the PostgreSQL service, may affect the - features that are exposed by default - enum: - - aiven - - timescale + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - work_mem: - description: - Sets the maximum amount of memory to be used by a - query operation (such as a sort or hash table) before writing - to temporary disk files, in MB. Default is 1MB + 0.075% of total - RAM (up to 32MB). - maximum: 1024 - minimum: 1 - type: integer + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_projects.yaml b/config/crd/bases/aiven.io_projects.yaml index 5256e9c1..0bf1f9fc 100644 --- a/config/crd/bases/aiven.io_projects.yaml +++ b/config/crd/bases/aiven.io_projects.yaml @@ -15,244 +15,229 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 + type: string + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 + maxItems: 10 + type: array + billingExtraText: + description: Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 + type: string + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 + type: string + cardId: + description: Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: 'Target cloud, example: aws-eu-central-1' + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `PROJECT_CA_CERT`' + properties: + annotations: + additionalProperties: type: string - name: - minLength: 1 + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 10 - type: array - billingExtraText: - description: - Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: - Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: type: string - cloud: - description: "Target cloud, example: aws-eu-central-1" - maxLength: 256 + description: Tags are key-value pairs that allow you to categorize + projects + type: object + technicalEmails: + description: Technical contact emails of the project + items: type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `PROJECT_CA_CERT`" + maxItems: 10 + type: array + type: object + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: Conditions represent the latest available observations + of an Project state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: - type: string - description: - Tags are key-value pairs that allow you to categorize - projects + - lastTransitionTime + - message + - reason + - status + - type type: object - technicalEmails: - description: Technical contact emails of the project - items: - type: string - maxItems: 10 - type: array - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: - Conditions represent the latest available observations - of an Project state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_projectvpcs.yaml b/config/crd/bases/aiven.io_projectvpcs.yaml index f6b08d0a..720040e8 100644 --- a/config/crd/bases/aiven.io_projectvpcs.yaml +++ b/config/crd/bases/aiven.io_projectvpcs.yaml @@ -15,174 +15,165 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: Conditions represent the latest available observations + of an ProjectVPC state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - name: + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - key - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: - Conditions represent the latest available observations - of an ProjectVPC state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_redis.yaml b/config/crd/bases/aiven.io_redis.yaml index bd6c988d..2b665d1c 100644 --- a/config/crd/bases/aiven.io_redis.yaml +++ b/config/crd/bases/aiven.io_redis.yaml @@ -15,509 +15,464 @@ spec: singular: redis scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redis is the Schema for the redis API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: RedisSpec defines the desired state of Redis - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`' + properties: + annotations: + additionalProperties: type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - name - type: object - disk_space: - description: - The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: - Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: - Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: - ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: Service integrations to specify when creating a service. + Not applied after initial service creation properties: - name: - minLength: 1 + integrationType: + enum: + - read_replica type: string - namespace: + sourceServiceName: + maxLength: 64 minLength: 1 type: string required: - - name + - integrationType + - sourceServiceName type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - serviceIntegrations: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: - Service integrations to specify when creating a service. - Not applied after initial service creation + description: Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Redis specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server properties: - integrationType: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) enum: - - read_replica + - dump + - replication type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + password: + description: Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: The server where to migrate data from is secured + with SSL + type: boolean + username: + description: User name for authentication with the server + where to migrate data from + maxLength: 256 type: string required: - - integrationType - - sourceServiceName + - host + - port type: object - maxItems: 1 - type: array - x-kubernetes-validations: + private_access: + description: Allow access to selected service ports from private + networks + properties: + prometheus: + description: Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + redis: + description: Allow clients to connect to redis with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: Allow access to selected service components through + Privatelink + properties: + prometheus: + description: Enable prometheus + type: boolean + redis: + description: Enable redis + type: boolean + type: object + project_to_fork_from: + description: Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - tags: - additionalProperties: + public_access: + description: Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + redis: + description: Allow clients to connect to redis from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ type: string - description: - Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: - Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Redis specific user configuration options + redis_acl_channels_default: + description: Determines default pub/sub channels' ACL for new + users if ACL is not supplied. When this option is not defined, + all_channels is assumed to keep backward compatibility. This + option doesn't affect Redis configuration acl-pubsub-default. + enum: + - allchannels + - resetchannels + type: string + redis_io_threads: + description: Set Redis IO thread count. Changing this will cause + a restart of the Redis service. + maximum: 32 + minimum: 1 + type: integer + redis_lfu_decay_time: + description: LFU maxmemory-policy counter decay time in minutes + maximum: 120 + minimum: 1 + type: integer + redis_lfu_log_factor: + description: Counter logarithm factor for volatile-lfu and allkeys-lfu + maxmemory-policies + maximum: 100 + minimum: 0 + type: integer + redis_maxmemory_policy: + description: Redis maxmemory-policy + enum: + - noeviction + - allkeys-lru + - volatile-lru + - allkeys-random + - volatile-random + - volatile-ttl + - volatile-lfu + - allkeys-lfu + type: string + redis_notify_keyspace_events: + description: Set notify-keyspace-events option + maxLength: 32 + pattern: ^[KEg\$lshzxeA]*$ + type: string + redis_number_of_databases: + description: Set number of Redis databases. Changing this will + cause a restart of the Redis service. + maximum: 128 + minimum: 1 + type: integer + redis_persistence: + description: When persistence is 'rdb', Redis does RDB dumps each + 10 minutes if any key is changed. Also RDB dumps are done according + to backup schedule for backup purposes. When persistence is + 'off', no RDB dumps and backups are done, so data can be lost + at any moment if service is restarted for any reason, or if + service is powered off. Also service can't be forked. + enum: + - "off" + - rdb + type: string + redis_pubsub_client_output_buffer_limit: + description: Set output buffer limit for pub / sub clients in + MB. The value is the hard limit, the soft limit is 1/4 of the + hard limit. When setting the limit, be mindful of the available + memory in the selected service plan. + maximum: 512 + minimum: 32 + type: integer + redis_ssl: + description: Require SSL to access Redis + type: boolean + redis_timeout: + description: Redis idle connection timeout in seconds + maximum: 31536000 + minimum: 0 + type: integer + service_log: + description: Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: Conditions represent the latest available observations + of a service state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: - Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: - CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: - Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: - Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: - The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: - Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: - Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: - The server where to migrate data from is secured - with SSL - type: boolean - username: - description: - User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - private_access: - description: - Allow access to selected service ports from private - networks - properties: - prometheus: - description: - Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - redis: - description: - Allow clients to connect to redis with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: - Allow access to selected service components through - Privatelink - properties: - prometheus: - description: Enable prometheus - type: boolean - redis: - description: Enable redis - type: boolean - type: object - project_to_fork_from: - description: - Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: - Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: - Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - redis: - description: - Allow clients to connect to redis from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - redis_acl_channels_default: - description: - Determines default pub/sub channels' ACL for new - users if ACL is not supplied. When this option is not defined, - all_channels is assumed to keep backward compatibility. This - option doesn't affect Redis configuration acl-pubsub-default. - enum: - - allchannels - - resetchannels + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - redis_io_threads: - description: - Set Redis IO thread count. Changing this will cause - a restart of the Redis service. - maximum: 32 - minimum: 1 - type: integer - redis_lfu_decay_time: - description: LFU maxmemory-policy counter decay time in minutes - maximum: 120 - minimum: 1 - type: integer - redis_lfu_log_factor: - description: - Counter logarithm factor for volatile-lfu and allkeys-lfu - maxmemory-policies - maximum: 100 + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - redis_maxmemory_policy: - description: Redis maxmemory-policy - enum: - - noeviction - - allkeys-lru - - volatile-lru - - allkeys-random - - volatile-random - - volatile-ttl - - volatile-lfu - - allkeys-lfu - type: string - redis_notify_keyspace_events: - description: Set notify-keyspace-events option - maxLength: 32 - pattern: ^[KEg\$lshzxeA]*$ + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - redis_number_of_databases: - description: - Set number of Redis databases. Changing this will - cause a restart of the Redis service. - maximum: 128 - minimum: 1 - type: integer - redis_persistence: - description: - When persistence is 'rdb', Redis does RDB dumps each - 10 minutes if any key is changed. Also RDB dumps are done according - to backup schedule for backup purposes. When persistence is - 'off', no RDB dumps and backups are done, so data can be lost - at any moment if service is restarted for any reason, or if - service is powered off. Also service can't be forked. + status: + description: status of the condition, one of True, False, Unknown. enum: - - "off" - - rdb + - "True" + - "False" + - Unknown type: string - redis_pubsub_client_output_buffer_limit: - description: - Set output buffer limit for pub / sub clients in - MB. The value is the hard limit, the soft limit is 1/4 of the - hard limit. When setting the limit, be mindful of the available - memory in the selected service plan. - maximum: 512 - minimum: 32 - type: integer - redis_ssl: - description: Require SSL to access Redis - type: boolean - redis_timeout: - description: Redis idle connection timeout in seconds - maximum: 31536000 - minimum: 0 - type: integer - service_log: - description: - Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: - Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: - Conditions represent the latest available observations - of a service state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_serviceintegrations.yaml b/config/crd/bases/aiven.io_serviceintegrations.yaml index 7ddcb94b..7ba61edd 100644 --- a/config/crd/bases/aiven.io_serviceintegrations.yaml +++ b/config/crd/bases/aiven.io_serviceintegrations.yaml @@ -15,790 +15,748 @@ spec: singular: serviceintegration scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.integrationType - name: Type - type: string - - jsonPath: .spec.sourceServiceName - name: Source Service Name - type: string - - jsonPath: .spec.destinationServiceName - name: Destination Service Name - type: string - - jsonPath: .spec.sourceEndpointId - name: Source Endpoint ID - type: string - - jsonPath: .spec.destinationEndpointId - name: Destination Endpoint ID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: - ServiceIntegration is the Schema for the serviceintegrations - API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ServiceIntegrationSpec defines the desired state of ServiceIntegration - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - clickhouseKafka: - description: Clickhouse Kafka configuration values - properties: - tables: - description: Tables to create - items: - description: Table to create - properties: - auto_offset_reset: - description: - Action to take when there is no initial offset - in offset store or the desired offset is out of range - enum: - - smallest - - earliest - - beginning - - largest - - latest - - end - type: string - columns: - description: Table columns - items: - description: Table column - properties: - name: - description: Column name - maxLength: 40 - minLength: 1 - type: string - type: - description: Column type - maxLength: 1000 - minLength: 1 - type: string - required: - - name - - type - type: object - maxItems: 100 - type: array - data_format: - description: Message data format - enum: - - Avro - - CSV - - JSONAsString - - JSONCompactEachRow - - JSONCompactStringsEachRow - - JSONEachRow - - JSONStringsEachRow - - MsgPack - - TSKV - - TSV - - TabSeparated - - RawBLOB - - AvroConfluent - type: string - date_time_input_format: - description: Method to read DateTime from text input formats - enum: - - basic - - best_effort - - best_effort_us - type: string - group_name: - description: Kafka consumers group - maxLength: 249 - minLength: 1 - type: string - handle_error_mode: - description: How to handle errors for Kafka engine - enum: - - default - - stream - type: string - max_block_size: - description: - Number of row collected by poll(s) for flushing - data from Kafka - maximum: 1000000000 - minimum: 0 - type: integer - max_rows_per_message: - description: - The maximum number of rows produced in one - kafka message for row-based formats - maximum: 1000000000 - minimum: 1 - type: integer - name: - description: Name of the table - maxLength: 40 - minLength: 1 - type: string - num_consumers: - description: The number of consumers per table per replica - maximum: 10 - minimum: 1 - type: integer - poll_max_batch_size: - description: - Maximum amount of messages to be polled in - a single Kafka poll - maximum: 1000000000 - minimum: 0 - type: integer - skip_broken_messages: - description: - Skip at least this number of broken messages - from Kafka topic per block - maximum: 1000000000 - minimum: 0 - type: integer - topics: - description: Kafka topics - items: - description: Kafka topic - properties: - name: - description: Name of the topic - maxLength: 249 - minLength: 1 - type: string - required: - - name - type: object - maxItems: 100 - type: array - required: - - columns - - data_format - - group_name - - name - - topics - type: object - maxItems: 100 - type: array - type: object - clickhousePostgresql: - description: Clickhouse PostgreSQL configuration values - properties: - databases: - description: Databases to expose - items: - description: Database to expose - properties: - database: - description: PostgreSQL database to expose - maxLength: 63 - minLength: 1 - type: string - schema: - description: PostgreSQL schema to expose - maxLength: 63 - minLength: 1 - type: string - type: object - maxItems: 10 - type: array - type: object - datadog: - description: Datadog specific user configuration options - properties: - datadog_dbm_enabled: - description: Enable Datadog Database Monitoring - type: boolean - datadog_tags: - description: Custom tags provided by user - items: - description: Datadog tag defined by user - properties: - comment: - description: Optional tag explanation - maxLength: 1024 - type: string - tag: - description: - "Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. - Tags with prefix 'aiven-' are reserved for Aiven." - maxLength: 200 - minLength: 1 - type: string - required: - - tag - type: object - maxItems: 32 - type: array - exclude_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - exclude_topics: - description: List of topics to exclude - items: - type: string - maxItems: 1024 - type: array - include_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - include_topics: - description: List of topics to include - items: - type: string - maxItems: 1024 - type: array - kafka_custom_metrics: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - max_jmx_metrics: - description: Maximum number of JMX metrics to send - maximum: 100000 - minimum: 10 - type: integer - opensearch: - description: Datadog Opensearch Options - properties: - index_stats_enabled: - description: Enable Datadog Opensearch Index Monitoring - type: boolean - pending_task_stats_enabled: - description: Enable Datadog Opensearch Pending Task Monitoring - type: boolean - pshard_stats_enabled: - description: Enable Datadog Opensearch Primary Shard Monitoring - type: boolean - type: object - redis: - description: Datadog Redis Options - properties: - command_stats_enabled: - description: Enable command_stats option in the agent's configuration - type: boolean - type: object - type: object - destinationEndpointId: - description: Destination endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationProjectName: - description: Destination project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationServiceName: - description: Destination service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - externalAWSCloudwatchMetrics: - description: - External AWS CloudWatch Metrics integration Logs configuration - values - properties: - dropped_metrics: - description: - Metrics to not send to AWS CloudWatch (takes precedence - over extra_metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - extra_metrics: - description: - Metrics to allow through to AWS CloudWatch (in addition - to default metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - type: object - integrationType: - description: - Type of the service integration accepted by Aiven API. - Some values may not be supported by the operator - enum: - - alertmanager - - autoscaler - - caching - - cassandra_cross_service_cluster - - clickhouse_kafka - - clickhouse_postgresql - - dashboard - - datadog - - datasource - - external_aws_cloudwatch_logs - - external_aws_cloudwatch_metrics - - external_elasticsearch_logs - - external_google_cloud_logging - - external_opensearch_logs - - flink - - flink_external_kafka - - internal_connectivity - - jolokia - - kafka_connect - - kafka_logs - - kafka_mirrormaker - - logs - - m3aggregator - - m3coordinator - - metrics - - opensearch_cross_cluster_replication - - opensearch_cross_cluster_search - - prometheus - - read_replica - - rsyslog - - schema_registry_proxy - - stresstester - - thanosquery - - thanosstore - - vmalert - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - kafkaConnect: - description: Kafka Connect service configuration values - properties: - kafka_connect: - description: Kafka Connect service configuration values + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.integrationType + name: Type + type: string + - jsonPath: .spec.sourceServiceName + name: Source Service Name + type: string + - jsonPath: .spec.destinationServiceName + name: Destination Service Name + type: string + - jsonPath: .spec.sourceEndpointId + name: Source Endpoint ID + type: string + - jsonPath: .spec.destinationEndpointId + name: Destination Endpoint ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceIntegration is the Schema for the serviceintegrations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceIntegrationSpec defines the desired state of ServiceIntegration + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + clickhouseKafka: + description: Clickhouse Kafka configuration values + properties: + tables: + description: Tables to create + items: + description: Table to create properties: - config_storage_topic: - description: - The name of the topic where connector and task - configuration data are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + auto_offset_reset: + description: Action to take when there is no initial offset + in offset store or the desired offset is out of range + enum: + - smallest + - earliest + - beginning + - largest + - latest + - end type: string - group_id: - description: - A unique string that identifies the Connect cluster - group this worker belongs to. - maxLength: 249 + columns: + description: Table columns + items: + description: Table column + properties: + name: + description: Column name + maxLength: 40 + minLength: 1 + type: string + type: + description: Column type + maxLength: 1000 + minLength: 1 + type: string + required: + - name + - type + type: object + maxItems: 100 + type: array + data_format: + description: Message data format + enum: + - Avro + - CSV + - JSONAsString + - JSONCompactEachRow + - JSONCompactStringsEachRow + - JSONEachRow + - JSONStringsEachRow + - MsgPack + - TSKV + - TSV + - TabSeparated + - RawBLOB + - AvroConfluent type: string - offset_storage_topic: - description: - The name of the topic where connector and task - configuration offsets are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + date_time_input_format: + description: Method to read DateTime from text input formats + enum: + - basic + - best_effort + - best_effort_us type: string - status_storage_topic: - description: - The name of the topic where connector and task - configuration status updates are stored.This must be the - same for all workers with the same group_id. + group_name: + description: Kafka consumers group maxLength: 249 + minLength: 1 type: string - type: object - type: object - kafkaLogs: - description: Kafka logs configuration values - properties: - kafka_topic: - description: Topic name - maxLength: 249 - minLength: 1 - type: string - selected_log_fields: - description: - The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - required: - - kafka_topic - type: object - kafkaMirrormaker: - description: Kafka MirrorMaker configuration values - properties: - cluster_alias: - description: - "The alias under which the Kafka cluster is known - to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, - '.', '_', and '-'." - maxLength: 128 - pattern: ^[a-zA-Z0-9_.-]+$ - type: string - kafka_mirrormaker: - description: Kafka MirrorMaker configuration values - properties: - consumer_fetch_min_bytes: - description: - The minimum amount of data the server should - return for a fetch request - maximum: 5242880 - minimum: 1 - type: integer - producer_batch_size: - description: - The batch size in bytes producer will attempt - to collect before publishing to broker. - maximum: 5242880 + handle_error_mode: + description: How to handle errors for Kafka engine + enum: + - default + - stream + type: string + max_block_size: + description: Number of row collected by poll(s) for flushing + data from Kafka + maximum: 1000000000 minimum: 0 type: integer - producer_buffer_memory: - description: - The amount of bytes producer can use for buffering - data before publishing to broker. - maximum: 134217728 - minimum: 5242880 + max_rows_per_message: + description: The maximum number of rows produced in one + kafka message for row-based formats + maximum: 1000000000 + minimum: 1 type: integer - producer_compression_type: - description: - Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + name: + description: Name of the table + maxLength: 40 + minLength: 1 type: string - producer_linger_ms: - description: - The linger time (ms) for waiting new data to - arrive for publishing. - maximum: 5000 + num_consumers: + description: The number of consumers per table per replica + maximum: 10 + minimum: 1 + type: integer + poll_max_batch_size: + description: Maximum amount of messages to be polled in + a single Kafka poll + maximum: 1000000000 minimum: 0 type: integer - producer_max_request_size: - description: The maximum request size in bytes. - maximum: 268435456 + skip_broken_messages: + description: Skip at least this number of broken messages + from Kafka topic per block + maximum: 1000000000 minimum: 0 type: integer + topics: + description: Kafka topics + items: + description: Kafka topic + properties: + name: + description: Name of the topic + maxLength: 249 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 100 + type: array + required: + - columns + - data_format + - group_name + - name + - topics type: object - type: object - logs: - description: Logs configuration values - properties: - elasticsearch_index_days_max: - description: Elasticsearch index retention limit - maximum: 10000 - minimum: 1 - type: integer - elasticsearch_index_prefix: - description: Elasticsearch index prefix - maxLength: 1024 - minLength: 1 + maxItems: 100 + type: array + type: object + clickhousePostgresql: + description: Clickhouse PostgreSQL configuration values + properties: + databases: + description: Databases to expose + items: + description: Database to expose + properties: + database: + description: PostgreSQL database to expose + maxLength: 63 + minLength: 1 + type: string + schema: + description: PostgreSQL schema to expose + maxLength: 63 + minLength: 1 + type: string + type: object + maxItems: 10 + type: array + type: object + datadog: + description: Datadog specific user configuration options + properties: + datadog_dbm_enabled: + description: Enable Datadog Database Monitoring + type: boolean + datadog_tags: + description: Custom tags provided by user + items: + description: Datadog tag defined by user + properties: + comment: + description: Optional tag explanation + maxLength: 1024 + type: string + tag: + description: 'Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. + Tags with prefix ''aiven-'' are reserved for Aiven.' + maxLength: 200 + minLength: 1 + type: string + required: + - tag + type: object + maxItems: 32 + type: array + exclude_consumer_groups: + description: List of custom metrics + items: type: string - selected_log_fields: - description: - The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - type: object - metrics: - description: Metrics configuration values - properties: - database: - description: - Name of the database where to store metric datapoints. - Only affects PostgreSQL destinations. Defaults to 'metrics'. - Note that this must be the same for all metrics integrations - that write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ + maxItems: 1024 + type: array + exclude_topics: + description: List of topics to exclude + items: type: string - retention_days: - description: - Number of days to keep old metrics. Only affects - PostgreSQL destinations. Set to 0 for no automatic cleanup. - Defaults to 30 days. - maximum: 10000 - minimum: 0 - type: integer - ro_username: - description: - Name of a user that can be used to read metrics. - This will be used for Grafana integration (if enabled) to prevent - Grafana users from making undesired changes. Only affects PostgreSQL - destinations. Defaults to 'metrics_reader'. Note that this must - be the same for all metrics integrations that write data to - the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + maxItems: 1024 + type: array + include_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + include_topics: + description: List of topics to include + items: + type: string + maxItems: 1024 + type: array + kafka_custom_metrics: + description: List of custom metrics + items: type: string - source_mysql: - description: - Configuration options for metrics where source service - is MySQL + maxItems: 1024 + type: array + max_jmx_metrics: + description: Maximum number of JMX metrics to send + maximum: 100000 + minimum: 10 + type: integer + opensearch: + description: Datadog Opensearch Options + properties: + index_stats_enabled: + description: Enable Datadog Opensearch Index Monitoring + type: boolean + pending_task_stats_enabled: + description: Enable Datadog Opensearch Pending Task Monitoring + type: boolean + pshard_stats_enabled: + description: Enable Datadog Opensearch Primary Shard Monitoring + type: boolean + type: object + redis: + description: Datadog Redis Options + properties: + command_stats_enabled: + description: Enable command_stats option in the agent's configuration + type: boolean + type: object + type: object + destinationEndpointId: + description: Destination endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationProjectName: + description: Destination project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationServiceName: + description: Destination service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + externalAWSCloudwatchMetrics: + description: External AWS CloudWatch Metrics integration Logs configuration + values + properties: + dropped_metrics: + description: Metrics to not send to AWS CloudWatch (takes precedence + over extra_metrics) + items: + description: Metric name and subfield properties: - telegraf: - description: - Configuration options for Telegraf MySQL input - plugin - properties: - gather_event_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS - type: boolean - gather_file_events_stats: - description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME - type: boolean - gather_index_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE - type: boolean - gather_info_schema_auto_inc: - description: - Gather auto_increment columns and max values - from information schema - type: boolean - gather_innodb_metrics: - description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS - type: boolean - gather_perf_events_statements: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST - type: boolean - gather_process_list: - description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST - type: boolean - gather_slave_status: - description: - Gather metrics from SHOW SLAVE STATUS command - output - type: boolean - gather_table_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE - type: boolean - gather_table_lock_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS - type: boolean - gather_table_schema: - description: Gather metrics from INFORMATION_SCHEMA.TABLES - type: boolean - perf_events_statements_digest_text_limit: - description: - Truncates digest text from perf_events_statements - into this many characters - maximum: 2048 - minimum: 1 - type: integer - perf_events_statements_limit: - description: Limits metrics from perf_events_statements - maximum: 4000 - minimum: 1 - type: integer - perf_events_statements_time_limit: - description: - Only include perf_events_statements whose - last seen is less than this many seconds - maximum: 2592000 - minimum: 1 - type: integer - type: object + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric type: object - username: - description: - Name of the user used to write metrics. Only affects - PostgreSQL destinations. Defaults to 'metrics_writer'. Note - that this must be the same for all metrics integrations that - write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - type: object - project: - description: Project the integration belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceEndpointID: - description: Source endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceProjectName: - description: Source project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceServiceName: - description: Source service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - integrationType - - project - type: object - status: - description: ServiceIntegrationStatus defines the observed state of ServiceIntegration - properties: - conditions: - description: - Conditions represent the latest available observations - of an ServiceIntegration state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 1024 + type: array + extra_metrics: + description: Metrics to allow through to AWS CloudWatch (in addition + to default metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + type: object + integrationType: + description: Type of the service integration accepted by Aiven API. + Some values may not be supported by the operator + enum: + - alertmanager + - autoscaler + - caching + - cassandra_cross_service_cluster + - clickhouse_kafka + - clickhouse_postgresql + - dashboard + - datadog + - datasource + - external_aws_cloudwatch_logs + - external_aws_cloudwatch_metrics + - external_elasticsearch_logs + - external_google_cloud_logging + - external_opensearch_logs + - flink + - flink_external_kafka + - internal_connectivity + - jolokia + - kafka_connect + - kafka_logs + - kafka_mirrormaker + - logs + - m3aggregator + - m3coordinator + - metrics + - opensearch_cross_cluster_replication + - opensearch_cross_cluster_search + - prometheus + - read_replica + - rsyslog + - schema_registry_proxy + - stresstester + - thanosquery + - thanosstore + - vmalert + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + kafkaConnect: + description: Kafka Connect service configuration values + properties: + kafka_connect: + description: Kafka Connect service configuration values properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + config_storage_topic: + description: The name of the topic where connector and task + configuration data are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 + type: string + group_id: + description: A unique string that identifies the Connect cluster + group this worker belongs to. + maxLength: 249 + type: string + offset_storage_topic: + description: The name of the topic where connector and task + configuration offsets are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + status_storage_topic: + description: The name of the topic where connector and task + configuration status updates are stored.This must be the + same for all workers with the same group_id. + maxLength: 249 type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + type: object + type: object + kafkaLogs: + description: Kafka logs configuration values + properties: + kafka_topic: + description: Topic name + maxLength: 249 + minLength: 1 + type: string + selected_log_fields: + description: The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + required: + - kafka_topic + type: object + kafkaMirrormaker: + description: Kafka MirrorMaker configuration values + properties: + cluster_alias: + description: 'The alias under which the Kafka cluster is known + to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, + ''.'', ''_'', and ''-''.' + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + type: string + kafka_mirrormaker: + description: Kafka MirrorMaker configuration values + properties: + consumer_fetch_min_bytes: + description: The minimum amount of data the server should + return for a fetch request + maximum: 5242880 + minimum: 1 + type: integer + producer_batch_size: + description: The batch size in bytes producer will attempt + to collect before publishing to broker. + maximum: 5242880 minimum: 0 type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + producer_buffer_memory: + description: The amount of bytes producer can use for buffering + data before publishing to broker. + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - gzip + - snappy + - lz4 + - zstd + - none type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + producer_linger_ms: + description: The linger time (ms) for waiting new data to + arrive for publishing. + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: The maximum request size in bytes. + maximum: 268435456 + minimum: 0 + type: integer + type: object + type: object + logs: + description: Logs configuration values + properties: + elasticsearch_index_days_max: + description: Elasticsearch index retention limit + maximum: 10000 + minimum: 1 + type: integer + elasticsearch_index_prefix: + description: Elasticsearch index prefix + maxLength: 1024 + minLength: 1 + type: string + selected_log_fields: + description: The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + type: object + metrics: + description: Metrics configuration values + properties: + database: + description: Name of the database where to store metric datapoints. + Only affects PostgreSQL destinations. Defaults to 'metrics'. + Note that this must be the same for all metrics integrations + that write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ + type: string + retention_days: + description: Number of days to keep old metrics. Only affects + PostgreSQL destinations. Set to 0 for no automatic cleanup. + Defaults to 30 days. + maximum: 10000 + minimum: 0 + type: integer + ro_username: + description: Name of a user that can be used to read metrics. + This will be used for Grafana integration (if enabled) to prevent + Grafana users from making undesired changes. Only affects PostgreSQL + destinations. Defaults to 'metrics_reader'. Note that this must + be the same for all metrics integrations that write data to + the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + source_mysql: + description: Configuration options for metrics where source service + is MySQL + properties: + telegraf: + description: Configuration options for Telegraf MySQL input + plugin + properties: + gather_event_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS + type: boolean + gather_file_events_stats: + description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME + type: boolean + gather_index_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE + type: boolean + gather_info_schema_auto_inc: + description: Gather auto_increment columns and max values + from information schema + type: boolean + gather_innodb_metrics: + description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS + type: boolean + gather_perf_events_statements: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST + type: boolean + gather_process_list: + description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST + type: boolean + gather_slave_status: + description: Gather metrics from SHOW SLAVE STATUS command + output + type: boolean + gather_table_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE + type: boolean + gather_table_lock_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS + type: boolean + gather_table_schema: + description: Gather metrics from INFORMATION_SCHEMA.TABLES + type: boolean + perf_events_statements_digest_text_limit: + description: Truncates digest text from perf_events_statements + into this many characters + maximum: 2048 + minimum: 1 + type: integer + perf_events_statements_limit: + description: Limits metrics from perf_events_statements + maximum: 4000 + minimum: 1 + type: integer + perf_events_statements_time_limit: + description: Only include perf_events_statements whose + last seen is less than this many seconds + maximum: 2592000 + minimum: 1 + type: integer + type: object type: object - type: array - id: - description: Service integration ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + username: + description: Name of the user used to write metrics. Only affects + PostgreSQL destinations. Defaults to 'metrics_writer'. Note + that this must be the same for all metrics integrations that + write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + type: object + project: + description: Project the integration belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceEndpointID: + description: Source endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceProjectName: + description: Source project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceServiceName: + description: Source service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - integrationType + - project + type: object + status: + description: ServiceIntegrationStatus defines the observed state of ServiceIntegration + properties: + conditions: + description: Conditions represent the latest available observations + of an ServiceIntegration state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Service integration ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_serviceusers.yaml b/config/crd/bases/aiven.io_serviceusers.yaml index b71e03fb..e188b02d 100644 --- a/config/crd/bases/aiven.io_serviceusers.yaml +++ b/config/crd/bases/aiven.io_serviceusers.yaml @@ -15,191 +15,179 @@ spec: singular: serviceuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceUser is the Schema for the serviceusers API - properties: - apiVersion: - description: - "APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: string - kind: - description: - "Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: string - metadata: - type: object - spec: - description: ServiceUserSpec defines the desired state of ServiceUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceUser is the Schema for the serviceusers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceUserSpec defines the desired state of ServiceUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: 'Information regarding secret creation. Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`' + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - project + - serviceName + type: object + status: + description: ServiceUserStatus defines the observed state of ServiceUser + properties: + conditions: + description: Conditions represent the latest available observations + of an ServiceUser state + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - key: - minLength: 1 + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - name: + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - required: - - key - - name - type: object - authentication: - description: Authentication details - enum: - - caching_sha2_password - - mysql_native_password - type: string - connInfoSecretTarget: - description: - "Information regarding secret creation. Exposed keys: - `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, - `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, - `SERVICEUSER_ACCESS_KEY`" - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: - Name of the secret resource to be created. By default, - is equal to the resource name + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - prefix: - description: - Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - required: - - project - - serviceName - type: object - status: - description: ServiceUserStatus defines the observed state of ServiceUser - properties: - conditions: - description: - Conditions represent the latest available observations - of an ServiceUser state - items: - description: - "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: - lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: - message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: - observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: - reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: - type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: - description: Type of the user account - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + type: + description: Type of the user account + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 6c73a4f1..46e7f1d6 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -5,599 +5,599 @@ metadata: creationTimestamp: null name: manager-role rules: - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - cassandras - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - cassandras/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - cassandras/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - clickhouses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - clickhouses/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - clickhouses/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - clickhouseusers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - clickhouseusers/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - clickhouseusers/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - connectionpools - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - connectionpools/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - connectionpools/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - databases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - databases/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - grafanas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - grafanas/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - grafanas/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - kafkaacls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkaacls/status - verbs: - - create - - delete - - get - - list - - watch - - apiGroups: - - aiven.io - resources: - - kafkaconnectors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkaconnectors/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkaconnectors/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - kafkaconnects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkaconnects/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkaconnects/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - kafkas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkas/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkas/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - kafkaschemas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkaschemas/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - kafkatopics - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - kafkatopics/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - mysqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - mysqls/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - mysqls/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - opensearches - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - opensearches/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - opensearches/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - postgresqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - postgresqls/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - postgresqls/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - projects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - projects/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - projects/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - projectvpcs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - projectvpcs/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - redis - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - redis/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - redis/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - serviceintegrations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - serviceintegrations/status - verbs: - - get - - patch - - update - - apiGroups: - - aiven.io - resources: - - serviceusers - verbs: - - create - - delete - - get - - list - - update - - watch - - apiGroups: - - aiven.io - resources: - - serviceusers/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - aiven.io - resources: - - serviceusers/status - verbs: - - get - - update - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - list - - update +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - cassandras + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - cassandras/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - cassandras/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - clickhouses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - clickhouses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - clickhouses/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - clickhouseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - clickhouseusers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - clickhouseusers/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - connectionpools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - connectionpools/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - connectionpools/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - databases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - databases/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - grafanas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - grafanas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - grafanas/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - kafkaacls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkaacls/status + verbs: + - create + - delete + - get + - list + - watch +- apiGroups: + - aiven.io + resources: + - kafkaconnectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkaconnectors/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkaconnectors/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - kafkaconnects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkaconnects/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkaconnects/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - kafkas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkas/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - kafkaschemas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkaschemas/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - kafkatopics + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - kafkatopics/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - mysqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - mysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - mysqls/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - opensearches + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - opensearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - opensearches/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - postgresqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - postgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - postgresqls/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - projects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - projects/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - projects/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - projectvpcs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - projectvpcs/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - redis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - redis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - redis/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - serviceintegrations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - serviceintegrations/status + verbs: + - get + - patch + - update +- apiGroups: + - aiven.io + resources: + - serviceusers + verbs: + - create + - delete + - get + - list + - update + - watch +- apiGroups: + - aiven.io + resources: + - serviceusers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - aiven.io + resources: + - serviceusers/status + verbs: + - get + - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - update diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index f1395456..c6bf25f2 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -5,386 +5,386 @@ metadata: creationTimestamp: null name: mutating-webhook-configuration webhooks: - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-cassandra - failurePolicy: Fail - name: mcassandra.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - cassandras - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-clickhouse - failurePolicy: Fail - name: mclickhouse.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouses - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-clickhouseuser - failurePolicy: Fail - name: mclickhouseuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouseusers - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-connectionpool - failurePolicy: Fail - name: mconnectionpool.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - connectionpools - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-database - failurePolicy: Fail - name: mdatabase.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - databases - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-grafana - failurePolicy: Fail - name: mgrafana.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - grafanas - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafka - failurePolicy: Fail - name: mkafka.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkas - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaacl - failurePolicy: Fail - name: mkafkaacl.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaacls - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaconnect - failurePolicy: Fail - name: mkafkaconnect.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaconnects - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaconnector - failurePolicy: Fail - name: mkafkaconnector.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaconnectors - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaschema - failurePolicy: Fail - name: mkafkaschema.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaschemas - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkatopic - failurePolicy: Fail - name: mkafkatopic.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkatopics - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-mysql - failurePolicy: Fail - name: mmysql.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - mysqls - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-opensearch - failurePolicy: Fail - name: mopensearch.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - opensearches - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-postgresql - failurePolicy: Fail - name: mpg.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - postgresqls - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-project - failurePolicy: Fail - name: mproject.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - projects - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-redis - failurePolicy: Fail - name: mredis.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - redis - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-serviceintegration - failurePolicy: Fail - name: mserviceintegration.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceintegrations - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-serviceuser - failurePolicy: Fail - name: mserviceuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceusers - sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-cassandra + failurePolicy: Fail + name: mcassandra.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - cassandras + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: mclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouses + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: mclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-connectionpool + failurePolicy: Fail + name: mconnectionpool.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - connectionpools + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-database + failurePolicy: Fail + name: mdatabase.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - databases + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-grafana + failurePolicy: Fail + name: mgrafana.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - grafanas + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafka + failurePolicy: Fail + name: mkafka.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkas + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaacl + failurePolicy: Fail + name: mkafkaacl.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaacls + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaconnect + failurePolicy: Fail + name: mkafkaconnect.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaconnects + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaconnector + failurePolicy: Fail + name: mkafkaconnector.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaconnectors + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaschema + failurePolicy: Fail + name: mkafkaschema.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaschemas + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkatopic + failurePolicy: Fail + name: mkafkatopic.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkatopics + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-mysql + failurePolicy: Fail + name: mmysql.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - mysqls + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: mopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - opensearches + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-postgresql + failurePolicy: Fail + name: mpg.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - postgresqls + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-project + failurePolicy: Fail + name: mproject.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - projects + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-redis + failurePolicy: Fail + name: mredis.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - redis + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-serviceintegration + failurePolicy: Fail + name: mserviceintegration.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceintegrations + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-serviceuser + failurePolicy: Fail + name: mserviceuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceusers + sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -392,397 +392,397 @@ metadata: creationTimestamp: null name: validating-webhook-configuration webhooks: - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-cassandra - failurePolicy: Fail - name: vcassandra.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - cassandras - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-clickhouse - failurePolicy: Fail - name: vclickhouse.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clickhouses - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-clickhouseuser - failurePolicy: Fail - name: vclickhouseuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouseusers - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-connectionpool - failurePolicy: Fail - name: vconnectionpool.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - connectionpools - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-database - failurePolicy: Fail - name: vdatabase.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - databases - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-grafana - failurePolicy: Fail - name: vgrafana.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - grafanas - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafka - failurePolicy: Fail - name: vkafka.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkas - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaacl - failurePolicy: Fail - name: vkafkaacl.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaacls - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaconnect - failurePolicy: Fail - name: vkafkaconnect.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkaconnects - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaconnector - failurePolicy: Fail - name: vkafkaconnector.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkaconnectors - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaschema - failurePolicy: Fail - name: vkafkaschema.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaschemas - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkatopic - failurePolicy: Fail - name: vkafkatopic.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkatopics - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-mysql - failurePolicy: Fail - name: vmysql.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - mysqls - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-opensearch - failurePolicy: Fail - name: vopensearch.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - opensearches - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-postgresql - failurePolicy: Fail - name: vpg.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - postgresqls - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-project - failurePolicy: Fail - name: vproject.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - projects - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-redis - failurePolicy: Fail - name: vredis.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - redis - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-serviceintegration - failurePolicy: Fail - name: vserviceintegration.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceintegrations - sideEffects: None - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-serviceuser - failurePolicy: Fail - name: vserviceuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceusers - sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-cassandra + failurePolicy: Fail + name: vcassandra.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - cassandras + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: vclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clickhouses + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: vclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-connectionpool + failurePolicy: Fail + name: vconnectionpool.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - connectionpools + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-database + failurePolicy: Fail + name: vdatabase.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - databases + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-grafana + failurePolicy: Fail + name: vgrafana.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - grafanas + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafka + failurePolicy: Fail + name: vkafka.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkas + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaacl + failurePolicy: Fail + name: vkafkaacl.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaacls + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaconnect + failurePolicy: Fail + name: vkafkaconnect.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkaconnects + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaconnector + failurePolicy: Fail + name: vkafkaconnector.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkaconnectors + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaschema + failurePolicy: Fail + name: vkafkaschema.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaschemas + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkatopic + failurePolicy: Fail + name: vkafkatopic.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkatopics + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-mysql + failurePolicy: Fail + name: vmysql.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - mysqls + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: vopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - opensearches + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-postgresql + failurePolicy: Fail + name: vpg.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - postgresqls + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-project + failurePolicy: Fail + name: vproject.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - projects + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-redis + failurePolicy: Fail + name: vredis.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - redis + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-serviceintegration + failurePolicy: Fail + name: vserviceintegration.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceintegrations + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-serviceuser + failurePolicy: Fail + name: vserviceuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceusers + sideEffects: None diff --git a/docs/docs/api-reference/cassandra.md b/docs/docs/api-reference/cassandra.md index f38393ef..b200d4ce 100644 --- a/docs/docs/api-reference/cassandra.md +++ b/docs/docs/api-reference/cassandra.md @@ -84,8 +84,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -111,11 +111,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -125,8 +125,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -196,3 +196,4 @@ Allow access to selected service ports from the public Internet. **Required** - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. + diff --git a/docs/docs/api-reference/clickhouse.md b/docs/docs/api-reference/clickhouse.md index 87834973..f95407db 100644 --- a/docs/docs/api-reference/clickhouse.md +++ b/docs/docs/api-reference/clickhouse.md @@ -75,8 +75,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -102,11 +102,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -116,8 +116,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -189,3 +189,4 @@ Allow access to selected service ports from the public Internet. - [`clickhouse_https`](#spec.userConfig.public_access.clickhouse_https-property){: name='spec.userConfig.public_access.clickhouse_https-property'} (boolean). Allow clients to connect to clickhouse_https from the public internet for service nodes that are in a project VPC or another type of private network. - [`clickhouse_mysql`](#spec.userConfig.public_access.clickhouse_mysql-property){: name='spec.userConfig.public_access.clickhouse_mysql-property'} (boolean). Allow clients to connect to clickhouse_mysql from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. + diff --git a/docs/docs/api-reference/clickhouseuser.md b/docs/docs/api-reference/clickhouseuser.md index e30e1180..ad2da11e 100644 --- a/docs/docs/api-reference/clickhouseuser.md +++ b/docs/docs/api-reference/clickhouseuser.md @@ -61,8 +61,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -79,3 +79,4 @@ Information regarding secret creation. Exposed keys: `CLICKHOUSEUSER_HOST`, `CLI - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + diff --git a/docs/docs/api-reference/connectionpool.md b/docs/docs/api-reference/connectionpool.md index 9905d6d7..53e500e1 100644 --- a/docs/docs/api-reference/connectionpool.md +++ b/docs/docs/api-reference/connectionpool.md @@ -69,8 +69,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -87,3 +87,4 @@ Information regarding secret creation. Exposed keys: `CONNECTIONPOOL_NAME`, `CON - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + diff --git a/docs/docs/api-reference/database.md b/docs/docs/api-reference/database.md index c36af121..61ce1948 100644 --- a/docs/docs/api-reference/database.md +++ b/docs/docs/api-reference/database.md @@ -58,5 +58,6 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). + diff --git a/docs/docs/api-reference/grafana.md b/docs/docs/api-reference/grafana.md index 1dc1c816..29cd7f3c 100644 --- a/docs/docs/api-reference/grafana.md +++ b/docs/docs/api-reference/grafana.md @@ -83,8 +83,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -110,11 +110,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -124,8 +124,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -166,7 +166,7 @@ Cassandra specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`service_log`](#spec.userConfig.service_log-property){: name='spec.userConfig.service_log-property'} (boolean). Store logs for the service so that they are available in the HTTP API and console. - [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. - [`smtp_server`](#spec.userConfig.smtp_server-property){: name='spec.userConfig.smtp_server-property'} (object). SMTP server settings. See below for [nested schema](#spec.userConfig.smtp_server). @@ -215,7 +215,7 @@ Generic OAuth integration. - [`allowed_domains`](#spec.userConfig.auth_generic_oauth.allowed_domains-property){: name='spec.userConfig.auth_generic_oauth.allowed_domains-property'} (array of strings, MaxItems: 50). Allowed domains. - [`allowed_organizations`](#spec.userConfig.auth_generic_oauth.allowed_organizations-property){: name='spec.userConfig.auth_generic_oauth.allowed_organizations-property'} (array of strings, MaxItems: 50). Require user to be member of one of the listed organizations. - [`auto_login`](#spec.userConfig.auth_generic_oauth.auto_login-property){: name='spec.userConfig.auth_generic_oauth.auto_login-property'} (boolean). Allow users to bypass the login screen and automatically log in. -- [`name`](#spec.userConfig.auth_generic_oauth.name-property){: name='spec.userConfig.auth*generic_oauth.name-property'} (string, Pattern: `^[a-zA-Z0-9*\- ]+$`, MaxLength: 128). Name of the OAuth integration. +- [`name`](#spec.userConfig.auth_generic_oauth.name-property){: name='spec.userConfig.auth_generic_oauth.name-property'} (string, Pattern: `^[a-zA-Z0-9_\- ]+$`, MaxLength: 128). Name of the OAuth integration. - [`scopes`](#spec.userConfig.auth_generic_oauth.scopes-property){: name='spec.userConfig.auth_generic_oauth.scopes-property'} (array of strings, MaxItems: 50). OAuth scopes. ### auth_github {: #spec.userConfig.auth_github } @@ -363,3 +363,4 @@ SMTP server settings. - [`skip_verify`](#spec.userConfig.smtp_server.skip_verify-property){: name='spec.userConfig.smtp_server.skip_verify-property'} (boolean). Skip verifying server certificate. Defaults to false. - [`starttls_policy`](#spec.userConfig.smtp_server.starttls_policy-property){: name='spec.userConfig.smtp_server.starttls_policy-property'} (string, Enum: `OpportunisticStartTLS`, `MandatoryStartTLS`, `NoStartTLS`). Either OpportunisticStartTLS, MandatoryStartTLS or NoStartTLS. Default is OpportunisticStartTLS. - [`username`](#spec.userConfig.smtp_server.username-property){: name='spec.userConfig.smtp_server.username-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 255). Username for SMTP authentication. + diff --git a/docs/docs/api-reference/kafka.md b/docs/docs/api-reference/kafka.md index a1038224..60eb266d 100644 --- a/docs/docs/api-reference/kafka.md +++ b/docs/docs/api-reference/kafka.md @@ -76,8 +76,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -103,11 +103,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -117,8 +117,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -251,7 +251,7 @@ Kafka Connect configuration values. - [`producer_compression_type`](#spec.userConfig.kafka_connect_config.producer_compression_type-property){: name='spec.userConfig.kafka_connect_config.producer_compression_type-property'} (string, Enum: `gzip`, `snappy`, `lz4`, `zstd`, `none`). Specify the default compression type for producers. This configuration accepts the standard compression codecs (`gzip`, `snappy`, `lz4`, `zstd`). It additionally accepts `none` which is the default and equivalent to no compression. - [`producer_linger_ms`](#spec.userConfig.kafka_connect_config.producer_linger_ms-property){: name='spec.userConfig.kafka_connect_config.producer_linger_ms-property'} (integer, Minimum: 0, Maximum: 5000). This setting gives the upper bound on the delay for batching: once there is batch.size worth of records for a partition it will be sent immediately regardless of this setting, however if there are fewer than this many bytes accumulated for this partition the producer will `linger` for the specified time waiting for more records to show up. Defaults to 0. - [`producer_max_request_size`](#spec.userConfig.kafka_connect_config.producer_max_request_size-property){: name='spec.userConfig.kafka_connect_config.producer_max_request_size-property'} (integer, Minimum: 131072, Maximum: 67108864). This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests. -- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. +- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. - [`session_timeout_ms`](#spec.userConfig.kafka_connect_config.session_timeout_ms-property){: name='spec.userConfig.kafka_connect_config.session_timeout_ms-property'} (integer, Minimum: 1, Maximum: 2147483647). The timeout in milliseconds used to detect failures when using Kafka’s group management facilities (defaults to 10000). ### kafka_rest_config {: #spec.userConfig.kafka_rest_config } @@ -346,3 +346,4 @@ Deprecated. Local cache configuration. **Required** - [`size`](#spec.userConfig.tiered_storage.local_cache.size-property){: name='spec.userConfig.tiered_storage.local_cache.size-property'} (integer, Minimum: 1, Maximum: 107374182400). Deprecated. Local cache size in bytes. + diff --git a/docs/docs/api-reference/kafkaacl.md b/docs/docs/api-reference/kafkaacl.md index ef683f58..16e382d3 100644 --- a/docs/docs/api-reference/kafkaacl.md +++ b/docs/docs/api-reference/kafkaacl.md @@ -58,5 +58,6 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). + diff --git a/docs/docs/api-reference/kafkaconnect.md b/docs/docs/api-reference/kafkaconnect.md index d045e98b..9670e11b 100644 --- a/docs/docs/api-reference/kafkaconnect.md +++ b/docs/docs/api-reference/kafkaconnect.md @@ -68,8 +68,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## projectVPCRef {: #spec.projectVPCRef } @@ -79,11 +79,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -93,8 +93,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -149,7 +149,7 @@ Kafka Connect configuration values. - [`producer_compression_type`](#spec.userConfig.kafka_connect.producer_compression_type-property){: name='spec.userConfig.kafka_connect.producer_compression_type-property'} (string, Enum: `gzip`, `snappy`, `lz4`, `zstd`, `none`). Specify the default compression type for producers. This configuration accepts the standard compression codecs (`gzip`, `snappy`, `lz4`, `zstd`). It additionally accepts `none` which is the default and equivalent to no compression. - [`producer_linger_ms`](#spec.userConfig.kafka_connect.producer_linger_ms-property){: name='spec.userConfig.kafka_connect.producer_linger_ms-property'} (integer, Minimum: 0, Maximum: 5000). This setting gives the upper bound on the delay for batching: once there is batch.size worth of records for a partition it will be sent immediately regardless of this setting, however if there are fewer than this many bytes accumulated for this partition the producer will `linger` for the specified time waiting for more records to show up. Defaults to 0. - [`producer_max_request_size`](#spec.userConfig.kafka_connect.producer_max_request_size-property){: name='spec.userConfig.kafka_connect.producer_max_request_size-property'} (integer, Minimum: 131072, Maximum: 67108864). This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests. -- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. +- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. - [`session_timeout_ms`](#spec.userConfig.kafka_connect.session_timeout_ms-property){: name='spec.userConfig.kafka_connect.session_timeout_ms-property'} (integer, Minimum: 1, Maximum: 2147483647). The timeout in milliseconds used to detect failures when using Kafka’s group management facilities (defaults to 10000). ### private_access {: #spec.userConfig.private_access } @@ -185,3 +185,4 @@ Allow access to selected service ports from the public Internet. - [`kafka_connect`](#spec.userConfig.public_access.kafka_connect-property){: name='spec.userConfig.public_access.kafka_connect-property'} (boolean). Allow clients to connect to kafka_connect from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. + diff --git a/docs/docs/api-reference/kafkaconnector.md b/docs/docs/api-reference/kafkaconnector.md index ab09f3cc..06b06a16 100644 --- a/docs/docs/api-reference/kafkaconnector.md +++ b/docs/docs/api-reference/kafkaconnector.md @@ -38,5 +38,6 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). + diff --git a/docs/docs/api-reference/kafkaschema.md b/docs/docs/api-reference/kafkaschema.md index b705e329..56932154 100644 --- a/docs/docs/api-reference/kafkaschema.md +++ b/docs/docs/api-reference/kafkaschema.md @@ -71,5 +71,6 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). + diff --git a/docs/docs/api-reference/kafkatopic.md b/docs/docs/api-reference/kafkatopic.md index 55a26e41..c52ad7e4 100644 --- a/docs/docs/api-reference/kafkatopic.md +++ b/docs/docs/api-reference/kafkatopic.md @@ -65,8 +65,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## config {: #spec.config } @@ -108,8 +108,9 @@ Kafka topic tags. **Required** -- [`key`](#spec.tags.key-property){: name='spec.tags.key-property'} (string, MinLength: 1, MaxLength: 64, Format: `^[a-zA-Z0-9_-]*$`). +- [`key`](#spec.tags.key-property){: name='spec.tags.key-property'} (string, MinLength: 1, MaxLength: 64, Format: `^[a-zA-Z0-9_-]*$`). **Optional** -- [`value`](#spec.tags.value-property){: name='spec.tags.value-property'} (string, MaxLength: 256, Format: `^[a-zA-Z0-9_-]*$`). +- [`value`](#spec.tags.value-property){: name='spec.tags.value-property'} (string, MaxLength: 256, Format: `^[a-zA-Z0-9_-]*$`). + diff --git a/docs/docs/api-reference/mysql.md b/docs/docs/api-reference/mysql.md index b7f7d431..27afc1bd 100644 --- a/docs/docs/api-reference/mysql.md +++ b/docs/docs/api-reference/mysql.md @@ -83,8 +83,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -110,11 +110,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -124,8 +124,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -136,7 +136,7 @@ MySQL specific user configuration options. **Optional** - [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. -- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin*password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-*]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. +- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin_password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-_]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. - [`admin_username`](#spec.userConfig.admin_username-property){: name='spec.userConfig.admin_username-property'} (string, Immutable, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Custom username for admin user. This must be set only when a new service is being created. - [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. - [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. @@ -201,7 +201,7 @@ mysql.conf configuration values. - [`group_concat_max_len`](#spec.userConfig.mysql.group_concat_max_len-property){: name='spec.userConfig.mysql.group_concat_max_len-property'} (integer, Minimum: 4). The maximum permitted result length in bytes for the GROUP_CONCAT() function. - [`information_schema_stats_expiry`](#spec.userConfig.mysql.information_schema_stats_expiry-property){: name='spec.userConfig.mysql.information_schema_stats_expiry-property'} (integer, Minimum: 900, Maximum: 31536000). The time, in seconds, before cached statistics expire. - [`innodb_change_buffer_max_size`](#spec.userConfig.mysql.innodb_change_buffer_max_size-property){: name='spec.userConfig.mysql.innodb_change_buffer_max_size-property'} (integer, Minimum: 0, Maximum: 50). Maximum size for the InnoDB change buffer, as a percentage of the total size of the buffer pool. Default is 25. -- [`innodb_flush_neighbors`](#spec.userConfig.mysql.innodb_flush_neighbors-property){: name='spec.userConfig.mysql.innodb_flush_neighbors-property'} (integer, Minimum: 0, Maximum: 2). Specifies whether flushing a page from the InnoDB buffer pool also flushes other dirty pages in the same extent (default is 1): 0 - dirty pages in the same extent are not flushed, 1 - flush contiguous dirty pages in the same extent, 2 - flush dirty pages in the same extent. +- [`innodb_flush_neighbors`](#spec.userConfig.mysql.innodb_flush_neighbors-property){: name='spec.userConfig.mysql.innodb_flush_neighbors-property'} (integer, Minimum: 0, Maximum: 2). Specifies whether flushing a page from the InnoDB buffer pool also flushes other dirty pages in the same extent (default is 1): 0 - dirty pages in the same extent are not flushed, 1 - flush contiguous dirty pages in the same extent, 2 - flush dirty pages in the same extent. - [`innodb_ft_min_token_size`](#spec.userConfig.mysql.innodb_ft_min_token_size-property){: name='spec.userConfig.mysql.innodb_ft_min_token_size-property'} (integer, Minimum: 0, Maximum: 16). Minimum length of words that are stored in an InnoDB FULLTEXT index. Changing this parameter will lead to a restart of the MySQL service. - [`innodb_ft_server_stopword_table`](#spec.userConfig.mysql.innodb_ft_server_stopword_table-property){: name='spec.userConfig.mysql.innodb_ft_server_stopword_table-property'} (string, Pattern: `^.+/.+$`, MaxLength: 1024). This option is used to specify your own InnoDB FULLTEXT index stopword list for all InnoDB tables. - [`innodb_lock_wait_timeout`](#spec.userConfig.mysql.innodb_lock_wait_timeout-property){: name='spec.userConfig.mysql.innodb_lock_wait_timeout-property'} (integer, Minimum: 1, Maximum: 3600). The length of time in seconds an InnoDB transaction waits for a row lock before giving up. Default is 120. @@ -222,7 +222,7 @@ mysql.conf configuration values. - [`net_write_timeout`](#spec.userConfig.mysql.net_write_timeout-property){: name='spec.userConfig.mysql.net_write_timeout-property'} (integer, Minimum: 1, Maximum: 3600). The number of seconds to wait for a block to be written to a connection before aborting the write. - [`slow_query_log`](#spec.userConfig.mysql.slow_query_log-property){: name='spec.userConfig.mysql.slow_query_log-property'} (boolean). Slow query log enables capturing of slow queries. Setting slow_query_log to false also truncates the mysql.slow_log table. Default is off. - [`sort_buffer_size`](#spec.userConfig.mysql.sort_buffer_size-property){: name='spec.userConfig.mysql.sort_buffer_size-property'} (integer, Minimum: 32768, Maximum: 1073741824). Sort buffer size in bytes for ORDER BY optimization. Default is 262144 (256K). -- [`sql_mode`](#spec.userConfig.mysql.sql_mode-property){: name='spec.userConfig.mysql.sql*mode-property'} (string, Pattern: `^[A-Z*]_(,[A-Z_]+)\_$`, MaxLength: 1024). Global SQL mode. Set to empty to use MySQL server defaults. When creating a new service and not setting this field Aiven default SQL mode (strict, SQL standard compliant) will be assigned. +- [`sql_mode`](#spec.userConfig.mysql.sql_mode-property){: name='spec.userConfig.mysql.sql_mode-property'} (string, Pattern: `^[A-Z_]*(,[A-Z_]+)*$`, MaxLength: 1024). Global SQL mode. Set to empty to use MySQL server defaults. When creating a new service and not setting this field Aiven default SQL mode (strict, SQL standard compliant) will be assigned. - [`sql_require_primary_key`](#spec.userConfig.mysql.sql_require_primary_key-property){: name='spec.userConfig.mysql.sql_require_primary_key-property'} (boolean). Require primary key to be defined for new tables or old tables modified with ALTER TABLE and fail if missing. It is recommended to always have primary keys because various functionality may break if any large table is missing them. - [`tmp_table_size`](#spec.userConfig.mysql.tmp_table_size-property){: name='spec.userConfig.mysql.tmp_table_size-property'} (integer, Minimum: 1048576, Maximum: 1073741824). Limits the size of internal in-memory tables. Also set max_heap_table_size. Default is 16777216 (16M). - [`wait_timeout`](#spec.userConfig.mysql.wait_timeout-property){: name='spec.userConfig.mysql.wait_timeout-property'} (integer, Minimum: 1, Maximum: 2147483). The number of seconds the server waits for activity on a noninteractive connection before closing it. @@ -262,3 +262,4 @@ Allow access to selected service ports from the public Internet. - [`mysql`](#spec.userConfig.public_access.mysql-property){: name='spec.userConfig.public_access.mysql-property'} (boolean). Allow clients to connect to mysql from the public internet for service nodes that are in a project VPC or another type of private network. - [`mysqlx`](#spec.userConfig.public_access.mysqlx-property){: name='spec.userConfig.public_access.mysqlx-property'} (boolean). Allow clients to connect to mysqlx from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. + diff --git a/docs/docs/api-reference/opensearch.md b/docs/docs/api-reference/opensearch.md index c80cf540..db5c6ee4 100644 --- a/docs/docs/api-reference/opensearch.md +++ b/docs/docs/api-reference/opensearch.md @@ -76,8 +76,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -103,11 +103,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -117,8 +117,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -144,7 +144,7 @@ OpenSearch specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`saml`](#spec.userConfig.saml-property){: name='spec.userConfig.saml-property'} (object). OpenSearch SAML configuration. See below for [nested schema](#spec.userConfig.saml). - [`service_log`](#spec.userConfig.service_log-property){: name='spec.userConfig.service_log-property'} (boolean). Store logs for the service so that they are available in the HTTP API and console. - [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. @@ -159,7 +159,7 @@ Index patterns. **Required** - [`max_index_count`](#spec.userConfig.index_patterns.max_index_count-property){: name='spec.userConfig.index_patterns.max_index_count-property'} (integer, Minimum: 0). Maximum number of indexes to keep. -- [`pattern`](#spec.userConfig.index_patterns.pattern-property){: name='spec.userConfig.index*patterns.pattern-property'} (string, Pattern: `^[A-Za-z0-9-*.\*?]+$`, MaxLength: 1024). fnmatch pattern. +- [`pattern`](#spec.userConfig.index_patterns.pattern-property){: name='spec.userConfig.index_patterns.pattern-property'} (string, Pattern: `^[A-Za-z0-9-_.*?]+$`, MaxLength: 1024). fnmatch pattern. **Optional** @@ -228,7 +228,7 @@ OpenSearch settings. - [`auth_failure_listeners`](#spec.userConfig.opensearch.auth_failure_listeners-property){: name='spec.userConfig.opensearch.auth_failure_listeners-property'} (object). Opensearch Security Plugin Settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners). - [`cluster_max_shards_per_node`](#spec.userConfig.opensearch.cluster_max_shards_per_node-property){: name='spec.userConfig.opensearch.cluster_max_shards_per_node-property'} (integer, Minimum: 100, Maximum: 10000). Controls the number of shards allowed in the cluster per data node. - [`cluster_routing_allocation_node_concurrent_recoveries`](#spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property){: name='spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property'} (integer, Minimum: 2, Maximum: 16). How many concurrent incoming/outgoing shard recoveries (normally replicas) are allowed to happen on a node. Defaults to 2. -- [`email_sender_name`](#spec.userConfig.opensearch.email_sender_name-property){: name='spec.userConfig.opensearch.email*sender_name-property'} (string, Pattern: `^[a-zA-Z0-9-*]+$`, MaxLength: 40). Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. +- [`email_sender_name`](#spec.userConfig.opensearch.email_sender_name-property){: name='spec.userConfig.opensearch.email_sender_name-property'} (string, Pattern: `^[a-zA-Z0-9-_]+$`, MaxLength: 40). Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. - [`email_sender_password`](#spec.userConfig.opensearch.email_sender_password-property){: name='spec.userConfig.opensearch.email_sender_password-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 1024). Sender password for Opensearch alerts to authenticate with SMTP server. - [`email_sender_username`](#spec.userConfig.opensearch.email_sender_username-property){: name='spec.userConfig.opensearch.email_sender_username-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 320). Sender username for Opensearch alerts. - [`enable_security_audit`](#spec.userConfig.opensearch.enable_security_audit-property){: name='spec.userConfig.opensearch.enable_security_audit-property'} (boolean). Enable/Disable security audit. @@ -273,7 +273,7 @@ Opensearch Security Plugin Settings. **Optional** -- [`internal_authentication_backend_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property'} (object). See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting). +- [`internal_authentication_backend_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property'} (object). See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting). - [`ip_rate_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property'} (object). IP address rate limiting settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting). ##### internal_authentication_backend_limiting {: #spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting } @@ -371,3 +371,4 @@ OpenSearch SAML configuration. - [`idp_pemtrustedcas_content`](#spec.userConfig.saml.idp_pemtrustedcas_content-property){: name='spec.userConfig.saml.idp_pemtrustedcas_content-property'} (string, MaxLength: 16384). This parameter specifies the PEM-encoded root certificate authority (CA) content for the SAML identity provider (IdP) server verification. The root CA content is used to verify the SSL/TLS certificate presented by the server. - [`roles_key`](#spec.userConfig.saml.roles_key-property){: name='spec.userConfig.saml.roles_key-property'} (string, MinLength: 1, MaxLength: 256). Optional. Specifies the attribute in the SAML response where role information is stored, if available. Role attributes are not required for SAML authentication, but can be included in SAML assertions by most Identity Providers (IdPs) to determine user access levels or permissions. - [`subject_key`](#spec.userConfig.saml.subject_key-property){: name='spec.userConfig.saml.subject_key-property'} (string, MinLength: 1, MaxLength: 256). Optional. Specifies the attribute in the SAML response where the subject identifier is stored. If not configured, the NameID attribute is used by default. + diff --git a/docs/docs/api-reference/postgresql.md b/docs/docs/api-reference/postgresql.md index 0f0578eb..3ee32409 100644 --- a/docs/docs/api-reference/postgresql.md +++ b/docs/docs/api-reference/postgresql.md @@ -78,8 +78,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -105,11 +105,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -119,8 +119,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -131,7 +131,7 @@ PostgreSQL specific user configuration options. **Optional** - [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. -- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin*password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-*]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. +- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin_password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-_]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. - [`admin_username`](#spec.userConfig.admin_username-property){: name='spec.userConfig.admin_username-property'} (string, Immutable, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Custom username for admin user. This must be set only when a new service is being created. - [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. - [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. @@ -203,7 +203,7 @@ postgresql.conf configuration values. **Optional** - [`autovacuum_analyze_scale_factor`](#spec.userConfig.pg.autovacuum_analyze_scale_factor-property){: name='spec.userConfig.pg.autovacuum_analyze_scale_factor-property'} (number, Minimum: 0, Maximum: 1). Specifies a fraction of the table size to add to autovacuum_analyze_threshold when deciding whether to trigger an ANALYZE. The default is 0.2 (20% of table size). -- [`autovacuum_analyze_threshold`](#spec.userConfig.pg.autovacuum_analyze_threshold-property){: name='spec.userConfig.pg.autovacuum_analyze_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. +- [`autovacuum_analyze_threshold`](#spec.userConfig.pg.autovacuum_analyze_threshold-property){: name='spec.userConfig.pg.autovacuum_analyze_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. - [`autovacuum_freeze_max_age`](#spec.userConfig.pg.autovacuum_freeze_max_age-property){: name='spec.userConfig.pg.autovacuum_freeze_max_age-property'} (integer, Minimum: 200000000, Maximum: 1500000000). Specifies the maximum age (in transactions) that a table's pg_class.relfrozenxid field can attain before a VACUUM operation is forced to prevent transaction ID wraparound within the table. Note that the system will launch autovacuum processes to prevent wraparound even when autovacuum is otherwise disabled. This parameter will cause the server to be restarted. - [`autovacuum_max_workers`](#spec.userConfig.pg.autovacuum_max_workers-property){: name='spec.userConfig.pg.autovacuum_max_workers-property'} (integer, Minimum: 1, Maximum: 20). Specifies the maximum number of autovacuum processes (other than the autovacuum launcher) that may be running at any one time. The default is three. This parameter can only be set at server start. - [`autovacuum_naptime`](#spec.userConfig.pg.autovacuum_naptime-property){: name='spec.userConfig.pg.autovacuum_naptime-property'} (integer, Minimum: 1, Maximum: 86400). Specifies the minimum delay between autovacuum runs on any given database. The delay is measured in seconds, and the default is one minute. @@ -339,3 +339,4 @@ System-wide settings for the timescaledb extension. **Required** - [`max_background_workers`](#spec.userConfig.timescaledb.max_background_workers-property){: name='spec.userConfig.timescaledb.max_background_workers-property'} (integer, Minimum: 1, Maximum: 4096). The number of background workers for timescaledb operations. You should configure this setting to the sum of your number of databases and the total number of concurrent background workers you want running at any given point in time. + diff --git a/docs/docs/api-reference/project.md b/docs/docs/api-reference/project.md index cfc6e9f6..05867a8b 100644 --- a/docs/docs/api-reference/project.md +++ b/docs/docs/api-reference/project.md @@ -71,8 +71,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -89,3 +89,4 @@ Information regarding secret creation. Exposed keys: `PROJECT_CA_CERT`. - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + diff --git a/docs/docs/api-reference/projectvpc.md b/docs/docs/api-reference/projectvpc.md index 1e9413ba..7f36973b 100644 --- a/docs/docs/api-reference/projectvpc.md +++ b/docs/docs/api-reference/projectvpc.md @@ -54,5 +54,6 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). + diff --git a/docs/docs/api-reference/redis.md b/docs/docs/api-reference/redis.md index 5692f9b6..09932dc1 100644 --- a/docs/docs/api-reference/redis.md +++ b/docs/docs/api-reference/redis.md @@ -78,8 +78,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -105,11 +105,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -119,8 +119,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -137,7 +137,7 @@ Redis specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`redis_acl_channels_default`](#spec.userConfig.redis_acl_channels_default-property){: name='spec.userConfig.redis_acl_channels_default-property'} (string, Enum: `allchannels`, `resetchannels`). Determines default pub/sub channels' ACL for new users if ACL is not supplied. When this option is not defined, all_channels is assumed to keep backward compatibility. This option doesn't affect Redis configuration acl-pubsub-default. - [`redis_io_threads`](#spec.userConfig.redis_io_threads-property){: name='spec.userConfig.redis_io_threads-property'} (integer, Minimum: 1, Maximum: 32). Set Redis IO thread count. Changing this will cause a restart of the Redis service. - [`redis_lfu_decay_time`](#spec.userConfig.redis_lfu_decay_time-property){: name='spec.userConfig.redis_lfu_decay_time-property'} (integer, Minimum: 1, Maximum: 120). LFU maxmemory-policy counter decay time in minutes. @@ -219,3 +219,4 @@ Allow access to selected service ports from the public Internet. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - [`redis`](#spec.userConfig.public_access.redis-property){: name='spec.userConfig.public_access.redis-property'} (boolean). Allow clients to connect to redis from the public internet for service nodes that are in a project VPC or another type of private network. + diff --git a/docs/docs/api-reference/serviceintegration.md b/docs/docs/api-reference/serviceintegration.md index 307052fe..64875bd6 100644 --- a/docs/docs/api-reference/serviceintegration.md +++ b/docs/docs/api-reference/serviceintegration.md @@ -73,8 +73,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## clickhouseKafka {: #spec.clickhouseKafka } @@ -286,7 +286,7 @@ Kafka MirrorMaker configuration values. **Optional** -- [`cluster_alias`](#spec.kafkaMirrormaker.cluster_alias-property){: name='spec.kafkaMirrormaker.cluster*alias-property'} (string, Pattern: `^[a-zA-Z0-9*.-]+$`, MaxLength: 128). The alias under which the Kafka cluster is known to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, `.`, `\_`, and `-`. +- [`cluster_alias`](#spec.kafkaMirrormaker.cluster_alias-property){: name='spec.kafkaMirrormaker.cluster_alias-property'} (string, Pattern: `^[a-zA-Z0-9_.-]+$`, MaxLength: 128). The alias under which the Kafka cluster is known to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, `.`, `_`, and `-`. - [`kafka_mirrormaker`](#spec.kafkaMirrormaker.kafka_mirrormaker-property){: name='spec.kafkaMirrormaker.kafka_mirrormaker-property'} (object). Kafka MirrorMaker configuration values. See below for [nested schema](#spec.kafkaMirrormaker.kafka_mirrormaker). ### kafka_mirrormaker {: #spec.kafkaMirrormaker.kafka_mirrormaker } @@ -362,3 +362,4 @@ Configuration options for Telegraf MySQL input plugin. - [`perf_events_statements_digest_text_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_digest_text_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_digest_text_limit-property'} (integer, Minimum: 1, Maximum: 2048). Truncates digest text from perf_events_statements into this many characters. - [`perf_events_statements_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_limit-property'} (integer, Minimum: 1, Maximum: 4000). Limits metrics from perf_events_statements. - [`perf_events_statements_time_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_time_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_time_limit-property'} (integer, Minimum: 1, Maximum: 2592000). Only include perf_events_statements whose last seen is less than this many seconds. + diff --git a/docs/docs/api-reference/serviceuser.md b/docs/docs/api-reference/serviceuser.md index 53d3409f..1bb2e8aa 100644 --- a/docs/docs/api-reference/serviceuser.md +++ b/docs/docs/api-reference/serviceuser.md @@ -62,8 +62,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -80,3 +80,4 @@ Information regarding secret creation. Exposed keys: `SERVICEUSER_HOST`, `SERVIC - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + From d525e50bf6d088c6bd888c22b758e104e5958a31 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Wed, 27 Dec 2023 14:56:08 +0200 Subject: [PATCH 3/3] chore(userconfigs): generate files --- .../templates/aiven.io_cassandras.yaml | 746 ++++--- .../templates/aiven.io_clickhouses.yaml | 714 +++--- .../templates/aiven.io_clickhouseusers.yaml | 348 +-- .../templates/aiven.io_connectionpools.yaml | 391 ++-- .../templates/aiven.io_databases.yaml | 300 +-- .../templates/aiven.io_grafanas.yaml | 1600 ++++++------- .../templates/aiven.io_kafkaacls.yaml | 325 +-- .../templates/aiven.io_kafkaconnectors.yaml | 409 ++-- .../templates/aiven.io_kafkaconnects.yaml | 848 +++---- .../templates/aiven.io_kafkas.yaml | 1981 +++++++++-------- .../templates/aiven.io_kafkaschemas.yaml | 334 +-- .../templates/aiven.io_kafkatopics.yaml | 535 ++--- .../templates/aiven.io_mysqls.yaml | 1331 +++++------ .../templates/aiven.io_opensearches.yaml | 1918 ++++++++-------- .../templates/aiven.io_postgresqls.yaml | 1943 ++++++++-------- .../templates/aiven.io_projects.yaml | 445 ++-- .../templates/aiven.io_projectvpcs.yaml | 321 +-- .../templates/aiven.io_redis.yaml | 911 ++++---- .../aiven.io_serviceintegrations.yaml | 1476 ++++++------ .../templates/aiven.io_serviceusers.yaml | 348 +-- config/crd/bases/aiven.io_cassandras.yaml | 746 ++++--- config/crd/bases/aiven.io_clickhouses.yaml | 714 +++--- .../crd/bases/aiven.io_clickhouseusers.yaml | 348 +-- .../crd/bases/aiven.io_connectionpools.yaml | 391 ++-- config/crd/bases/aiven.io_databases.yaml | 300 +-- config/crd/bases/aiven.io_grafanas.yaml | 1600 ++++++------- config/crd/bases/aiven.io_kafkaacls.yaml | 325 +-- .../crd/bases/aiven.io_kafkaconnectors.yaml | 409 ++-- config/crd/bases/aiven.io_kafkaconnects.yaml | 848 +++---- config/crd/bases/aiven.io_kafkas.yaml | 1981 +++++++++-------- config/crd/bases/aiven.io_kafkaschemas.yaml | 334 +-- config/crd/bases/aiven.io_kafkatopics.yaml | 535 ++--- config/crd/bases/aiven.io_mysqls.yaml | 1331 +++++------ config/crd/bases/aiven.io_opensearches.yaml | 1918 ++++++++-------- config/crd/bases/aiven.io_postgresqls.yaml | 1943 ++++++++-------- config/crd/bases/aiven.io_projects.yaml | 445 ++-- config/crd/bases/aiven.io_projectvpcs.yaml | 321 +-- config/crd/bases/aiven.io_redis.yaml | 911 ++++---- .../bases/aiven.io_serviceintegrations.yaml | 1476 ++++++------ config/crd/bases/aiven.io_serviceusers.yaml | 348 +-- config/rbac/role.yaml | 1192 +++++----- config/webhook/manifests.yaml | 1548 ++++++------- docs/docs/api-reference/cassandra.md | 13 +- docs/docs/api-reference/clickhouse.md | 13 +- docs/docs/api-reference/clickhouseuser.md | 5 +- docs/docs/api-reference/connectionpool.md | 5 +- docs/docs/api-reference/database.md | 5 +- docs/docs/api-reference/grafana.md | 17 +- docs/docs/api-reference/kafka.md | 15 +- docs/docs/api-reference/kafkaacl.md | 5 +- docs/docs/api-reference/kafkaconnect.md | 15 +- docs/docs/api-reference/kafkaconnector.md | 5 +- docs/docs/api-reference/kafkaschema.md | 5 +- docs/docs/api-reference/kafkatopic.md | 9 +- docs/docs/api-reference/mysql.md | 19 +- docs/docs/api-reference/opensearch.md | 21 +- docs/docs/api-reference/postgresql.md | 17 +- docs/docs/api-reference/project.md | 5 +- docs/docs/api-reference/projectvpc.md | 5 +- docs/docs/api-reference/redis.md | 15 +- docs/docs/api-reference/serviceintegration.md | 7 +- docs/docs/api-reference/serviceuser.md | 5 +- 62 files changed, 19459 insertions(+), 17935 deletions(-) diff --git a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml index b92c2e97..c77cf9c8 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml @@ -15,381 +15,417 @@ spec: singular: cassandra scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cassandra is the Schema for the cassandras API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CassandraSpec defines the desired state of Cassandra - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, - `CASSANDRA_URI`, `CASSANDRA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cassandra is the Schema for the cassandras API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: CassandraSpec defines the desired state of Cassandra + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Deprecated. Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - cassandra: - description: cassandra configuration values - properties: - batch_size_fail_threshold_in_kb: - description: Fail any multiple-partition batch exceeding this - value. 50kb (10x warn threshold) by default. - maximum: 1000000 - minimum: 1 - type: integer - batch_size_warn_threshold_in_kb: - description: Log a warning message on any multiple-partition - batch size exceeding this value.5kb per batch by default.Caution - should be taken on increasing the size of this thresholdas - it can lead to node instability. - maximum: 1000000 - minimum: 1 - type: integer - datacenter: - description: Name of the datacenter to which nodes of this - service belong. Can be set only when creating the service. - maxLength: 128 + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - type: object - cassandra_version: - description: Cassandra major version - enum: - - "4" - - "3" - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - migrate_sstableloader: - description: Sets the service into migration mode enabling the - sstableloader utility to be used to upload Cassandra data files. - Available only on service create. - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_to_join_with: - description: When bootstrapping, instead of creating a new Cassandra - cluster try to join an existing one from another service. Can - only be set on service creation. - maxLength: 64 + tags: + additionalProperties: type: string - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + cassandra: + description: cassandra configuration values + properties: + batch_size_fail_threshold_in_kb: + description: + Fail any multiple-partition batch exceeding this + value. 50kb (10x warn threshold) by default. + maximum: 1000000 + minimum: 1 + type: integer + batch_size_warn_threshold_in_kb: + description: + Log a warning message on any multiple-partition + batch size exceeding this value.5kb per batch by default.Caution + should be taken on increasing the size of this thresholdas + it can lead to node instability. + maximum: 1000000 + minimum: 1 + type: integer + datacenter: + description: + Name of the datacenter to which nodes of this + service belong. Can be set only when creating the service. + maxLength: 128 + type: string + type: object + cassandra_version: + description: Cassandra major version enum: - - "True" - - "False" - - Unknown + - "4" + - "3" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migrate_sstableloader: + description: + Sets the service into migration mode enabling the + sstableloader utility to be used to upload Cassandra data files. + Available only on service create. + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_to_join_with: + description: + When bootstrapping, instead of creating a new Cassandra + cluster try to join an existing one from another service. Can + only be set on service creation. + maxLength: 64 + type: string + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml index 6fbd5c4e..631948cd 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml @@ -15,360 +15,396 @@ spec: singular: clickhouse scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Clickhouse is the Schema for the clickhouses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseSpec defines the desired state of Clickhouse - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - private_access: - description: Allow access to selected service ports from private - networks - properties: - clickhouse: - description: Allow clients to connect to clickhouse with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - clickhouse: - description: Enable clickhouse - type: boolean - clickhouse_https: - description: Enable clickhouse_https - type: boolean - clickhouse_mysql: - description: Enable clickhouse_mysql - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - clickhouse: - description: Allow clients to connect to clickhouse from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + private_access: + description: + Allow access to selected service ports from private + networks + properties: + clickhouse: + description: + Allow clients to connect to clickhouse with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + clickhouse: + description: Enable clickhouse + type: boolean + clickhouse_https: + description: Enable clickhouse_https + type: boolean + clickhouse_mysql: + description: Enable clickhouse_mysql + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + clickhouse: + description: + Allow clients to connect to clickhouse from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml index d28df3a9..87435b42 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml @@ -15,179 +15,191 @@ spec: singular: clickhouseuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClickhouseUser is the Schema for the clickhouseusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseUserSpec defines the desired state of ClickhouseUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, - `CLICKHOUSEUSER_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - project - - serviceName - type: object - status: - description: ClickhouseUserStatus defines the observed state of ClickhouseUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ClickhouseUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - uuid: - description: Clickhouse user UUID - type: string - required: - - conditions - - uuid - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - project + - serviceName + type: object + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml index f8b3d439..8c40c19c 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml @@ -15,200 +15,213 @@ spec: singular: connectionpool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.databaseName - name: Database - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.poolSize - name: Pool Size - type: string - - jsonPath: .spec.poolMode - name: Pool Mode - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ConnectionPool is the Schema for the connectionpools API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConnectionPoolSpec defines the desired state of ConnectionPool - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, - `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, - `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - databaseName: - description: Name of the database the pool connects to - maxLength: 40 - type: string - poolMode: - description: Mode the pool operates in (session, transaction, statement) - enum: - - session - - transaction - - statement - type: string - poolSize: - description: Number of connections the pool may create towards the - backend server - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - username: - description: Name of the service user used to connect to the database - maxLength: 64 - type: string - required: - - databaseName - - project - - serviceName - - username - type: object - status: - description: ConnectionPoolStatus defines the observed state of ConnectionPool - properties: - conditions: - description: Conditions represent the latest available observations - of an ConnectionPool state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.databaseName + name: Database + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.poolSize + name: Pool Size + type: string + - jsonPath: .spec.poolMode + name: Pool Mode + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ConnectionPool is the Schema for the connectionpools API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ConnectionPoolSpec defines the desired state of ConnectionPool + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, + `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, + `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + databaseName: + description: Name of the database the pool connects to + maxLength: 40 + type: string + poolMode: + description: Mode the pool operates in (session, transaction, statement) + enum: + - session + - transaction + - statement + type: string + poolSize: + description: + Number of connections the pool may create towards the + backend server + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + username: + description: Name of the service user used to connect to the database + maxLength: 64 + type: string + required: + - databaseName + - project + - serviceName + - username + type: object + status: + description: ConnectionPoolStatus defines the observed state of ConnectionPool + properties: + conditions: + description: + Conditions represent the latest available observations + of an ConnectionPool state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml index 8a25500c..eb5e09e0 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml @@ -15,153 +15,165 @@ spec: singular: database scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Database is the Schema for the databases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DatabaseSpec defines the desired state of Database - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - lcCollate: - description: 'Default string sort order (LC_COLLATE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - lcCtype: - description: 'Default character classification (LC_CTYPE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - project: - description: Project to link the database to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: PostgreSQL service to link the database to - maxLength: 63 - type: string - terminationProtection: - description: It is a Kubernetes side deletion protections, which prevents - the database from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - project - - serviceName - type: object - status: - description: DatabaseStatus defines the observed state of Database - properties: - conditions: - description: Conditions represent the latest available observations - of an Database state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Database is the Schema for the databases API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: DatabaseSpec defines the desired state of Database + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + lcCollate: + description: + "Default string sort order (LC_COLLATE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + lcCtype: + description: + "Default character classification (LC_CTYPE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + project: + description: Project to link the database to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: PostgreSQL service to link the database to + maxLength: 63 + type: string + terminationProtection: + description: + It is a Kubernetes side deletion protections, which prevents + the database from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - project + - serviceName + type: object + status: + description: DatabaseStatus defines the observed state of Database + properties: + conditions: + description: + Conditions represent the latest available observations + of an Database state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml index 7a9247f9..17a7362e 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml @@ -15,799 +15,869 @@ spec: singular: grafana scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Grafana is the Schema for the grafanas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GrafanaSpec defines the desired state of Grafana - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - alerting_enabled: - description: Enable or disable Grafana legacy alerting functionality. - This should not be enabled with unified_alerting_enabled. - type: boolean - alerting_error_or_timeout: - description: Default error or timeout setting for new alerting - rules - enum: - - alerting - - keep_state - type: string - alerting_max_annotations_to_keep: - description: Max number of alert annotations that Grafana stores. - 0 (default) keeps all alert annotations. - maximum: 1000000 - minimum: 0 - type: integer - alerting_nodata_or_nullvalues: - description: Default value for 'no data or null values' for new - alerting rules - enum: - - alerting - - no_data - - keep_state - - ok - type: string - allow_embedding: - description: Allow embedding Grafana dashboards with iframe/frame/object/embed - tags. Disabled by default to limit impact of clickjacking - type: boolean - auth_azuread: - description: Azure AD OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_basic_enabled: - description: Enable or disable basic authentication form, used - by Grafana built-in login - type: boolean - auth_generic_oauth: - description: Generic OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_organizations: - description: Require user to be member of one of the listed - organizations - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL - maxLength: 2048 - type: string - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - auto_login: - description: Allow users to bypass the login screen and automatically - log in - type: boolean - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - name: - description: Name of the OAuth integration - maxLength: 128 - pattern: ^[a-zA-Z0-9_\- ]+$ - type: string - scopes: - description: OAuth scopes - items: - type: string - maxItems: 50 - type: array - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - api_url - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_github: - description: Github Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_organizations: - description: Require users to belong to one of given organizations - items: - type: string - maxItems: 50 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - team_ids: - description: Require users to belong to one of given team - IDs - items: - type: integer - maxItems: 50 - type: array - required: - - client_id - - client_secret - type: object - auth_gitlab: - description: GitLab Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - auth_url: - description: Authorization URL. This only needs to be set - when using self hosted GitLab - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - required: - - allowed_groups - - client_id - - client_secret - type: object - auth_google: - description: Google Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Domains allowed to sign-in to this Grafana - items: - type: string - maxItems: 64 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - required: - - allowed_domains - - client_id - - client_secret - type: object - cookie_samesite: - description: 'Cookie SameSite attribute: ''strict'' prevents sending - cookie for cross-site requests, effectively disabling direct - linking from other sites to Grafana. ''lax'' is the default - value.' - enum: - - lax - - strict - - none - type: string - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - dashboard_previews_enabled: - description: This feature is new in Grafana 9 and is quite resource - intensive. It may cause low-end plans to work more slowly while - the dashboard previews are rendering. - type: boolean - dashboards_min_refresh_interval: - description: Signed sequence of decimal numbers, followed by a - unit suffix (ms, s, m, h, d), e.g. 30s, 1h - maxLength: 16 - pattern: ^[0-9]+(ms|s|m|h|d)$ - type: string - dashboards_versions_to_keep: - description: Dashboard versions to keep per dashboard - maximum: 100 - minimum: 1 - type: integer - dataproxy_send_user_header: - description: Send 'X-Grafana-User' header to data source - type: boolean - dataproxy_timeout: - description: Timeout for data proxy requests in seconds - maximum: 90 - minimum: 15 - type: integer - date_formats: - description: Grafana date format specifications - properties: - default_timezone: - description: Default time zone for user preferences. Value - 'browser' uses browser local time zone. - maxLength: 64 - pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ - type: string - full_date: - description: Moment.js style format string for cases where - full date is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_day: - description: Moment.js style format string used when a time - requiring day accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_hour: - description: Moment.js style format string used when a time - requiring hour accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_minute: - description: Moment.js style format string used when a time - requiring minute accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_month: - description: Moment.js style format string used when a time - requiring month accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_second: - description: Moment.js style format string used when a time - requiring second accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - interval_year: - description: Moment.js style format string used when a time - requiring year accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - type: object - disable_gravatar: - description: Set to true to disable gravatar. Defaults to false - (gravatar is enabled) - type: boolean - editors_can_admin: - description: Editors can manage folders, teams and dashboards - created by them - type: boolean - external_image_storage: - description: External image store settings + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - access_key: - description: S3 access key. Requires permissions to the S3 - bucket for the s3:PutObject and s3:PutObjectAcl actions - maxLength: 4096 - pattern: ^[A-Z0-9]+$ - type: string - bucket_url: - description: Bucket URL for S3 - maxLength: 2048 - type: string - provider: - description: Provider type + integrationType: enum: - - s3 + - read_replica type: string - secret_key: - description: S3 secret key - maxLength: 4096 - pattern: ^[A-Za-z0-9/+=]+$ + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - access_key - - bucket_url - - provider - - secret_key + - integrationType + - sourceServiceName type: object - google_analytics_ua_id: - description: Google Analytics ID - maxLength: 64 - pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + alerting_enabled: + description: + Enable or disable Grafana legacy alerting functionality. + This should not be enabled with unified_alerting_enabled. + type: boolean + alerting_error_or_timeout: + description: + Default error or timeout setting for new alerting + rules + enum: + - alerting + - keep_state + type: string + alerting_max_annotations_to_keep: + description: + Max number of alert annotations that Grafana stores. + 0 (default) keeps all alert annotations. + maximum: 1000000 + minimum: 0 + type: integer + alerting_nodata_or_nullvalues: + description: + Default value for 'no data or null values' for new + alerting rules + enum: + - alerting + - no_data + - keep_state + - ok + type: string + allow_embedding: + description: + Allow embedding Grafana dashboards with iframe/frame/object/embed + tags. Disabled by default to limit impact of clickjacking + type: boolean + auth_azuread: + description: Azure AD OAuth integration properties: - description: - description: Description for IP filter list entry + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider maxLength: 1024 + pattern: ^[\040-\176]+$ type: string - network: - description: CIDR address block - maxLength: 43 + token_url: + description: Token URL + maxLength: 2048 type: string required: - - network + - auth_url + - client_id + - client_secret + - token_url type: object - maxItems: 1024 - type: array - metrics_enabled: - description: Enable Grafana /metrics endpoint - type: boolean - oauth_allow_insecure_email_lookup: - description: Enforce user lookup based on email instead of the - unique ID provided by the IdP - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - grafana: - description: Allow clients to connect to grafana with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - grafana: - description: Enable grafana - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - grafana: - description: Allow clients to connect to grafana from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - smtp_server: - description: SMTP server settings + auth_basic_enabled: + description: + Enable or disable basic authentication form, used + by Grafana built-in login + type: boolean + auth_generic_oauth: + description: Generic OAuth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_organizations: + description: + Require user to be member of one of the listed + organizations + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL + maxLength: 2048 + type: string + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + auto_login: + description: + Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + name: + description: Name of the OAuth integration + maxLength: 128 + pattern: ^[a-zA-Z0-9_\- ]+$ + type: string + scopes: + description: OAuth scopes + items: + type: string + maxItems: 50 + type: array + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - api_url + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_github: + description: Github Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_organizations: + description: Require users to belong to one of given organizations + items: + type: string + maxItems: 50 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + team_ids: + description: + Require users to belong to one of given team + IDs + items: + type: integer + maxItems: 50 + type: array + required: + - client_id + - client_secret + type: object + auth_gitlab: + description: GitLab Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + api_url: + description: + API URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + auth_url: + description: + Authorization URL. This only needs to be set + when using self hosted GitLab + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: + Token URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + required: + - allowed_groups + - client_id + - client_secret + type: object + auth_google: + description: Google Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Domains allowed to sign-in to this Grafana + items: + type: string + maxItems: 64 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + required: + - allowed_domains + - client_id + - client_secret + type: object + cookie_samesite: + description: + "Cookie SameSite attribute: 'strict' prevents sending + cookie for cross-site requests, effectively disabling direct + linking from other sites to Grafana. 'lax' is the default + value." + enum: + - lax + - strict + - none + type: string + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + dashboard_previews_enabled: + description: + This feature is new in Grafana 9 and is quite resource + intensive. It may cause low-end plans to work more slowly while + the dashboard previews are rendering. + type: boolean + dashboards_min_refresh_interval: + description: + Signed sequence of decimal numbers, followed by a + unit suffix (ms, s, m, h, d), e.g. 30s, 1h + maxLength: 16 + pattern: ^[0-9]+(ms|s|m|h|d)$ + type: string + dashboards_versions_to_keep: + description: Dashboard versions to keep per dashboard + maximum: 100 + minimum: 1 + type: integer + dataproxy_send_user_header: + description: Send 'X-Grafana-User' header to data source + type: boolean + dataproxy_timeout: + description: Timeout for data proxy requests in seconds + maximum: 90 + minimum: 15 + type: integer + date_formats: + description: Grafana date format specifications + properties: + default_timezone: + description: + Default time zone for user preferences. Value + 'browser' uses browser local time zone. + maxLength: 64 + pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ + type: string + full_date: + description: + Moment.js style format string for cases where + full date is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_day: + description: + Moment.js style format string used when a time + requiring day accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_hour: + description: + Moment.js style format string used when a time + requiring hour accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_minute: + description: + Moment.js style format string used when a time + requiring minute accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_month: + description: + Moment.js style format string used when a time + requiring month accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_second: + description: + Moment.js style format string used when a time + requiring second accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_year: + description: + Moment.js style format string used when a time + requiring year accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + type: object + disable_gravatar: + description: + Set to true to disable gravatar. Defaults to false + (gravatar is enabled) + type: boolean + editors_can_admin: + description: + Editors can manage folders, teams and dashboards + created by them + type: boolean + external_image_storage: + description: External image store settings + properties: + access_key: + description: + S3 access key. Requires permissions to the S3 + bucket for the s3:PutObject and s3:PutObjectAcl actions + maxLength: 4096 + pattern: ^[A-Z0-9]+$ + type: string + bucket_url: + description: Bucket URL for S3 + maxLength: 2048 + type: string + provider: + description: Provider type + enum: + - s3 + type: string + secret_key: + description: S3 secret key + maxLength: 4096 + pattern: ^[A-Za-z0-9/+=]+$ + type: string + required: + - access_key + - bucket_url + - provider + - secret_key + type: object + google_analytics_ua_id: + description: Google Analytics ID + maxLength: 64 + pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + metrics_enabled: + description: Enable Grafana /metrics endpoint + type: boolean + oauth_allow_insecure_email_lookup: + description: + Enforce user lookup based on email instead of the + unique ID provided by the IdP + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + grafana: + description: + Allow clients to connect to grafana with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + grafana: + description: Enable grafana + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + grafana: + description: + Allow clients to connect to grafana from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + smtp_server: + description: SMTP server settings + properties: + from_address: + description: Address used for sending emails + maxLength: 319 + pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ + type: string + from_name: + description: Name used in outgoing emails, defaults to Grafana + maxLength: 128 + pattern: ^[^\x00-\x1F]+$ + type: string + host: + description: Server hostname or IP + maxLength: 255 + type: string + password: + description: Password for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + port: + description: SMTP server port + maximum: 65535 + minimum: 1 + type: integer + skip_verify: + description: + Skip verifying server certificate. Defaults to + false + type: boolean + starttls_policy: + description: + Either OpportunisticStartTLS, MandatoryStartTLS + or NoStartTLS. Default is OpportunisticStartTLS. + enum: + - OpportunisticStartTLS + - MandatoryStartTLS + - NoStartTLS + type: string + username: + description: Username for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + required: + - from_address + - host + - port + type: object + static_ips: + description: Use static public IP addresses + type: boolean + unified_alerting_enabled: + description: + Enable or disable Grafana unified alerting functionality. + By default this is enabled and any legacy alerts will be migrated + on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled + to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ + for more details. + type: boolean + user_auto_assign_org: + description: + Auto-assign new users on signup to main organization. + Defaults to false + type: boolean + user_auto_assign_org_role: + description: Set role for new signups. Defaults to Viewer + enum: + - Viewer + - Admin + - Editor + type: string + viewers_can_edit: + description: + Users with view-only permission can edit but not + save dashboards + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - from_address: - description: Address used for sending emails - maxLength: 319 - pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ - type: string - from_name: - description: Name used in outgoing emails, defaults to Grafana - maxLength: 128 - pattern: ^[^\x00-\x1F]+$ - type: string - host: - description: Server hostname or IP - maxLength: 255 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - password: - description: Password for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - port: - description: SMTP server port - maximum: 65535 - minimum: 1 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - skip_verify: - description: Skip verifying server certificate. Defaults to - false - type: boolean - starttls_policy: - description: Either OpportunisticStartTLS, MandatoryStartTLS - or NoStartTLS. Default is OpportunisticStartTLS. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - OpportunisticStartTLS - - MandatoryStartTLS - - NoStartTLS + - "True" + - "False" + - Unknown type: string - username: - description: Username for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - from_address - - host - - port + - lastTransitionTime + - message + - reason + - status + - type type: object - static_ips: - description: Use static public IP addresses - type: boolean - unified_alerting_enabled: - description: Enable or disable Grafana unified alerting functionality. - By default this is enabled and any legacy alerts will be migrated - on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled - to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ - for more details. - type: boolean - user_auto_assign_org: - description: Auto-assign new users on signup to main organization. - Defaults to false - type: boolean - user_auto_assign_org_role: - description: Set role for new signups. Defaults to Viewer - enum: - - Viewer - - Admin - - Editor - type: string - viewers_can_edit: - description: Users with view-only permission can edit but not - save dashboards - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml index 30e2e2b5..6f031472 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml @@ -15,167 +15,176 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaACL state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaACL state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml index 2058658f..91871b0b 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml @@ -15,212 +15,223 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 type: string - description: The connector specific configuration To build config - values from secret the template function {{`{{ fromSecret "name" "key" - }}`}} is provided when interpreting the keys - type: object - required: - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: Conditions represent the latest available observations - of an kafka connector state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: + The connector specific configuration To build config + values from secret the template function {{`{{ fromSecret "name" "key" + }}`}} is provided when interpreting the keys + type: object + required: + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: + Conditions represent the latest available observations + of an kafka connector state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + pluginStatus: + description: + PluginStatus contains metadata about the configured connector + plugin properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + author: type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + class: type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + docUrl: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + title: type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + version: type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - author + - class + - docUrl + - title + - type + - version type: object - type: array - pluginStatus: - description: PluginStatus contains metadata about the configured connector - plugin - properties: - author: - type: string - class: - type: string - docUrl: - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer - required: - - total - type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml index 2abf81ff..8ff70dac 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml @@ -15,426 +15,468 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: KafkaConnect specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: KafkaConnect specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: description: - description: Description for IP filter list entry - maxLength: 1024 + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka_connect: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest type: string - network: - description: CIDR address block - maxLength: 43 + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed type: string - required: - - network + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + prometheus: + description: Enable prometheus + type: boolean type: object - maxItems: 1024 - type: array - kafka_connect: - description: Kafka Connect configuration values + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml index d359f376..ea73fcba 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml @@ -15,966 +15,1069 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, - `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, - `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, - `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`' - properties: - annotations: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, + `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, + `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: + Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - aiven_kafka_topic_messages: - description: Allow access to read Kafka topic messages in the - Aiven Console and REST API. - type: boolean - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka: - description: Kafka broker configuration values + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - auto_create_topics_enable: - description: Enable auto creation of topics - type: boolean - compression_type: - description: Specify the final compression type for a given - topic. This configuration accepts the standard compression - codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally - accepts 'uncompressed' which is equivalent to no compression; - and 'producer' which means retain the original compression - codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: 'Idle connections timeout: the server socket - processor threads close the connections that idle for longer - than this.' - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: Replication factor for autocreated topics - maximum: 10 - minimum: 1 - type: integer - group_initial_rebalance_delay_ms: - description: The amount of time, in milliseconds, the group - coordinator will wait for more consumers to join a new group - before performing the first rebalance. A longer delay means - potentially fewer rebalances, but increases the time until - processing begins. The default value for this is 3 seconds. - During development and testing it might be desirable to - set this to 0 in order to not delay test execution time. - maximum: 300000 - minimum: 0 - type: integer - group_max_session_timeout_ms: - description: The maximum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: The minimum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: How long are delete records retained? - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: The maximum amount of time message will remain - uncompacted. Only applicable for logs that are being compacted - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: Controls log compactor frequency. Larger value - means more frequent compactions but also more space wasted - for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - maximum: 0.9 - minimum: 0.2 - type: number - log_cleaner_min_compaction_lag_ms: - description: The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. - minimum: 0 - type: integer - log_cleanup_policy: - description: The default cleanup policy for segments beyond - the retention window + integrationType: enum: - - delete - - compact - - compact,delete - type: string - log_flush_interval_messages: - description: The number of messages accumulated on a log partition - before messages are flushed to disk - minimum: 1 - type: integer - log_flush_interval_ms: - description: The maximum time in ms that a message in any - topic is kept in memory before flushed to disk. If not set, - the value in log.flush.scheduler.interval.ms is used - minimum: 0 - type: integer - log_index_interval_bytes: - description: The interval with which Kafka adds an entry to - the offset index - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: The maximum size in bytes of the offset index - maximum: 104857600 - minimum: 1048576 - type: integer - log_local_retention_bytes: - description: The maximum size of local log segments that can - grow for a partition before it gets eligible for deletion. - If set to -2, the value of log.retention.bytes is used. - The effective value should always be less than or equal - to log.retention.bytes value. - minimum: -2 - type: integer - log_local_retention_ms: - description: The number of milliseconds to keep the local - log segments before it gets eligible for deletion. If set - to -2, the value of log.retention.ms is used. The effective - value should always be less than or equal to log.retention.ms - value. - minimum: -2 - type: integer - log_message_downconversion_enable: - description: This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message - minimum: 0 - type: integer - log_message_timestamp_type: - description: Define whether the timestamp in the message is - message create time or log append time. - enum: - - CreateTime - - LogAppendTime - type: string - log_preallocate: - description: Should pre allocate file when create new segment? - type: boolean - log_retention_bytes: - description: The maximum size of the log before deleting messages - minimum: -1 - type: integer - log_retention_hours: - description: The number of hours to keep a log file before - deleting it - maximum: 2147483647 - minimum: -1 - type: integer - log_retention_ms: - description: The number of milliseconds to keep a log file - before deleting it (in milliseconds), If not set, the value - in log.retention.minutes is used. If set to -1, no time - limit is applied. - minimum: -1 - type: integer - log_roll_jitter_ms: - description: The maximum jitter to subtract from logRollTimeMillis - (in milliseconds). If not set, the value in log.roll.jitter.hours - is used - minimum: 0 - type: integer - log_roll_ms: - description: The maximum time before a new log segment is - rolled out (in milliseconds). - minimum: 1 - type: integer - log_segment_bytes: - description: The maximum size of a single log file - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: The amount of time to wait before deleting a - file from the filesystem - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: The maximum number of connections allowed from - each ip address (defaults to 2147483647). - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: The maximum number of incremental fetch sessions - that the broker will maintain. - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: The maximum size of message that the server can - receive. - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: When a producer sets acks to 'all' (or '-1'), - min.insync.replicas specifies the minimum number of replicas - that must acknowledge a write for the write to be considered - successful. - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: Number of partitions for autocreated topics - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: Log retention window in minutes for offsets topic - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: The purge interval (in number of requests) of - the producer request purgatory(defaults to 1000). - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: The number of bytes of messages to attempt to - fetch for each partition (defaults to 1048576). This is - not an absolute maximum, if the first record batch in the - first non-empty partition of the fetch is larger than this - value, the record batch will still be returned to ensure - that progress can be made. - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: Maximum bytes expected for the entire fetch response - (defaults to 10485760). Records are fetched in batches, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that progress can be made. - As such, this is not an absolute maximum. - maximum: 1048576000 - minimum: 10485760 - type: integer - sasl_oauthbearer_expected_audience: - description: The (optional) comma-delimited setting for the - broker to use to verify that the JWT was issued for one - of the expected audiences. - maxLength: 128 - type: string - sasl_oauthbearer_expected_issuer: - description: Optional setting for the broker to use to verify - that the JWT was created by the expected issuer. - maxLength: 128 - type: string - sasl_oauthbearer_jwks_endpoint_url: - description: OIDC JWKS endpoint URL. By setting this the SASL - SSL OAuth2/OIDC authentication is enabled. See also other - options for SASL OAuth2/OIDC. - maxLength: 2048 + - read_replica type: string - sasl_oauthbearer_sub_claim_name: - description: Name of the scope from which to extract the subject - claim from the JWT. Defaults to sub. - maxLength: 128 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string - socket_request_max_bytes: - description: The maximum number of bytes in a socket request - (defaults to 104857600). - maximum: 209715200 - minimum: 10485760 - type: integer - transaction_partition_verification_enable: - description: Enable verification that checks that the partition - has been added to the transaction before writing transactional - records to the partition - type: boolean - transaction_remove_expired_transaction_cleanup_interval_ms: - description: The interval at which to remove transactions - that have expired due to transactional.id.expiration.ms - passing (defaults to 3600000 (1 hour)). - maximum: 3600000 - minimum: 600000 - type: integer - transaction_state_log_segment_bytes: - description: The transaction topic segment bytes should be - kept relatively small in order to facilitate faster log - compaction and cache loads (defaults to 104857600 (100 mebibytes)). - maximum: 2147483647 - minimum: 1048576 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean + required: + - integrationType + - sourceServiceName type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_config: - description: Kafka Connect configuration values - properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + maxItems: 1 + type: array + aiven_kafka_topic_messages: + description: + Allow access to read Kafka topic messages in the + Aiven Console and REST API. + type: boolean + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka: + description: Kafka broker configuration values + properties: + auto_create_topics_enable: + description: Enable auto creation of topics + type: boolean + compression_type: + description: + Specify the final compression type for a given + topic. This configuration accepts the standard compression + codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally + accepts 'uncompressed' which is equivalent to no compression; + and 'producer' which means retain the original compression + codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer + type: string + connections_max_idle_ms: + description: + "Idle connections timeout: the server socket + processor threads close the connections that idle for longer + than this." + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: Replication factor for autocreated topics + maximum: 10 + minimum: 1 + type: integer + group_initial_rebalance_delay_ms: + description: + The amount of time, in milliseconds, the group + coordinator will wait for more consumers to join a new group + before performing the first rebalance. A longer delay means + potentially fewer rebalances, but increases the time until + processing begins. The default value for this is 3 seconds. + During development and testing it might be desirable to + set this to 0 in order to not delay test execution time. + maximum: 300000 + minimum: 0 + type: integer + group_max_session_timeout_ms: + description: + The maximum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: + The minimum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: How long are delete records retained? + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: + The maximum amount of time message will remain + uncompacted. Only applicable for logs that are being compacted + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: + Controls log compactor frequency. Larger value + means more frequent compactions but also more space wasted + for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + maximum: 0.9 + minimum: 0.2 + type: number + log_cleaner_min_compaction_lag_ms: + description: + The minimum time a message will remain uncompacted + in the log. Only applicable for logs that are being compacted. + minimum: 0 + type: integer + log_cleanup_policy: + description: + The default cleanup policy for segments beyond + the retention window + enum: + - delete + - compact + - compact,delete + type: string + log_flush_interval_messages: + description: + The number of messages accumulated on a log partition + before messages are flushed to disk + minimum: 1 + type: integer + log_flush_interval_ms: + description: + The maximum time in ms that a message in any + topic is kept in memory before flushed to disk. If not set, + the value in log.flush.scheduler.interval.ms is used + minimum: 0 + type: integer + log_index_interval_bytes: + description: + The interval with which Kafka adds an entry to + the offset index + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: The maximum size in bytes of the offset index + maximum: 104857600 + minimum: 1048576 + type: integer + log_local_retention_bytes: + description: + The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: + The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer + log_message_downconversion_enable: + description: + This configuration controls whether down-conversion + of message formats is enabled to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: + The maximum difference allowed between the timestamp + when a broker receives a message and the timestamp specified + in the message + minimum: 0 + type: integer + log_message_timestamp_type: + description: + Define whether the timestamp in the message is + message create time or log append time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: Should pre allocate file when create new segment? + type: boolean + log_retention_bytes: + description: The maximum size of the log before deleting messages + minimum: -1 + type: integer + log_retention_hours: + description: + The number of hours to keep a log file before + deleting it + maximum: 2147483647 + minimum: -1 + type: integer + log_retention_ms: + description: + The number of milliseconds to keep a log file + before deleting it (in milliseconds), If not set, the value + in log.retention.minutes is used. If set to -1, no time + limit is applied. + minimum: -1 + type: integer + log_roll_jitter_ms: + description: + The maximum jitter to subtract from logRollTimeMillis + (in milliseconds). If not set, the value in log.roll.jitter.hours + is used + minimum: 0 + type: integer + log_roll_ms: + description: + The maximum time before a new log segment is + rolled out (in milliseconds). + minimum: 1 + type: integer + log_segment_bytes: + description: The maximum size of a single log file + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: + The amount of time to wait before deleting a + file from the filesystem + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: + The maximum number of connections allowed from + each ip address (defaults to 2147483647). + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: + The maximum number of incremental fetch sessions + that the broker will maintain. + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: + The maximum size of message that the server can + receive. + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: + When a producer sets acks to 'all' (or '-1'), + min.insync.replicas specifies the minimum number of replicas + that must acknowledge a write for the write to be considered + successful. + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: Number of partitions for autocreated topics + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: Log retention window in minutes for offsets topic + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: + The purge interval (in number of requests) of + the producer request purgatory(defaults to 1000). + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: + The number of bytes of messages to attempt to + fetch for each partition (defaults to 1048576). This is + not an absolute maximum, if the first record batch in the + first non-empty partition of the fetch is larger than this + value, the record batch will still be returned to ensure + that progress can be made. + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: + Maximum bytes expected for the entire fetch response + (defaults to 10485760). Records are fetched in batches, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that progress can be made. + As such, this is not an absolute maximum. + maximum: 1048576000 + minimum: 10485760 + type: integer + sasl_oauthbearer_expected_audience: + description: + The (optional) comma-delimited setting for the + broker to use to verify that the JWT was issued for one + of the expected audiences. + maxLength: 128 + type: string + sasl_oauthbearer_expected_issuer: + description: + Optional setting for the broker to use to verify + that the JWT was created by the expected issuer. + maxLength: 128 + type: string + sasl_oauthbearer_jwks_endpoint_url: + description: + OIDC JWKS endpoint URL. By setting this the SASL + SSL OAuth2/OIDC authentication is enabled. See also other + options for SASL OAuth2/OIDC. + maxLength: 2048 + type: string + sasl_oauthbearer_sub_claim_name: + description: + Name of the scope from which to extract the subject + claim from the JWT. Defaults to sub. + maxLength: 128 + type: string + socket_request_max_bytes: + description: + The maximum number of bytes in a socket request + (defaults to 104857600). + maximum: 209715200 + minimum: 10485760 + type: integer + transaction_partition_verification_enable: + description: + Enable verification that checks that the partition + has been added to the transaction before writing transactional + records to the partition + type: boolean + transaction_remove_expired_transaction_cleanup_interval_ms: + description: + The interval at which to remove transactions + that have expired due to transactional.id.expiration.ms + passing (defaults to 3600000 (1 hour)). + maximum: 3600000 + minimum: 600000 + type: integer + transaction_state_log_segment_bytes: + description: + The transaction topic segment bytes should be + kept relatively small in order to facilitate faster log + compaction and cache loads (defaults to 104857600 (100 mebibytes)). + maximum: 2147483647 + minimum: 1048576 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed + type: string + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_authorization: + description: Enable authorization in Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: + If true the consumer's offset will be periodically + committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: + Maximum number of bytes in unencoded message + keys and values by a single request + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: + The maximum total time to wait for messages for + a request if the maximum number of messages has not yet + been reached + enum: + - 1000 + - 15000 + - 30000 + maximum: 30000 + minimum: 1000 + type: integer + name_strategy_validation: + description: + If true, validate that given schema is registered + under expected subject name by the used name strategy when + producing messages. + type: boolean + producer_acks: + description: + The number of acknowledgments the producer requires + the leader to have received before considering a request + complete. If set to 'all' or '-1', the leader will wait + for the full set of in-sync replicas to acknowledge the + record. + enum: + - all + - "-1" + - "0" + - "1" + type: string + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + Wait for up to the given delay to allow batching + records together + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + The maximum size of a request in bytes. Note + that Kafka broker can also cap the record batch size. + maximum: 2147483647 + minimum: 0 + type: integer + simpleconsumer_pool_size_max: + description: + Maximum number of SimpleConsumers that can be + instantiated per broker + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + enum: + - "3.3" + - "3.1" + - "3.4" + - "3.5" + - "3.6" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka: + description: + Allow clients to connect to kafka with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka: + description: Enable kafka + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + kafka_rest: + description: Enable kafka_rest + type: boolean + prometheus: + description: Enable prometheus + type: boolean + schema_registry: + description: Enable schema_registry + type: boolean + type: object + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka: + description: + Allow clients to connect to kafka from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: + If true, Karapace / Schema Registry on the service + nodes can participate in leader election. It might be needed + to disable this when the schemas topic is replicated to + a secondary cluster and Karapace / Schema Registry there + must not participate in leader election. Defaults to `true`. + type: boolean + topic_name: + description: + The durable single partition topic that acts + as the durable log for the data. This topic must be compacted + to avoid losing data due to retention policy. Please note + that changing this configuration in an existing Schema Registry + / Karapace setup leads to previous schemas being inaccessible, + data encoded with them potentially unreadable and schema + ID sequence put out of order. It's only possible to do the + switch while Schema Registry / Karapace is disabled. Defaults + to `_schemas`. + maxLength: 249 + minLength: 1 + type: string + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + tiered_storage: + description: Tiered storage configuration + properties: + enabled: + description: Whether to enable the tiered storage functionality + type: boolean + local_cache: + description: Deprecated. Local cache configuration + properties: + size: + description: Deprecated. Local cache size in bytes + maximum: 107374182400 + minimum: 1 + type: integer + type: object + type: object + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_authorization: - description: Enable authorization in Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration - properties: - consumer_enable_auto_commit: - description: If true the consumer's offset will be periodically - committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: Maximum number of bytes in unencoded message - keys and values by a single request - maximum: 671088640 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - consumer_request_timeout_ms: - description: The maximum total time to wait for messages for - a request if the maximum number of messages has not yet - been reached - enum: - - 1000 - - 15000 - - 30000 - maximum: 30000 - minimum: 1000 - type: integer - name_strategy_validation: - description: If true, validate that given schema is registered - under expected subject name by the used name strategy when - producing messages. - type: boolean - producer_acks: - description: The number of acknowledgments the producer requires - the leader to have received before considering a request - complete. If set to 'all' or '-1', the leader will wait - for the full set of in-sync replicas to acknowledge the - record. - enum: - - all - - "-1" - - "0" - - "1" + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: Wait for up to the given delay to allow batching - records together - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum size of a request in bytes. Note - that Kafka broker can also cap the record batch size. - maximum: 2147483647 - minimum: 0 - type: integer - simpleconsumer_pool_size_max: - description: Maximum number of SimpleConsumers that can be - instantiated per broker - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - enum: - - "3.3" - - "3.1" - - "3.4" - - "3.5" - - "3.6" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka: - description: Allow clients to connect to kafka with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka: - description: Enable kafka - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - kafka_rest: - description: Enable kafka_rest - type: boolean - prometheus: - description: Enable prometheus - type: boolean - schema_registry: - description: Enable schema_registry - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka: - description: Allow clients to connect to kafka from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: If true, Karapace / Schema Registry on the service - nodes can participate in leader election. It might be needed - to disable this when the schemas topic is replicated to - a secondary cluster and Karapace / Schema Registry there - must not participate in leader election. Defaults to `true`. - type: boolean - topic_name: - description: The durable single partition topic that acts - as the durable log for the data. This topic must be compacted - to avoid losing data due to retention policy. Please note - that changing this configuration in an existing Schema Registry - / Karapace setup leads to previous schemas being inaccessible, - data encoded with them potentially unreadable and schema - ID sequence put out of order. It's only possible to do the - switch while Schema Registry / Karapace is disabled. Defaults - to `_schemas`. - maxLength: 249 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - tiered_storage: - description: Tiered storage configuration - properties: - enabled: - description: Whether to enable the tiered storage functionality - type: boolean - local_cache: - description: Deprecated. Local cache configuration - properties: - size: - description: Deprecated. Local cache size in bytes - maximum: 107374182400 - minimum: 1 - type: integer - type: object - type: object - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml index e96a87bc..ffb7aa2e 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml @@ -15,171 +15,181 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaSchema state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: + Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaSchema state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml index b48be5eb..dbddcef8 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml @@ -15,280 +15,291 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - config: - description: Kafka topic configuration - properties: - cleanup_policy: - description: cleanup.policy value - type: string - compression_type: - description: compression.type value - type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value - format: int64 - type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value - type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value - type: string - min_cleanable_dirty_ratio: - description: min.cleanable.dirty.ratio value - type: number - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer - type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 minLength: 1 type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 + name: + minLength: 1 type: string required: - - key + - key + - name type: object - type: array - termination_protection: - description: It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - topicName: - description: Topic name. If provided, is used instead of metadata.name. - This field supports additional characters, has a longer length, - and will replace metadata.name in future releases - maxLength: 249 - minLength: 1 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaTopic state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + config: + description: Kafka topic configuration properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + cleanup_policy: + description: cleanup.policy value type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + compression_type: + description: compression.type value type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + delete_retention_ms: + description: delete.retention.ms value format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + min_cleanable_dirty_ratio: + description: min.cleanable.dirty.ratio value + type: number + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: + properties: + key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 + minLength: 1 + type: string + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 + type: string + required: + - key + type: object + type: array + termination_protection: + description: + It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + topicName: + description: + Topic name. If provided, is used instead of metadata.name. + This field supports additional characters, has a longer length, + and will replace metadata.name in future releases + maxLength: 249 + minLength: 1 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaTopic state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml index 635c30b8..d9232633 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml @@ -15,658 +15,735 @@ spec: singular: mysql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MySQL is the Schema for the mysqls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MySQLSpec defines the desired state of MySQL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, - `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MySQL is the Schema for the mysqls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: MySQLSpec defines the desired state of MySQL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: MySQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - binlog_retention_period: - description: The minimum amount of time in seconds to keep binlog - entries before deletion. This may be extended for services that - require binlog entries for longer than the default for example - if using the MySQL Debezium Kafka connector. - maximum: 86400 - minimum: 600 - type: integer - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 + - read_replica type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port - type: object - mysql: - description: mysql.conf configuration values - properties: - connect_timeout: - description: The number of seconds that the mysqld server - waits for a connect packet before responding with Bad handshake - maximum: 3600 - minimum: 2 - type: integer - default_time_zone: - description: Default server time zone as an offset from UTC - (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to - use the MySQL server default. - maxLength: 100 - minLength: 2 - type: string - group_concat_max_len: - description: The maximum permitted result length in bytes - for the GROUP_CONCAT() function. - minimum: 4 - type: integer - information_schema_stats_expiry: - description: The time, in seconds, before cached statistics - expire - maximum: 31536000 - minimum: 900 - type: integer - innodb_change_buffer_max_size: - description: Maximum size for the InnoDB change buffer, as - a percentage of the total size of the buffer pool. Default - is 25 - maximum: 50 - minimum: 0 - type: integer - innodb_flush_neighbors: - description: 'Specifies whether flushing a page from the InnoDB - buffer pool also flushes other dirty pages in the same extent - (default is 1): 0 - dirty pages in the same extent are not - flushed, 1 - flush contiguous dirty pages in the same extent, 2 - - flush dirty pages in the same extent' - maximum: 2 - minimum: 0 - type: integer - innodb_ft_min_token_size: - description: Minimum length of words that are stored in an - InnoDB FULLTEXT index. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 16 - minimum: 0 - type: integer - innodb_ft_server_stopword_table: - description: This option is used to specify your own InnoDB - FULLTEXT index stopword list for all InnoDB tables. - maxLength: 1024 - pattern: ^.+/.+$ - type: string - innodb_lock_wait_timeout: - description: The length of time in seconds an InnoDB transaction - waits for a row lock before giving up. Default is 120. - maximum: 3600 - minimum: 1 - type: integer - innodb_log_buffer_size: - description: The size in bytes of the buffer that InnoDB uses - to write to the log files on disk. - maximum: 4294967295 - minimum: 1048576 - type: integer - innodb_online_alter_log_max_size: - description: The upper limit in bytes on the size of the temporary - log files used during online DDL operations for InnoDB tables. - maximum: 1099511627776 - minimum: 65536 - type: integer - innodb_print_all_deadlocks: - description: When enabled, information about all deadlocks - in InnoDB user transactions is recorded in the error log. - Disabled by default. - type: boolean - innodb_read_io_threads: - description: The number of I/O threads for read operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - innodb_rollback_on_timeout: - description: When enabled a transaction timeout causes InnoDB - to abort and roll back the entire transaction. Changing - this parameter will lead to a restart of the MySQL service. - type: boolean - innodb_thread_concurrency: - description: Defines the maximum number of threads permitted - inside of InnoDB. Default is 0 (infinite concurrency - no - limit) - maximum: 1000 - minimum: 0 - type: integer - innodb_write_io_threads: - description: The number of I/O threads for write operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - interactive_timeout: - description: The number of seconds the server waits for activity - on an interactive connection before closing it. - maximum: 604800 - minimum: 30 - type: integer - internal_tmp_mem_storage_engine: - description: The storage engine for in-memory internal temporary - tables. - enum: - - TempTable - - MEMORY - type: string - long_query_time: - description: The slow_query_logs work as SQL statements that - take more than long_query_time seconds to execute. Default - is 10s - maximum: 3600 - minimum: 0 - type: number - max_allowed_packet: - description: Size of the largest message in bytes that can - be received by the server. Default is 67108864 (64M) - maximum: 1073741824 - minimum: 102400 - type: integer - max_heap_table_size: - description: Limits the size of internal in-memory tables. - Also set tmp_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - net_buffer_length: - description: Start sizes of connection buffer and result buffer. - Default is 16384 (16K). Changing this parameter will lead - to a restart of the MySQL service. - maximum: 1048576 - minimum: 1024 - type: integer - net_read_timeout: - description: The number of seconds to wait for more data from - a connection before aborting the read. - maximum: 3600 - minimum: 1 - type: integer - net_write_timeout: - description: The number of seconds to wait for a block to - be written to a connection before aborting the write. - maximum: 3600 - minimum: 1 - type: integer - slow_query_log: - description: Slow query log enables capturing of slow queries. - Setting slow_query_log to false also truncates the mysql.slow_log - table. Default is off - type: boolean - sort_buffer_size: - description: Sort buffer size in bytes for ORDER BY optimization. - Default is 262144 (256K) - maximum: 1073741824 - minimum: 32768 - type: integer - sql_mode: - description: Global SQL mode. Set to empty to use MySQL server - defaults. When creating a new service and not setting this - field Aiven default SQL mode (strict, SQL standard compliant) - will be assigned. - maxLength: 1024 - pattern: ^[A-Z_]*(,[A-Z_]+)*$ - type: string - sql_require_primary_key: - description: Require primary key to be defined for new tables - or old tables modified with ALTER TABLE and fail if missing. - It is recommended to always have primary keys because various - functionality may break if any large table is missing them. - type: boolean - tmp_table_size: - description: Limits the size of internal in-memory tables. - Also set max_heap_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - wait_timeout: - description: The number of seconds the server waits for activity - on a noninteractive connection before closing it. - maximum: 2147483 - minimum: 1 - type: integer + - integrationType + - sourceServiceName type: object - mysql_version: - description: MySQL major version - enum: - - "8" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - mysql: - description: Allow clients to connect to mysql with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - mysql: - description: Enable mysql - type: boolean - mysqlx: - description: Enable mysqlx - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - mysql: - description: Allow clients to connect to mysql from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: MySQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + binlog_retention_period: + description: + The minimum amount of time in seconds to keep binlog + entries before deletion. This may be extended for services that + require binlog entries for longer than the default for example + if using the MySQL Debezium Kafka connector. + maximum: 86400 + minimum: 600 + type: integer + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + mysql: + description: mysql.conf configuration values + properties: + connect_timeout: + description: + The number of seconds that the mysqld server + waits for a connect packet before responding with Bad handshake + maximum: 3600 + minimum: 2 + type: integer + default_time_zone: + description: + Default server time zone as an offset from UTC + (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to + use the MySQL server default. + maxLength: 100 + minLength: 2 + type: string + group_concat_max_len: + description: + The maximum permitted result length in bytes + for the GROUP_CONCAT() function. + minimum: 4 + type: integer + information_schema_stats_expiry: + description: + The time, in seconds, before cached statistics + expire + maximum: 31536000 + minimum: 900 + type: integer + innodb_change_buffer_max_size: + description: + Maximum size for the InnoDB change buffer, as + a percentage of the total size of the buffer pool. Default + is 25 + maximum: 50 + minimum: 0 + type: integer + innodb_flush_neighbors: + description: + "Specifies whether flushing a page from the InnoDB + buffer pool also flushes other dirty pages in the same extent + (default is 1): 0 - dirty pages in the same extent are not + flushed, 1 - flush contiguous dirty pages in the same extent, 2 + - flush dirty pages in the same extent" + maximum: 2 + minimum: 0 + type: integer + innodb_ft_min_token_size: + description: + Minimum length of words that are stored in an + InnoDB FULLTEXT index. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 16 + minimum: 0 + type: integer + innodb_ft_server_stopword_table: + description: + This option is used to specify your own InnoDB + FULLTEXT index stopword list for all InnoDB tables. + maxLength: 1024 + pattern: ^.+/.+$ + type: string + innodb_lock_wait_timeout: + description: + The length of time in seconds an InnoDB transaction + waits for a row lock before giving up. Default is 120. + maximum: 3600 + minimum: 1 + type: integer + innodb_log_buffer_size: + description: + The size in bytes of the buffer that InnoDB uses + to write to the log files on disk. + maximum: 4294967295 + minimum: 1048576 + type: integer + innodb_online_alter_log_max_size: + description: + The upper limit in bytes on the size of the temporary + log files used during online DDL operations for InnoDB tables. + maximum: 1099511627776 + minimum: 65536 + type: integer + innodb_print_all_deadlocks: + description: + When enabled, information about all deadlocks + in InnoDB user transactions is recorded in the error log. + Disabled by default. + type: boolean + innodb_read_io_threads: + description: + The number of I/O threads for read operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + innodb_rollback_on_timeout: + description: + When enabled a transaction timeout causes InnoDB + to abort and roll back the entire transaction. Changing + this parameter will lead to a restart of the MySQL service. + type: boolean + innodb_thread_concurrency: + description: + Defines the maximum number of threads permitted + inside of InnoDB. Default is 0 (infinite concurrency - no + limit) + maximum: 1000 + minimum: 0 + type: integer + innodb_write_io_threads: + description: + The number of I/O threads for write operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + interactive_timeout: + description: + The number of seconds the server waits for activity + on an interactive connection before closing it. + maximum: 604800 + minimum: 30 + type: integer + internal_tmp_mem_storage_engine: + description: + The storage engine for in-memory internal temporary + tables. + enum: + - TempTable + - MEMORY + type: string + long_query_time: + description: + The slow_query_logs work as SQL statements that + take more than long_query_time seconds to execute. Default + is 10s + maximum: 3600 + minimum: 0 + type: number + max_allowed_packet: + description: + Size of the largest message in bytes that can + be received by the server. Default is 67108864 (64M) + maximum: 1073741824 + minimum: 102400 + type: integer + max_heap_table_size: + description: + Limits the size of internal in-memory tables. + Also set tmp_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + net_buffer_length: + description: + Start sizes of connection buffer and result buffer. + Default is 16384 (16K). Changing this parameter will lead + to a restart of the MySQL service. + maximum: 1048576 + minimum: 1024 + type: integer + net_read_timeout: + description: + The number of seconds to wait for more data from + a connection before aborting the read. + maximum: 3600 + minimum: 1 + type: integer + net_write_timeout: + description: + The number of seconds to wait for a block to + be written to a connection before aborting the write. + maximum: 3600 + minimum: 1 + type: integer + slow_query_log: + description: + Slow query log enables capturing of slow queries. + Setting slow_query_log to false also truncates the mysql.slow_log + table. Default is off + type: boolean + sort_buffer_size: + description: + Sort buffer size in bytes for ORDER BY optimization. + Default is 262144 (256K) + maximum: 1073741824 + minimum: 32768 + type: integer + sql_mode: + description: + Global SQL mode. Set to empty to use MySQL server + defaults. When creating a new service and not setting this + field Aiven default SQL mode (strict, SQL standard compliant) + will be assigned. + maxLength: 1024 + pattern: ^[A-Z_]*(,[A-Z_]+)*$ + type: string + sql_require_primary_key: + description: + Require primary key to be defined for new tables + or old tables modified with ALTER TABLE and fail if missing. + It is recommended to always have primary keys because various + functionality may break if any large table is missing them. + type: boolean + tmp_table_size: + description: + Limits the size of internal in-memory tables. + Also set max_heap_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + wait_timeout: + description: + The number of seconds the server waits for activity + on a noninteractive connection before closing it. + maximum: 2147483 + minimum: 1 + type: integer + type: object + mysql_version: + description: MySQL major version enum: - - "True" - - "False" - - Unknown + - "8" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + private_access: + description: + Allow access to selected service ports from private + networks + properties: + mysql: + description: + Allow clients to connect to mysql with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + mysql: + description: Enable mysql + type: boolean + mysqlx: + description: Enable mysqlx + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + mysql: + description: + Allow clients to connect to mysql from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index 7fa9b0ac..8a403e83 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -15,946 +15,1048 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 type: string - maxItems: 1 - type: array - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - disable_replication_factor_adjustment: - description: 'DEPRECATED: Disable automatic replication factor - adjustment for multi-node services. By default, Aiven ensures - all indexes are replicated at least to two nodes. Note: Due - to potential data loss in case of losing a service node, this - setting can no longer be activated.' - type: boolean - index_patterns: - description: Index patterns - items: - description: 'Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to - keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a - pattern looking like ''logs.?'' and then create index logs.1, - logs.2 etc, it will delete logs.1 once you create logs.6. - Do note ''logs.?'' does not apply to logs.10. Note: Setting - max_index_count to 0 will do nothing and the pattern gets - ignored.' + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: + "DEPRECATED: Disable automatic replication factor + adjustment for multi-node services. By default, Aiven ensures + all indexes are replicated at least to two nodes. Note: Due + to potential data loss in case of losing a service node, this + setting can no longer be activated." + type: boolean + index_patterns: + description: Index patterns + items: + description: + "Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to + keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a + pattern looking like 'logs.?' and then create index logs.1, + logs.2 etc, it will delete logs.1 once you create logs.6. + Do note 'logs.?' does not apply to logs.10. Note: Setting + max_index_count to 0 will do nothing and the pattern gets + ignored." + properties: + max_index_count: + description: Maximum number of indexes to keep + minimum: 0 + type: integer + pattern: + description: fnmatch pattern + maxLength: 1024 + pattern: ^[A-Za-z0-9-_.*?]+$ + type: string + sorting_algorithm: + description: Deletion sorting algorithm + enum: + - alphabetical + - creation_date + type: string + required: + - max_index_count + - pattern + type: object + maxItems: 512 + type: array + index_template: + description: Template settings for all new indexes properties: - max_index_count: - description: Maximum number of indexes to keep + mapping_nested_objects_limit: + description: + The maximum number of nested JSON objects that + a single document can contain across all nested types. This + limit helps to prevent out of memory errors when a document + contains too many nested objects. Default is 10000. + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: The number of replicas each primary shard has. + maximum: 29 minimum: 0 type: integer - pattern: - description: fnmatch pattern + number_of_shards: + description: + The number of primary shards that an index should + have. + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + keep_index_refresh_interval: + description: + Aiven automation resets index.refresh_interval to + default value for every index to be sure that indices are always + visible to search. If it doesn't fit your case, you can disable + this by setting up this flag to true. + type: boolean + max_index_count: + description: "DEPRECATED: use index_patterns instead" + minimum: 0 + type: integer + openid: + description: OpenSearch OpenID Connect Configuration + properties: + client_id: + description: + The ID of the OpenID Connect client configured + in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + client_secret: + description: + The client secret of the OpenID Connect client + configured in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + connect_url: + description: + The URL of your IdP where the Security plugin + can find the OpenID Connect metadata/configuration settings. + maxLength: 2048 + type: string + enabled: + description: + Enables or disables OpenID Connect authentication + for OpenSearch. When enabled, users can authenticate using + OpenID Connect with an Identity Provider. + type: boolean + header: + description: + HTTP header name of the JWT token. Optional. + Default is Authorization. + maxLength: 1024 + minLength: 1 + type: string + jwt_header: + description: + "The HTTP header that stores the token. Typically + the Authorization header with the Bearer schema: Authorization: + Bearer . Optional. Default is Authorization." + maxLength: 1024 + minLength: 1 + type: string + jwt_url_parameter: + description: + If the token is not transmitted in the HTTP header, + but as an URL parameter, define the name of the parameter + here. Optional. + maxLength: 1024 + minLength: 1 + type: string + refresh_rate_limit_count: + description: + The maximum number of unknown key IDs in the + time frame. Default is 10. Optional. + minimum: 10 + type: integer + refresh_rate_limit_time_window_ms: + description: + The time frame to use when checking the maximum + number of unknown key IDs, in milliseconds. Optional.Default + is 10000 (10 seconds). + minimum: 10000 + type: integer + roles_key: + description: + The key in the JSON payload that stores the user’s + roles. The value of this key must be a comma-separated list + of roles. Required only if you want to use roles in the + JWT + maxLength: 1024 + minLength: 1 + type: string + scope: + description: + The scope of the identity token issued by the + IdP. Optional. Default is openid profile email address phone. maxLength: 1024 - pattern: ^[A-Za-z0-9-_.*?]+$ + minLength: 1 type: string - sorting_algorithm: - description: Deletion sorting algorithm - enum: - - alphabetical - - creation_date + subject_key: + description: + The key in the JSON payload that stores the user’s + name. If not defined, the subject registered claim is used. + Most IdP providers use the preferred_username claim. Optional. + maxLength: 1024 + minLength: 1 type: string required: - - max_index_count - - pattern + - client_id + - client_secret + - connect_url + - enabled type: object - maxItems: 512 - type: array - index_template: - description: Template settings for all new indexes - properties: - mapping_nested_objects_limit: - description: The maximum number of nested JSON objects that - a single document can contain across all nested types. This - limit helps to prevent out of memory errors when a document - contains too many nested objects. Default is 10000. - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: The number of replicas each primary shard has. - maximum: 29 - minimum: 0 - type: integer - number_of_shards: - description: The number of primary shards that an index should - have. - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + opensearch: + description: OpenSearch settings properties: - description: - description: Description for IP filter list entry + action_auto_create_index_enabled: + description: + Explicitly allow or block automatic creation + of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + enum: + - internal + maxLength: 1024 + type: string + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + enum: + - username + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + enum: + - ip + maxLength: 1024 + type: string + type: object + type: object + cluster_max_shards_per_node: + description: + Controls the number of shards allowed in the + cluster per data node + maximum: 10000 + minimum: 100 + type: integer + cluster_routing_allocation_node_concurrent_recoveries: + description: + How many concurrent incoming/outgoing shard recoveries + (normally replicas) are allowed to happen on a node. Defaults + to 2. + maximum: 16 + minimum: 2 + type: integer + email_sender_name: + description: + Sender name placeholder to be used in Opensearch + Dashboards and Opensearch keystore + maxLength: 40 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + email_sender_password: + description: + Sender password for Opensearch alerts to authenticate + with SMTP server + maxLength: 1024 + pattern: ^[^\x00-\x1F]+$ + type: string + email_sender_username: + description: Sender username for Opensearch alerts + maxLength: 320 + pattern: ^[^\x00-\x1F]+$ + type: string + enable_security_audit: + description: Enable/Disable security audit + type: boolean + http_max_content_length: + description: + Maximum content length for HTTP requests to the + OpenSearch HTTP API, in bytes. + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: The max size of allowed headers, in bytes + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: The max length of an HTTP URL, in bytes + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: + Relative amount. Maximum amount of heap memory + used for field data cache. This is an expert setting; decreasing + the value too much will increase overhead of loading field + data; too much memory used for field data cache will decrease + amount of heap available for other operations. + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: + Percentage value. Default is 10%. Total amount + of heap used for indexing buffer, before writing segments + to disk. This is an expert setting. Too low value will slow + down indexing; too high value will increase indexing performance + but causes performance issues for query performance. + maximum: 40 + minimum: 3 + type: integer + indices_memory_max_index_buffer_size: + description: + Absolute value. Default is unbound. Doesn't work + without indices.memory.index_buffer_size. Maximum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + maximum hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_memory_min_index_buffer_size: + description: + Absolute value. Default is 48mb. Doesn't work + without indices.memory.index_buffer_size. Minimum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + minimal hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_queries_cache_size: + description: + Percentage value. Default is 10%. Maximum amount + of heap used for query cache. This is an expert setting. + Too low value will decrease query performance and increase + performance for other operations; too high value will cause + issues with other OpenSearch functionality. + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: + Maximum number of clauses Lucene BooleanQuery + can have. The default value (1024) is relatively high, and + increasing it may cause performance issues. Investigate + other approaches first before increasing this value. + maximum: 4096 + minimum: 64 + type: integer + indices_recovery_max_bytes_per_sec: + description: + Limits total inbound and outbound recovery traffic + for each node. Applies to both peer recoveries as well as + snapshot recoveries (i.e., restores from a snapshot). Defaults + to 40mb + maximum: 400 + minimum: 40 + type: integer + indices_recovery_max_concurrent_file_chunks: + description: + Number of file chunks sent in parallel for each + recovery. Defaults to 2. + maximum: 5 + minimum: 2 + type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: + Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: + The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: + The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: + The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer + override_main_response_version: + description: + Compatibility mode sets OpenSearch to report + its version as 7.10 so clients continue to work. Default + is false + type: boolean + reindex_remote_whitelist: + description: + Whitelisted addresses for reindexing. Changing + this value will cause all OpenSearch instances to restart. + items: + type: string + maxItems: 32 + type: array + script_max_compilations_rate: + description: + Script compilation circuit breaker limits the + number of inline script compilations within a period of + time. Default is use-context + maxLength: 1024 + type: string + search_max_buckets: + description: + Maximum number of aggregation buckets allowed + in a single response. OpenSearch default value is used when + this is not defined. + maximum: 1000000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: + "Limits the maximum amount of memory (in MiB) + the OpenSearch Dashboards process can use. This sets the + max_old_space_size option of the nodejs running the OpenSearch + Dashboards. Note: the memory reserved by OpenSearch Dashboards + is not available for OpenSearch." + maximum: 2048 + minimum: 64 + type: integer + opensearch_request_timeout: + description: + Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + enum: + - "1" + - "2" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + opensearch: + description: + Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: + Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + saml: + description: OpenSearch SAML configuration + properties: + enabled: + description: + Enables or disables SAML-based authentication + for OpenSearch. When enabled, users can authenticate using + SAML with an Identity Provider. + type: boolean + idp_entity_id: + description: + The unique identifier for the Identity Provider + (IdP) entity that is used for SAML authentication. This + value is typically provided by the IdP. maxLength: 1024 + minLength: 1 type: string - network: - description: CIDR address block - maxLength: 43 + idp_metadata_url: + description: + The URL of the SAML metadata for the Identity + Provider (IdP). This is used to configure SAML-based authentication + with the IdP. + maxLength: 2048 + minLength: 1 + type: string + idp_pemtrustedcas_content: + description: + This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string + roles_key: + description: + Optional. Specifies the attribute in the SAML + response where role information is stored, if available. + Role attributes are not required for SAML authentication, + but can be included in SAML assertions by most Identity + Providers (IdPs) to determine user access levels or permissions. + maxLength: 256 + minLength: 1 + type: string + sp_entity_id: + description: + The unique identifier for the Service Provider + (SP) entity that is used for SAML authentication. This value + is typically provided by the SP. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: + Optional. Specifies the attribute in the SAML + response where the subject identifier is stored. If not + configured, the NameID attribute is used by default. + maxLength: 256 + minLength: 1 type: string required: - - network + - enabled + - idp_entity_id + - idp_metadata_url + - sp_entity_id type: object - maxItems: 1024 - type: array - keep_index_refresh_interval: - description: Aiven automation resets index.refresh_interval to - default value for every index to be sure that indices are always - visible to search. If it doesn't fit your case, you can disable - this by setting up this flag to true. - type: boolean - max_index_count: - description: 'DEPRECATED: use index_patterns instead' - minimum: 0 - type: integer - openid: - description: OpenSearch OpenID Connect Configuration - properties: - client_id: - description: The ID of the OpenID Connect client configured - in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - client_secret: - description: The client secret of the OpenID Connect client - configured in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - connect_url: - description: The URL of your IdP where the Security plugin - can find the OpenID Connect metadata/configuration settings. - maxLength: 2048 - type: string - enabled: - description: Enables or disables OpenID Connect authentication - for OpenSearch. When enabled, users can authenticate using - OpenID Connect with an Identity Provider. - type: boolean - header: - description: HTTP header name of the JWT token. Optional. - Default is Authorization. - maxLength: 1024 - minLength: 1 - type: string - jwt_header: - description: 'The HTTP header that stores the token. Typically - the Authorization header with the Bearer schema: Authorization: - Bearer . Optional. Default is Authorization.' - maxLength: 1024 - minLength: 1 - type: string - jwt_url_parameter: - description: If the token is not transmitted in the HTTP header, - but as an URL parameter, define the name of the parameter - here. Optional. - maxLength: 1024 - minLength: 1 - type: string - refresh_rate_limit_count: - description: The maximum number of unknown key IDs in the - time frame. Default is 10. Optional. - minimum: 10 - type: integer - refresh_rate_limit_time_window_ms: - description: The time frame to use when checking the maximum - number of unknown key IDs, in milliseconds. Optional.Default - is 10000 (10 seconds). - minimum: 10000 - type: integer - roles_key: - description: The key in the JSON payload that stores the user’s - roles. The value of this key must be a comma-separated list - of roles. Required only if you want to use roles in the - JWT - maxLength: 1024 - minLength: 1 - type: string - scope: - description: The scope of the identity token issued by the - IdP. Optional. Default is openid profile email address phone. - maxLength: 1024 - minLength: 1 - type: string - subject_key: - description: The key in the JSON payload that stores the user’s - name. If not defined, the subject registered claim is used. - Most IdP providers use the preferred_username claim. Optional. - maxLength: 1024 - minLength: 1 - type: string - required: - - client_id - - client_secret - - connect_url - - enabled - type: object - opensearch: - description: OpenSearch settings + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - action_auto_create_index_enabled: - description: Explicitly allow or block automatic creation - of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - auth_failure_listeners: - description: Opensearch Security Plugin Settings - properties: - internal_authentication_backend_limiting: - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 0 - type: integer - authentication_backend: - description: internal_authentication_backend_limiting.authentication_backend - enum: - - internal - maxLength: 1024 - type: string - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 2147483647 - minimum: 0 - type: integer - max_blocked_clients: - description: internal_authentication_backend_limiting.max_blocked_clients - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 2147483647 - minimum: 0 - type: integer - type: - description: internal_authentication_backend_limiting.type - enum: - - username - maxLength: 1024 - type: string - type: object - ip_rate_limiting: - description: IP address rate limiting settings - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 1 - type: integer - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 36000 - minimum: 1 - type: integer - max_blocked_clients: - description: The maximum number of blocked IP addresses - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 36000 - minimum: 1 - type: integer - type: - description: The type of rate limiting - enum: - - ip - maxLength: 1024 - type: string - type: object - type: object - cluster_max_shards_per_node: - description: Controls the number of shards allowed in the - cluster per data node - maximum: 10000 - minimum: 100 - type: integer - cluster_routing_allocation_node_concurrent_recoveries: - description: How many concurrent incoming/outgoing shard recoveries - (normally replicas) are allowed to happen on a node. Defaults - to 2. - maximum: 16 - minimum: 2 - type: integer - email_sender_name: - description: Sender name placeholder to be used in Opensearch - Dashboards and Opensearch keystore - maxLength: 40 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - email_sender_password: - description: Sender password for Opensearch alerts to authenticate - with SMTP server - maxLength: 1024 - pattern: ^[^\x00-\x1F]+$ - type: string - email_sender_username: - description: Sender username for Opensearch alerts - maxLength: 320 - pattern: ^[^\x00-\x1F]+$ + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - enable_security_audit: - description: Enable/Disable security audit - type: boolean - http_max_content_length: - description: Maximum content length for HTTP requests to the - OpenSearch HTTP API, in bytes. - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: The max size of allowed headers, in bytes - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: The max length of an HTTP URL, in bytes - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: Relative amount. Maximum amount of heap memory - used for field data cache. This is an expert setting; decreasing - the value too much will increase overhead of loading field - data; too much memory used for field data cache will decrease - amount of heap available for other operations. - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: Percentage value. Default is 10%. Total amount - of heap used for indexing buffer, before writing segments - to disk. This is an expert setting. Too low value will slow - down indexing; too high value will increase indexing performance - but causes performance issues for query performance. - maximum: 40 - minimum: 3 - type: integer - indices_memory_max_index_buffer_size: - description: Absolute value. Default is unbound. Doesn't work - without indices.memory.index_buffer_size. Maximum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - maximum hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_memory_min_index_buffer_size: - description: Absolute value. Default is 48mb. Doesn't work - without indices.memory.index_buffer_size. Minimum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - minimal hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_queries_cache_size: - description: Percentage value. Default is 10%. Maximum amount - of heap used for query cache. This is an expert setting. - Too low value will decrease query performance and increase - performance for other operations; too high value will cause - issues with other OpenSearch functionality. - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: Maximum number of clauses Lucene BooleanQuery - can have. The default value (1024) is relatively high, and - increasing it may cause performance issues. Investigate - other approaches first before increasing this value. - maximum: 4096 - minimum: 64 - type: integer - indices_recovery_max_bytes_per_sec: - description: Limits total inbound and outbound recovery traffic - for each node. Applies to both peer recoveries as well as - snapshot recoveries (i.e., restores from a snapshot). Defaults - to 40mb - maximum: 400 - minimum: 40 - type: integer - indices_recovery_max_concurrent_file_chunks: - description: Number of file chunks sent in parallel for each - recovery. Defaults to 2. - maximum: 5 - minimum: 2 - type: integer - ism_enabled: - description: Specifies whether ISM is enabled or not - type: boolean - ism_history_enabled: - description: Specifies whether audit history is enabled or - not. The logs from ISM are automatically indexed to a logs - document. - type: boolean - ism_history_max_age: - description: The maximum age before rolling over the audit - history index in hours - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_max_docs: - description: The maximum number of documents before rolling - over the audit history index. - minimum: 1 - type: integer - ism_history_rollover_check_period: - description: The time between rollover checks for the audit - history index in hours. - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_rollover_retention_period: - description: How long audit history indices are kept in days. - maximum: 2147483647 - minimum: 1 - type: integer - override_main_response_version: - description: Compatibility mode sets OpenSearch to report - its version as 7.10 so clients continue to work. Default - is false - type: boolean - reindex_remote_whitelist: - description: Whitelisted addresses for reindexing. Changing - this value will cause all OpenSearch instances to restart. - items: - type: string - maxItems: 32 - type: array - script_max_compilations_rate: - description: Script compilation circuit breaker limits the - number of inline script compilations within a period of - time. Default is use-context - maxLength: 1024 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - search_max_buckets: - description: Maximum number of aggregation buckets allowed - in a single response. OpenSearch default value is used when - this is not defined. - maximum: 1000000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: 'Limits the maximum amount of memory (in MiB) - the OpenSearch Dashboards process can use. This sets the - max_old_space_size option of the nodejs running the OpenSearch - Dashboards. Note: the memory reserved by OpenSearch Dashboards - is not available for OpenSearch.' - maximum: 2048 - minimum: 64 - type: integer - opensearch_request_timeout: - description: Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - maximum: 120000 - minimum: 5000 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - type: object - opensearch_version: - description: OpenSearch major version - enum: - - "1" - - "2" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - opensearch: - description: Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - saml: - description: OpenSearch SAML configuration - properties: - enabled: - description: Enables or disables SAML-based authentication - for OpenSearch. When enabled, users can authenticate using - SAML with an Identity Provider. - type: boolean - idp_entity_id: - description: The unique identifier for the Identity Provider - (IdP) entity that is used for SAML authentication. This - value is typically provided by the IdP. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - idp_metadata_url: - description: The URL of the SAML metadata for the Identity - Provider (IdP). This is used to configure SAML-based authentication - with the IdP. - maxLength: 2048 - minLength: 1 - type: string - idp_pemtrustedcas_content: - description: This parameter specifies the PEM-encoded root - certificate authority (CA) content for the SAML identity - provider (IdP) server verification. The root CA content - is used to verify the SSL/TLS certificate presented by the - server. - maxLength: 16384 - type: string - roles_key: - description: Optional. Specifies the attribute in the SAML - response where role information is stored, if available. - Role attributes are not required for SAML authentication, - but can be included in SAML assertions by most Identity - Providers (IdPs) to determine user access levels or permissions. - maxLength: 256 - minLength: 1 - type: string - sp_entity_id: - description: The unique identifier for the Service Provider - (SP) entity that is used for SAML authentication. This value - is typically provided by the SP. - maxLength: 1024 - minLength: 1 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - subject_key: - description: Optional. Specifies the attribute in the SAML - response where the subject identifier is stored. If not - configured, the NameID attribute is used by default. - maxLength: 256 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - enabled - - idp_entity_id - - idp_metadata_url - - sp_entity_id + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml index d22d4d69..75804c65 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml @@ -15,951 +15,1056 @@ spec: singular: postgresql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: PostgreSQL is the Schema for the postgresql API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PostgreSQLSpec defines the desired state of postgres instance - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, - `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: PostgreSQL is the Schema for the postgresql API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: PostgreSQLSpec defines the desired state of postgres instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - enable_ipv6: - description: Register AAAA DNS records for the service, and allow - IPv6 packets to service ports - type: boolean - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - pg: - description: postgresql.conf configuration values + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - autovacuum_analyze_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_analyze_threshold when deciding whether to - trigger an ANALYZE. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_analyze_threshold: - description: Specifies the minimum number of inserted, updated - or deleted tuples needed to trigger an ANALYZE in any one - table. The default is 50 tuples. - maximum: 2147483647 - minimum: 0 - type: integer - autovacuum_freeze_max_age: - description: Specifies the maximum age (in transactions) that - a table's pg_class.relfrozenxid field can attain before - a VACUUM operation is forced to prevent transaction ID wraparound - within the table. Note that the system will launch autovacuum - processes to prevent wraparound even when autovacuum is - otherwise disabled. This parameter will cause the server - to be restarted. - maximum: 1500000000 - minimum: 200000000 - type: integer - autovacuum_max_workers: - description: Specifies the maximum number of autovacuum processes - (other than the autovacuum launcher) that may be running - at any one time. The default is three. This parameter can - only be set at server start. - maximum: 20 - minimum: 1 - type: integer - autovacuum_naptime: - description: Specifies the minimum delay between autovacuum - runs on any given database. The delay is measured in seconds, - and the default is one minute - maximum: 86400 - minimum: 1 - type: integer - autovacuum_vacuum_cost_delay: - description: Specifies the cost delay value that will be used - in automatic VACUUM operations. If -1 is specified, the - regular vacuum_cost_delay value will be used. The default - value is 20 milliseconds - maximum: 100 - minimum: -1 - type: integer - autovacuum_vacuum_cost_limit: - description: Specifies the cost limit value that will be used - in automatic VACUUM operations. If -1 is specified (which - is the default), the regular vacuum_cost_limit value will - be used. - maximum: 10000 - minimum: -1 - type: integer - autovacuum_vacuum_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_vacuum_threshold when deciding whether to - trigger a VACUUM. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_vacuum_threshold: - description: Specifies the minimum number of updated or deleted - tuples needed to trigger a VACUUM in any one table. The - default is 50 tuples - maximum: 2147483647 - minimum: 0 - type: integer - bgwriter_delay: - description: Specifies the delay between activity rounds for - the background writer in milliseconds. Default is 200. - maximum: 10000 - minimum: 10 - type: integer - bgwriter_flush_after: - description: Whenever more than bgwriter_flush_after bytes - have been written by the background writer, attempt to force - the OS to issue these writes to the underlying storage. - Specified in kilobytes, default is 512. Setting of 0 disables - forced writeback. - maximum: 2048 - minimum: 0 - type: integer - bgwriter_lru_maxpages: - description: In each round, no more than this many buffers - will be written by the background writer. Setting this to - zero disables background writing. Default is 100. - maximum: 1073741823 - minimum: 0 - type: integer - bgwriter_lru_multiplier: - description: The average recent need for new buffers is multiplied - by bgwriter_lru_multiplier to arrive at an estimate of the - number that will be needed during the next round, (up to - bgwriter_lru_maxpages). 1.0 represents a “just in time” - policy of writing exactly the number of buffers predicted - to be needed. Larger values provide some cushion against - spikes in demand, while smaller values intentionally leave - writes to be done by server processes. The default is 2.0. - maximum: 10 - minimum: 0 - type: number - deadlock_timeout: - description: This is the amount of time, in milliseconds, - to wait on a lock before checking to see if there is a deadlock - condition. - maximum: 1800000 - minimum: 500 - type: integer - default_toast_compression: - description: Specifies the default TOAST compression method - for values of compressible columns (the default is lz4). - enum: - - lz4 - - pglz - type: string - idle_in_transaction_session_timeout: - description: Time out sessions with open transactions after - this number of milliseconds - maximum: 604800000 - minimum: 0 - type: integer - jit: - description: Controls system-wide use of Just-in-Time Compilation - (JIT). - type: boolean - log_autovacuum_min_duration: - description: Causes each action executed by autovacuum to - be logged if it ran for at least the specified number of - milliseconds. Setting this to zero logs all autovacuum actions. - Minus-one (the default) disables logging autovacuum actions. - maximum: 2147483647 - minimum: -1 - type: integer - log_error_verbosity: - description: Controls the amount of detail written in the - server log for each message that is logged. - enum: - - TERSE - - DEFAULT - - VERBOSE - type: string - log_line_prefix: - description: Choose from one of the available log-formats. - These can support popular log analyzers like pgbadger, pganalyze - etc. + integrationType: enum: - - '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' - - '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' - - '''%m [%p] %q[user=%u,db=%d,app=%a] ''' + - read_replica type: string - log_min_duration_statement: - description: Log statements that take more than this number - of milliseconds to run, -1 disables - maximum: 86400000 - minimum: -1 - type: integer - log_temp_files: - description: Log statements for each temporary file created - larger than this number of kilobytes, -1 disables - maximum: 2147483647 - minimum: -1 - type: integer - max_files_per_process: - description: PostgreSQL maximum number of files that can be - open per process - maximum: 4096 - minimum: 1000 - type: integer - max_locks_per_transaction: - description: PostgreSQL maximum locks per transaction - maximum: 6400 - minimum: 64 - type: integer - max_logical_replication_workers: - description: PostgreSQL maximum logical replication workers - (taken from the pool of max_parallel_workers) - maximum: 64 - minimum: 4 - type: integer - max_parallel_workers: - description: Sets the maximum number of workers that the system - can support for parallel queries - maximum: 96 - minimum: 0 - type: integer - max_parallel_workers_per_gather: - description: Sets the maximum number of workers that can be - started by a single Gather or Gather Merge node - maximum: 96 - minimum: 0 - type: integer - max_pred_locks_per_transaction: - description: PostgreSQL maximum predicate locks per transaction - maximum: 5120 - minimum: 64 - type: integer - max_prepared_transactions: - description: PostgreSQL maximum prepared transactions - maximum: 10000 - minimum: 0 - type: integer - max_replication_slots: - description: PostgreSQL maximum replication slots - maximum: 64 - minimum: 8 - type: integer - max_slot_wal_keep_size: - description: PostgreSQL maximum WAL size (MB) reserved for - replication slots. Default is -1 (unlimited). wal_keep_size - minimum WAL size setting takes precedence over this. - maximum: 2147483647 - minimum: -1 - type: integer - max_stack_depth: - description: Maximum depth of the stack in bytes - maximum: 6291456 - minimum: 2097152 - type: integer - max_standby_archive_delay: - description: Max standby archive delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_standby_streaming_delay: - description: Max standby streaming delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_wal_senders: - description: PostgreSQL maximum WAL senders - maximum: 64 - minimum: 20 - type: integer - max_worker_processes: - description: Sets the maximum number of background processes - that the system can support - maximum: 96 - minimum: 8 - type: integer - pg_partman_bgw.interval: - description: Sets the time interval to run pg_partman's scheduled - tasks - maximum: 604800 - minimum: 3600 - type: integer - pg_partman_bgw.role: - description: Controls which role to use for pg_partman's scheduled - background tasks. + sourceServiceName: maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - pg_stat_monitor.pgsm_enable_query_plan: - description: Enables or disables query plan monitoring - type: boolean - pg_stat_monitor.pgsm_max_buckets: - description: Sets the maximum number of buckets - maximum: 10 - minimum: 1 - type: integer - pg_stat_statements.track: - description: Controls which statements are counted. Specify - top to track top-level statements (those issued directly - by clients), all to also track nested statements (such as - statements invoked within functions), or none to disable - statement statistics collection. The default value is top. - enum: - - all - - top - - none - type: string - temp_file_limit: - description: PostgreSQL temporary file limit in KiB, -1 for - unlimited - maximum: 2147483647 - minimum: -1 - type: integer - timezone: - description: PostgreSQL service timezone - maxLength: 64 - type: string - track_activity_query_size: - description: Specifies the number of bytes reserved to track - the currently executing command for each active session. - maximum: 10240 - minimum: 1024 - type: integer - track_commit_timestamp: - description: Record commit time of transactions. - enum: - - "off" - - "on" - type: string - track_functions: - description: Enables tracking of function call counts and - time used. - enum: - - all - - pl - - none - type: string - track_io_timing: - description: Enables timing of database I/O calls. This parameter - is off by default, because it will repeatedly query the - operating system for the current time, which may cause significant - overhead on some platforms. - enum: - - "off" - - "on" - type: string - wal_sender_timeout: - description: Terminate replication connections that are inactive - for longer than this amount of time, in milliseconds. Setting - this value to zero disables the timeout. - type: integer - wal_writer_delay: - description: WAL flush interval in milliseconds. Note that - setting this value to lower than the default 200ms may negatively - impact performance - maximum: 200 - minimum: 10 - type: integer - type: object - pg_qualstats: - description: Deprecated. System-wide settings for the pg_qualstats - extension - properties: - enabled: - description: Deprecated. Enable / Disable pg_qualstats - type: boolean - min_err_estimate_num: - description: Deprecated. Error estimation num threshold to - save quals - minimum: 0 - type: integer - min_err_estimate_ratio: - description: Deprecated. Error estimation ratio threshold - to save quals - minimum: 0 - type: integer - track_constants: - description: Deprecated. Enable / Disable pg_qualstats constants - tracking - type: boolean - track_pg_catalog: - description: Deprecated. Track quals on system catalogs too. - type: boolean - type: object - pg_read_replica: - description: Should the service which is being forked be a read - replica (deprecated, use read_replica service integration instead). - type: boolean - pg_service_to_fork_from: - description: Name of the PG Service from which to fork (deprecated, - use service_to_fork_from). This has effect only when a new service - is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - pg_stat_monitor_enable: - description: Enable the pg_stat_monitor extension. Enabling this - extension will cause the cluster to be restarted.When this extension - is enabled, pg_stat_statements results for utility commands - are unreliable - type: boolean - pg_version: - description: PostgreSQL major version - enum: - - "11" - - "12" - - "13" - - "14" - - "15" - type: string - pgbouncer: - description: PGBouncer connection pooling settings - properties: - autodb_idle_timeout: - description: If the automatically created database pools have - been unused this many seconds, they are freed. If 0 then - timeout is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - autodb_max_db_connections: - description: Do not allow more than this many server connections - per database (regardless of user). Setting it to 0 means - unlimited. - maximum: 2147483647 - minimum: 0 - type: integer - autodb_pool_mode: - description: PGBouncer pool mode - enum: - - session - - transaction - - statement + minLength: 1 type: string - autodb_pool_size: - description: If non-zero then create automatically a pool - of that size per user when a pool doesn't exist. - maximum: 10000 - minimum: 0 - type: integer - ignore_startup_parameters: - description: List of parameters to ignore when given in startup - packet - items: - type: string - maxItems: 32 - type: array - min_pool_size: - description: Add more server connections to pool if below - this number. Improves behavior when usual load comes suddenly - back after period of total inactivity. The value is effectively - capped at the pool size. - maximum: 10000 - minimum: 0 - type: integer - server_idle_timeout: - description: If a server connection has been idle more than - this many seconds it will be dropped. If 0 then timeout - is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - server_lifetime: - description: The pooler will close an unused server connection - that has been connected longer than this. [seconds] - maximum: 86400 - minimum: 60 - type: integer - server_reset_query_always: - description: Run server_reset_query (DISCARD ALL) in all pooling - modes - type: boolean - type: object - pglookout: - description: System-wide settings for pglookout. - properties: - max_failover_replication_time_lag: - description: Number of seconds of master unavailability before - triggering database failover to standby - minimum: 10 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - pg: - description: Allow clients to connect to pg with a DNS name - that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - pg: - description: Enable pg - type: boolean - pgbouncer: - description: Enable pgbouncer - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - pg: - description: Allow clients to connect to pg from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + required: + - integrationType + - sourceServiceName type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - shared_buffers_percentage: - description: Percentage of total RAM that the database server - uses for shared memory buffers. Valid range is 20-60 (float), - which corresponds to 20% - 60%. This setting adjusts the shared_buffers - configuration value. - maximum: 60 - minimum: 20 - type: number - static_ips: - description: Use static public IP addresses - type: boolean - synchronous_replication: - description: Synchronous replication type. Note that the service - plan also needs to support synchronous replication. - enum: - - quorum - - "off" - type: string - timescaledb: - description: System-wide settings for the timescaledb extension - properties: - max_background_workers: - description: The number of background workers for timescaledb - operations. You should configure this setting to the sum - of your number of databases and the total number of concurrent - background workers you want running at any given point in - time. - maximum: 4096 - minimum: 1 - type: integer - type: object - variant: - description: Variant of the PostgreSQL service, may affect the - features that are exposed by default - enum: - - aiven - - timescale - type: string - work_mem: - description: Sets the maximum amount of memory to be used by a - query operation (such as a sort or hash table) before writing - to temporary disk files, in MB. Default is 1MB + 0.075% of total - RAM (up to 32MB). - maximum: 1024 - minimum: 1 - type: integer - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: + Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: + Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: + Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: + Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: + Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: + Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: + Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: + Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: + Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: + Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: + In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: + The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: + This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: + Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: + Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: + Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: + Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: + Controls the amount of detail written in the + server log for each message that is logged. + enum: + - TERSE + - DEFAULT + - VERBOSE + type: string + log_line_prefix: + description: + Choose from one of the available log-formats. + These can support popular log analyzers like pgbadger, pganalyze + etc. + enum: + - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + type: string + log_min_duration_statement: + description: + Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: + Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: + PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: + PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: + Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: + Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: + PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: + Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: + Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: + Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_monitor.pgsm_enable_query_plan: + description: Enables or disables query plan monitoring + type: boolean + pg_stat_monitor.pgsm_max_buckets: + description: Sets the maximum number of buckets + maximum: 10 + minimum: 1 + type: integer + pg_stat_statements.track: + description: + Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - top + - none + type: string + temp_file_limit: + description: + PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + type: string + track_activity_query_size: + description: + Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: + Enables tracking of function call counts and + time used. + enum: + - all + - pl + - none + type: string + track_io_timing: + description: + Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: + Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: + WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_qualstats: + description: + Deprecated. System-wide settings for the pg_qualstats + extension + properties: + enabled: + description: Deprecated. Enable / Disable pg_qualstats + type: boolean + min_err_estimate_num: + description: + Deprecated. Error estimation num threshold to + save quals + minimum: 0 + type: integer + min_err_estimate_ratio: + description: + Deprecated. Error estimation ratio threshold + to save quals + minimum: 0 + type: integer + track_constants: + description: + Deprecated. Enable / Disable pg_qualstats constants + tracking + type: boolean + track_pg_catalog: + description: Deprecated. Track quals on system catalogs too. + type: boolean + type: object + pg_read_replica: + description: + Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: + Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 type: string - status: - description: status of the condition, one of True, False, Unknown. + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + pg_stat_monitor_enable: + description: + Enable the pg_stat_monitor extension. Enabling this + extension will cause the cluster to be restarted.When this extension + is enabled, pg_stat_statements results for utility commands + are unreliable + type: boolean + pg_version: + description: PostgreSQL major version enum: - - "True" - - "False" - - Unknown + - "11" + - "12" + - "13" + - "14" + - "15" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: + If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: + Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - transaction + - statement + type: string + autodb_pool_size: + description: + If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: + List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + min_pool_size: + description: + Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: + If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: + The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: + Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: + Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + pg: + description: + Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + pg: + description: + Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: + Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: + Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - quorum + - "off" + type: string + timescaledb: + description: System-wide settings for the timescaledb extension + properties: + max_background_workers: + description: + The number of background workers for timescaledb + operations. You should configure this setting to the sum + of your number of databases and the total number of concurrent + background workers you want running at any given point in + time. + maximum: 4096 + minimum: 1 + type: integer + type: object + variant: + description: + Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: + Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml index 0bf1f9fc..5256e9c1 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml @@ -15,229 +15,244 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 - type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 type: string - maxItems: 10 - type: array - billingExtraText: - description: Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 - type: string - cloud: - description: 'Target cloud, example: aws-eu-central-1' - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `PROJECT_CA_CERT`' - properties: - annotations: - additionalProperties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: type: string - required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: + maxItems: 10 + type: array + billingExtraText: + description: + Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 type: string - description: Tags are key-value pairs that allow you to categorize - projects - type: object - technicalEmails: - description: Technical contact emails of the project - items: + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 type: string - maxItems: 10 - type: array - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: Conditions represent the latest available observations - of an Project state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + cardId: + description: + Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: "Target cloud, example: aws-eu-central-1" + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `PROJECT_CA_CERT`" properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name + type: object + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + projects type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + technicalEmails: + description: Technical contact emails of the project + items: + type: string + maxItems: 10 + type: array + type: object + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: + Conditions represent the latest available observations + of an Project state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml index 720040e8..f6b08d0a 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml @@ -15,165 +15,174 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: Conditions represent the latest available observations - of an ProjectVPC state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: + Conditions represent the latest available observations + of an ProjectVPC state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml index 2b665d1c..bd6c988d 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml @@ -15,464 +15,509 @@ spec: singular: redis scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redis is the Schema for the redis API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RedisSpec defines the desired state of Redis - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redis API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Redis specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication + - read_replica type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port + - integrationType + - sourceServiceName type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - redis: - description: Allow clients to connect to redis with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - prometheus: - description: Enable prometheus - type: boolean - redis: - description: Enable redis - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - redis: - description: Allow clients to connect to redis from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ + tags: + additionalProperties: type: string - redis_acl_channels_default: - description: Determines default pub/sub channels' ACL for new - users if ACL is not supplied. When this option is not defined, - all_channels is assumed to keep backward compatibility. This - option doesn't affect Redis configuration acl-pubsub-default. - enum: - - allchannels - - resetchannels - type: string - redis_io_threads: - description: Set Redis IO thread count. Changing this will cause - a restart of the Redis service. - maximum: 32 - minimum: 1 - type: integer - redis_lfu_decay_time: - description: LFU maxmemory-policy counter decay time in minutes - maximum: 120 - minimum: 1 - type: integer - redis_lfu_log_factor: - description: Counter logarithm factor for volatile-lfu and allkeys-lfu - maxmemory-policies - maximum: 100 - minimum: 0 - type: integer - redis_maxmemory_policy: - description: Redis maxmemory-policy - enum: - - noeviction - - allkeys-lru - - volatile-lru - - allkeys-random - - volatile-random - - volatile-ttl - - volatile-lfu - - allkeys-lfu - type: string - redis_notify_keyspace_events: - description: Set notify-keyspace-events option - maxLength: 32 - pattern: ^[KEg\$lshzxeA]*$ - type: string - redis_number_of_databases: - description: Set number of Redis databases. Changing this will - cause a restart of the Redis service. - maximum: 128 - minimum: 1 - type: integer - redis_persistence: - description: When persistence is 'rdb', Redis does RDB dumps each - 10 minutes if any key is changed. Also RDB dumps are done according - to backup schedule for backup purposes. When persistence is - 'off', no RDB dumps and backups are done, so data can be lost - at any moment if service is restarted for any reason, or if - service is powered off. Also service can't be forked. - enum: - - "off" - - rdb - type: string - redis_pubsub_client_output_buffer_limit: - description: Set output buffer limit for pub / sub clients in - MB. The value is the hard limit, the soft limit is 1/4 of the - hard limit. When setting the limit, be mindful of the available - memory in the selected service plan. - maximum: 512 - minimum: 32 - type: integer - redis_ssl: - description: Require SSL to access Redis - type: boolean - redis_timeout: - description: Redis idle connection timeout in seconds - maximum: 31536000 - minimum: 0 - type: integer - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Redis specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + redis: + description: + Allow clients to connect to redis with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + prometheus: + description: Enable prometheus + type: boolean + redis: + description: Enable redis + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + redis: + description: + Allow clients to connect to redis from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + redis_acl_channels_default: + description: + Determines default pub/sub channels' ACL for new + users if ACL is not supplied. When this option is not defined, + all_channels is assumed to keep backward compatibility. This + option doesn't affect Redis configuration acl-pubsub-default. + enum: + - allchannels + - resetchannels type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + redis_io_threads: + description: + Set Redis IO thread count. Changing this will cause + a restart of the Redis service. + maximum: 32 + minimum: 1 + type: integer + redis_lfu_decay_time: + description: LFU maxmemory-policy counter decay time in minutes + maximum: 120 + minimum: 1 + type: integer + redis_lfu_log_factor: + description: + Counter logarithm factor for volatile-lfu and allkeys-lfu + maxmemory-policies + maximum: 100 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + redis_maxmemory_policy: + description: Redis maxmemory-policy + enum: + - noeviction + - allkeys-lru + - volatile-lru + - allkeys-random + - volatile-random + - volatile-ttl + - volatile-lfu + - allkeys-lfu type: string - status: - description: status of the condition, one of True, False, Unknown. + redis_notify_keyspace_events: + description: Set notify-keyspace-events option + maxLength: 32 + pattern: ^[KEg\$lshzxeA]*$ + type: string + redis_number_of_databases: + description: + Set number of Redis databases. Changing this will + cause a restart of the Redis service. + maximum: 128 + minimum: 1 + type: integer + redis_persistence: + description: + When persistence is 'rdb', Redis does RDB dumps each + 10 minutes if any key is changed. Also RDB dumps are done according + to backup schedule for backup purposes. When persistence is + 'off', no RDB dumps and backups are done, so data can be lost + at any moment if service is restarted for any reason, or if + service is powered off. Also service can't be forked. enum: - - "True" - - "False" - - Unknown + - "off" + - rdb type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + redis_pubsub_client_output_buffer_limit: + description: + Set output buffer limit for pub / sub clients in + MB. The value is the hard limit, the soft limit is 1/4 of the + hard limit. When setting the limit, be mindful of the available + memory in the selected service plan. + maximum: 512 + minimum: 32 + type: integer + redis_ssl: + description: Require SSL to access Redis + type: boolean + redis_timeout: + description: Redis idle connection timeout in seconds + maximum: 31536000 + minimum: 0 + type: integer + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml index 7ba61edd..7ddcb94b 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml @@ -15,748 +15,790 @@ spec: singular: serviceintegration scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.integrationType - name: Type - type: string - - jsonPath: .spec.sourceServiceName - name: Source Service Name - type: string - - jsonPath: .spec.destinationServiceName - name: Destination Service Name - type: string - - jsonPath: .spec.sourceEndpointId - name: Source Endpoint ID - type: string - - jsonPath: .spec.destinationEndpointId - name: Destination Endpoint ID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceIntegration is the Schema for the serviceintegrations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceIntegrationSpec defines the desired state of ServiceIntegration - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - clickhouseKafka: - description: Clickhouse Kafka configuration values - properties: - tables: - description: Tables to create - items: - description: Table to create + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.integrationType + name: Type + type: string + - jsonPath: .spec.sourceServiceName + name: Source Service Name + type: string + - jsonPath: .spec.destinationServiceName + name: Destination Service Name + type: string + - jsonPath: .spec.sourceEndpointId + name: Source Endpoint ID + type: string + - jsonPath: .spec.destinationEndpointId + name: Destination Endpoint ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: + ServiceIntegration is the Schema for the serviceintegrations + API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceIntegrationSpec defines the desired state of ServiceIntegration + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + clickhouseKafka: + description: Clickhouse Kafka configuration values + properties: + tables: + description: Tables to create + items: + description: Table to create + properties: + auto_offset_reset: + description: + Action to take when there is no initial offset + in offset store or the desired offset is out of range + enum: + - smallest + - earliest + - beginning + - largest + - latest + - end + type: string + columns: + description: Table columns + items: + description: Table column + properties: + name: + description: Column name + maxLength: 40 + minLength: 1 + type: string + type: + description: Column type + maxLength: 1000 + minLength: 1 + type: string + required: + - name + - type + type: object + maxItems: 100 + type: array + data_format: + description: Message data format + enum: + - Avro + - CSV + - JSONAsString + - JSONCompactEachRow + - JSONCompactStringsEachRow + - JSONEachRow + - JSONStringsEachRow + - MsgPack + - TSKV + - TSV + - TabSeparated + - RawBLOB + - AvroConfluent + type: string + date_time_input_format: + description: Method to read DateTime from text input formats + enum: + - basic + - best_effort + - best_effort_us + type: string + group_name: + description: Kafka consumers group + maxLength: 249 + minLength: 1 + type: string + handle_error_mode: + description: How to handle errors for Kafka engine + enum: + - default + - stream + type: string + max_block_size: + description: + Number of row collected by poll(s) for flushing + data from Kafka + maximum: 1000000000 + minimum: 0 + type: integer + max_rows_per_message: + description: + The maximum number of rows produced in one + kafka message for row-based formats + maximum: 1000000000 + minimum: 1 + type: integer + name: + description: Name of the table + maxLength: 40 + minLength: 1 + type: string + num_consumers: + description: The number of consumers per table per replica + maximum: 10 + minimum: 1 + type: integer + poll_max_batch_size: + description: + Maximum amount of messages to be polled in + a single Kafka poll + maximum: 1000000000 + minimum: 0 + type: integer + skip_broken_messages: + description: + Skip at least this number of broken messages + from Kafka topic per block + maximum: 1000000000 + minimum: 0 + type: integer + topics: + description: Kafka topics + items: + description: Kafka topic + properties: + name: + description: Name of the topic + maxLength: 249 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 100 + type: array + required: + - columns + - data_format + - group_name + - name + - topics + type: object + maxItems: 100 + type: array + type: object + clickhousePostgresql: + description: Clickhouse PostgreSQL configuration values + properties: + databases: + description: Databases to expose + items: + description: Database to expose + properties: + database: + description: PostgreSQL database to expose + maxLength: 63 + minLength: 1 + type: string + schema: + description: PostgreSQL schema to expose + maxLength: 63 + minLength: 1 + type: string + type: object + maxItems: 10 + type: array + type: object + datadog: + description: Datadog specific user configuration options + properties: + datadog_dbm_enabled: + description: Enable Datadog Database Monitoring + type: boolean + datadog_tags: + description: Custom tags provided by user + items: + description: Datadog tag defined by user + properties: + comment: + description: Optional tag explanation + maxLength: 1024 + type: string + tag: + description: + "Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. + Tags with prefix 'aiven-' are reserved for Aiven." + maxLength: 200 + minLength: 1 + type: string + required: + - tag + type: object + maxItems: 32 + type: array + exclude_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + exclude_topics: + description: List of topics to exclude + items: + type: string + maxItems: 1024 + type: array + include_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + include_topics: + description: List of topics to include + items: + type: string + maxItems: 1024 + type: array + kafka_custom_metrics: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + max_jmx_metrics: + description: Maximum number of JMX metrics to send + maximum: 100000 + minimum: 10 + type: integer + opensearch: + description: Datadog Opensearch Options properties: - auto_offset_reset: - description: Action to take when there is no initial offset - in offset store or the desired offset is out of range - enum: - - smallest - - earliest - - beginning - - largest - - latest - - end - type: string - columns: - description: Table columns - items: - description: Table column - properties: - name: - description: Column name - maxLength: 40 - minLength: 1 - type: string - type: - description: Column type - maxLength: 1000 - minLength: 1 - type: string - required: - - name - - type - type: object - maxItems: 100 - type: array - data_format: - description: Message data format - enum: - - Avro - - CSV - - JSONAsString - - JSONCompactEachRow - - JSONCompactStringsEachRow - - JSONEachRow - - JSONStringsEachRow - - MsgPack - - TSKV - - TSV - - TabSeparated - - RawBLOB - - AvroConfluent + index_stats_enabled: + description: Enable Datadog Opensearch Index Monitoring + type: boolean + pending_task_stats_enabled: + description: Enable Datadog Opensearch Pending Task Monitoring + type: boolean + pshard_stats_enabled: + description: Enable Datadog Opensearch Primary Shard Monitoring + type: boolean + type: object + redis: + description: Datadog Redis Options + properties: + command_stats_enabled: + description: Enable command_stats option in the agent's configuration + type: boolean + type: object + type: object + destinationEndpointId: + description: Destination endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationProjectName: + description: Destination project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationServiceName: + description: Destination service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + externalAWSCloudwatchMetrics: + description: + External AWS CloudWatch Metrics integration Logs configuration + values + properties: + dropped_metrics: + description: + Metrics to not send to AWS CloudWatch (takes precedence + over extra_metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + extra_metrics: + description: + Metrics to allow through to AWS CloudWatch (in addition + to default metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + type: object + integrationType: + description: + Type of the service integration accepted by Aiven API. + Some values may not be supported by the operator + enum: + - alertmanager + - autoscaler + - caching + - cassandra_cross_service_cluster + - clickhouse_kafka + - clickhouse_postgresql + - dashboard + - datadog + - datasource + - external_aws_cloudwatch_logs + - external_aws_cloudwatch_metrics + - external_elasticsearch_logs + - external_google_cloud_logging + - external_opensearch_logs + - flink + - flink_external_kafka + - internal_connectivity + - jolokia + - kafka_connect + - kafka_logs + - kafka_mirrormaker + - logs + - m3aggregator + - m3coordinator + - metrics + - opensearch_cross_cluster_replication + - opensearch_cross_cluster_search + - prometheus + - read_replica + - rsyslog + - schema_registry_proxy + - stresstester + - thanosquery + - thanosstore + - vmalert + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + kafkaConnect: + description: Kafka Connect service configuration values + properties: + kafka_connect: + description: Kafka Connect service configuration values + properties: + config_storage_topic: + description: + The name of the topic where connector and task + configuration data are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 type: string - date_time_input_format: - description: Method to read DateTime from text input formats - enum: - - basic - - best_effort - - best_effort_us + group_id: + description: + A unique string that identifies the Connect cluster + group this worker belongs to. + maxLength: 249 type: string - group_name: - description: Kafka consumers group + offset_storage_topic: + description: + The name of the topic where connector and task + configuration offsets are stored.This must be the same for + all workers with the same group_id. maxLength: 249 - minLength: 1 type: string - handle_error_mode: - description: How to handle errors for Kafka engine - enum: - - default - - stream + status_storage_topic: + description: + The name of the topic where connector and task + configuration status updates are stored.This must be the + same for all workers with the same group_id. + maxLength: 249 type: string - max_block_size: - description: Number of row collected by poll(s) for flushing - data from Kafka - maximum: 1000000000 + type: object + type: object + kafkaLogs: + description: Kafka logs configuration values + properties: + kafka_topic: + description: Topic name + maxLength: 249 + minLength: 1 + type: string + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + required: + - kafka_topic + type: object + kafkaMirrormaker: + description: Kafka MirrorMaker configuration values + properties: + cluster_alias: + description: + "The alias under which the Kafka cluster is known + to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, + '.', '_', and '-'." + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + type: string + kafka_mirrormaker: + description: Kafka MirrorMaker configuration values + properties: + consumer_fetch_min_bytes: + description: + The minimum amount of data the server should + return for a fetch request + maximum: 5242880 + minimum: 1 + type: integer + producer_batch_size: + description: + The batch size in bytes producer will attempt + to collect before publishing to broker. + maximum: 5242880 minimum: 0 type: integer - max_rows_per_message: - description: The maximum number of rows produced in one - kafka message for row-based formats - maximum: 1000000000 - minimum: 1 + producer_buffer_memory: + description: + The amount of bytes producer can use for buffering + data before publishing to broker. + maximum: 134217728 + minimum: 5242880 type: integer - name: - description: Name of the table - maxLength: 40 - minLength: 1 + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - num_consumers: - description: The number of consumers per table per replica - maximum: 10 - minimum: 1 - type: integer - poll_max_batch_size: - description: Maximum amount of messages to be polled in - a single Kafka poll - maximum: 1000000000 + producer_linger_ms: + description: + The linger time (ms) for waiting new data to + arrive for publishing. + maximum: 5000 minimum: 0 type: integer - skip_broken_messages: - description: Skip at least this number of broken messages - from Kafka topic per block - maximum: 1000000000 + producer_max_request_size: + description: The maximum request size in bytes. + maximum: 268435456 minimum: 0 type: integer - topics: - description: Kafka topics - items: - description: Kafka topic - properties: - name: - description: Name of the topic - maxLength: 249 - minLength: 1 - type: string - required: - - name - type: object - maxItems: 100 - type: array - required: - - columns - - data_format - - group_name - - name - - topics type: object - maxItems: 100 - type: array - type: object - clickhousePostgresql: - description: Clickhouse PostgreSQL configuration values - properties: - databases: - description: Databases to expose - items: - description: Database to expose - properties: - database: - description: PostgreSQL database to expose - maxLength: 63 - minLength: 1 - type: string - schema: - description: PostgreSQL schema to expose - maxLength: 63 - minLength: 1 - type: string - type: object - maxItems: 10 - type: array - type: object - datadog: - description: Datadog specific user configuration options - properties: - datadog_dbm_enabled: - description: Enable Datadog Database Monitoring - type: boolean - datadog_tags: - description: Custom tags provided by user - items: - description: Datadog tag defined by user - properties: - comment: - description: Optional tag explanation - maxLength: 1024 - type: string - tag: - description: 'Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. - Tags with prefix ''aiven-'' are reserved for Aiven.' - maxLength: 200 - minLength: 1 - type: string - required: - - tag - type: object - maxItems: 32 - type: array - exclude_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - exclude_topics: - description: List of topics to exclude - items: - type: string - maxItems: 1024 - type: array - include_consumer_groups: - description: List of custom metrics - items: + type: object + logs: + description: Logs configuration values + properties: + elasticsearch_index_days_max: + description: Elasticsearch index retention limit + maximum: 10000 + minimum: 1 + type: integer + elasticsearch_index_prefix: + description: Elasticsearch index prefix + maxLength: 1024 + minLength: 1 type: string - maxItems: 1024 - type: array - include_topics: - description: List of topics to include - items: + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + type: object + metrics: + description: Metrics configuration values + properties: + database: + description: + Name of the database where to store metric datapoints. + Only affects PostgreSQL destinations. Defaults to 'metrics'. + Note that this must be the same for all metrics integrations + that write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - kafka_custom_metrics: - description: List of custom metrics - items: + retention_days: + description: + Number of days to keep old metrics. Only affects + PostgreSQL destinations. Set to 0 for no automatic cleanup. + Defaults to 30 days. + maximum: 10000 + minimum: 0 + type: integer + ro_username: + description: + Name of a user that can be used to read metrics. + This will be used for Grafana integration (if enabled) to prevent + Grafana users from making undesired changes. Only affects PostgreSQL + destinations. Defaults to 'metrics_reader'. Note that this must + be the same for all metrics integrations that write data to + the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - max_jmx_metrics: - description: Maximum number of JMX metrics to send - maximum: 100000 - minimum: 10 - type: integer - opensearch: - description: Datadog Opensearch Options - properties: - index_stats_enabled: - description: Enable Datadog Opensearch Index Monitoring - type: boolean - pending_task_stats_enabled: - description: Enable Datadog Opensearch Pending Task Monitoring - type: boolean - pshard_stats_enabled: - description: Enable Datadog Opensearch Primary Shard Monitoring - type: boolean - type: object - redis: - description: Datadog Redis Options - properties: - command_stats_enabled: - description: Enable command_stats option in the agent's configuration - type: boolean - type: object - type: object - destinationEndpointId: - description: Destination endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationProjectName: - description: Destination project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationServiceName: - description: Destination service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - externalAWSCloudwatchMetrics: - description: External AWS CloudWatch Metrics integration Logs configuration - values - properties: - dropped_metrics: - description: Metrics to not send to AWS CloudWatch (takes precedence - over extra_metrics) - items: - description: Metric name and subfield + source_mysql: + description: + Configuration options for metrics where source service + is MySQL properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric + telegraf: + description: + Configuration options for Telegraf MySQL input + plugin + properties: + gather_event_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS + type: boolean + gather_file_events_stats: + description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME + type: boolean + gather_index_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE + type: boolean + gather_info_schema_auto_inc: + description: + Gather auto_increment columns and max values + from information schema + type: boolean + gather_innodb_metrics: + description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS + type: boolean + gather_perf_events_statements: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST + type: boolean + gather_process_list: + description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST + type: boolean + gather_slave_status: + description: + Gather metrics from SHOW SLAVE STATUS command + output + type: boolean + gather_table_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE + type: boolean + gather_table_lock_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS + type: boolean + gather_table_schema: + description: Gather metrics from INFORMATION_SCHEMA.TABLES + type: boolean + perf_events_statements_digest_text_limit: + description: + Truncates digest text from perf_events_statements + into this many characters + maximum: 2048 + minimum: 1 + type: integer + perf_events_statements_limit: + description: Limits metrics from perf_events_statements + maximum: 4000 + minimum: 1 + type: integer + perf_events_statements_time_limit: + description: + Only include perf_events_statements whose + last seen is less than this many seconds + maximum: 2592000 + minimum: 1 + type: integer + type: object type: object - maxItems: 1024 - type: array - extra_metrics: - description: Metrics to allow through to AWS CloudWatch (in addition - to default metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - type: object - integrationType: - description: Type of the service integration accepted by Aiven API. - Some values may not be supported by the operator - enum: - - alertmanager - - autoscaler - - caching - - cassandra_cross_service_cluster - - clickhouse_kafka - - clickhouse_postgresql - - dashboard - - datadog - - datasource - - external_aws_cloudwatch_logs - - external_aws_cloudwatch_metrics - - external_elasticsearch_logs - - external_google_cloud_logging - - external_opensearch_logs - - flink - - flink_external_kafka - - internal_connectivity - - jolokia - - kafka_connect - - kafka_logs - - kafka_mirrormaker - - logs - - m3aggregator - - m3coordinator - - metrics - - opensearch_cross_cluster_replication - - opensearch_cross_cluster_search - - prometheus - - read_replica - - rsyslog - - schema_registry_proxy - - stresstester - - thanosquery - - thanosstore - - vmalert - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - kafkaConnect: - description: Kafka Connect service configuration values - properties: - kafka_connect: - description: Kafka Connect service configuration values + username: + description: + Name of the user used to write metrics. Only affects + PostgreSQL destinations. Defaults to 'metrics_writer'. Note + that this must be the same for all metrics integrations that + write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + type: object + project: + description: Project the integration belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceEndpointID: + description: Source endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceProjectName: + description: Source project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceServiceName: + description: Source service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - integrationType + - project + type: object + status: + description: ServiceIntegrationStatus defines the observed state of ServiceIntegration + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceIntegration state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - config_storage_topic: - description: The name of the topic where connector and task - configuration data are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 - type: string - group_id: - description: A unique string that identifies the Connect cluster - group this worker belongs to. - maxLength: 249 - type: string - offset_storage_topic: - description: The name of the topic where connector and task - configuration offsets are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - status_storage_topic: - description: The name of the topic where connector and task - configuration status updates are stored.This must be the - same for all workers with the same group_id. - maxLength: 249 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - type: object - type: object - kafkaLogs: - description: Kafka logs configuration values - properties: - kafka_topic: - description: Topic name - maxLength: 249 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - required: - - kafka_topic - type: object - kafkaMirrormaker: - description: Kafka MirrorMaker configuration values - properties: - cluster_alias: - description: 'The alias under which the Kafka cluster is known - to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, - ''.'', ''_'', and ''-''.' - maxLength: 128 - pattern: ^[a-zA-Z0-9_.-]+$ - type: string - kafka_mirrormaker: - description: Kafka MirrorMaker configuration values - properties: - consumer_fetch_min_bytes: - description: The minimum amount of data the server should - return for a fetch request - maximum: 5242880 - minimum: 1 - type: integer - producer_batch_size: - description: The batch size in bytes producer will attempt - to collect before publishing to broker. - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The amount of bytes producer can use for buffering - data before publishing to broker. - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: The linger time (ms) for waiting new data to - arrive for publishing. - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum request size in bytes. - maximum: 268435456 - minimum: 0 - type: integer - type: object - type: object - logs: - description: Logs configuration values - properties: - elasticsearch_index_days_max: - description: Elasticsearch index retention limit - maximum: 10000 - minimum: 1 - type: integer - elasticsearch_index_prefix: - description: Elasticsearch index prefix - maxLength: 1024 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - type: object - metrics: - description: Metrics configuration values - properties: - database: - description: Name of the database where to store metric datapoints. - Only affects PostgreSQL destinations. Defaults to 'metrics'. - Note that this must be the same for all metrics integrations - that write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ - type: string - retention_days: - description: Number of days to keep old metrics. Only affects - PostgreSQL destinations. Set to 0 for no automatic cleanup. - Defaults to 30 days. - maximum: 10000 - minimum: 0 - type: integer - ro_username: - description: Name of a user that can be used to read metrics. - This will be used for Grafana integration (if enabled) to prevent - Grafana users from making undesired changes. Only affects PostgreSQL - destinations. Defaults to 'metrics_reader'. Note that this must - be the same for all metrics integrations that write data to - the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - source_mysql: - description: Configuration options for metrics where source service - is MySQL - properties: - telegraf: - description: Configuration options for Telegraf MySQL input - plugin - properties: - gather_event_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS - type: boolean - gather_file_events_stats: - description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME - type: boolean - gather_index_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE - type: boolean - gather_info_schema_auto_inc: - description: Gather auto_increment columns and max values - from information schema - type: boolean - gather_innodb_metrics: - description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS - type: boolean - gather_perf_events_statements: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST - type: boolean - gather_process_list: - description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST - type: boolean - gather_slave_status: - description: Gather metrics from SHOW SLAVE STATUS command - output - type: boolean - gather_table_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE - type: boolean - gather_table_lock_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS - type: boolean - gather_table_schema: - description: Gather metrics from INFORMATION_SCHEMA.TABLES - type: boolean - perf_events_statements_digest_text_limit: - description: Truncates digest text from perf_events_statements - into this many characters - maximum: 2048 - minimum: 1 - type: integer - perf_events_statements_limit: - description: Limits metrics from perf_events_statements - maximum: 4000 - minimum: 1 - type: integer - perf_events_statements_time_limit: - description: Only include perf_events_statements whose - last seen is less than this many seconds - maximum: 2592000 - minimum: 1 - type: integer - type: object + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - username: - description: Name of the user used to write metrics. Only affects - PostgreSQL destinations. Defaults to 'metrics_writer'. Note - that this must be the same for all metrics integrations that - write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - type: object - project: - description: Project the integration belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceEndpointID: - description: Source endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceProjectName: - description: Source project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceServiceName: - description: Source service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - integrationType - - project - type: object - status: - description: ServiceIntegrationStatus defines the observed state of ServiceIntegration - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceIntegration state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Service integration ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Service integration ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml index e188b02d..b71e03fb 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml @@ -15,179 +15,191 @@ spec: singular: serviceuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceUser is the Schema for the serviceusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceUserSpec defines the desired state of ServiceUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - authentication: - description: Authentication details - enum: - - caching_sha2_password - - mysql_native_password - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, - `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, - `SERVICEUSER_ACCESS_KEY`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - required: - - project - - serviceName - type: object - status: - description: ServiceUserStatus defines the observed state of ServiceUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceUser is the Schema for the serviceusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceUserSpec defines the desired state of ServiceUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - type: - description: Type of the user account - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - project + - serviceName + type: object + status: + description: ServiceUserStatus defines the observed state of ServiceUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: + description: Type of the user account + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_cassandras.yaml b/config/crd/bases/aiven.io_cassandras.yaml index b92c2e97..c77cf9c8 100644 --- a/config/crd/bases/aiven.io_cassandras.yaml +++ b/config/crd/bases/aiven.io_cassandras.yaml @@ -15,381 +15,417 @@ spec: singular: cassandra scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cassandra is the Schema for the cassandras API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CassandraSpec defines the desired state of Cassandra - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, - `CASSANDRA_URI`, `CASSANDRA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cassandra is the Schema for the cassandras API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: CassandraSpec defines the desired state of Cassandra + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Deprecated. Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - cassandra: - description: cassandra configuration values - properties: - batch_size_fail_threshold_in_kb: - description: Fail any multiple-partition batch exceeding this - value. 50kb (10x warn threshold) by default. - maximum: 1000000 - minimum: 1 - type: integer - batch_size_warn_threshold_in_kb: - description: Log a warning message on any multiple-partition - batch size exceeding this value.5kb per batch by default.Caution - should be taken on increasing the size of this thresholdas - it can lead to node instability. - maximum: 1000000 - minimum: 1 - type: integer - datacenter: - description: Name of the datacenter to which nodes of this - service belong. Can be set only when creating the service. - maxLength: 128 + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - type: object - cassandra_version: - description: Cassandra major version - enum: - - "4" - - "3" - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - migrate_sstableloader: - description: Sets the service into migration mode enabling the - sstableloader utility to be used to upload Cassandra data files. - Available only on service create. - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_to_join_with: - description: When bootstrapping, instead of creating a new Cassandra - cluster try to join an existing one from another service. Can - only be set on service creation. - maxLength: 64 + tags: + additionalProperties: type: string - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + cassandra: + description: cassandra configuration values + properties: + batch_size_fail_threshold_in_kb: + description: + Fail any multiple-partition batch exceeding this + value. 50kb (10x warn threshold) by default. + maximum: 1000000 + minimum: 1 + type: integer + batch_size_warn_threshold_in_kb: + description: + Log a warning message on any multiple-partition + batch size exceeding this value.5kb per batch by default.Caution + should be taken on increasing the size of this thresholdas + it can lead to node instability. + maximum: 1000000 + minimum: 1 + type: integer + datacenter: + description: + Name of the datacenter to which nodes of this + service belong. Can be set only when creating the service. + maxLength: 128 + type: string + type: object + cassandra_version: + description: Cassandra major version enum: - - "True" - - "False" - - Unknown + - "4" + - "3" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migrate_sstableloader: + description: + Sets the service into migration mode enabling the + sstableloader utility to be used to upload Cassandra data files. + Available only on service create. + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_to_join_with: + description: + When bootstrapping, instead of creating a new Cassandra + cluster try to join an existing one from another service. Can + only be set on service creation. + maxLength: 64 + type: string + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_clickhouses.yaml b/config/crd/bases/aiven.io_clickhouses.yaml index 6fbd5c4e..631948cd 100644 --- a/config/crd/bases/aiven.io_clickhouses.yaml +++ b/config/crd/bases/aiven.io_clickhouses.yaml @@ -15,360 +15,396 @@ spec: singular: clickhouse scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Clickhouse is the Schema for the clickhouses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseSpec defines the desired state of Clickhouse - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - private_access: - description: Allow access to selected service ports from private - networks - properties: - clickhouse: - description: Allow clients to connect to clickhouse with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - clickhouse: - description: Enable clickhouse - type: boolean - clickhouse_https: - description: Enable clickhouse_https - type: boolean - clickhouse_mysql: - description: Enable clickhouse_mysql - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - clickhouse: - description: Allow clients to connect to clickhouse from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + private_access: + description: + Allow access to selected service ports from private + networks + properties: + clickhouse: + description: + Allow clients to connect to clickhouse with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + clickhouse: + description: Enable clickhouse + type: boolean + clickhouse_https: + description: Enable clickhouse_https + type: boolean + clickhouse_mysql: + description: Enable clickhouse_mysql + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + clickhouse: + description: + Allow clients to connect to clickhouse from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_clickhouseusers.yaml b/config/crd/bases/aiven.io_clickhouseusers.yaml index d28df3a9..87435b42 100644 --- a/config/crd/bases/aiven.io_clickhouseusers.yaml +++ b/config/crd/bases/aiven.io_clickhouseusers.yaml @@ -15,179 +15,191 @@ spec: singular: clickhouseuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClickhouseUser is the Schema for the clickhouseusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseUserSpec defines the desired state of ClickhouseUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, - `CLICKHOUSEUSER_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - project - - serviceName - type: object - status: - description: ClickhouseUserStatus defines the observed state of ClickhouseUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ClickhouseUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - uuid: - description: Clickhouse user UUID - type: string - required: - - conditions - - uuid - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - project + - serviceName + type: object + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_connectionpools.yaml b/config/crd/bases/aiven.io_connectionpools.yaml index f8b3d439..8c40c19c 100644 --- a/config/crd/bases/aiven.io_connectionpools.yaml +++ b/config/crd/bases/aiven.io_connectionpools.yaml @@ -15,200 +15,213 @@ spec: singular: connectionpool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.databaseName - name: Database - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.poolSize - name: Pool Size - type: string - - jsonPath: .spec.poolMode - name: Pool Mode - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ConnectionPool is the Schema for the connectionpools API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConnectionPoolSpec defines the desired state of ConnectionPool - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, - `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, - `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - databaseName: - description: Name of the database the pool connects to - maxLength: 40 - type: string - poolMode: - description: Mode the pool operates in (session, transaction, statement) - enum: - - session - - transaction - - statement - type: string - poolSize: - description: Number of connections the pool may create towards the - backend server - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - username: - description: Name of the service user used to connect to the database - maxLength: 64 - type: string - required: - - databaseName - - project - - serviceName - - username - type: object - status: - description: ConnectionPoolStatus defines the observed state of ConnectionPool - properties: - conditions: - description: Conditions represent the latest available observations - of an ConnectionPool state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.databaseName + name: Database + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.poolSize + name: Pool Size + type: string + - jsonPath: .spec.poolMode + name: Pool Mode + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ConnectionPool is the Schema for the connectionpools API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ConnectionPoolSpec defines the desired state of ConnectionPool + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, + `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, + `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + databaseName: + description: Name of the database the pool connects to + maxLength: 40 + type: string + poolMode: + description: Mode the pool operates in (session, transaction, statement) + enum: + - session + - transaction + - statement + type: string + poolSize: + description: + Number of connections the pool may create towards the + backend server + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + username: + description: Name of the service user used to connect to the database + maxLength: 64 + type: string + required: + - databaseName + - project + - serviceName + - username + type: object + status: + description: ConnectionPoolStatus defines the observed state of ConnectionPool + properties: + conditions: + description: + Conditions represent the latest available observations + of an ConnectionPool state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_databases.yaml b/config/crd/bases/aiven.io_databases.yaml index 8a25500c..eb5e09e0 100644 --- a/config/crd/bases/aiven.io_databases.yaml +++ b/config/crd/bases/aiven.io_databases.yaml @@ -15,153 +15,165 @@ spec: singular: database scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Database is the Schema for the databases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DatabaseSpec defines the desired state of Database - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - lcCollate: - description: 'Default string sort order (LC_COLLATE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - lcCtype: - description: 'Default character classification (LC_CTYPE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - project: - description: Project to link the database to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: PostgreSQL service to link the database to - maxLength: 63 - type: string - terminationProtection: - description: It is a Kubernetes side deletion protections, which prevents - the database from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - project - - serviceName - type: object - status: - description: DatabaseStatus defines the observed state of Database - properties: - conditions: - description: Conditions represent the latest available observations - of an Database state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Database is the Schema for the databases API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: DatabaseSpec defines the desired state of Database + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + lcCollate: + description: + "Default string sort order (LC_COLLATE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + lcCtype: + description: + "Default character classification (LC_CTYPE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + project: + description: Project to link the database to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: PostgreSQL service to link the database to + maxLength: 63 + type: string + terminationProtection: + description: + It is a Kubernetes side deletion protections, which prevents + the database from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - project + - serviceName + type: object + status: + description: DatabaseStatus defines the observed state of Database + properties: + conditions: + description: + Conditions represent the latest available observations + of an Database state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_grafanas.yaml b/config/crd/bases/aiven.io_grafanas.yaml index 7a9247f9..17a7362e 100644 --- a/config/crd/bases/aiven.io_grafanas.yaml +++ b/config/crd/bases/aiven.io_grafanas.yaml @@ -15,799 +15,869 @@ spec: singular: grafana scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Grafana is the Schema for the grafanas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GrafanaSpec defines the desired state of Grafana - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - alerting_enabled: - description: Enable or disable Grafana legacy alerting functionality. - This should not be enabled with unified_alerting_enabled. - type: boolean - alerting_error_or_timeout: - description: Default error or timeout setting for new alerting - rules - enum: - - alerting - - keep_state - type: string - alerting_max_annotations_to_keep: - description: Max number of alert annotations that Grafana stores. - 0 (default) keeps all alert annotations. - maximum: 1000000 - minimum: 0 - type: integer - alerting_nodata_or_nullvalues: - description: Default value for 'no data or null values' for new - alerting rules - enum: - - alerting - - no_data - - keep_state - - ok - type: string - allow_embedding: - description: Allow embedding Grafana dashboards with iframe/frame/object/embed - tags. Disabled by default to limit impact of clickjacking - type: boolean - auth_azuread: - description: Azure AD OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_basic_enabled: - description: Enable or disable basic authentication form, used - by Grafana built-in login - type: boolean - auth_generic_oauth: - description: Generic OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_organizations: - description: Require user to be member of one of the listed - organizations - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL - maxLength: 2048 - type: string - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - auto_login: - description: Allow users to bypass the login screen and automatically - log in - type: boolean - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - name: - description: Name of the OAuth integration - maxLength: 128 - pattern: ^[a-zA-Z0-9_\- ]+$ - type: string - scopes: - description: OAuth scopes - items: - type: string - maxItems: 50 - type: array - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - api_url - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_github: - description: Github Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_organizations: - description: Require users to belong to one of given organizations - items: - type: string - maxItems: 50 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - team_ids: - description: Require users to belong to one of given team - IDs - items: - type: integer - maxItems: 50 - type: array - required: - - client_id - - client_secret - type: object - auth_gitlab: - description: GitLab Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - auth_url: - description: Authorization URL. This only needs to be set - when using self hosted GitLab - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - required: - - allowed_groups - - client_id - - client_secret - type: object - auth_google: - description: Google Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Domains allowed to sign-in to this Grafana - items: - type: string - maxItems: 64 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - required: - - allowed_domains - - client_id - - client_secret - type: object - cookie_samesite: - description: 'Cookie SameSite attribute: ''strict'' prevents sending - cookie for cross-site requests, effectively disabling direct - linking from other sites to Grafana. ''lax'' is the default - value.' - enum: - - lax - - strict - - none - type: string - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - dashboard_previews_enabled: - description: This feature is new in Grafana 9 and is quite resource - intensive. It may cause low-end plans to work more slowly while - the dashboard previews are rendering. - type: boolean - dashboards_min_refresh_interval: - description: Signed sequence of decimal numbers, followed by a - unit suffix (ms, s, m, h, d), e.g. 30s, 1h - maxLength: 16 - pattern: ^[0-9]+(ms|s|m|h|d)$ - type: string - dashboards_versions_to_keep: - description: Dashboard versions to keep per dashboard - maximum: 100 - minimum: 1 - type: integer - dataproxy_send_user_header: - description: Send 'X-Grafana-User' header to data source - type: boolean - dataproxy_timeout: - description: Timeout for data proxy requests in seconds - maximum: 90 - minimum: 15 - type: integer - date_formats: - description: Grafana date format specifications - properties: - default_timezone: - description: Default time zone for user preferences. Value - 'browser' uses browser local time zone. - maxLength: 64 - pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ - type: string - full_date: - description: Moment.js style format string for cases where - full date is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_day: - description: Moment.js style format string used when a time - requiring day accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_hour: - description: Moment.js style format string used when a time - requiring hour accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_minute: - description: Moment.js style format string used when a time - requiring minute accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_month: - description: Moment.js style format string used when a time - requiring month accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_second: - description: Moment.js style format string used when a time - requiring second accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - interval_year: - description: Moment.js style format string used when a time - requiring year accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - type: object - disable_gravatar: - description: Set to true to disable gravatar. Defaults to false - (gravatar is enabled) - type: boolean - editors_can_admin: - description: Editors can manage folders, teams and dashboards - created by them - type: boolean - external_image_storage: - description: External image store settings + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - access_key: - description: S3 access key. Requires permissions to the S3 - bucket for the s3:PutObject and s3:PutObjectAcl actions - maxLength: 4096 - pattern: ^[A-Z0-9]+$ - type: string - bucket_url: - description: Bucket URL for S3 - maxLength: 2048 - type: string - provider: - description: Provider type + integrationType: enum: - - s3 + - read_replica type: string - secret_key: - description: S3 secret key - maxLength: 4096 - pattern: ^[A-Za-z0-9/+=]+$ + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - access_key - - bucket_url - - provider - - secret_key + - integrationType + - sourceServiceName type: object - google_analytics_ua_id: - description: Google Analytics ID - maxLength: 64 - pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + alerting_enabled: + description: + Enable or disable Grafana legacy alerting functionality. + This should not be enabled with unified_alerting_enabled. + type: boolean + alerting_error_or_timeout: + description: + Default error or timeout setting for new alerting + rules + enum: + - alerting + - keep_state + type: string + alerting_max_annotations_to_keep: + description: + Max number of alert annotations that Grafana stores. + 0 (default) keeps all alert annotations. + maximum: 1000000 + minimum: 0 + type: integer + alerting_nodata_or_nullvalues: + description: + Default value for 'no data or null values' for new + alerting rules + enum: + - alerting + - no_data + - keep_state + - ok + type: string + allow_embedding: + description: + Allow embedding Grafana dashboards with iframe/frame/object/embed + tags. Disabled by default to limit impact of clickjacking + type: boolean + auth_azuread: + description: Azure AD OAuth integration properties: - description: - description: Description for IP filter list entry + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider maxLength: 1024 + pattern: ^[\040-\176]+$ type: string - network: - description: CIDR address block - maxLength: 43 + token_url: + description: Token URL + maxLength: 2048 type: string required: - - network + - auth_url + - client_id + - client_secret + - token_url type: object - maxItems: 1024 - type: array - metrics_enabled: - description: Enable Grafana /metrics endpoint - type: boolean - oauth_allow_insecure_email_lookup: - description: Enforce user lookup based on email instead of the - unique ID provided by the IdP - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - grafana: - description: Allow clients to connect to grafana with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - grafana: - description: Enable grafana - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - grafana: - description: Allow clients to connect to grafana from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - smtp_server: - description: SMTP server settings + auth_basic_enabled: + description: + Enable or disable basic authentication form, used + by Grafana built-in login + type: boolean + auth_generic_oauth: + description: Generic OAuth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_organizations: + description: + Require user to be member of one of the listed + organizations + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL + maxLength: 2048 + type: string + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + auto_login: + description: + Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + name: + description: Name of the OAuth integration + maxLength: 128 + pattern: ^[a-zA-Z0-9_\- ]+$ + type: string + scopes: + description: OAuth scopes + items: + type: string + maxItems: 50 + type: array + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - api_url + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_github: + description: Github Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_organizations: + description: Require users to belong to one of given organizations + items: + type: string + maxItems: 50 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + team_ids: + description: + Require users to belong to one of given team + IDs + items: + type: integer + maxItems: 50 + type: array + required: + - client_id + - client_secret + type: object + auth_gitlab: + description: GitLab Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + api_url: + description: + API URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + auth_url: + description: + Authorization URL. This only needs to be set + when using self hosted GitLab + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: + Token URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + required: + - allowed_groups + - client_id + - client_secret + type: object + auth_google: + description: Google Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Domains allowed to sign-in to this Grafana + items: + type: string + maxItems: 64 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + required: + - allowed_domains + - client_id + - client_secret + type: object + cookie_samesite: + description: + "Cookie SameSite attribute: 'strict' prevents sending + cookie for cross-site requests, effectively disabling direct + linking from other sites to Grafana. 'lax' is the default + value." + enum: + - lax + - strict + - none + type: string + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + dashboard_previews_enabled: + description: + This feature is new in Grafana 9 and is quite resource + intensive. It may cause low-end plans to work more slowly while + the dashboard previews are rendering. + type: boolean + dashboards_min_refresh_interval: + description: + Signed sequence of decimal numbers, followed by a + unit suffix (ms, s, m, h, d), e.g. 30s, 1h + maxLength: 16 + pattern: ^[0-9]+(ms|s|m|h|d)$ + type: string + dashboards_versions_to_keep: + description: Dashboard versions to keep per dashboard + maximum: 100 + minimum: 1 + type: integer + dataproxy_send_user_header: + description: Send 'X-Grafana-User' header to data source + type: boolean + dataproxy_timeout: + description: Timeout for data proxy requests in seconds + maximum: 90 + minimum: 15 + type: integer + date_formats: + description: Grafana date format specifications + properties: + default_timezone: + description: + Default time zone for user preferences. Value + 'browser' uses browser local time zone. + maxLength: 64 + pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ + type: string + full_date: + description: + Moment.js style format string for cases where + full date is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_day: + description: + Moment.js style format string used when a time + requiring day accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_hour: + description: + Moment.js style format string used when a time + requiring hour accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_minute: + description: + Moment.js style format string used when a time + requiring minute accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_month: + description: + Moment.js style format string used when a time + requiring month accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_second: + description: + Moment.js style format string used when a time + requiring second accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_year: + description: + Moment.js style format string used when a time + requiring year accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + type: object + disable_gravatar: + description: + Set to true to disable gravatar. Defaults to false + (gravatar is enabled) + type: boolean + editors_can_admin: + description: + Editors can manage folders, teams and dashboards + created by them + type: boolean + external_image_storage: + description: External image store settings + properties: + access_key: + description: + S3 access key. Requires permissions to the S3 + bucket for the s3:PutObject and s3:PutObjectAcl actions + maxLength: 4096 + pattern: ^[A-Z0-9]+$ + type: string + bucket_url: + description: Bucket URL for S3 + maxLength: 2048 + type: string + provider: + description: Provider type + enum: + - s3 + type: string + secret_key: + description: S3 secret key + maxLength: 4096 + pattern: ^[A-Za-z0-9/+=]+$ + type: string + required: + - access_key + - bucket_url + - provider + - secret_key + type: object + google_analytics_ua_id: + description: Google Analytics ID + maxLength: 64 + pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + metrics_enabled: + description: Enable Grafana /metrics endpoint + type: boolean + oauth_allow_insecure_email_lookup: + description: + Enforce user lookup based on email instead of the + unique ID provided by the IdP + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + grafana: + description: + Allow clients to connect to grafana with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + grafana: + description: Enable grafana + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + grafana: + description: + Allow clients to connect to grafana from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + smtp_server: + description: SMTP server settings + properties: + from_address: + description: Address used for sending emails + maxLength: 319 + pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ + type: string + from_name: + description: Name used in outgoing emails, defaults to Grafana + maxLength: 128 + pattern: ^[^\x00-\x1F]+$ + type: string + host: + description: Server hostname or IP + maxLength: 255 + type: string + password: + description: Password for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + port: + description: SMTP server port + maximum: 65535 + minimum: 1 + type: integer + skip_verify: + description: + Skip verifying server certificate. Defaults to + false + type: boolean + starttls_policy: + description: + Either OpportunisticStartTLS, MandatoryStartTLS + or NoStartTLS. Default is OpportunisticStartTLS. + enum: + - OpportunisticStartTLS + - MandatoryStartTLS + - NoStartTLS + type: string + username: + description: Username for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + required: + - from_address + - host + - port + type: object + static_ips: + description: Use static public IP addresses + type: boolean + unified_alerting_enabled: + description: + Enable or disable Grafana unified alerting functionality. + By default this is enabled and any legacy alerts will be migrated + on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled + to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ + for more details. + type: boolean + user_auto_assign_org: + description: + Auto-assign new users on signup to main organization. + Defaults to false + type: boolean + user_auto_assign_org_role: + description: Set role for new signups. Defaults to Viewer + enum: + - Viewer + - Admin + - Editor + type: string + viewers_can_edit: + description: + Users with view-only permission can edit but not + save dashboards + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - from_address: - description: Address used for sending emails - maxLength: 319 - pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ - type: string - from_name: - description: Name used in outgoing emails, defaults to Grafana - maxLength: 128 - pattern: ^[^\x00-\x1F]+$ - type: string - host: - description: Server hostname or IP - maxLength: 255 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - password: - description: Password for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - port: - description: SMTP server port - maximum: 65535 - minimum: 1 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - skip_verify: - description: Skip verifying server certificate. Defaults to - false - type: boolean - starttls_policy: - description: Either OpportunisticStartTLS, MandatoryStartTLS - or NoStartTLS. Default is OpportunisticStartTLS. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - OpportunisticStartTLS - - MandatoryStartTLS - - NoStartTLS + - "True" + - "False" + - Unknown type: string - username: - description: Username for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - from_address - - host - - port + - lastTransitionTime + - message + - reason + - status + - type type: object - static_ips: - description: Use static public IP addresses - type: boolean - unified_alerting_enabled: - description: Enable or disable Grafana unified alerting functionality. - By default this is enabled and any legacy alerts will be migrated - on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled - to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ - for more details. - type: boolean - user_auto_assign_org: - description: Auto-assign new users on signup to main organization. - Defaults to false - type: boolean - user_auto_assign_org_role: - description: Set role for new signups. Defaults to Viewer - enum: - - Viewer - - Admin - - Editor - type: string - viewers_can_edit: - description: Users with view-only permission can edit but not - save dashboards - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaacls.yaml b/config/crd/bases/aiven.io_kafkaacls.yaml index 30e2e2b5..6f031472 100644 --- a/config/crd/bases/aiven.io_kafkaacls.yaml +++ b/config/crd/bases/aiven.io_kafkaacls.yaml @@ -15,167 +15,176 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaACL state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaACL state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaconnectors.yaml b/config/crd/bases/aiven.io_kafkaconnectors.yaml index d7b5b41f..320141aa 100644 --- a/config/crd/bases/aiven.io_kafkaconnectors.yaml +++ b/config/crd/bases/aiven.io_kafkaconnectors.yaml @@ -15,212 +15,223 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 type: string - description: The connector specific configuration To build config - values from secret the template function `{{ fromSecret "name" "key" - }}` is provided when interpreting the keys - type: object - required: - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: Conditions represent the latest available observations - of an kafka connector state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: + The connector specific configuration To build config + values from secret the template function `{{ fromSecret "name" "key" + }}` is provided when interpreting the keys + type: object + required: + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: + Conditions represent the latest available observations + of an kafka connector state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + pluginStatus: + description: + PluginStatus contains metadata about the configured connector + plugin properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + author: type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + class: type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + docUrl: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + title: type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + version: type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - author + - class + - docUrl + - title + - type + - version type: object - type: array - pluginStatus: - description: PluginStatus contains metadata about the configured connector - plugin - properties: - author: - type: string - class: - type: string - docUrl: - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer - required: - - total - type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaconnects.yaml b/config/crd/bases/aiven.io_kafkaconnects.yaml index 2abf81ff..8ff70dac 100644 --- a/config/crd/bases/aiven.io_kafkaconnects.yaml +++ b/config/crd/bases/aiven.io_kafkaconnects.yaml @@ -15,426 +15,468 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: KafkaConnect specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: KafkaConnect specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: description: - description: Description for IP filter list entry - maxLength: 1024 + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka_connect: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest type: string - network: - description: CIDR address block - maxLength: 43 + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed type: string - required: - - network + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + prometheus: + description: Enable prometheus + type: boolean type: object - maxItems: 1024 - type: array - kafka_connect: - description: Kafka Connect configuration values + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkas.yaml b/config/crd/bases/aiven.io_kafkas.yaml index d359f376..ea73fcba 100644 --- a/config/crd/bases/aiven.io_kafkas.yaml +++ b/config/crd/bases/aiven.io_kafkas.yaml @@ -15,966 +15,1069 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, - `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, - `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, - `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`' - properties: - annotations: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, + `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, + `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: + Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - aiven_kafka_topic_messages: - description: Allow access to read Kafka topic messages in the - Aiven Console and REST API. - type: boolean - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka: - description: Kafka broker configuration values + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - auto_create_topics_enable: - description: Enable auto creation of topics - type: boolean - compression_type: - description: Specify the final compression type for a given - topic. This configuration accepts the standard compression - codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally - accepts 'uncompressed' which is equivalent to no compression; - and 'producer' which means retain the original compression - codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: 'Idle connections timeout: the server socket - processor threads close the connections that idle for longer - than this.' - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: Replication factor for autocreated topics - maximum: 10 - minimum: 1 - type: integer - group_initial_rebalance_delay_ms: - description: The amount of time, in milliseconds, the group - coordinator will wait for more consumers to join a new group - before performing the first rebalance. A longer delay means - potentially fewer rebalances, but increases the time until - processing begins. The default value for this is 3 seconds. - During development and testing it might be desirable to - set this to 0 in order to not delay test execution time. - maximum: 300000 - minimum: 0 - type: integer - group_max_session_timeout_ms: - description: The maximum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: The minimum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: How long are delete records retained? - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: The maximum amount of time message will remain - uncompacted. Only applicable for logs that are being compacted - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: Controls log compactor frequency. Larger value - means more frequent compactions but also more space wasted - for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - maximum: 0.9 - minimum: 0.2 - type: number - log_cleaner_min_compaction_lag_ms: - description: The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. - minimum: 0 - type: integer - log_cleanup_policy: - description: The default cleanup policy for segments beyond - the retention window + integrationType: enum: - - delete - - compact - - compact,delete - type: string - log_flush_interval_messages: - description: The number of messages accumulated on a log partition - before messages are flushed to disk - minimum: 1 - type: integer - log_flush_interval_ms: - description: The maximum time in ms that a message in any - topic is kept in memory before flushed to disk. If not set, - the value in log.flush.scheduler.interval.ms is used - minimum: 0 - type: integer - log_index_interval_bytes: - description: The interval with which Kafka adds an entry to - the offset index - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: The maximum size in bytes of the offset index - maximum: 104857600 - minimum: 1048576 - type: integer - log_local_retention_bytes: - description: The maximum size of local log segments that can - grow for a partition before it gets eligible for deletion. - If set to -2, the value of log.retention.bytes is used. - The effective value should always be less than or equal - to log.retention.bytes value. - minimum: -2 - type: integer - log_local_retention_ms: - description: The number of milliseconds to keep the local - log segments before it gets eligible for deletion. If set - to -2, the value of log.retention.ms is used. The effective - value should always be less than or equal to log.retention.ms - value. - minimum: -2 - type: integer - log_message_downconversion_enable: - description: This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message - minimum: 0 - type: integer - log_message_timestamp_type: - description: Define whether the timestamp in the message is - message create time or log append time. - enum: - - CreateTime - - LogAppendTime - type: string - log_preallocate: - description: Should pre allocate file when create new segment? - type: boolean - log_retention_bytes: - description: The maximum size of the log before deleting messages - minimum: -1 - type: integer - log_retention_hours: - description: The number of hours to keep a log file before - deleting it - maximum: 2147483647 - minimum: -1 - type: integer - log_retention_ms: - description: The number of milliseconds to keep a log file - before deleting it (in milliseconds), If not set, the value - in log.retention.minutes is used. If set to -1, no time - limit is applied. - minimum: -1 - type: integer - log_roll_jitter_ms: - description: The maximum jitter to subtract from logRollTimeMillis - (in milliseconds). If not set, the value in log.roll.jitter.hours - is used - minimum: 0 - type: integer - log_roll_ms: - description: The maximum time before a new log segment is - rolled out (in milliseconds). - minimum: 1 - type: integer - log_segment_bytes: - description: The maximum size of a single log file - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: The amount of time to wait before deleting a - file from the filesystem - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: The maximum number of connections allowed from - each ip address (defaults to 2147483647). - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: The maximum number of incremental fetch sessions - that the broker will maintain. - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: The maximum size of message that the server can - receive. - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: When a producer sets acks to 'all' (or '-1'), - min.insync.replicas specifies the minimum number of replicas - that must acknowledge a write for the write to be considered - successful. - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: Number of partitions for autocreated topics - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: Log retention window in minutes for offsets topic - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: The purge interval (in number of requests) of - the producer request purgatory(defaults to 1000). - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: The number of bytes of messages to attempt to - fetch for each partition (defaults to 1048576). This is - not an absolute maximum, if the first record batch in the - first non-empty partition of the fetch is larger than this - value, the record batch will still be returned to ensure - that progress can be made. - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: Maximum bytes expected for the entire fetch response - (defaults to 10485760). Records are fetched in batches, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that progress can be made. - As such, this is not an absolute maximum. - maximum: 1048576000 - minimum: 10485760 - type: integer - sasl_oauthbearer_expected_audience: - description: The (optional) comma-delimited setting for the - broker to use to verify that the JWT was issued for one - of the expected audiences. - maxLength: 128 - type: string - sasl_oauthbearer_expected_issuer: - description: Optional setting for the broker to use to verify - that the JWT was created by the expected issuer. - maxLength: 128 - type: string - sasl_oauthbearer_jwks_endpoint_url: - description: OIDC JWKS endpoint URL. By setting this the SASL - SSL OAuth2/OIDC authentication is enabled. See also other - options for SASL OAuth2/OIDC. - maxLength: 2048 + - read_replica type: string - sasl_oauthbearer_sub_claim_name: - description: Name of the scope from which to extract the subject - claim from the JWT. Defaults to sub. - maxLength: 128 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string - socket_request_max_bytes: - description: The maximum number of bytes in a socket request - (defaults to 104857600). - maximum: 209715200 - minimum: 10485760 - type: integer - transaction_partition_verification_enable: - description: Enable verification that checks that the partition - has been added to the transaction before writing transactional - records to the partition - type: boolean - transaction_remove_expired_transaction_cleanup_interval_ms: - description: The interval at which to remove transactions - that have expired due to transactional.id.expiration.ms - passing (defaults to 3600000 (1 hour)). - maximum: 3600000 - minimum: 600000 - type: integer - transaction_state_log_segment_bytes: - description: The transaction topic segment bytes should be - kept relatively small in order to facilitate faster log - compaction and cache loads (defaults to 104857600 (100 mebibytes)). - maximum: 2147483647 - minimum: 1048576 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean + required: + - integrationType + - sourceServiceName type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_config: - description: Kafka Connect configuration values - properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + maxItems: 1 + type: array + aiven_kafka_topic_messages: + description: + Allow access to read Kafka topic messages in the + Aiven Console and REST API. + type: boolean + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka: + description: Kafka broker configuration values + properties: + auto_create_topics_enable: + description: Enable auto creation of topics + type: boolean + compression_type: + description: + Specify the final compression type for a given + topic. This configuration accepts the standard compression + codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally + accepts 'uncompressed' which is equivalent to no compression; + and 'producer' which means retain the original compression + codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer + type: string + connections_max_idle_ms: + description: + "Idle connections timeout: the server socket + processor threads close the connections that idle for longer + than this." + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: Replication factor for autocreated topics + maximum: 10 + minimum: 1 + type: integer + group_initial_rebalance_delay_ms: + description: + The amount of time, in milliseconds, the group + coordinator will wait for more consumers to join a new group + before performing the first rebalance. A longer delay means + potentially fewer rebalances, but increases the time until + processing begins. The default value for this is 3 seconds. + During development and testing it might be desirable to + set this to 0 in order to not delay test execution time. + maximum: 300000 + minimum: 0 + type: integer + group_max_session_timeout_ms: + description: + The maximum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: + The minimum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: How long are delete records retained? + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: + The maximum amount of time message will remain + uncompacted. Only applicable for logs that are being compacted + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: + Controls log compactor frequency. Larger value + means more frequent compactions but also more space wasted + for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + maximum: 0.9 + minimum: 0.2 + type: number + log_cleaner_min_compaction_lag_ms: + description: + The minimum time a message will remain uncompacted + in the log. Only applicable for logs that are being compacted. + minimum: 0 + type: integer + log_cleanup_policy: + description: + The default cleanup policy for segments beyond + the retention window + enum: + - delete + - compact + - compact,delete + type: string + log_flush_interval_messages: + description: + The number of messages accumulated on a log partition + before messages are flushed to disk + minimum: 1 + type: integer + log_flush_interval_ms: + description: + The maximum time in ms that a message in any + topic is kept in memory before flushed to disk. If not set, + the value in log.flush.scheduler.interval.ms is used + minimum: 0 + type: integer + log_index_interval_bytes: + description: + The interval with which Kafka adds an entry to + the offset index + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: The maximum size in bytes of the offset index + maximum: 104857600 + minimum: 1048576 + type: integer + log_local_retention_bytes: + description: + The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: + The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer + log_message_downconversion_enable: + description: + This configuration controls whether down-conversion + of message formats is enabled to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: + The maximum difference allowed between the timestamp + when a broker receives a message and the timestamp specified + in the message + minimum: 0 + type: integer + log_message_timestamp_type: + description: + Define whether the timestamp in the message is + message create time or log append time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: Should pre allocate file when create new segment? + type: boolean + log_retention_bytes: + description: The maximum size of the log before deleting messages + minimum: -1 + type: integer + log_retention_hours: + description: + The number of hours to keep a log file before + deleting it + maximum: 2147483647 + minimum: -1 + type: integer + log_retention_ms: + description: + The number of milliseconds to keep a log file + before deleting it (in milliseconds), If not set, the value + in log.retention.minutes is used. If set to -1, no time + limit is applied. + minimum: -1 + type: integer + log_roll_jitter_ms: + description: + The maximum jitter to subtract from logRollTimeMillis + (in milliseconds). If not set, the value in log.roll.jitter.hours + is used + minimum: 0 + type: integer + log_roll_ms: + description: + The maximum time before a new log segment is + rolled out (in milliseconds). + minimum: 1 + type: integer + log_segment_bytes: + description: The maximum size of a single log file + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: + The amount of time to wait before deleting a + file from the filesystem + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: + The maximum number of connections allowed from + each ip address (defaults to 2147483647). + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: + The maximum number of incremental fetch sessions + that the broker will maintain. + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: + The maximum size of message that the server can + receive. + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: + When a producer sets acks to 'all' (or '-1'), + min.insync.replicas specifies the minimum number of replicas + that must acknowledge a write for the write to be considered + successful. + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: Number of partitions for autocreated topics + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: Log retention window in minutes for offsets topic + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: + The purge interval (in number of requests) of + the producer request purgatory(defaults to 1000). + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: + The number of bytes of messages to attempt to + fetch for each partition (defaults to 1048576). This is + not an absolute maximum, if the first record batch in the + first non-empty partition of the fetch is larger than this + value, the record batch will still be returned to ensure + that progress can be made. + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: + Maximum bytes expected for the entire fetch response + (defaults to 10485760). Records are fetched in batches, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that progress can be made. + As such, this is not an absolute maximum. + maximum: 1048576000 + minimum: 10485760 + type: integer + sasl_oauthbearer_expected_audience: + description: + The (optional) comma-delimited setting for the + broker to use to verify that the JWT was issued for one + of the expected audiences. + maxLength: 128 + type: string + sasl_oauthbearer_expected_issuer: + description: + Optional setting for the broker to use to verify + that the JWT was created by the expected issuer. + maxLength: 128 + type: string + sasl_oauthbearer_jwks_endpoint_url: + description: + OIDC JWKS endpoint URL. By setting this the SASL + SSL OAuth2/OIDC authentication is enabled. See also other + options for SASL OAuth2/OIDC. + maxLength: 2048 + type: string + sasl_oauthbearer_sub_claim_name: + description: + Name of the scope from which to extract the subject + claim from the JWT. Defaults to sub. + maxLength: 128 + type: string + socket_request_max_bytes: + description: + The maximum number of bytes in a socket request + (defaults to 104857600). + maximum: 209715200 + minimum: 10485760 + type: integer + transaction_partition_verification_enable: + description: + Enable verification that checks that the partition + has been added to the transaction before writing transactional + records to the partition + type: boolean + transaction_remove_expired_transaction_cleanup_interval_ms: + description: + The interval at which to remove transactions + that have expired due to transactional.id.expiration.ms + passing (defaults to 3600000 (1 hour)). + maximum: 3600000 + minimum: 600000 + type: integer + transaction_state_log_segment_bytes: + description: + The transaction topic segment bytes should be + kept relatively small in order to facilitate faster log + compaction and cache loads (defaults to 104857600 (100 mebibytes)). + maximum: 2147483647 + minimum: 1048576 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed + type: string + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_authorization: + description: Enable authorization in Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: + If true the consumer's offset will be periodically + committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: + Maximum number of bytes in unencoded message + keys and values by a single request + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: + The maximum total time to wait for messages for + a request if the maximum number of messages has not yet + been reached + enum: + - 1000 + - 15000 + - 30000 + maximum: 30000 + minimum: 1000 + type: integer + name_strategy_validation: + description: + If true, validate that given schema is registered + under expected subject name by the used name strategy when + producing messages. + type: boolean + producer_acks: + description: + The number of acknowledgments the producer requires + the leader to have received before considering a request + complete. If set to 'all' or '-1', the leader will wait + for the full set of in-sync replicas to acknowledge the + record. + enum: + - all + - "-1" + - "0" + - "1" + type: string + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + Wait for up to the given delay to allow batching + records together + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + The maximum size of a request in bytes. Note + that Kafka broker can also cap the record batch size. + maximum: 2147483647 + minimum: 0 + type: integer + simpleconsumer_pool_size_max: + description: + Maximum number of SimpleConsumers that can be + instantiated per broker + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + enum: + - "3.3" + - "3.1" + - "3.4" + - "3.5" + - "3.6" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka: + description: + Allow clients to connect to kafka with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka: + description: Enable kafka + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + kafka_rest: + description: Enable kafka_rest + type: boolean + prometheus: + description: Enable prometheus + type: boolean + schema_registry: + description: Enable schema_registry + type: boolean + type: object + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka: + description: + Allow clients to connect to kafka from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: + If true, Karapace / Schema Registry on the service + nodes can participate in leader election. It might be needed + to disable this when the schemas topic is replicated to + a secondary cluster and Karapace / Schema Registry there + must not participate in leader election. Defaults to `true`. + type: boolean + topic_name: + description: + The durable single partition topic that acts + as the durable log for the data. This topic must be compacted + to avoid losing data due to retention policy. Please note + that changing this configuration in an existing Schema Registry + / Karapace setup leads to previous schemas being inaccessible, + data encoded with them potentially unreadable and schema + ID sequence put out of order. It's only possible to do the + switch while Schema Registry / Karapace is disabled. Defaults + to `_schemas`. + maxLength: 249 + minLength: 1 + type: string + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + tiered_storage: + description: Tiered storage configuration + properties: + enabled: + description: Whether to enable the tiered storage functionality + type: boolean + local_cache: + description: Deprecated. Local cache configuration + properties: + size: + description: Deprecated. Local cache size in bytes + maximum: 107374182400 + minimum: 1 + type: integer + type: object + type: object + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_authorization: - description: Enable authorization in Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration - properties: - consumer_enable_auto_commit: - description: If true the consumer's offset will be periodically - committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: Maximum number of bytes in unencoded message - keys and values by a single request - maximum: 671088640 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - consumer_request_timeout_ms: - description: The maximum total time to wait for messages for - a request if the maximum number of messages has not yet - been reached - enum: - - 1000 - - 15000 - - 30000 - maximum: 30000 - minimum: 1000 - type: integer - name_strategy_validation: - description: If true, validate that given schema is registered - under expected subject name by the used name strategy when - producing messages. - type: boolean - producer_acks: - description: The number of acknowledgments the producer requires - the leader to have received before considering a request - complete. If set to 'all' or '-1', the leader will wait - for the full set of in-sync replicas to acknowledge the - record. - enum: - - all - - "-1" - - "0" - - "1" + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: Wait for up to the given delay to allow batching - records together - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum size of a request in bytes. Note - that Kafka broker can also cap the record batch size. - maximum: 2147483647 - minimum: 0 - type: integer - simpleconsumer_pool_size_max: - description: Maximum number of SimpleConsumers that can be - instantiated per broker - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - enum: - - "3.3" - - "3.1" - - "3.4" - - "3.5" - - "3.6" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka: - description: Allow clients to connect to kafka with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka: - description: Enable kafka - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - kafka_rest: - description: Enable kafka_rest - type: boolean - prometheus: - description: Enable prometheus - type: boolean - schema_registry: - description: Enable schema_registry - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka: - description: Allow clients to connect to kafka from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: If true, Karapace / Schema Registry on the service - nodes can participate in leader election. It might be needed - to disable this when the schemas topic is replicated to - a secondary cluster and Karapace / Schema Registry there - must not participate in leader election. Defaults to `true`. - type: boolean - topic_name: - description: The durable single partition topic that acts - as the durable log for the data. This topic must be compacted - to avoid losing data due to retention policy. Please note - that changing this configuration in an existing Schema Registry - / Karapace setup leads to previous schemas being inaccessible, - data encoded with them potentially unreadable and schema - ID sequence put out of order. It's only possible to do the - switch while Schema Registry / Karapace is disabled. Defaults - to `_schemas`. - maxLength: 249 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - tiered_storage: - description: Tiered storage configuration - properties: - enabled: - description: Whether to enable the tiered storage functionality - type: boolean - local_cache: - description: Deprecated. Local cache configuration - properties: - size: - description: Deprecated. Local cache size in bytes - maximum: 107374182400 - minimum: 1 - type: integer - type: object - type: object - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaschemas.yaml b/config/crd/bases/aiven.io_kafkaschemas.yaml index e96a87bc..ffb7aa2e 100644 --- a/config/crd/bases/aiven.io_kafkaschemas.yaml +++ b/config/crd/bases/aiven.io_kafkaschemas.yaml @@ -15,171 +15,181 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaSchema state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: + Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaSchema state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkatopics.yaml b/config/crd/bases/aiven.io_kafkatopics.yaml index b48be5eb..dbddcef8 100644 --- a/config/crd/bases/aiven.io_kafkatopics.yaml +++ b/config/crd/bases/aiven.io_kafkatopics.yaml @@ -15,280 +15,291 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - config: - description: Kafka topic configuration - properties: - cleanup_policy: - description: cleanup.policy value - type: string - compression_type: - description: compression.type value - type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value - format: int64 - type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value - type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value - type: string - min_cleanable_dirty_ratio: - description: min.cleanable.dirty.ratio value - type: number - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer - type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 minLength: 1 type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 + name: + minLength: 1 type: string required: - - key + - key + - name type: object - type: array - termination_protection: - description: It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - topicName: - description: Topic name. If provided, is used instead of metadata.name. - This field supports additional characters, has a longer length, - and will replace metadata.name in future releases - maxLength: 249 - minLength: 1 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaTopic state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + config: + description: Kafka topic configuration properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + cleanup_policy: + description: cleanup.policy value type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + compression_type: + description: compression.type value type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + delete_retention_ms: + description: delete.retention.ms value format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + min_cleanable_dirty_ratio: + description: min.cleanable.dirty.ratio value + type: number + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: + properties: + key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 + minLength: 1 + type: string + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 + type: string + required: + - key + type: object + type: array + termination_protection: + description: + It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + topicName: + description: + Topic name. If provided, is used instead of metadata.name. + This field supports additional characters, has a longer length, + and will replace metadata.name in future releases + maxLength: 249 + minLength: 1 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaTopic state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_mysqls.yaml b/config/crd/bases/aiven.io_mysqls.yaml index 635c30b8..d9232633 100644 --- a/config/crd/bases/aiven.io_mysqls.yaml +++ b/config/crd/bases/aiven.io_mysqls.yaml @@ -15,658 +15,735 @@ spec: singular: mysql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MySQL is the Schema for the mysqls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MySQLSpec defines the desired state of MySQL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, - `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MySQL is the Schema for the mysqls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: MySQLSpec defines the desired state of MySQL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: MySQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - binlog_retention_period: - description: The minimum amount of time in seconds to keep binlog - entries before deletion. This may be extended for services that - require binlog entries for longer than the default for example - if using the MySQL Debezium Kafka connector. - maximum: 86400 - minimum: 600 - type: integer - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 + - read_replica type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port - type: object - mysql: - description: mysql.conf configuration values - properties: - connect_timeout: - description: The number of seconds that the mysqld server - waits for a connect packet before responding with Bad handshake - maximum: 3600 - minimum: 2 - type: integer - default_time_zone: - description: Default server time zone as an offset from UTC - (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to - use the MySQL server default. - maxLength: 100 - minLength: 2 - type: string - group_concat_max_len: - description: The maximum permitted result length in bytes - for the GROUP_CONCAT() function. - minimum: 4 - type: integer - information_schema_stats_expiry: - description: The time, in seconds, before cached statistics - expire - maximum: 31536000 - minimum: 900 - type: integer - innodb_change_buffer_max_size: - description: Maximum size for the InnoDB change buffer, as - a percentage of the total size of the buffer pool. Default - is 25 - maximum: 50 - minimum: 0 - type: integer - innodb_flush_neighbors: - description: 'Specifies whether flushing a page from the InnoDB - buffer pool also flushes other dirty pages in the same extent - (default is 1): 0 - dirty pages in the same extent are not - flushed, 1 - flush contiguous dirty pages in the same extent, 2 - - flush dirty pages in the same extent' - maximum: 2 - minimum: 0 - type: integer - innodb_ft_min_token_size: - description: Minimum length of words that are stored in an - InnoDB FULLTEXT index. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 16 - minimum: 0 - type: integer - innodb_ft_server_stopword_table: - description: This option is used to specify your own InnoDB - FULLTEXT index stopword list for all InnoDB tables. - maxLength: 1024 - pattern: ^.+/.+$ - type: string - innodb_lock_wait_timeout: - description: The length of time in seconds an InnoDB transaction - waits for a row lock before giving up. Default is 120. - maximum: 3600 - minimum: 1 - type: integer - innodb_log_buffer_size: - description: The size in bytes of the buffer that InnoDB uses - to write to the log files on disk. - maximum: 4294967295 - minimum: 1048576 - type: integer - innodb_online_alter_log_max_size: - description: The upper limit in bytes on the size of the temporary - log files used during online DDL operations for InnoDB tables. - maximum: 1099511627776 - minimum: 65536 - type: integer - innodb_print_all_deadlocks: - description: When enabled, information about all deadlocks - in InnoDB user transactions is recorded in the error log. - Disabled by default. - type: boolean - innodb_read_io_threads: - description: The number of I/O threads for read operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - innodb_rollback_on_timeout: - description: When enabled a transaction timeout causes InnoDB - to abort and roll back the entire transaction. Changing - this parameter will lead to a restart of the MySQL service. - type: boolean - innodb_thread_concurrency: - description: Defines the maximum number of threads permitted - inside of InnoDB. Default is 0 (infinite concurrency - no - limit) - maximum: 1000 - minimum: 0 - type: integer - innodb_write_io_threads: - description: The number of I/O threads for write operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - interactive_timeout: - description: The number of seconds the server waits for activity - on an interactive connection before closing it. - maximum: 604800 - minimum: 30 - type: integer - internal_tmp_mem_storage_engine: - description: The storage engine for in-memory internal temporary - tables. - enum: - - TempTable - - MEMORY - type: string - long_query_time: - description: The slow_query_logs work as SQL statements that - take more than long_query_time seconds to execute. Default - is 10s - maximum: 3600 - minimum: 0 - type: number - max_allowed_packet: - description: Size of the largest message in bytes that can - be received by the server. Default is 67108864 (64M) - maximum: 1073741824 - minimum: 102400 - type: integer - max_heap_table_size: - description: Limits the size of internal in-memory tables. - Also set tmp_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - net_buffer_length: - description: Start sizes of connection buffer and result buffer. - Default is 16384 (16K). Changing this parameter will lead - to a restart of the MySQL service. - maximum: 1048576 - minimum: 1024 - type: integer - net_read_timeout: - description: The number of seconds to wait for more data from - a connection before aborting the read. - maximum: 3600 - minimum: 1 - type: integer - net_write_timeout: - description: The number of seconds to wait for a block to - be written to a connection before aborting the write. - maximum: 3600 - minimum: 1 - type: integer - slow_query_log: - description: Slow query log enables capturing of slow queries. - Setting slow_query_log to false also truncates the mysql.slow_log - table. Default is off - type: boolean - sort_buffer_size: - description: Sort buffer size in bytes for ORDER BY optimization. - Default is 262144 (256K) - maximum: 1073741824 - minimum: 32768 - type: integer - sql_mode: - description: Global SQL mode. Set to empty to use MySQL server - defaults. When creating a new service and not setting this - field Aiven default SQL mode (strict, SQL standard compliant) - will be assigned. - maxLength: 1024 - pattern: ^[A-Z_]*(,[A-Z_]+)*$ - type: string - sql_require_primary_key: - description: Require primary key to be defined for new tables - or old tables modified with ALTER TABLE and fail if missing. - It is recommended to always have primary keys because various - functionality may break if any large table is missing them. - type: boolean - tmp_table_size: - description: Limits the size of internal in-memory tables. - Also set max_heap_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - wait_timeout: - description: The number of seconds the server waits for activity - on a noninteractive connection before closing it. - maximum: 2147483 - minimum: 1 - type: integer + - integrationType + - sourceServiceName type: object - mysql_version: - description: MySQL major version - enum: - - "8" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - mysql: - description: Allow clients to connect to mysql with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - mysql: - description: Enable mysql - type: boolean - mysqlx: - description: Enable mysqlx - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - mysql: - description: Allow clients to connect to mysql from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: MySQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + binlog_retention_period: + description: + The minimum amount of time in seconds to keep binlog + entries before deletion. This may be extended for services that + require binlog entries for longer than the default for example + if using the MySQL Debezium Kafka connector. + maximum: 86400 + minimum: 600 + type: integer + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + mysql: + description: mysql.conf configuration values + properties: + connect_timeout: + description: + The number of seconds that the mysqld server + waits for a connect packet before responding with Bad handshake + maximum: 3600 + minimum: 2 + type: integer + default_time_zone: + description: + Default server time zone as an offset from UTC + (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to + use the MySQL server default. + maxLength: 100 + minLength: 2 + type: string + group_concat_max_len: + description: + The maximum permitted result length in bytes + for the GROUP_CONCAT() function. + minimum: 4 + type: integer + information_schema_stats_expiry: + description: + The time, in seconds, before cached statistics + expire + maximum: 31536000 + minimum: 900 + type: integer + innodb_change_buffer_max_size: + description: + Maximum size for the InnoDB change buffer, as + a percentage of the total size of the buffer pool. Default + is 25 + maximum: 50 + minimum: 0 + type: integer + innodb_flush_neighbors: + description: + "Specifies whether flushing a page from the InnoDB + buffer pool also flushes other dirty pages in the same extent + (default is 1): 0 - dirty pages in the same extent are not + flushed, 1 - flush contiguous dirty pages in the same extent, 2 + - flush dirty pages in the same extent" + maximum: 2 + minimum: 0 + type: integer + innodb_ft_min_token_size: + description: + Minimum length of words that are stored in an + InnoDB FULLTEXT index. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 16 + minimum: 0 + type: integer + innodb_ft_server_stopword_table: + description: + This option is used to specify your own InnoDB + FULLTEXT index stopword list for all InnoDB tables. + maxLength: 1024 + pattern: ^.+/.+$ + type: string + innodb_lock_wait_timeout: + description: + The length of time in seconds an InnoDB transaction + waits for a row lock before giving up. Default is 120. + maximum: 3600 + minimum: 1 + type: integer + innodb_log_buffer_size: + description: + The size in bytes of the buffer that InnoDB uses + to write to the log files on disk. + maximum: 4294967295 + minimum: 1048576 + type: integer + innodb_online_alter_log_max_size: + description: + The upper limit in bytes on the size of the temporary + log files used during online DDL operations for InnoDB tables. + maximum: 1099511627776 + minimum: 65536 + type: integer + innodb_print_all_deadlocks: + description: + When enabled, information about all deadlocks + in InnoDB user transactions is recorded in the error log. + Disabled by default. + type: boolean + innodb_read_io_threads: + description: + The number of I/O threads for read operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + innodb_rollback_on_timeout: + description: + When enabled a transaction timeout causes InnoDB + to abort and roll back the entire transaction. Changing + this parameter will lead to a restart of the MySQL service. + type: boolean + innodb_thread_concurrency: + description: + Defines the maximum number of threads permitted + inside of InnoDB. Default is 0 (infinite concurrency - no + limit) + maximum: 1000 + minimum: 0 + type: integer + innodb_write_io_threads: + description: + The number of I/O threads for write operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + interactive_timeout: + description: + The number of seconds the server waits for activity + on an interactive connection before closing it. + maximum: 604800 + minimum: 30 + type: integer + internal_tmp_mem_storage_engine: + description: + The storage engine for in-memory internal temporary + tables. + enum: + - TempTable + - MEMORY + type: string + long_query_time: + description: + The slow_query_logs work as SQL statements that + take more than long_query_time seconds to execute. Default + is 10s + maximum: 3600 + minimum: 0 + type: number + max_allowed_packet: + description: + Size of the largest message in bytes that can + be received by the server. Default is 67108864 (64M) + maximum: 1073741824 + minimum: 102400 + type: integer + max_heap_table_size: + description: + Limits the size of internal in-memory tables. + Also set tmp_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + net_buffer_length: + description: + Start sizes of connection buffer and result buffer. + Default is 16384 (16K). Changing this parameter will lead + to a restart of the MySQL service. + maximum: 1048576 + minimum: 1024 + type: integer + net_read_timeout: + description: + The number of seconds to wait for more data from + a connection before aborting the read. + maximum: 3600 + minimum: 1 + type: integer + net_write_timeout: + description: + The number of seconds to wait for a block to + be written to a connection before aborting the write. + maximum: 3600 + minimum: 1 + type: integer + slow_query_log: + description: + Slow query log enables capturing of slow queries. + Setting slow_query_log to false also truncates the mysql.slow_log + table. Default is off + type: boolean + sort_buffer_size: + description: + Sort buffer size in bytes for ORDER BY optimization. + Default is 262144 (256K) + maximum: 1073741824 + minimum: 32768 + type: integer + sql_mode: + description: + Global SQL mode. Set to empty to use MySQL server + defaults. When creating a new service and not setting this + field Aiven default SQL mode (strict, SQL standard compliant) + will be assigned. + maxLength: 1024 + pattern: ^[A-Z_]*(,[A-Z_]+)*$ + type: string + sql_require_primary_key: + description: + Require primary key to be defined for new tables + or old tables modified with ALTER TABLE and fail if missing. + It is recommended to always have primary keys because various + functionality may break if any large table is missing them. + type: boolean + tmp_table_size: + description: + Limits the size of internal in-memory tables. + Also set max_heap_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + wait_timeout: + description: + The number of seconds the server waits for activity + on a noninteractive connection before closing it. + maximum: 2147483 + minimum: 1 + type: integer + type: object + mysql_version: + description: MySQL major version enum: - - "True" - - "False" - - Unknown + - "8" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + private_access: + description: + Allow access to selected service ports from private + networks + properties: + mysql: + description: + Allow clients to connect to mysql with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + mysql: + description: Enable mysql + type: boolean + mysqlx: + description: Enable mysqlx + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + mysql: + description: + Allow clients to connect to mysql from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_opensearches.yaml b/config/crd/bases/aiven.io_opensearches.yaml index 7fa9b0ac..8a403e83 100644 --- a/config/crd/bases/aiven.io_opensearches.yaml +++ b/config/crd/bases/aiven.io_opensearches.yaml @@ -15,946 +15,1048 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 type: string - maxItems: 1 - type: array - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - disable_replication_factor_adjustment: - description: 'DEPRECATED: Disable automatic replication factor - adjustment for multi-node services. By default, Aiven ensures - all indexes are replicated at least to two nodes. Note: Due - to potential data loss in case of losing a service node, this - setting can no longer be activated.' - type: boolean - index_patterns: - description: Index patterns - items: - description: 'Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to - keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a - pattern looking like ''logs.?'' and then create index logs.1, - logs.2 etc, it will delete logs.1 once you create logs.6. - Do note ''logs.?'' does not apply to logs.10. Note: Setting - max_index_count to 0 will do nothing and the pattern gets - ignored.' + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: + "DEPRECATED: Disable automatic replication factor + adjustment for multi-node services. By default, Aiven ensures + all indexes are replicated at least to two nodes. Note: Due + to potential data loss in case of losing a service node, this + setting can no longer be activated." + type: boolean + index_patterns: + description: Index patterns + items: + description: + "Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to + keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a + pattern looking like 'logs.?' and then create index logs.1, + logs.2 etc, it will delete logs.1 once you create logs.6. + Do note 'logs.?' does not apply to logs.10. Note: Setting + max_index_count to 0 will do nothing and the pattern gets + ignored." + properties: + max_index_count: + description: Maximum number of indexes to keep + minimum: 0 + type: integer + pattern: + description: fnmatch pattern + maxLength: 1024 + pattern: ^[A-Za-z0-9-_.*?]+$ + type: string + sorting_algorithm: + description: Deletion sorting algorithm + enum: + - alphabetical + - creation_date + type: string + required: + - max_index_count + - pattern + type: object + maxItems: 512 + type: array + index_template: + description: Template settings for all new indexes properties: - max_index_count: - description: Maximum number of indexes to keep + mapping_nested_objects_limit: + description: + The maximum number of nested JSON objects that + a single document can contain across all nested types. This + limit helps to prevent out of memory errors when a document + contains too many nested objects. Default is 10000. + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: The number of replicas each primary shard has. + maximum: 29 minimum: 0 type: integer - pattern: - description: fnmatch pattern + number_of_shards: + description: + The number of primary shards that an index should + have. + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + keep_index_refresh_interval: + description: + Aiven automation resets index.refresh_interval to + default value for every index to be sure that indices are always + visible to search. If it doesn't fit your case, you can disable + this by setting up this flag to true. + type: boolean + max_index_count: + description: "DEPRECATED: use index_patterns instead" + minimum: 0 + type: integer + openid: + description: OpenSearch OpenID Connect Configuration + properties: + client_id: + description: + The ID of the OpenID Connect client configured + in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + client_secret: + description: + The client secret of the OpenID Connect client + configured in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + connect_url: + description: + The URL of your IdP where the Security plugin + can find the OpenID Connect metadata/configuration settings. + maxLength: 2048 + type: string + enabled: + description: + Enables or disables OpenID Connect authentication + for OpenSearch. When enabled, users can authenticate using + OpenID Connect with an Identity Provider. + type: boolean + header: + description: + HTTP header name of the JWT token. Optional. + Default is Authorization. + maxLength: 1024 + minLength: 1 + type: string + jwt_header: + description: + "The HTTP header that stores the token. Typically + the Authorization header with the Bearer schema: Authorization: + Bearer . Optional. Default is Authorization." + maxLength: 1024 + minLength: 1 + type: string + jwt_url_parameter: + description: + If the token is not transmitted in the HTTP header, + but as an URL parameter, define the name of the parameter + here. Optional. + maxLength: 1024 + minLength: 1 + type: string + refresh_rate_limit_count: + description: + The maximum number of unknown key IDs in the + time frame. Default is 10. Optional. + minimum: 10 + type: integer + refresh_rate_limit_time_window_ms: + description: + The time frame to use when checking the maximum + number of unknown key IDs, in milliseconds. Optional.Default + is 10000 (10 seconds). + minimum: 10000 + type: integer + roles_key: + description: + The key in the JSON payload that stores the user’s + roles. The value of this key must be a comma-separated list + of roles. Required only if you want to use roles in the + JWT + maxLength: 1024 + minLength: 1 + type: string + scope: + description: + The scope of the identity token issued by the + IdP. Optional. Default is openid profile email address phone. maxLength: 1024 - pattern: ^[A-Za-z0-9-_.*?]+$ + minLength: 1 type: string - sorting_algorithm: - description: Deletion sorting algorithm - enum: - - alphabetical - - creation_date + subject_key: + description: + The key in the JSON payload that stores the user’s + name. If not defined, the subject registered claim is used. + Most IdP providers use the preferred_username claim. Optional. + maxLength: 1024 + minLength: 1 type: string required: - - max_index_count - - pattern + - client_id + - client_secret + - connect_url + - enabled type: object - maxItems: 512 - type: array - index_template: - description: Template settings for all new indexes - properties: - mapping_nested_objects_limit: - description: The maximum number of nested JSON objects that - a single document can contain across all nested types. This - limit helps to prevent out of memory errors when a document - contains too many nested objects. Default is 10000. - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: The number of replicas each primary shard has. - maximum: 29 - minimum: 0 - type: integer - number_of_shards: - description: The number of primary shards that an index should - have. - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + opensearch: + description: OpenSearch settings properties: - description: - description: Description for IP filter list entry + action_auto_create_index_enabled: + description: + Explicitly allow or block automatic creation + of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + enum: + - internal + maxLength: 1024 + type: string + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + enum: + - username + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + enum: + - ip + maxLength: 1024 + type: string + type: object + type: object + cluster_max_shards_per_node: + description: + Controls the number of shards allowed in the + cluster per data node + maximum: 10000 + minimum: 100 + type: integer + cluster_routing_allocation_node_concurrent_recoveries: + description: + How many concurrent incoming/outgoing shard recoveries + (normally replicas) are allowed to happen on a node. Defaults + to 2. + maximum: 16 + minimum: 2 + type: integer + email_sender_name: + description: + Sender name placeholder to be used in Opensearch + Dashboards and Opensearch keystore + maxLength: 40 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + email_sender_password: + description: + Sender password for Opensearch alerts to authenticate + with SMTP server + maxLength: 1024 + pattern: ^[^\x00-\x1F]+$ + type: string + email_sender_username: + description: Sender username for Opensearch alerts + maxLength: 320 + pattern: ^[^\x00-\x1F]+$ + type: string + enable_security_audit: + description: Enable/Disable security audit + type: boolean + http_max_content_length: + description: + Maximum content length for HTTP requests to the + OpenSearch HTTP API, in bytes. + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: The max size of allowed headers, in bytes + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: The max length of an HTTP URL, in bytes + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: + Relative amount. Maximum amount of heap memory + used for field data cache. This is an expert setting; decreasing + the value too much will increase overhead of loading field + data; too much memory used for field data cache will decrease + amount of heap available for other operations. + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: + Percentage value. Default is 10%. Total amount + of heap used for indexing buffer, before writing segments + to disk. This is an expert setting. Too low value will slow + down indexing; too high value will increase indexing performance + but causes performance issues for query performance. + maximum: 40 + minimum: 3 + type: integer + indices_memory_max_index_buffer_size: + description: + Absolute value. Default is unbound. Doesn't work + without indices.memory.index_buffer_size. Maximum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + maximum hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_memory_min_index_buffer_size: + description: + Absolute value. Default is 48mb. Doesn't work + without indices.memory.index_buffer_size. Minimum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + minimal hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_queries_cache_size: + description: + Percentage value. Default is 10%. Maximum amount + of heap used for query cache. This is an expert setting. + Too low value will decrease query performance and increase + performance for other operations; too high value will cause + issues with other OpenSearch functionality. + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: + Maximum number of clauses Lucene BooleanQuery + can have. The default value (1024) is relatively high, and + increasing it may cause performance issues. Investigate + other approaches first before increasing this value. + maximum: 4096 + minimum: 64 + type: integer + indices_recovery_max_bytes_per_sec: + description: + Limits total inbound and outbound recovery traffic + for each node. Applies to both peer recoveries as well as + snapshot recoveries (i.e., restores from a snapshot). Defaults + to 40mb + maximum: 400 + minimum: 40 + type: integer + indices_recovery_max_concurrent_file_chunks: + description: + Number of file chunks sent in parallel for each + recovery. Defaults to 2. + maximum: 5 + minimum: 2 + type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: + Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: + The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: + The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: + The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer + override_main_response_version: + description: + Compatibility mode sets OpenSearch to report + its version as 7.10 so clients continue to work. Default + is false + type: boolean + reindex_remote_whitelist: + description: + Whitelisted addresses for reindexing. Changing + this value will cause all OpenSearch instances to restart. + items: + type: string + maxItems: 32 + type: array + script_max_compilations_rate: + description: + Script compilation circuit breaker limits the + number of inline script compilations within a period of + time. Default is use-context + maxLength: 1024 + type: string + search_max_buckets: + description: + Maximum number of aggregation buckets allowed + in a single response. OpenSearch default value is used when + this is not defined. + maximum: 1000000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: + "Limits the maximum amount of memory (in MiB) + the OpenSearch Dashboards process can use. This sets the + max_old_space_size option of the nodejs running the OpenSearch + Dashboards. Note: the memory reserved by OpenSearch Dashboards + is not available for OpenSearch." + maximum: 2048 + minimum: 64 + type: integer + opensearch_request_timeout: + description: + Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + enum: + - "1" + - "2" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + opensearch: + description: + Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: + Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + saml: + description: OpenSearch SAML configuration + properties: + enabled: + description: + Enables or disables SAML-based authentication + for OpenSearch. When enabled, users can authenticate using + SAML with an Identity Provider. + type: boolean + idp_entity_id: + description: + The unique identifier for the Identity Provider + (IdP) entity that is used for SAML authentication. This + value is typically provided by the IdP. maxLength: 1024 + minLength: 1 type: string - network: - description: CIDR address block - maxLength: 43 + idp_metadata_url: + description: + The URL of the SAML metadata for the Identity + Provider (IdP). This is used to configure SAML-based authentication + with the IdP. + maxLength: 2048 + minLength: 1 + type: string + idp_pemtrustedcas_content: + description: + This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string + roles_key: + description: + Optional. Specifies the attribute in the SAML + response where role information is stored, if available. + Role attributes are not required for SAML authentication, + but can be included in SAML assertions by most Identity + Providers (IdPs) to determine user access levels or permissions. + maxLength: 256 + minLength: 1 + type: string + sp_entity_id: + description: + The unique identifier for the Service Provider + (SP) entity that is used for SAML authentication. This value + is typically provided by the SP. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: + Optional. Specifies the attribute in the SAML + response where the subject identifier is stored. If not + configured, the NameID attribute is used by default. + maxLength: 256 + minLength: 1 type: string required: - - network + - enabled + - idp_entity_id + - idp_metadata_url + - sp_entity_id type: object - maxItems: 1024 - type: array - keep_index_refresh_interval: - description: Aiven automation resets index.refresh_interval to - default value for every index to be sure that indices are always - visible to search. If it doesn't fit your case, you can disable - this by setting up this flag to true. - type: boolean - max_index_count: - description: 'DEPRECATED: use index_patterns instead' - minimum: 0 - type: integer - openid: - description: OpenSearch OpenID Connect Configuration - properties: - client_id: - description: The ID of the OpenID Connect client configured - in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - client_secret: - description: The client secret of the OpenID Connect client - configured in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - connect_url: - description: The URL of your IdP where the Security plugin - can find the OpenID Connect metadata/configuration settings. - maxLength: 2048 - type: string - enabled: - description: Enables or disables OpenID Connect authentication - for OpenSearch. When enabled, users can authenticate using - OpenID Connect with an Identity Provider. - type: boolean - header: - description: HTTP header name of the JWT token. Optional. - Default is Authorization. - maxLength: 1024 - minLength: 1 - type: string - jwt_header: - description: 'The HTTP header that stores the token. Typically - the Authorization header with the Bearer schema: Authorization: - Bearer . Optional. Default is Authorization.' - maxLength: 1024 - minLength: 1 - type: string - jwt_url_parameter: - description: If the token is not transmitted in the HTTP header, - but as an URL parameter, define the name of the parameter - here. Optional. - maxLength: 1024 - minLength: 1 - type: string - refresh_rate_limit_count: - description: The maximum number of unknown key IDs in the - time frame. Default is 10. Optional. - minimum: 10 - type: integer - refresh_rate_limit_time_window_ms: - description: The time frame to use when checking the maximum - number of unknown key IDs, in milliseconds. Optional.Default - is 10000 (10 seconds). - minimum: 10000 - type: integer - roles_key: - description: The key in the JSON payload that stores the user’s - roles. The value of this key must be a comma-separated list - of roles. Required only if you want to use roles in the - JWT - maxLength: 1024 - minLength: 1 - type: string - scope: - description: The scope of the identity token issued by the - IdP. Optional. Default is openid profile email address phone. - maxLength: 1024 - minLength: 1 - type: string - subject_key: - description: The key in the JSON payload that stores the user’s - name. If not defined, the subject registered claim is used. - Most IdP providers use the preferred_username claim. Optional. - maxLength: 1024 - minLength: 1 - type: string - required: - - client_id - - client_secret - - connect_url - - enabled - type: object - opensearch: - description: OpenSearch settings + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - action_auto_create_index_enabled: - description: Explicitly allow or block automatic creation - of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - auth_failure_listeners: - description: Opensearch Security Plugin Settings - properties: - internal_authentication_backend_limiting: - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 0 - type: integer - authentication_backend: - description: internal_authentication_backend_limiting.authentication_backend - enum: - - internal - maxLength: 1024 - type: string - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 2147483647 - minimum: 0 - type: integer - max_blocked_clients: - description: internal_authentication_backend_limiting.max_blocked_clients - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 2147483647 - minimum: 0 - type: integer - type: - description: internal_authentication_backend_limiting.type - enum: - - username - maxLength: 1024 - type: string - type: object - ip_rate_limiting: - description: IP address rate limiting settings - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 1 - type: integer - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 36000 - minimum: 1 - type: integer - max_blocked_clients: - description: The maximum number of blocked IP addresses - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 36000 - minimum: 1 - type: integer - type: - description: The type of rate limiting - enum: - - ip - maxLength: 1024 - type: string - type: object - type: object - cluster_max_shards_per_node: - description: Controls the number of shards allowed in the - cluster per data node - maximum: 10000 - minimum: 100 - type: integer - cluster_routing_allocation_node_concurrent_recoveries: - description: How many concurrent incoming/outgoing shard recoveries - (normally replicas) are allowed to happen on a node. Defaults - to 2. - maximum: 16 - minimum: 2 - type: integer - email_sender_name: - description: Sender name placeholder to be used in Opensearch - Dashboards and Opensearch keystore - maxLength: 40 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - email_sender_password: - description: Sender password for Opensearch alerts to authenticate - with SMTP server - maxLength: 1024 - pattern: ^[^\x00-\x1F]+$ - type: string - email_sender_username: - description: Sender username for Opensearch alerts - maxLength: 320 - pattern: ^[^\x00-\x1F]+$ + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - enable_security_audit: - description: Enable/Disable security audit - type: boolean - http_max_content_length: - description: Maximum content length for HTTP requests to the - OpenSearch HTTP API, in bytes. - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: The max size of allowed headers, in bytes - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: The max length of an HTTP URL, in bytes - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: Relative amount. Maximum amount of heap memory - used for field data cache. This is an expert setting; decreasing - the value too much will increase overhead of loading field - data; too much memory used for field data cache will decrease - amount of heap available for other operations. - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: Percentage value. Default is 10%. Total amount - of heap used for indexing buffer, before writing segments - to disk. This is an expert setting. Too low value will slow - down indexing; too high value will increase indexing performance - but causes performance issues for query performance. - maximum: 40 - minimum: 3 - type: integer - indices_memory_max_index_buffer_size: - description: Absolute value. Default is unbound. Doesn't work - without indices.memory.index_buffer_size. Maximum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - maximum hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_memory_min_index_buffer_size: - description: Absolute value. Default is 48mb. Doesn't work - without indices.memory.index_buffer_size. Minimum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - minimal hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_queries_cache_size: - description: Percentage value. Default is 10%. Maximum amount - of heap used for query cache. This is an expert setting. - Too low value will decrease query performance and increase - performance for other operations; too high value will cause - issues with other OpenSearch functionality. - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: Maximum number of clauses Lucene BooleanQuery - can have. The default value (1024) is relatively high, and - increasing it may cause performance issues. Investigate - other approaches first before increasing this value. - maximum: 4096 - minimum: 64 - type: integer - indices_recovery_max_bytes_per_sec: - description: Limits total inbound and outbound recovery traffic - for each node. Applies to both peer recoveries as well as - snapshot recoveries (i.e., restores from a snapshot). Defaults - to 40mb - maximum: 400 - minimum: 40 - type: integer - indices_recovery_max_concurrent_file_chunks: - description: Number of file chunks sent in parallel for each - recovery. Defaults to 2. - maximum: 5 - minimum: 2 - type: integer - ism_enabled: - description: Specifies whether ISM is enabled or not - type: boolean - ism_history_enabled: - description: Specifies whether audit history is enabled or - not. The logs from ISM are automatically indexed to a logs - document. - type: boolean - ism_history_max_age: - description: The maximum age before rolling over the audit - history index in hours - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_max_docs: - description: The maximum number of documents before rolling - over the audit history index. - minimum: 1 - type: integer - ism_history_rollover_check_period: - description: The time between rollover checks for the audit - history index in hours. - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_rollover_retention_period: - description: How long audit history indices are kept in days. - maximum: 2147483647 - minimum: 1 - type: integer - override_main_response_version: - description: Compatibility mode sets OpenSearch to report - its version as 7.10 so clients continue to work. Default - is false - type: boolean - reindex_remote_whitelist: - description: Whitelisted addresses for reindexing. Changing - this value will cause all OpenSearch instances to restart. - items: - type: string - maxItems: 32 - type: array - script_max_compilations_rate: - description: Script compilation circuit breaker limits the - number of inline script compilations within a period of - time. Default is use-context - maxLength: 1024 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - search_max_buckets: - description: Maximum number of aggregation buckets allowed - in a single response. OpenSearch default value is used when - this is not defined. - maximum: 1000000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: 'Limits the maximum amount of memory (in MiB) - the OpenSearch Dashboards process can use. This sets the - max_old_space_size option of the nodejs running the OpenSearch - Dashboards. Note: the memory reserved by OpenSearch Dashboards - is not available for OpenSearch.' - maximum: 2048 - minimum: 64 - type: integer - opensearch_request_timeout: - description: Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - maximum: 120000 - minimum: 5000 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - type: object - opensearch_version: - description: OpenSearch major version - enum: - - "1" - - "2" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - opensearch: - description: Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - saml: - description: OpenSearch SAML configuration - properties: - enabled: - description: Enables or disables SAML-based authentication - for OpenSearch. When enabled, users can authenticate using - SAML with an Identity Provider. - type: boolean - idp_entity_id: - description: The unique identifier for the Identity Provider - (IdP) entity that is used for SAML authentication. This - value is typically provided by the IdP. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - idp_metadata_url: - description: The URL of the SAML metadata for the Identity - Provider (IdP). This is used to configure SAML-based authentication - with the IdP. - maxLength: 2048 - minLength: 1 - type: string - idp_pemtrustedcas_content: - description: This parameter specifies the PEM-encoded root - certificate authority (CA) content for the SAML identity - provider (IdP) server verification. The root CA content - is used to verify the SSL/TLS certificate presented by the - server. - maxLength: 16384 - type: string - roles_key: - description: Optional. Specifies the attribute in the SAML - response where role information is stored, if available. - Role attributes are not required for SAML authentication, - but can be included in SAML assertions by most Identity - Providers (IdPs) to determine user access levels or permissions. - maxLength: 256 - minLength: 1 - type: string - sp_entity_id: - description: The unique identifier for the Service Provider - (SP) entity that is used for SAML authentication. This value - is typically provided by the SP. - maxLength: 1024 - minLength: 1 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - subject_key: - description: Optional. Specifies the attribute in the SAML - response where the subject identifier is stored. If not - configured, the NameID attribute is used by default. - maxLength: 256 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - enabled - - idp_entity_id - - idp_metadata_url - - sp_entity_id + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_postgresqls.yaml b/config/crd/bases/aiven.io_postgresqls.yaml index d22d4d69..75804c65 100644 --- a/config/crd/bases/aiven.io_postgresqls.yaml +++ b/config/crd/bases/aiven.io_postgresqls.yaml @@ -15,951 +15,1056 @@ spec: singular: postgresql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: PostgreSQL is the Schema for the postgresql API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PostgreSQLSpec defines the desired state of postgres instance - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, - `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: PostgreSQL is the Schema for the postgresql API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: PostgreSQLSpec defines the desired state of postgres instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - enable_ipv6: - description: Register AAAA DNS records for the service, and allow - IPv6 packets to service ports - type: boolean - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - pg: - description: postgresql.conf configuration values + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - autovacuum_analyze_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_analyze_threshold when deciding whether to - trigger an ANALYZE. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_analyze_threshold: - description: Specifies the minimum number of inserted, updated - or deleted tuples needed to trigger an ANALYZE in any one - table. The default is 50 tuples. - maximum: 2147483647 - minimum: 0 - type: integer - autovacuum_freeze_max_age: - description: Specifies the maximum age (in transactions) that - a table's pg_class.relfrozenxid field can attain before - a VACUUM operation is forced to prevent transaction ID wraparound - within the table. Note that the system will launch autovacuum - processes to prevent wraparound even when autovacuum is - otherwise disabled. This parameter will cause the server - to be restarted. - maximum: 1500000000 - minimum: 200000000 - type: integer - autovacuum_max_workers: - description: Specifies the maximum number of autovacuum processes - (other than the autovacuum launcher) that may be running - at any one time. The default is three. This parameter can - only be set at server start. - maximum: 20 - minimum: 1 - type: integer - autovacuum_naptime: - description: Specifies the minimum delay between autovacuum - runs on any given database. The delay is measured in seconds, - and the default is one minute - maximum: 86400 - minimum: 1 - type: integer - autovacuum_vacuum_cost_delay: - description: Specifies the cost delay value that will be used - in automatic VACUUM operations. If -1 is specified, the - regular vacuum_cost_delay value will be used. The default - value is 20 milliseconds - maximum: 100 - minimum: -1 - type: integer - autovacuum_vacuum_cost_limit: - description: Specifies the cost limit value that will be used - in automatic VACUUM operations. If -1 is specified (which - is the default), the regular vacuum_cost_limit value will - be used. - maximum: 10000 - minimum: -1 - type: integer - autovacuum_vacuum_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_vacuum_threshold when deciding whether to - trigger a VACUUM. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_vacuum_threshold: - description: Specifies the minimum number of updated or deleted - tuples needed to trigger a VACUUM in any one table. The - default is 50 tuples - maximum: 2147483647 - minimum: 0 - type: integer - bgwriter_delay: - description: Specifies the delay between activity rounds for - the background writer in milliseconds. Default is 200. - maximum: 10000 - minimum: 10 - type: integer - bgwriter_flush_after: - description: Whenever more than bgwriter_flush_after bytes - have been written by the background writer, attempt to force - the OS to issue these writes to the underlying storage. - Specified in kilobytes, default is 512. Setting of 0 disables - forced writeback. - maximum: 2048 - minimum: 0 - type: integer - bgwriter_lru_maxpages: - description: In each round, no more than this many buffers - will be written by the background writer. Setting this to - zero disables background writing. Default is 100. - maximum: 1073741823 - minimum: 0 - type: integer - bgwriter_lru_multiplier: - description: The average recent need for new buffers is multiplied - by bgwriter_lru_multiplier to arrive at an estimate of the - number that will be needed during the next round, (up to - bgwriter_lru_maxpages). 1.0 represents a “just in time” - policy of writing exactly the number of buffers predicted - to be needed. Larger values provide some cushion against - spikes in demand, while smaller values intentionally leave - writes to be done by server processes. The default is 2.0. - maximum: 10 - minimum: 0 - type: number - deadlock_timeout: - description: This is the amount of time, in milliseconds, - to wait on a lock before checking to see if there is a deadlock - condition. - maximum: 1800000 - minimum: 500 - type: integer - default_toast_compression: - description: Specifies the default TOAST compression method - for values of compressible columns (the default is lz4). - enum: - - lz4 - - pglz - type: string - idle_in_transaction_session_timeout: - description: Time out sessions with open transactions after - this number of milliseconds - maximum: 604800000 - minimum: 0 - type: integer - jit: - description: Controls system-wide use of Just-in-Time Compilation - (JIT). - type: boolean - log_autovacuum_min_duration: - description: Causes each action executed by autovacuum to - be logged if it ran for at least the specified number of - milliseconds. Setting this to zero logs all autovacuum actions. - Minus-one (the default) disables logging autovacuum actions. - maximum: 2147483647 - minimum: -1 - type: integer - log_error_verbosity: - description: Controls the amount of detail written in the - server log for each message that is logged. - enum: - - TERSE - - DEFAULT - - VERBOSE - type: string - log_line_prefix: - description: Choose from one of the available log-formats. - These can support popular log analyzers like pgbadger, pganalyze - etc. + integrationType: enum: - - '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' - - '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' - - '''%m [%p] %q[user=%u,db=%d,app=%a] ''' + - read_replica type: string - log_min_duration_statement: - description: Log statements that take more than this number - of milliseconds to run, -1 disables - maximum: 86400000 - minimum: -1 - type: integer - log_temp_files: - description: Log statements for each temporary file created - larger than this number of kilobytes, -1 disables - maximum: 2147483647 - minimum: -1 - type: integer - max_files_per_process: - description: PostgreSQL maximum number of files that can be - open per process - maximum: 4096 - minimum: 1000 - type: integer - max_locks_per_transaction: - description: PostgreSQL maximum locks per transaction - maximum: 6400 - minimum: 64 - type: integer - max_logical_replication_workers: - description: PostgreSQL maximum logical replication workers - (taken from the pool of max_parallel_workers) - maximum: 64 - minimum: 4 - type: integer - max_parallel_workers: - description: Sets the maximum number of workers that the system - can support for parallel queries - maximum: 96 - minimum: 0 - type: integer - max_parallel_workers_per_gather: - description: Sets the maximum number of workers that can be - started by a single Gather or Gather Merge node - maximum: 96 - minimum: 0 - type: integer - max_pred_locks_per_transaction: - description: PostgreSQL maximum predicate locks per transaction - maximum: 5120 - minimum: 64 - type: integer - max_prepared_transactions: - description: PostgreSQL maximum prepared transactions - maximum: 10000 - minimum: 0 - type: integer - max_replication_slots: - description: PostgreSQL maximum replication slots - maximum: 64 - minimum: 8 - type: integer - max_slot_wal_keep_size: - description: PostgreSQL maximum WAL size (MB) reserved for - replication slots. Default is -1 (unlimited). wal_keep_size - minimum WAL size setting takes precedence over this. - maximum: 2147483647 - minimum: -1 - type: integer - max_stack_depth: - description: Maximum depth of the stack in bytes - maximum: 6291456 - minimum: 2097152 - type: integer - max_standby_archive_delay: - description: Max standby archive delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_standby_streaming_delay: - description: Max standby streaming delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_wal_senders: - description: PostgreSQL maximum WAL senders - maximum: 64 - minimum: 20 - type: integer - max_worker_processes: - description: Sets the maximum number of background processes - that the system can support - maximum: 96 - minimum: 8 - type: integer - pg_partman_bgw.interval: - description: Sets the time interval to run pg_partman's scheduled - tasks - maximum: 604800 - minimum: 3600 - type: integer - pg_partman_bgw.role: - description: Controls which role to use for pg_partman's scheduled - background tasks. + sourceServiceName: maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - pg_stat_monitor.pgsm_enable_query_plan: - description: Enables or disables query plan monitoring - type: boolean - pg_stat_monitor.pgsm_max_buckets: - description: Sets the maximum number of buckets - maximum: 10 - minimum: 1 - type: integer - pg_stat_statements.track: - description: Controls which statements are counted. Specify - top to track top-level statements (those issued directly - by clients), all to also track nested statements (such as - statements invoked within functions), or none to disable - statement statistics collection. The default value is top. - enum: - - all - - top - - none - type: string - temp_file_limit: - description: PostgreSQL temporary file limit in KiB, -1 for - unlimited - maximum: 2147483647 - minimum: -1 - type: integer - timezone: - description: PostgreSQL service timezone - maxLength: 64 - type: string - track_activity_query_size: - description: Specifies the number of bytes reserved to track - the currently executing command for each active session. - maximum: 10240 - minimum: 1024 - type: integer - track_commit_timestamp: - description: Record commit time of transactions. - enum: - - "off" - - "on" - type: string - track_functions: - description: Enables tracking of function call counts and - time used. - enum: - - all - - pl - - none - type: string - track_io_timing: - description: Enables timing of database I/O calls. This parameter - is off by default, because it will repeatedly query the - operating system for the current time, which may cause significant - overhead on some platforms. - enum: - - "off" - - "on" - type: string - wal_sender_timeout: - description: Terminate replication connections that are inactive - for longer than this amount of time, in milliseconds. Setting - this value to zero disables the timeout. - type: integer - wal_writer_delay: - description: WAL flush interval in milliseconds. Note that - setting this value to lower than the default 200ms may negatively - impact performance - maximum: 200 - minimum: 10 - type: integer - type: object - pg_qualstats: - description: Deprecated. System-wide settings for the pg_qualstats - extension - properties: - enabled: - description: Deprecated. Enable / Disable pg_qualstats - type: boolean - min_err_estimate_num: - description: Deprecated. Error estimation num threshold to - save quals - minimum: 0 - type: integer - min_err_estimate_ratio: - description: Deprecated. Error estimation ratio threshold - to save quals - minimum: 0 - type: integer - track_constants: - description: Deprecated. Enable / Disable pg_qualstats constants - tracking - type: boolean - track_pg_catalog: - description: Deprecated. Track quals on system catalogs too. - type: boolean - type: object - pg_read_replica: - description: Should the service which is being forked be a read - replica (deprecated, use read_replica service integration instead). - type: boolean - pg_service_to_fork_from: - description: Name of the PG Service from which to fork (deprecated, - use service_to_fork_from). This has effect only when a new service - is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - pg_stat_monitor_enable: - description: Enable the pg_stat_monitor extension. Enabling this - extension will cause the cluster to be restarted.When this extension - is enabled, pg_stat_statements results for utility commands - are unreliable - type: boolean - pg_version: - description: PostgreSQL major version - enum: - - "11" - - "12" - - "13" - - "14" - - "15" - type: string - pgbouncer: - description: PGBouncer connection pooling settings - properties: - autodb_idle_timeout: - description: If the automatically created database pools have - been unused this many seconds, they are freed. If 0 then - timeout is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - autodb_max_db_connections: - description: Do not allow more than this many server connections - per database (regardless of user). Setting it to 0 means - unlimited. - maximum: 2147483647 - minimum: 0 - type: integer - autodb_pool_mode: - description: PGBouncer pool mode - enum: - - session - - transaction - - statement + minLength: 1 type: string - autodb_pool_size: - description: If non-zero then create automatically a pool - of that size per user when a pool doesn't exist. - maximum: 10000 - minimum: 0 - type: integer - ignore_startup_parameters: - description: List of parameters to ignore when given in startup - packet - items: - type: string - maxItems: 32 - type: array - min_pool_size: - description: Add more server connections to pool if below - this number. Improves behavior when usual load comes suddenly - back after period of total inactivity. The value is effectively - capped at the pool size. - maximum: 10000 - minimum: 0 - type: integer - server_idle_timeout: - description: If a server connection has been idle more than - this many seconds it will be dropped. If 0 then timeout - is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - server_lifetime: - description: The pooler will close an unused server connection - that has been connected longer than this. [seconds] - maximum: 86400 - minimum: 60 - type: integer - server_reset_query_always: - description: Run server_reset_query (DISCARD ALL) in all pooling - modes - type: boolean - type: object - pglookout: - description: System-wide settings for pglookout. - properties: - max_failover_replication_time_lag: - description: Number of seconds of master unavailability before - triggering database failover to standby - minimum: 10 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - pg: - description: Allow clients to connect to pg with a DNS name - that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - pg: - description: Enable pg - type: boolean - pgbouncer: - description: Enable pgbouncer - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - pg: - description: Allow clients to connect to pg from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + required: + - integrationType + - sourceServiceName type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - shared_buffers_percentage: - description: Percentage of total RAM that the database server - uses for shared memory buffers. Valid range is 20-60 (float), - which corresponds to 20% - 60%. This setting adjusts the shared_buffers - configuration value. - maximum: 60 - minimum: 20 - type: number - static_ips: - description: Use static public IP addresses - type: boolean - synchronous_replication: - description: Synchronous replication type. Note that the service - plan also needs to support synchronous replication. - enum: - - quorum - - "off" - type: string - timescaledb: - description: System-wide settings for the timescaledb extension - properties: - max_background_workers: - description: The number of background workers for timescaledb - operations. You should configure this setting to the sum - of your number of databases and the total number of concurrent - background workers you want running at any given point in - time. - maximum: 4096 - minimum: 1 - type: integer - type: object - variant: - description: Variant of the PostgreSQL service, may affect the - features that are exposed by default - enum: - - aiven - - timescale - type: string - work_mem: - description: Sets the maximum amount of memory to be used by a - query operation (such as a sort or hash table) before writing - to temporary disk files, in MB. Default is 1MB + 0.075% of total - RAM (up to 32MB). - maximum: 1024 - minimum: 1 - type: integer - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: + Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: + Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: + Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: + Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: + Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: + Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: + Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: + Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: + Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: + Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: + In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: + The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: + This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: + Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: + Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: + Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: + Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: + Controls the amount of detail written in the + server log for each message that is logged. + enum: + - TERSE + - DEFAULT + - VERBOSE + type: string + log_line_prefix: + description: + Choose from one of the available log-formats. + These can support popular log analyzers like pgbadger, pganalyze + etc. + enum: + - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + type: string + log_min_duration_statement: + description: + Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: + Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: + PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: + PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: + Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: + Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: + PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: + Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: + Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: + Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_monitor.pgsm_enable_query_plan: + description: Enables or disables query plan monitoring + type: boolean + pg_stat_monitor.pgsm_max_buckets: + description: Sets the maximum number of buckets + maximum: 10 + minimum: 1 + type: integer + pg_stat_statements.track: + description: + Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - top + - none + type: string + temp_file_limit: + description: + PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + type: string + track_activity_query_size: + description: + Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: + Enables tracking of function call counts and + time used. + enum: + - all + - pl + - none + type: string + track_io_timing: + description: + Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: + Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: + WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_qualstats: + description: + Deprecated. System-wide settings for the pg_qualstats + extension + properties: + enabled: + description: Deprecated. Enable / Disable pg_qualstats + type: boolean + min_err_estimate_num: + description: + Deprecated. Error estimation num threshold to + save quals + minimum: 0 + type: integer + min_err_estimate_ratio: + description: + Deprecated. Error estimation ratio threshold + to save quals + minimum: 0 + type: integer + track_constants: + description: + Deprecated. Enable / Disable pg_qualstats constants + tracking + type: boolean + track_pg_catalog: + description: Deprecated. Track quals on system catalogs too. + type: boolean + type: object + pg_read_replica: + description: + Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: + Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 type: string - status: - description: status of the condition, one of True, False, Unknown. + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + pg_stat_monitor_enable: + description: + Enable the pg_stat_monitor extension. Enabling this + extension will cause the cluster to be restarted.When this extension + is enabled, pg_stat_statements results for utility commands + are unreliable + type: boolean + pg_version: + description: PostgreSQL major version enum: - - "True" - - "False" - - Unknown + - "11" + - "12" + - "13" + - "14" + - "15" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: + If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: + Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - transaction + - statement + type: string + autodb_pool_size: + description: + If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: + List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + min_pool_size: + description: + Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: + If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: + The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: + Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: + Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + pg: + description: + Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + pg: + description: + Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: + Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: + Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - quorum + - "off" + type: string + timescaledb: + description: System-wide settings for the timescaledb extension + properties: + max_background_workers: + description: + The number of background workers for timescaledb + operations. You should configure this setting to the sum + of your number of databases and the total number of concurrent + background workers you want running at any given point in + time. + maximum: 4096 + minimum: 1 + type: integer + type: object + variant: + description: + Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: + Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_projects.yaml b/config/crd/bases/aiven.io_projects.yaml index 0bf1f9fc..5256e9c1 100644 --- a/config/crd/bases/aiven.io_projects.yaml +++ b/config/crd/bases/aiven.io_projects.yaml @@ -15,229 +15,244 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 - type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 type: string - maxItems: 10 - type: array - billingExtraText: - description: Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 - type: string - cloud: - description: 'Target cloud, example: aws-eu-central-1' - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `PROJECT_CA_CERT`' - properties: - annotations: - additionalProperties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: type: string - required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: + maxItems: 10 + type: array + billingExtraText: + description: + Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 type: string - description: Tags are key-value pairs that allow you to categorize - projects - type: object - technicalEmails: - description: Technical contact emails of the project - items: + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 type: string - maxItems: 10 - type: array - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: Conditions represent the latest available observations - of an Project state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + cardId: + description: + Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: "Target cloud, example: aws-eu-central-1" + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `PROJECT_CA_CERT`" properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name + type: object + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + projects type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + technicalEmails: + description: Technical contact emails of the project + items: + type: string + maxItems: 10 + type: array + type: object + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: + Conditions represent the latest available observations + of an Project state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_projectvpcs.yaml b/config/crd/bases/aiven.io_projectvpcs.yaml index 720040e8..f6b08d0a 100644 --- a/config/crd/bases/aiven.io_projectvpcs.yaml +++ b/config/crd/bases/aiven.io_projectvpcs.yaml @@ -15,165 +15,174 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: Conditions represent the latest available observations - of an ProjectVPC state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: + Conditions represent the latest available observations + of an ProjectVPC state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_redis.yaml b/config/crd/bases/aiven.io_redis.yaml index 2b665d1c..bd6c988d 100644 --- a/config/crd/bases/aiven.io_redis.yaml +++ b/config/crd/bases/aiven.io_redis.yaml @@ -15,464 +15,509 @@ spec: singular: redis scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redis is the Schema for the redis API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RedisSpec defines the desired state of Redis - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redis API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Redis specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication + - read_replica type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port + - integrationType + - sourceServiceName type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - redis: - description: Allow clients to connect to redis with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - prometheus: - description: Enable prometheus - type: boolean - redis: - description: Enable redis - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - redis: - description: Allow clients to connect to redis from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ + tags: + additionalProperties: type: string - redis_acl_channels_default: - description: Determines default pub/sub channels' ACL for new - users if ACL is not supplied. When this option is not defined, - all_channels is assumed to keep backward compatibility. This - option doesn't affect Redis configuration acl-pubsub-default. - enum: - - allchannels - - resetchannels - type: string - redis_io_threads: - description: Set Redis IO thread count. Changing this will cause - a restart of the Redis service. - maximum: 32 - minimum: 1 - type: integer - redis_lfu_decay_time: - description: LFU maxmemory-policy counter decay time in minutes - maximum: 120 - minimum: 1 - type: integer - redis_lfu_log_factor: - description: Counter logarithm factor for volatile-lfu and allkeys-lfu - maxmemory-policies - maximum: 100 - minimum: 0 - type: integer - redis_maxmemory_policy: - description: Redis maxmemory-policy - enum: - - noeviction - - allkeys-lru - - volatile-lru - - allkeys-random - - volatile-random - - volatile-ttl - - volatile-lfu - - allkeys-lfu - type: string - redis_notify_keyspace_events: - description: Set notify-keyspace-events option - maxLength: 32 - pattern: ^[KEg\$lshzxeA]*$ - type: string - redis_number_of_databases: - description: Set number of Redis databases. Changing this will - cause a restart of the Redis service. - maximum: 128 - minimum: 1 - type: integer - redis_persistence: - description: When persistence is 'rdb', Redis does RDB dumps each - 10 minutes if any key is changed. Also RDB dumps are done according - to backup schedule for backup purposes. When persistence is - 'off', no RDB dumps and backups are done, so data can be lost - at any moment if service is restarted for any reason, or if - service is powered off. Also service can't be forked. - enum: - - "off" - - rdb - type: string - redis_pubsub_client_output_buffer_limit: - description: Set output buffer limit for pub / sub clients in - MB. The value is the hard limit, the soft limit is 1/4 of the - hard limit. When setting the limit, be mindful of the available - memory in the selected service plan. - maximum: 512 - minimum: 32 - type: integer - redis_ssl: - description: Require SSL to access Redis - type: boolean - redis_timeout: - description: Redis idle connection timeout in seconds - maximum: 31536000 - minimum: 0 - type: integer - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Redis specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + redis: + description: + Allow clients to connect to redis with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + prometheus: + description: Enable prometheus + type: boolean + redis: + description: Enable redis + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + redis: + description: + Allow clients to connect to redis from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + redis_acl_channels_default: + description: + Determines default pub/sub channels' ACL for new + users if ACL is not supplied. When this option is not defined, + all_channels is assumed to keep backward compatibility. This + option doesn't affect Redis configuration acl-pubsub-default. + enum: + - allchannels + - resetchannels type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + redis_io_threads: + description: + Set Redis IO thread count. Changing this will cause + a restart of the Redis service. + maximum: 32 + minimum: 1 + type: integer + redis_lfu_decay_time: + description: LFU maxmemory-policy counter decay time in minutes + maximum: 120 + minimum: 1 + type: integer + redis_lfu_log_factor: + description: + Counter logarithm factor for volatile-lfu and allkeys-lfu + maxmemory-policies + maximum: 100 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + redis_maxmemory_policy: + description: Redis maxmemory-policy + enum: + - noeviction + - allkeys-lru + - volatile-lru + - allkeys-random + - volatile-random + - volatile-ttl + - volatile-lfu + - allkeys-lfu type: string - status: - description: status of the condition, one of True, False, Unknown. + redis_notify_keyspace_events: + description: Set notify-keyspace-events option + maxLength: 32 + pattern: ^[KEg\$lshzxeA]*$ + type: string + redis_number_of_databases: + description: + Set number of Redis databases. Changing this will + cause a restart of the Redis service. + maximum: 128 + minimum: 1 + type: integer + redis_persistence: + description: + When persistence is 'rdb', Redis does RDB dumps each + 10 minutes if any key is changed. Also RDB dumps are done according + to backup schedule for backup purposes. When persistence is + 'off', no RDB dumps and backups are done, so data can be lost + at any moment if service is restarted for any reason, or if + service is powered off. Also service can't be forked. enum: - - "True" - - "False" - - Unknown + - "off" + - rdb type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + redis_pubsub_client_output_buffer_limit: + description: + Set output buffer limit for pub / sub clients in + MB. The value is the hard limit, the soft limit is 1/4 of the + hard limit. When setting the limit, be mindful of the available + memory in the selected service plan. + maximum: 512 + minimum: 32 + type: integer + redis_ssl: + description: Require SSL to access Redis + type: boolean + redis_timeout: + description: Redis idle connection timeout in seconds + maximum: 31536000 + minimum: 0 + type: integer + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_serviceintegrations.yaml b/config/crd/bases/aiven.io_serviceintegrations.yaml index 7ba61edd..7ddcb94b 100644 --- a/config/crd/bases/aiven.io_serviceintegrations.yaml +++ b/config/crd/bases/aiven.io_serviceintegrations.yaml @@ -15,748 +15,790 @@ spec: singular: serviceintegration scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.integrationType - name: Type - type: string - - jsonPath: .spec.sourceServiceName - name: Source Service Name - type: string - - jsonPath: .spec.destinationServiceName - name: Destination Service Name - type: string - - jsonPath: .spec.sourceEndpointId - name: Source Endpoint ID - type: string - - jsonPath: .spec.destinationEndpointId - name: Destination Endpoint ID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceIntegration is the Schema for the serviceintegrations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceIntegrationSpec defines the desired state of ServiceIntegration - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - clickhouseKafka: - description: Clickhouse Kafka configuration values - properties: - tables: - description: Tables to create - items: - description: Table to create + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.integrationType + name: Type + type: string + - jsonPath: .spec.sourceServiceName + name: Source Service Name + type: string + - jsonPath: .spec.destinationServiceName + name: Destination Service Name + type: string + - jsonPath: .spec.sourceEndpointId + name: Source Endpoint ID + type: string + - jsonPath: .spec.destinationEndpointId + name: Destination Endpoint ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: + ServiceIntegration is the Schema for the serviceintegrations + API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceIntegrationSpec defines the desired state of ServiceIntegration + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + clickhouseKafka: + description: Clickhouse Kafka configuration values + properties: + tables: + description: Tables to create + items: + description: Table to create + properties: + auto_offset_reset: + description: + Action to take when there is no initial offset + in offset store or the desired offset is out of range + enum: + - smallest + - earliest + - beginning + - largest + - latest + - end + type: string + columns: + description: Table columns + items: + description: Table column + properties: + name: + description: Column name + maxLength: 40 + minLength: 1 + type: string + type: + description: Column type + maxLength: 1000 + minLength: 1 + type: string + required: + - name + - type + type: object + maxItems: 100 + type: array + data_format: + description: Message data format + enum: + - Avro + - CSV + - JSONAsString + - JSONCompactEachRow + - JSONCompactStringsEachRow + - JSONEachRow + - JSONStringsEachRow + - MsgPack + - TSKV + - TSV + - TabSeparated + - RawBLOB + - AvroConfluent + type: string + date_time_input_format: + description: Method to read DateTime from text input formats + enum: + - basic + - best_effort + - best_effort_us + type: string + group_name: + description: Kafka consumers group + maxLength: 249 + minLength: 1 + type: string + handle_error_mode: + description: How to handle errors for Kafka engine + enum: + - default + - stream + type: string + max_block_size: + description: + Number of row collected by poll(s) for flushing + data from Kafka + maximum: 1000000000 + minimum: 0 + type: integer + max_rows_per_message: + description: + The maximum number of rows produced in one + kafka message for row-based formats + maximum: 1000000000 + minimum: 1 + type: integer + name: + description: Name of the table + maxLength: 40 + minLength: 1 + type: string + num_consumers: + description: The number of consumers per table per replica + maximum: 10 + minimum: 1 + type: integer + poll_max_batch_size: + description: + Maximum amount of messages to be polled in + a single Kafka poll + maximum: 1000000000 + minimum: 0 + type: integer + skip_broken_messages: + description: + Skip at least this number of broken messages + from Kafka topic per block + maximum: 1000000000 + minimum: 0 + type: integer + topics: + description: Kafka topics + items: + description: Kafka topic + properties: + name: + description: Name of the topic + maxLength: 249 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 100 + type: array + required: + - columns + - data_format + - group_name + - name + - topics + type: object + maxItems: 100 + type: array + type: object + clickhousePostgresql: + description: Clickhouse PostgreSQL configuration values + properties: + databases: + description: Databases to expose + items: + description: Database to expose + properties: + database: + description: PostgreSQL database to expose + maxLength: 63 + minLength: 1 + type: string + schema: + description: PostgreSQL schema to expose + maxLength: 63 + minLength: 1 + type: string + type: object + maxItems: 10 + type: array + type: object + datadog: + description: Datadog specific user configuration options + properties: + datadog_dbm_enabled: + description: Enable Datadog Database Monitoring + type: boolean + datadog_tags: + description: Custom tags provided by user + items: + description: Datadog tag defined by user + properties: + comment: + description: Optional tag explanation + maxLength: 1024 + type: string + tag: + description: + "Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. + Tags with prefix 'aiven-' are reserved for Aiven." + maxLength: 200 + minLength: 1 + type: string + required: + - tag + type: object + maxItems: 32 + type: array + exclude_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + exclude_topics: + description: List of topics to exclude + items: + type: string + maxItems: 1024 + type: array + include_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + include_topics: + description: List of topics to include + items: + type: string + maxItems: 1024 + type: array + kafka_custom_metrics: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + max_jmx_metrics: + description: Maximum number of JMX metrics to send + maximum: 100000 + minimum: 10 + type: integer + opensearch: + description: Datadog Opensearch Options properties: - auto_offset_reset: - description: Action to take when there is no initial offset - in offset store or the desired offset is out of range - enum: - - smallest - - earliest - - beginning - - largest - - latest - - end - type: string - columns: - description: Table columns - items: - description: Table column - properties: - name: - description: Column name - maxLength: 40 - minLength: 1 - type: string - type: - description: Column type - maxLength: 1000 - minLength: 1 - type: string - required: - - name - - type - type: object - maxItems: 100 - type: array - data_format: - description: Message data format - enum: - - Avro - - CSV - - JSONAsString - - JSONCompactEachRow - - JSONCompactStringsEachRow - - JSONEachRow - - JSONStringsEachRow - - MsgPack - - TSKV - - TSV - - TabSeparated - - RawBLOB - - AvroConfluent + index_stats_enabled: + description: Enable Datadog Opensearch Index Monitoring + type: boolean + pending_task_stats_enabled: + description: Enable Datadog Opensearch Pending Task Monitoring + type: boolean + pshard_stats_enabled: + description: Enable Datadog Opensearch Primary Shard Monitoring + type: boolean + type: object + redis: + description: Datadog Redis Options + properties: + command_stats_enabled: + description: Enable command_stats option in the agent's configuration + type: boolean + type: object + type: object + destinationEndpointId: + description: Destination endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationProjectName: + description: Destination project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationServiceName: + description: Destination service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + externalAWSCloudwatchMetrics: + description: + External AWS CloudWatch Metrics integration Logs configuration + values + properties: + dropped_metrics: + description: + Metrics to not send to AWS CloudWatch (takes precedence + over extra_metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + extra_metrics: + description: + Metrics to allow through to AWS CloudWatch (in addition + to default metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + type: object + integrationType: + description: + Type of the service integration accepted by Aiven API. + Some values may not be supported by the operator + enum: + - alertmanager + - autoscaler + - caching + - cassandra_cross_service_cluster + - clickhouse_kafka + - clickhouse_postgresql + - dashboard + - datadog + - datasource + - external_aws_cloudwatch_logs + - external_aws_cloudwatch_metrics + - external_elasticsearch_logs + - external_google_cloud_logging + - external_opensearch_logs + - flink + - flink_external_kafka + - internal_connectivity + - jolokia + - kafka_connect + - kafka_logs + - kafka_mirrormaker + - logs + - m3aggregator + - m3coordinator + - metrics + - opensearch_cross_cluster_replication + - opensearch_cross_cluster_search + - prometheus + - read_replica + - rsyslog + - schema_registry_proxy + - stresstester + - thanosquery + - thanosstore + - vmalert + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + kafkaConnect: + description: Kafka Connect service configuration values + properties: + kafka_connect: + description: Kafka Connect service configuration values + properties: + config_storage_topic: + description: + The name of the topic where connector and task + configuration data are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 type: string - date_time_input_format: - description: Method to read DateTime from text input formats - enum: - - basic - - best_effort - - best_effort_us + group_id: + description: + A unique string that identifies the Connect cluster + group this worker belongs to. + maxLength: 249 type: string - group_name: - description: Kafka consumers group + offset_storage_topic: + description: + The name of the topic where connector and task + configuration offsets are stored.This must be the same for + all workers with the same group_id. maxLength: 249 - minLength: 1 type: string - handle_error_mode: - description: How to handle errors for Kafka engine - enum: - - default - - stream + status_storage_topic: + description: + The name of the topic where connector and task + configuration status updates are stored.This must be the + same for all workers with the same group_id. + maxLength: 249 type: string - max_block_size: - description: Number of row collected by poll(s) for flushing - data from Kafka - maximum: 1000000000 + type: object + type: object + kafkaLogs: + description: Kafka logs configuration values + properties: + kafka_topic: + description: Topic name + maxLength: 249 + minLength: 1 + type: string + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + required: + - kafka_topic + type: object + kafkaMirrormaker: + description: Kafka MirrorMaker configuration values + properties: + cluster_alias: + description: + "The alias under which the Kafka cluster is known + to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, + '.', '_', and '-'." + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + type: string + kafka_mirrormaker: + description: Kafka MirrorMaker configuration values + properties: + consumer_fetch_min_bytes: + description: + The minimum amount of data the server should + return for a fetch request + maximum: 5242880 + minimum: 1 + type: integer + producer_batch_size: + description: + The batch size in bytes producer will attempt + to collect before publishing to broker. + maximum: 5242880 minimum: 0 type: integer - max_rows_per_message: - description: The maximum number of rows produced in one - kafka message for row-based formats - maximum: 1000000000 - minimum: 1 + producer_buffer_memory: + description: + The amount of bytes producer can use for buffering + data before publishing to broker. + maximum: 134217728 + minimum: 5242880 type: integer - name: - description: Name of the table - maxLength: 40 - minLength: 1 + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - num_consumers: - description: The number of consumers per table per replica - maximum: 10 - minimum: 1 - type: integer - poll_max_batch_size: - description: Maximum amount of messages to be polled in - a single Kafka poll - maximum: 1000000000 + producer_linger_ms: + description: + The linger time (ms) for waiting new data to + arrive for publishing. + maximum: 5000 minimum: 0 type: integer - skip_broken_messages: - description: Skip at least this number of broken messages - from Kafka topic per block - maximum: 1000000000 + producer_max_request_size: + description: The maximum request size in bytes. + maximum: 268435456 minimum: 0 type: integer - topics: - description: Kafka topics - items: - description: Kafka topic - properties: - name: - description: Name of the topic - maxLength: 249 - minLength: 1 - type: string - required: - - name - type: object - maxItems: 100 - type: array - required: - - columns - - data_format - - group_name - - name - - topics type: object - maxItems: 100 - type: array - type: object - clickhousePostgresql: - description: Clickhouse PostgreSQL configuration values - properties: - databases: - description: Databases to expose - items: - description: Database to expose - properties: - database: - description: PostgreSQL database to expose - maxLength: 63 - minLength: 1 - type: string - schema: - description: PostgreSQL schema to expose - maxLength: 63 - minLength: 1 - type: string - type: object - maxItems: 10 - type: array - type: object - datadog: - description: Datadog specific user configuration options - properties: - datadog_dbm_enabled: - description: Enable Datadog Database Monitoring - type: boolean - datadog_tags: - description: Custom tags provided by user - items: - description: Datadog tag defined by user - properties: - comment: - description: Optional tag explanation - maxLength: 1024 - type: string - tag: - description: 'Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. - Tags with prefix ''aiven-'' are reserved for Aiven.' - maxLength: 200 - minLength: 1 - type: string - required: - - tag - type: object - maxItems: 32 - type: array - exclude_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - exclude_topics: - description: List of topics to exclude - items: - type: string - maxItems: 1024 - type: array - include_consumer_groups: - description: List of custom metrics - items: + type: object + logs: + description: Logs configuration values + properties: + elasticsearch_index_days_max: + description: Elasticsearch index retention limit + maximum: 10000 + minimum: 1 + type: integer + elasticsearch_index_prefix: + description: Elasticsearch index prefix + maxLength: 1024 + minLength: 1 type: string - maxItems: 1024 - type: array - include_topics: - description: List of topics to include - items: + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + type: object + metrics: + description: Metrics configuration values + properties: + database: + description: + Name of the database where to store metric datapoints. + Only affects PostgreSQL destinations. Defaults to 'metrics'. + Note that this must be the same for all metrics integrations + that write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - kafka_custom_metrics: - description: List of custom metrics - items: + retention_days: + description: + Number of days to keep old metrics. Only affects + PostgreSQL destinations. Set to 0 for no automatic cleanup. + Defaults to 30 days. + maximum: 10000 + minimum: 0 + type: integer + ro_username: + description: + Name of a user that can be used to read metrics. + This will be used for Grafana integration (if enabled) to prevent + Grafana users from making undesired changes. Only affects PostgreSQL + destinations. Defaults to 'metrics_reader'. Note that this must + be the same for all metrics integrations that write data to + the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - max_jmx_metrics: - description: Maximum number of JMX metrics to send - maximum: 100000 - minimum: 10 - type: integer - opensearch: - description: Datadog Opensearch Options - properties: - index_stats_enabled: - description: Enable Datadog Opensearch Index Monitoring - type: boolean - pending_task_stats_enabled: - description: Enable Datadog Opensearch Pending Task Monitoring - type: boolean - pshard_stats_enabled: - description: Enable Datadog Opensearch Primary Shard Monitoring - type: boolean - type: object - redis: - description: Datadog Redis Options - properties: - command_stats_enabled: - description: Enable command_stats option in the agent's configuration - type: boolean - type: object - type: object - destinationEndpointId: - description: Destination endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationProjectName: - description: Destination project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationServiceName: - description: Destination service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - externalAWSCloudwatchMetrics: - description: External AWS CloudWatch Metrics integration Logs configuration - values - properties: - dropped_metrics: - description: Metrics to not send to AWS CloudWatch (takes precedence - over extra_metrics) - items: - description: Metric name and subfield + source_mysql: + description: + Configuration options for metrics where source service + is MySQL properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric + telegraf: + description: + Configuration options for Telegraf MySQL input + plugin + properties: + gather_event_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS + type: boolean + gather_file_events_stats: + description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME + type: boolean + gather_index_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE + type: boolean + gather_info_schema_auto_inc: + description: + Gather auto_increment columns and max values + from information schema + type: boolean + gather_innodb_metrics: + description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS + type: boolean + gather_perf_events_statements: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST + type: boolean + gather_process_list: + description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST + type: boolean + gather_slave_status: + description: + Gather metrics from SHOW SLAVE STATUS command + output + type: boolean + gather_table_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE + type: boolean + gather_table_lock_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS + type: boolean + gather_table_schema: + description: Gather metrics from INFORMATION_SCHEMA.TABLES + type: boolean + perf_events_statements_digest_text_limit: + description: + Truncates digest text from perf_events_statements + into this many characters + maximum: 2048 + minimum: 1 + type: integer + perf_events_statements_limit: + description: Limits metrics from perf_events_statements + maximum: 4000 + minimum: 1 + type: integer + perf_events_statements_time_limit: + description: + Only include perf_events_statements whose + last seen is less than this many seconds + maximum: 2592000 + minimum: 1 + type: integer + type: object type: object - maxItems: 1024 - type: array - extra_metrics: - description: Metrics to allow through to AWS CloudWatch (in addition - to default metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - type: object - integrationType: - description: Type of the service integration accepted by Aiven API. - Some values may not be supported by the operator - enum: - - alertmanager - - autoscaler - - caching - - cassandra_cross_service_cluster - - clickhouse_kafka - - clickhouse_postgresql - - dashboard - - datadog - - datasource - - external_aws_cloudwatch_logs - - external_aws_cloudwatch_metrics - - external_elasticsearch_logs - - external_google_cloud_logging - - external_opensearch_logs - - flink - - flink_external_kafka - - internal_connectivity - - jolokia - - kafka_connect - - kafka_logs - - kafka_mirrormaker - - logs - - m3aggregator - - m3coordinator - - metrics - - opensearch_cross_cluster_replication - - opensearch_cross_cluster_search - - prometheus - - read_replica - - rsyslog - - schema_registry_proxy - - stresstester - - thanosquery - - thanosstore - - vmalert - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - kafkaConnect: - description: Kafka Connect service configuration values - properties: - kafka_connect: - description: Kafka Connect service configuration values + username: + description: + Name of the user used to write metrics. Only affects + PostgreSQL destinations. Defaults to 'metrics_writer'. Note + that this must be the same for all metrics integrations that + write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + type: object + project: + description: Project the integration belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceEndpointID: + description: Source endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceProjectName: + description: Source project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceServiceName: + description: Source service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - integrationType + - project + type: object + status: + description: ServiceIntegrationStatus defines the observed state of ServiceIntegration + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceIntegration state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - config_storage_topic: - description: The name of the topic where connector and task - configuration data are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 - type: string - group_id: - description: A unique string that identifies the Connect cluster - group this worker belongs to. - maxLength: 249 - type: string - offset_storage_topic: - description: The name of the topic where connector and task - configuration offsets are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - status_storage_topic: - description: The name of the topic where connector and task - configuration status updates are stored.This must be the - same for all workers with the same group_id. - maxLength: 249 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - type: object - type: object - kafkaLogs: - description: Kafka logs configuration values - properties: - kafka_topic: - description: Topic name - maxLength: 249 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - required: - - kafka_topic - type: object - kafkaMirrormaker: - description: Kafka MirrorMaker configuration values - properties: - cluster_alias: - description: 'The alias under which the Kafka cluster is known - to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, - ''.'', ''_'', and ''-''.' - maxLength: 128 - pattern: ^[a-zA-Z0-9_.-]+$ - type: string - kafka_mirrormaker: - description: Kafka MirrorMaker configuration values - properties: - consumer_fetch_min_bytes: - description: The minimum amount of data the server should - return for a fetch request - maximum: 5242880 - minimum: 1 - type: integer - producer_batch_size: - description: The batch size in bytes producer will attempt - to collect before publishing to broker. - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The amount of bytes producer can use for buffering - data before publishing to broker. - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: The linger time (ms) for waiting new data to - arrive for publishing. - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum request size in bytes. - maximum: 268435456 - minimum: 0 - type: integer - type: object - type: object - logs: - description: Logs configuration values - properties: - elasticsearch_index_days_max: - description: Elasticsearch index retention limit - maximum: 10000 - minimum: 1 - type: integer - elasticsearch_index_prefix: - description: Elasticsearch index prefix - maxLength: 1024 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - type: object - metrics: - description: Metrics configuration values - properties: - database: - description: Name of the database where to store metric datapoints. - Only affects PostgreSQL destinations. Defaults to 'metrics'. - Note that this must be the same for all metrics integrations - that write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ - type: string - retention_days: - description: Number of days to keep old metrics. Only affects - PostgreSQL destinations. Set to 0 for no automatic cleanup. - Defaults to 30 days. - maximum: 10000 - minimum: 0 - type: integer - ro_username: - description: Name of a user that can be used to read metrics. - This will be used for Grafana integration (if enabled) to prevent - Grafana users from making undesired changes. Only affects PostgreSQL - destinations. Defaults to 'metrics_reader'. Note that this must - be the same for all metrics integrations that write data to - the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - source_mysql: - description: Configuration options for metrics where source service - is MySQL - properties: - telegraf: - description: Configuration options for Telegraf MySQL input - plugin - properties: - gather_event_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS - type: boolean - gather_file_events_stats: - description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME - type: boolean - gather_index_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE - type: boolean - gather_info_schema_auto_inc: - description: Gather auto_increment columns and max values - from information schema - type: boolean - gather_innodb_metrics: - description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS - type: boolean - gather_perf_events_statements: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST - type: boolean - gather_process_list: - description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST - type: boolean - gather_slave_status: - description: Gather metrics from SHOW SLAVE STATUS command - output - type: boolean - gather_table_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE - type: boolean - gather_table_lock_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS - type: boolean - gather_table_schema: - description: Gather metrics from INFORMATION_SCHEMA.TABLES - type: boolean - perf_events_statements_digest_text_limit: - description: Truncates digest text from perf_events_statements - into this many characters - maximum: 2048 - minimum: 1 - type: integer - perf_events_statements_limit: - description: Limits metrics from perf_events_statements - maximum: 4000 - minimum: 1 - type: integer - perf_events_statements_time_limit: - description: Only include perf_events_statements whose - last seen is less than this many seconds - maximum: 2592000 - minimum: 1 - type: integer - type: object + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - username: - description: Name of the user used to write metrics. Only affects - PostgreSQL destinations. Defaults to 'metrics_writer'. Note - that this must be the same for all metrics integrations that - write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - type: object - project: - description: Project the integration belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceEndpointID: - description: Source endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceProjectName: - description: Source project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceServiceName: - description: Source service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - integrationType - - project - type: object - status: - description: ServiceIntegrationStatus defines the observed state of ServiceIntegration - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceIntegration state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Service integration ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Service integration ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_serviceusers.yaml b/config/crd/bases/aiven.io_serviceusers.yaml index e188b02d..b71e03fb 100644 --- a/config/crd/bases/aiven.io_serviceusers.yaml +++ b/config/crd/bases/aiven.io_serviceusers.yaml @@ -15,179 +15,191 @@ spec: singular: serviceuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceUser is the Schema for the serviceusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceUserSpec defines the desired state of ServiceUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - authentication: - description: Authentication details - enum: - - caching_sha2_password - - mysql_native_password - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, - `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, - `SERVICEUSER_ACCESS_KEY`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - required: - - project - - serviceName - type: object - status: - description: ServiceUserStatus defines the observed state of ServiceUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceUser is the Schema for the serviceusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceUserSpec defines the desired state of ServiceUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - type: - description: Type of the user account - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - project + - serviceName + type: object + status: + description: ServiceUserStatus defines the observed state of ServiceUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: + description: Type of the user account + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 46e7f1d6..6c73a4f1 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -5,599 +5,599 @@ metadata: creationTimestamp: null name: manager-role rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - cassandras - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - cassandras/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - cassandras/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - clickhouses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouses/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouses/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - clickhouseusers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouseusers/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouseusers/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - connectionpools - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - connectionpools/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - connectionpools/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - databases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - databases/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - grafanas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - grafanas/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - grafanas/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkaacls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaacls/status - verbs: - - create - - delete - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkaconnects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnects/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnects/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkas/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkas/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkaschemas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaschemas/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkatopics - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkatopics/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - mysqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - mysqls/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - mysqls/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - opensearches - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - opensearches/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - opensearches/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - postgresqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - postgresqls/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - postgresqls/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - projects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projects/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projects/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - projectvpcs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projectvpcs/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - redis - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - redis/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - redis/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - serviceintegrations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceintegrations/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - serviceusers - verbs: - - create - - delete - - get - - list - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceusers/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceusers/status - verbs: - - get - - update -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - list - - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - cassandras + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - cassandras/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - cassandras/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - clickhouses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouses/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - clickhouseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouseusers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouseusers/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - connectionpools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - connectionpools/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - connectionpools/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - databases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - databases/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - grafanas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - grafanas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - grafanas/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkaacls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaacls/status + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkaconnects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnects/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnects/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkas/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkaschemas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaschemas/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkatopics + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkatopics/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - mysqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - mysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - mysqls/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - opensearches + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - opensearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - opensearches/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - postgresqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - postgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - postgresqls/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - projects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projects/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projects/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - projectvpcs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projectvpcs/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - redis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - redis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - redis/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - serviceintegrations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceintegrations/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - serviceusers + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceusers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceusers/status + verbs: + - get + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - update diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index c6bf25f2..f1395456 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -5,386 +5,386 @@ metadata: creationTimestamp: null name: mutating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-cassandra - failurePolicy: Fail - name: mcassandra.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - cassandras - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-clickhouse - failurePolicy: Fail - name: mclickhouse.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouses - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-clickhouseuser - failurePolicy: Fail - name: mclickhouseuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouseusers - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-connectionpool - failurePolicy: Fail - name: mconnectionpool.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - connectionpools - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-database - failurePolicy: Fail - name: mdatabase.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - databases - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-grafana - failurePolicy: Fail - name: mgrafana.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - grafanas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafka - failurePolicy: Fail - name: mkafka.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaacl - failurePolicy: Fail - name: mkafkaacl.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaacls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaconnect - failurePolicy: Fail - name: mkafkaconnect.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaconnects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaconnector - failurePolicy: Fail - name: mkafkaconnector.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaconnectors - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaschema - failurePolicy: Fail - name: mkafkaschema.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaschemas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkatopic - failurePolicy: Fail - name: mkafkatopic.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkatopics - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-mysql - failurePolicy: Fail - name: mmysql.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - mysqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-opensearch - failurePolicy: Fail - name: mopensearch.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - opensearches - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-postgresql - failurePolicy: Fail - name: mpg.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - postgresqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-project - failurePolicy: Fail - name: mproject.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - projects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-redis - failurePolicy: Fail - name: mredis.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - redis - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-serviceintegration - failurePolicy: Fail - name: mserviceintegration.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceintegrations - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-serviceuser - failurePolicy: Fail - name: mserviceuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceusers - sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-cassandra + failurePolicy: Fail + name: mcassandra.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - cassandras + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: mclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouses + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: mclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-connectionpool + failurePolicy: Fail + name: mconnectionpool.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - connectionpools + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-database + failurePolicy: Fail + name: mdatabase.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - databases + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-grafana + failurePolicy: Fail + name: mgrafana.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - grafanas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafka + failurePolicy: Fail + name: mkafka.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaacl + failurePolicy: Fail + name: mkafkaacl.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaacls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaconnect + failurePolicy: Fail + name: mkafkaconnect.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaconnects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaconnector + failurePolicy: Fail + name: mkafkaconnector.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaconnectors + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaschema + failurePolicy: Fail + name: mkafkaschema.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaschemas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkatopic + failurePolicy: Fail + name: mkafkatopic.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkatopics + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-mysql + failurePolicy: Fail + name: mmysql.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - mysqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: mopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - opensearches + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-postgresql + failurePolicy: Fail + name: mpg.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - postgresqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-project + failurePolicy: Fail + name: mproject.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - projects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-redis + failurePolicy: Fail + name: mredis.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - redis + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-serviceintegration + failurePolicy: Fail + name: mserviceintegration.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceintegrations + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-serviceuser + failurePolicy: Fail + name: mserviceuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceusers + sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -392,397 +392,397 @@ metadata: creationTimestamp: null name: validating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-cassandra - failurePolicy: Fail - name: vcassandra.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - cassandras - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-clickhouse - failurePolicy: Fail - name: vclickhouse.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clickhouses - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-clickhouseuser - failurePolicy: Fail - name: vclickhouseuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouseusers - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-connectionpool - failurePolicy: Fail - name: vconnectionpool.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - connectionpools - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-database - failurePolicy: Fail - name: vdatabase.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - databases - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-grafana - failurePolicy: Fail - name: vgrafana.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - grafanas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafka - failurePolicy: Fail - name: vkafka.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaacl - failurePolicy: Fail - name: vkafkaacl.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaacls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaconnect - failurePolicy: Fail - name: vkafkaconnect.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkaconnects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaconnector - failurePolicy: Fail - name: vkafkaconnector.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkaconnectors - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaschema - failurePolicy: Fail - name: vkafkaschema.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaschemas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkatopic - failurePolicy: Fail - name: vkafkatopic.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkatopics - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-mysql - failurePolicy: Fail - name: vmysql.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - mysqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-opensearch - failurePolicy: Fail - name: vopensearch.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - opensearches - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-postgresql - failurePolicy: Fail - name: vpg.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - postgresqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-project - failurePolicy: Fail - name: vproject.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - projects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-redis - failurePolicy: Fail - name: vredis.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - redis - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-serviceintegration - failurePolicy: Fail - name: vserviceintegration.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceintegrations - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-serviceuser - failurePolicy: Fail - name: vserviceuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceusers - sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-cassandra + failurePolicy: Fail + name: vcassandra.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - cassandras + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: vclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clickhouses + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: vclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-connectionpool + failurePolicy: Fail + name: vconnectionpool.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - connectionpools + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-database + failurePolicy: Fail + name: vdatabase.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - databases + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-grafana + failurePolicy: Fail + name: vgrafana.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - grafanas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafka + failurePolicy: Fail + name: vkafka.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaacl + failurePolicy: Fail + name: vkafkaacl.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaacls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaconnect + failurePolicy: Fail + name: vkafkaconnect.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkaconnects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaconnector + failurePolicy: Fail + name: vkafkaconnector.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkaconnectors + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaschema + failurePolicy: Fail + name: vkafkaschema.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaschemas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkatopic + failurePolicy: Fail + name: vkafkatopic.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkatopics + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-mysql + failurePolicy: Fail + name: vmysql.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - mysqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: vopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - opensearches + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-postgresql + failurePolicy: Fail + name: vpg.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - postgresqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-project + failurePolicy: Fail + name: vproject.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - projects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-redis + failurePolicy: Fail + name: vredis.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - redis + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-serviceintegration + failurePolicy: Fail + name: vserviceintegration.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceintegrations + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-serviceuser + failurePolicy: Fail + name: vserviceuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceusers + sideEffects: None diff --git a/docs/docs/api-reference/cassandra.md b/docs/docs/api-reference/cassandra.md index b200d4ce..f38393ef 100644 --- a/docs/docs/api-reference/cassandra.md +++ b/docs/docs/api-reference/cassandra.md @@ -84,8 +84,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -111,11 +111,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -125,8 +125,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -196,4 +196,3 @@ Allow access to selected service ports from the public Internet. **Required** - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/clickhouse.md b/docs/docs/api-reference/clickhouse.md index f95407db..87834973 100644 --- a/docs/docs/api-reference/clickhouse.md +++ b/docs/docs/api-reference/clickhouse.md @@ -75,8 +75,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -102,11 +102,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -116,8 +116,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -189,4 +189,3 @@ Allow access to selected service ports from the public Internet. - [`clickhouse_https`](#spec.userConfig.public_access.clickhouse_https-property){: name='spec.userConfig.public_access.clickhouse_https-property'} (boolean). Allow clients to connect to clickhouse_https from the public internet for service nodes that are in a project VPC or another type of private network. - [`clickhouse_mysql`](#spec.userConfig.public_access.clickhouse_mysql-property){: name='spec.userConfig.public_access.clickhouse_mysql-property'} (boolean). Allow clients to connect to clickhouse_mysql from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/clickhouseuser.md b/docs/docs/api-reference/clickhouseuser.md index ad2da11e..e30e1180 100644 --- a/docs/docs/api-reference/clickhouseuser.md +++ b/docs/docs/api-reference/clickhouseuser.md @@ -61,8 +61,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -79,4 +79,3 @@ Information regarding secret creation. Exposed keys: `CLICKHOUSEUSER_HOST`, `CLI - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - diff --git a/docs/docs/api-reference/connectionpool.md b/docs/docs/api-reference/connectionpool.md index 53e500e1..9905d6d7 100644 --- a/docs/docs/api-reference/connectionpool.md +++ b/docs/docs/api-reference/connectionpool.md @@ -69,8 +69,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -87,4 +87,3 @@ Information regarding secret creation. Exposed keys: `CONNECTIONPOOL_NAME`, `CON - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - diff --git a/docs/docs/api-reference/database.md b/docs/docs/api-reference/database.md index 61ce1948..c36af121 100644 --- a/docs/docs/api-reference/database.md +++ b/docs/docs/api-reference/database.md @@ -58,6 +58,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/grafana.md b/docs/docs/api-reference/grafana.md index 29cd7f3c..1dc1c816 100644 --- a/docs/docs/api-reference/grafana.md +++ b/docs/docs/api-reference/grafana.md @@ -83,8 +83,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -110,11 +110,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -124,8 +124,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -166,7 +166,7 @@ Cassandra specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`service_log`](#spec.userConfig.service_log-property){: name='spec.userConfig.service_log-property'} (boolean). Store logs for the service so that they are available in the HTTP API and console. - [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. - [`smtp_server`](#spec.userConfig.smtp_server-property){: name='spec.userConfig.smtp_server-property'} (object). SMTP server settings. See below for [nested schema](#spec.userConfig.smtp_server). @@ -215,7 +215,7 @@ Generic OAuth integration. - [`allowed_domains`](#spec.userConfig.auth_generic_oauth.allowed_domains-property){: name='spec.userConfig.auth_generic_oauth.allowed_domains-property'} (array of strings, MaxItems: 50). Allowed domains. - [`allowed_organizations`](#spec.userConfig.auth_generic_oauth.allowed_organizations-property){: name='spec.userConfig.auth_generic_oauth.allowed_organizations-property'} (array of strings, MaxItems: 50). Require user to be member of one of the listed organizations. - [`auto_login`](#spec.userConfig.auth_generic_oauth.auto_login-property){: name='spec.userConfig.auth_generic_oauth.auto_login-property'} (boolean). Allow users to bypass the login screen and automatically log in. -- [`name`](#spec.userConfig.auth_generic_oauth.name-property){: name='spec.userConfig.auth_generic_oauth.name-property'} (string, Pattern: `^[a-zA-Z0-9_\- ]+$`, MaxLength: 128). Name of the OAuth integration. +- [`name`](#spec.userConfig.auth_generic_oauth.name-property){: name='spec.userConfig.auth*generic_oauth.name-property'} (string, Pattern: `^[a-zA-Z0-9*\- ]+$`, MaxLength: 128). Name of the OAuth integration. - [`scopes`](#spec.userConfig.auth_generic_oauth.scopes-property){: name='spec.userConfig.auth_generic_oauth.scopes-property'} (array of strings, MaxItems: 50). OAuth scopes. ### auth_github {: #spec.userConfig.auth_github } @@ -363,4 +363,3 @@ SMTP server settings. - [`skip_verify`](#spec.userConfig.smtp_server.skip_verify-property){: name='spec.userConfig.smtp_server.skip_verify-property'} (boolean). Skip verifying server certificate. Defaults to false. - [`starttls_policy`](#spec.userConfig.smtp_server.starttls_policy-property){: name='spec.userConfig.smtp_server.starttls_policy-property'} (string, Enum: `OpportunisticStartTLS`, `MandatoryStartTLS`, `NoStartTLS`). Either OpportunisticStartTLS, MandatoryStartTLS or NoStartTLS. Default is OpportunisticStartTLS. - [`username`](#spec.userConfig.smtp_server.username-property){: name='spec.userConfig.smtp_server.username-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 255). Username for SMTP authentication. - diff --git a/docs/docs/api-reference/kafka.md b/docs/docs/api-reference/kafka.md index 60eb266d..a1038224 100644 --- a/docs/docs/api-reference/kafka.md +++ b/docs/docs/api-reference/kafka.md @@ -76,8 +76,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -103,11 +103,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -117,8 +117,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -251,7 +251,7 @@ Kafka Connect configuration values. - [`producer_compression_type`](#spec.userConfig.kafka_connect_config.producer_compression_type-property){: name='spec.userConfig.kafka_connect_config.producer_compression_type-property'} (string, Enum: `gzip`, `snappy`, `lz4`, `zstd`, `none`). Specify the default compression type for producers. This configuration accepts the standard compression codecs (`gzip`, `snappy`, `lz4`, `zstd`). It additionally accepts `none` which is the default and equivalent to no compression. - [`producer_linger_ms`](#spec.userConfig.kafka_connect_config.producer_linger_ms-property){: name='spec.userConfig.kafka_connect_config.producer_linger_ms-property'} (integer, Minimum: 0, Maximum: 5000). This setting gives the upper bound on the delay for batching: once there is batch.size worth of records for a partition it will be sent immediately regardless of this setting, however if there are fewer than this many bytes accumulated for this partition the producer will `linger` for the specified time waiting for more records to show up. Defaults to 0. - [`producer_max_request_size`](#spec.userConfig.kafka_connect_config.producer_max_request_size-property){: name='spec.userConfig.kafka_connect_config.producer_max_request_size-property'} (integer, Minimum: 131072, Maximum: 67108864). This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests. -- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. +- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. - [`session_timeout_ms`](#spec.userConfig.kafka_connect_config.session_timeout_ms-property){: name='spec.userConfig.kafka_connect_config.session_timeout_ms-property'} (integer, Minimum: 1, Maximum: 2147483647). The timeout in milliseconds used to detect failures when using Kafka’s group management facilities (defaults to 10000). ### kafka_rest_config {: #spec.userConfig.kafka_rest_config } @@ -346,4 +346,3 @@ Deprecated. Local cache configuration. **Required** - [`size`](#spec.userConfig.tiered_storage.local_cache.size-property){: name='spec.userConfig.tiered_storage.local_cache.size-property'} (integer, Minimum: 1, Maximum: 107374182400). Deprecated. Local cache size in bytes. - diff --git a/docs/docs/api-reference/kafkaacl.md b/docs/docs/api-reference/kafkaacl.md index 16e382d3..ef683f58 100644 --- a/docs/docs/api-reference/kafkaacl.md +++ b/docs/docs/api-reference/kafkaacl.md @@ -58,6 +58,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/kafkaconnect.md b/docs/docs/api-reference/kafkaconnect.md index 9670e11b..d045e98b 100644 --- a/docs/docs/api-reference/kafkaconnect.md +++ b/docs/docs/api-reference/kafkaconnect.md @@ -68,8 +68,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## projectVPCRef {: #spec.projectVPCRef } @@ -79,11 +79,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -93,8 +93,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -149,7 +149,7 @@ Kafka Connect configuration values. - [`producer_compression_type`](#spec.userConfig.kafka_connect.producer_compression_type-property){: name='spec.userConfig.kafka_connect.producer_compression_type-property'} (string, Enum: `gzip`, `snappy`, `lz4`, `zstd`, `none`). Specify the default compression type for producers. This configuration accepts the standard compression codecs (`gzip`, `snappy`, `lz4`, `zstd`). It additionally accepts `none` which is the default and equivalent to no compression. - [`producer_linger_ms`](#spec.userConfig.kafka_connect.producer_linger_ms-property){: name='spec.userConfig.kafka_connect.producer_linger_ms-property'} (integer, Minimum: 0, Maximum: 5000). This setting gives the upper bound on the delay for batching: once there is batch.size worth of records for a partition it will be sent immediately regardless of this setting, however if there are fewer than this many bytes accumulated for this partition the producer will `linger` for the specified time waiting for more records to show up. Defaults to 0. - [`producer_max_request_size`](#spec.userConfig.kafka_connect.producer_max_request_size-property){: name='spec.userConfig.kafka_connect.producer_max_request_size-property'} (integer, Minimum: 131072, Maximum: 67108864). This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests. -- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. +- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. - [`session_timeout_ms`](#spec.userConfig.kafka_connect.session_timeout_ms-property){: name='spec.userConfig.kafka_connect.session_timeout_ms-property'} (integer, Minimum: 1, Maximum: 2147483647). The timeout in milliseconds used to detect failures when using Kafka’s group management facilities (defaults to 10000). ### private_access {: #spec.userConfig.private_access } @@ -185,4 +185,3 @@ Allow access to selected service ports from the public Internet. - [`kafka_connect`](#spec.userConfig.public_access.kafka_connect-property){: name='spec.userConfig.public_access.kafka_connect-property'} (boolean). Allow clients to connect to kafka_connect from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/kafkaconnector.md b/docs/docs/api-reference/kafkaconnector.md index 06b06a16..ab09f3cc 100644 --- a/docs/docs/api-reference/kafkaconnector.md +++ b/docs/docs/api-reference/kafkaconnector.md @@ -38,6 +38,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/kafkaschema.md b/docs/docs/api-reference/kafkaschema.md index 56932154..b705e329 100644 --- a/docs/docs/api-reference/kafkaschema.md +++ b/docs/docs/api-reference/kafkaschema.md @@ -71,6 +71,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/kafkatopic.md b/docs/docs/api-reference/kafkatopic.md index c52ad7e4..55a26e41 100644 --- a/docs/docs/api-reference/kafkatopic.md +++ b/docs/docs/api-reference/kafkatopic.md @@ -65,8 +65,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## config {: #spec.config } @@ -108,9 +108,8 @@ Kafka topic tags. **Required** -- [`key`](#spec.tags.key-property){: name='spec.tags.key-property'} (string, MinLength: 1, MaxLength: 64, Format: `^[a-zA-Z0-9_-]*$`). +- [`key`](#spec.tags.key-property){: name='spec.tags.key-property'} (string, MinLength: 1, MaxLength: 64, Format: `^[a-zA-Z0-9_-]*$`). **Optional** -- [`value`](#spec.tags.value-property){: name='spec.tags.value-property'} (string, MaxLength: 256, Format: `^[a-zA-Z0-9_-]*$`). - +- [`value`](#spec.tags.value-property){: name='spec.tags.value-property'} (string, MaxLength: 256, Format: `^[a-zA-Z0-9_-]*$`). diff --git a/docs/docs/api-reference/mysql.md b/docs/docs/api-reference/mysql.md index 27afc1bd..b7f7d431 100644 --- a/docs/docs/api-reference/mysql.md +++ b/docs/docs/api-reference/mysql.md @@ -83,8 +83,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -110,11 +110,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -124,8 +124,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -136,7 +136,7 @@ MySQL specific user configuration options. **Optional** - [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. -- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin_password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-_]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. +- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin*password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-*]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. - [`admin_username`](#spec.userConfig.admin_username-property){: name='spec.userConfig.admin_username-property'} (string, Immutable, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Custom username for admin user. This must be set only when a new service is being created. - [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. - [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. @@ -201,7 +201,7 @@ mysql.conf configuration values. - [`group_concat_max_len`](#spec.userConfig.mysql.group_concat_max_len-property){: name='spec.userConfig.mysql.group_concat_max_len-property'} (integer, Minimum: 4). The maximum permitted result length in bytes for the GROUP_CONCAT() function. - [`information_schema_stats_expiry`](#spec.userConfig.mysql.information_schema_stats_expiry-property){: name='spec.userConfig.mysql.information_schema_stats_expiry-property'} (integer, Minimum: 900, Maximum: 31536000). The time, in seconds, before cached statistics expire. - [`innodb_change_buffer_max_size`](#spec.userConfig.mysql.innodb_change_buffer_max_size-property){: name='spec.userConfig.mysql.innodb_change_buffer_max_size-property'} (integer, Minimum: 0, Maximum: 50). Maximum size for the InnoDB change buffer, as a percentage of the total size of the buffer pool. Default is 25. -- [`innodb_flush_neighbors`](#spec.userConfig.mysql.innodb_flush_neighbors-property){: name='spec.userConfig.mysql.innodb_flush_neighbors-property'} (integer, Minimum: 0, Maximum: 2). Specifies whether flushing a page from the InnoDB buffer pool also flushes other dirty pages in the same extent (default is 1): 0 - dirty pages in the same extent are not flushed, 1 - flush contiguous dirty pages in the same extent, 2 - flush dirty pages in the same extent. +- [`innodb_flush_neighbors`](#spec.userConfig.mysql.innodb_flush_neighbors-property){: name='spec.userConfig.mysql.innodb_flush_neighbors-property'} (integer, Minimum: 0, Maximum: 2). Specifies whether flushing a page from the InnoDB buffer pool also flushes other dirty pages in the same extent (default is 1): 0 - dirty pages in the same extent are not flushed, 1 - flush contiguous dirty pages in the same extent, 2 - flush dirty pages in the same extent. - [`innodb_ft_min_token_size`](#spec.userConfig.mysql.innodb_ft_min_token_size-property){: name='spec.userConfig.mysql.innodb_ft_min_token_size-property'} (integer, Minimum: 0, Maximum: 16). Minimum length of words that are stored in an InnoDB FULLTEXT index. Changing this parameter will lead to a restart of the MySQL service. - [`innodb_ft_server_stopword_table`](#spec.userConfig.mysql.innodb_ft_server_stopword_table-property){: name='spec.userConfig.mysql.innodb_ft_server_stopword_table-property'} (string, Pattern: `^.+/.+$`, MaxLength: 1024). This option is used to specify your own InnoDB FULLTEXT index stopword list for all InnoDB tables. - [`innodb_lock_wait_timeout`](#spec.userConfig.mysql.innodb_lock_wait_timeout-property){: name='spec.userConfig.mysql.innodb_lock_wait_timeout-property'} (integer, Minimum: 1, Maximum: 3600). The length of time in seconds an InnoDB transaction waits for a row lock before giving up. Default is 120. @@ -222,7 +222,7 @@ mysql.conf configuration values. - [`net_write_timeout`](#spec.userConfig.mysql.net_write_timeout-property){: name='spec.userConfig.mysql.net_write_timeout-property'} (integer, Minimum: 1, Maximum: 3600). The number of seconds to wait for a block to be written to a connection before aborting the write. - [`slow_query_log`](#spec.userConfig.mysql.slow_query_log-property){: name='spec.userConfig.mysql.slow_query_log-property'} (boolean). Slow query log enables capturing of slow queries. Setting slow_query_log to false also truncates the mysql.slow_log table. Default is off. - [`sort_buffer_size`](#spec.userConfig.mysql.sort_buffer_size-property){: name='spec.userConfig.mysql.sort_buffer_size-property'} (integer, Minimum: 32768, Maximum: 1073741824). Sort buffer size in bytes for ORDER BY optimization. Default is 262144 (256K). -- [`sql_mode`](#spec.userConfig.mysql.sql_mode-property){: name='spec.userConfig.mysql.sql_mode-property'} (string, Pattern: `^[A-Z_]*(,[A-Z_]+)*$`, MaxLength: 1024). Global SQL mode. Set to empty to use MySQL server defaults. When creating a new service and not setting this field Aiven default SQL mode (strict, SQL standard compliant) will be assigned. +- [`sql_mode`](#spec.userConfig.mysql.sql_mode-property){: name='spec.userConfig.mysql.sql*mode-property'} (string, Pattern: `^[A-Z*]_(,[A-Z_]+)\_$`, MaxLength: 1024). Global SQL mode. Set to empty to use MySQL server defaults. When creating a new service and not setting this field Aiven default SQL mode (strict, SQL standard compliant) will be assigned. - [`sql_require_primary_key`](#spec.userConfig.mysql.sql_require_primary_key-property){: name='spec.userConfig.mysql.sql_require_primary_key-property'} (boolean). Require primary key to be defined for new tables or old tables modified with ALTER TABLE and fail if missing. It is recommended to always have primary keys because various functionality may break if any large table is missing them. - [`tmp_table_size`](#spec.userConfig.mysql.tmp_table_size-property){: name='spec.userConfig.mysql.tmp_table_size-property'} (integer, Minimum: 1048576, Maximum: 1073741824). Limits the size of internal in-memory tables. Also set max_heap_table_size. Default is 16777216 (16M). - [`wait_timeout`](#spec.userConfig.mysql.wait_timeout-property){: name='spec.userConfig.mysql.wait_timeout-property'} (integer, Minimum: 1, Maximum: 2147483). The number of seconds the server waits for activity on a noninteractive connection before closing it. @@ -262,4 +262,3 @@ Allow access to selected service ports from the public Internet. - [`mysql`](#spec.userConfig.public_access.mysql-property){: name='spec.userConfig.public_access.mysql-property'} (boolean). Allow clients to connect to mysql from the public internet for service nodes that are in a project VPC or another type of private network. - [`mysqlx`](#spec.userConfig.public_access.mysqlx-property){: name='spec.userConfig.public_access.mysqlx-property'} (boolean). Allow clients to connect to mysqlx from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/opensearch.md b/docs/docs/api-reference/opensearch.md index db5c6ee4..c80cf540 100644 --- a/docs/docs/api-reference/opensearch.md +++ b/docs/docs/api-reference/opensearch.md @@ -76,8 +76,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -103,11 +103,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -117,8 +117,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -144,7 +144,7 @@ OpenSearch specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`saml`](#spec.userConfig.saml-property){: name='spec.userConfig.saml-property'} (object). OpenSearch SAML configuration. See below for [nested schema](#spec.userConfig.saml). - [`service_log`](#spec.userConfig.service_log-property){: name='spec.userConfig.service_log-property'} (boolean). Store logs for the service so that they are available in the HTTP API and console. - [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. @@ -159,7 +159,7 @@ Index patterns. **Required** - [`max_index_count`](#spec.userConfig.index_patterns.max_index_count-property){: name='spec.userConfig.index_patterns.max_index_count-property'} (integer, Minimum: 0). Maximum number of indexes to keep. -- [`pattern`](#spec.userConfig.index_patterns.pattern-property){: name='spec.userConfig.index_patterns.pattern-property'} (string, Pattern: `^[A-Za-z0-9-_.*?]+$`, MaxLength: 1024). fnmatch pattern. +- [`pattern`](#spec.userConfig.index_patterns.pattern-property){: name='spec.userConfig.index*patterns.pattern-property'} (string, Pattern: `^[A-Za-z0-9-*.\*?]+$`, MaxLength: 1024). fnmatch pattern. **Optional** @@ -228,7 +228,7 @@ OpenSearch settings. - [`auth_failure_listeners`](#spec.userConfig.opensearch.auth_failure_listeners-property){: name='spec.userConfig.opensearch.auth_failure_listeners-property'} (object). Opensearch Security Plugin Settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners). - [`cluster_max_shards_per_node`](#spec.userConfig.opensearch.cluster_max_shards_per_node-property){: name='spec.userConfig.opensearch.cluster_max_shards_per_node-property'} (integer, Minimum: 100, Maximum: 10000). Controls the number of shards allowed in the cluster per data node. - [`cluster_routing_allocation_node_concurrent_recoveries`](#spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property){: name='spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property'} (integer, Minimum: 2, Maximum: 16). How many concurrent incoming/outgoing shard recoveries (normally replicas) are allowed to happen on a node. Defaults to 2. -- [`email_sender_name`](#spec.userConfig.opensearch.email_sender_name-property){: name='spec.userConfig.opensearch.email_sender_name-property'} (string, Pattern: `^[a-zA-Z0-9-_]+$`, MaxLength: 40). Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. +- [`email_sender_name`](#spec.userConfig.opensearch.email_sender_name-property){: name='spec.userConfig.opensearch.email*sender_name-property'} (string, Pattern: `^[a-zA-Z0-9-*]+$`, MaxLength: 40). Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. - [`email_sender_password`](#spec.userConfig.opensearch.email_sender_password-property){: name='spec.userConfig.opensearch.email_sender_password-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 1024). Sender password for Opensearch alerts to authenticate with SMTP server. - [`email_sender_username`](#spec.userConfig.opensearch.email_sender_username-property){: name='spec.userConfig.opensearch.email_sender_username-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 320). Sender username for Opensearch alerts. - [`enable_security_audit`](#spec.userConfig.opensearch.enable_security_audit-property){: name='spec.userConfig.opensearch.enable_security_audit-property'} (boolean). Enable/Disable security audit. @@ -273,7 +273,7 @@ Opensearch Security Plugin Settings. **Optional** -- [`internal_authentication_backend_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property'} (object). See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting). +- [`internal_authentication_backend_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property'} (object). See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting). - [`ip_rate_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property'} (object). IP address rate limiting settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting). ##### internal_authentication_backend_limiting {: #spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting } @@ -371,4 +371,3 @@ OpenSearch SAML configuration. - [`idp_pemtrustedcas_content`](#spec.userConfig.saml.idp_pemtrustedcas_content-property){: name='spec.userConfig.saml.idp_pemtrustedcas_content-property'} (string, MaxLength: 16384). This parameter specifies the PEM-encoded root certificate authority (CA) content for the SAML identity provider (IdP) server verification. The root CA content is used to verify the SSL/TLS certificate presented by the server. - [`roles_key`](#spec.userConfig.saml.roles_key-property){: name='spec.userConfig.saml.roles_key-property'} (string, MinLength: 1, MaxLength: 256). Optional. Specifies the attribute in the SAML response where role information is stored, if available. Role attributes are not required for SAML authentication, but can be included in SAML assertions by most Identity Providers (IdPs) to determine user access levels or permissions. - [`subject_key`](#spec.userConfig.saml.subject_key-property){: name='spec.userConfig.saml.subject_key-property'} (string, MinLength: 1, MaxLength: 256). Optional. Specifies the attribute in the SAML response where the subject identifier is stored. If not configured, the NameID attribute is used by default. - diff --git a/docs/docs/api-reference/postgresql.md b/docs/docs/api-reference/postgresql.md index 3ee32409..0f0578eb 100644 --- a/docs/docs/api-reference/postgresql.md +++ b/docs/docs/api-reference/postgresql.md @@ -78,8 +78,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -105,11 +105,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -119,8 +119,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -131,7 +131,7 @@ PostgreSQL specific user configuration options. **Optional** - [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. -- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin_password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-_]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. +- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin*password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-*]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. - [`admin_username`](#spec.userConfig.admin_username-property){: name='spec.userConfig.admin_username-property'} (string, Immutable, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Custom username for admin user. This must be set only when a new service is being created. - [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. - [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. @@ -203,7 +203,7 @@ postgresql.conf configuration values. **Optional** - [`autovacuum_analyze_scale_factor`](#spec.userConfig.pg.autovacuum_analyze_scale_factor-property){: name='spec.userConfig.pg.autovacuum_analyze_scale_factor-property'} (number, Minimum: 0, Maximum: 1). Specifies a fraction of the table size to add to autovacuum_analyze_threshold when deciding whether to trigger an ANALYZE. The default is 0.2 (20% of table size). -- [`autovacuum_analyze_threshold`](#spec.userConfig.pg.autovacuum_analyze_threshold-property){: name='spec.userConfig.pg.autovacuum_analyze_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. +- [`autovacuum_analyze_threshold`](#spec.userConfig.pg.autovacuum_analyze_threshold-property){: name='spec.userConfig.pg.autovacuum_analyze_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. - [`autovacuum_freeze_max_age`](#spec.userConfig.pg.autovacuum_freeze_max_age-property){: name='spec.userConfig.pg.autovacuum_freeze_max_age-property'} (integer, Minimum: 200000000, Maximum: 1500000000). Specifies the maximum age (in transactions) that a table's pg_class.relfrozenxid field can attain before a VACUUM operation is forced to prevent transaction ID wraparound within the table. Note that the system will launch autovacuum processes to prevent wraparound even when autovacuum is otherwise disabled. This parameter will cause the server to be restarted. - [`autovacuum_max_workers`](#spec.userConfig.pg.autovacuum_max_workers-property){: name='spec.userConfig.pg.autovacuum_max_workers-property'} (integer, Minimum: 1, Maximum: 20). Specifies the maximum number of autovacuum processes (other than the autovacuum launcher) that may be running at any one time. The default is three. This parameter can only be set at server start. - [`autovacuum_naptime`](#spec.userConfig.pg.autovacuum_naptime-property){: name='spec.userConfig.pg.autovacuum_naptime-property'} (integer, Minimum: 1, Maximum: 86400). Specifies the minimum delay between autovacuum runs on any given database. The delay is measured in seconds, and the default is one minute. @@ -339,4 +339,3 @@ System-wide settings for the timescaledb extension. **Required** - [`max_background_workers`](#spec.userConfig.timescaledb.max_background_workers-property){: name='spec.userConfig.timescaledb.max_background_workers-property'} (integer, Minimum: 1, Maximum: 4096). The number of background workers for timescaledb operations. You should configure this setting to the sum of your number of databases and the total number of concurrent background workers you want running at any given point in time. - diff --git a/docs/docs/api-reference/project.md b/docs/docs/api-reference/project.md index 05867a8b..cfc6e9f6 100644 --- a/docs/docs/api-reference/project.md +++ b/docs/docs/api-reference/project.md @@ -71,8 +71,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -89,4 +89,3 @@ Information regarding secret creation. Exposed keys: `PROJECT_CA_CERT`. - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - diff --git a/docs/docs/api-reference/projectvpc.md b/docs/docs/api-reference/projectvpc.md index 7f36973b..1e9413ba 100644 --- a/docs/docs/api-reference/projectvpc.md +++ b/docs/docs/api-reference/projectvpc.md @@ -54,6 +54,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/redis.md b/docs/docs/api-reference/redis.md index 09932dc1..5692f9b6 100644 --- a/docs/docs/api-reference/redis.md +++ b/docs/docs/api-reference/redis.md @@ -78,8 +78,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -105,11 +105,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -119,8 +119,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -137,7 +137,7 @@ Redis specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`redis_acl_channels_default`](#spec.userConfig.redis_acl_channels_default-property){: name='spec.userConfig.redis_acl_channels_default-property'} (string, Enum: `allchannels`, `resetchannels`). Determines default pub/sub channels' ACL for new users if ACL is not supplied. When this option is not defined, all_channels is assumed to keep backward compatibility. This option doesn't affect Redis configuration acl-pubsub-default. - [`redis_io_threads`](#spec.userConfig.redis_io_threads-property){: name='spec.userConfig.redis_io_threads-property'} (integer, Minimum: 1, Maximum: 32). Set Redis IO thread count. Changing this will cause a restart of the Redis service. - [`redis_lfu_decay_time`](#spec.userConfig.redis_lfu_decay_time-property){: name='spec.userConfig.redis_lfu_decay_time-property'} (integer, Minimum: 1, Maximum: 120). LFU maxmemory-policy counter decay time in minutes. @@ -219,4 +219,3 @@ Allow access to selected service ports from the public Internet. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - [`redis`](#spec.userConfig.public_access.redis-property){: name='spec.userConfig.public_access.redis-property'} (boolean). Allow clients to connect to redis from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/serviceintegration.md b/docs/docs/api-reference/serviceintegration.md index 64875bd6..307052fe 100644 --- a/docs/docs/api-reference/serviceintegration.md +++ b/docs/docs/api-reference/serviceintegration.md @@ -73,8 +73,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## clickhouseKafka {: #spec.clickhouseKafka } @@ -286,7 +286,7 @@ Kafka MirrorMaker configuration values. **Optional** -- [`cluster_alias`](#spec.kafkaMirrormaker.cluster_alias-property){: name='spec.kafkaMirrormaker.cluster_alias-property'} (string, Pattern: `^[a-zA-Z0-9_.-]+$`, MaxLength: 128). The alias under which the Kafka cluster is known to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, `.`, `_`, and `-`. +- [`cluster_alias`](#spec.kafkaMirrormaker.cluster_alias-property){: name='spec.kafkaMirrormaker.cluster*alias-property'} (string, Pattern: `^[a-zA-Z0-9*.-]+$`, MaxLength: 128). The alias under which the Kafka cluster is known to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, `.`, `\_`, and `-`. - [`kafka_mirrormaker`](#spec.kafkaMirrormaker.kafka_mirrormaker-property){: name='spec.kafkaMirrormaker.kafka_mirrormaker-property'} (object). Kafka MirrorMaker configuration values. See below for [nested schema](#spec.kafkaMirrormaker.kafka_mirrormaker). ### kafka_mirrormaker {: #spec.kafkaMirrormaker.kafka_mirrormaker } @@ -362,4 +362,3 @@ Configuration options for Telegraf MySQL input plugin. - [`perf_events_statements_digest_text_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_digest_text_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_digest_text_limit-property'} (integer, Minimum: 1, Maximum: 2048). Truncates digest text from perf_events_statements into this many characters. - [`perf_events_statements_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_limit-property'} (integer, Minimum: 1, Maximum: 4000). Limits metrics from perf_events_statements. - [`perf_events_statements_time_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_time_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_time_limit-property'} (integer, Minimum: 1, Maximum: 2592000). Only include perf_events_statements whose last seen is less than this many seconds. - diff --git a/docs/docs/api-reference/serviceuser.md b/docs/docs/api-reference/serviceuser.md index 1bb2e8aa..53d3409f 100644 --- a/docs/docs/api-reference/serviceuser.md +++ b/docs/docs/api-reference/serviceuser.md @@ -62,8 +62,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -80,4 +80,3 @@ Information regarding secret creation. Exposed keys: `SERVICEUSER_HOST`, `SERVIC - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. -