From 5654ac4e3d49019650b7e6f0c35adb5661edd84f Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Sun, 7 Sep 2025 05:14:23 -0500 Subject: [PATCH 01/12] Initial support for FoundationDB operator Signed-off-by: Isaiah Olson --- hack/e2e-apps/foundationdb.bats | 80 + packages/apps/foundationdb/.helmignore | 1 + packages/apps/foundationdb/Chart.yaml | 25 + packages/apps/foundationdb/Makefile | 4 + packages/apps/foundationdb/README.md | 136 + packages/apps/foundationdb/charts/cozy-lib | 1 + .../apps/foundationdb/logos/foundationdb.svg | 106 + .../foundationdb/templates/_resources.tpl | 33 + .../apps/foundationdb/templates/backup.yaml | 65 + .../apps/foundationdb/templates/cluster.yaml | 86 + .../templates/dashboard-resourcemap.yaml | 22 + .../templates/workloadmonitor.yaml | 20 + packages/apps/foundationdb/values.schema.json | 203 + packages/apps/foundationdb/values.yaml | 73 + packages/apps/versions_map | 1 + .../system/foundationdb-operator/.helmignore | 1 + .../system/foundationdb-operator/Chart.yaml | 3 + .../system/foundationdb-operator/Makefile | 19 + .../charts/fdb-operator/Chart.yaml | 23 + ....foundationdb.org_foundationdbbackups.yaml | 3899 ++++++++++++++ ...foundationdb.org_foundationdbclusters.yaml | 4784 +++++++++++++++++ ...foundationdb.org_foundationdbrestores.yaml | 100 + .../charts/fdb-operator/templates/NOTES.txt | 6 + .../fdb-operator/templates/_helpers.tpl | 60 + .../templates/manager/deployment.yaml | 117 + .../templates/rbac/rbac_role.yaml | 131 + .../templates/rbac/rbac_role_binding.yaml | 44 + .../templates/rbac/serviceaccount.yaml | 17 + .../charts/fdb-operator/values.yaml | 70 + .../system/foundationdb-operator/values.yaml | 4 + 30 files changed, 10134 insertions(+) create mode 100644 hack/e2e-apps/foundationdb.bats create mode 100644 packages/apps/foundationdb/.helmignore create mode 100644 packages/apps/foundationdb/Chart.yaml create mode 100644 packages/apps/foundationdb/Makefile create mode 100644 packages/apps/foundationdb/README.md create mode 120000 packages/apps/foundationdb/charts/cozy-lib create mode 100644 packages/apps/foundationdb/logos/foundationdb.svg create mode 100644 packages/apps/foundationdb/templates/_resources.tpl create mode 100644 packages/apps/foundationdb/templates/backup.yaml create mode 100644 packages/apps/foundationdb/templates/cluster.yaml create mode 100644 packages/apps/foundationdb/templates/dashboard-resourcemap.yaml create mode 100644 packages/apps/foundationdb/templates/workloadmonitor.yaml create mode 100644 packages/apps/foundationdb/values.schema.json create mode 100644 packages/apps/foundationdb/values.yaml create mode 100644 packages/system/foundationdb-operator/.helmignore create mode 100644 packages/system/foundationdb-operator/Chart.yaml create mode 100644 packages/system/foundationdb-operator/Makefile create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/Chart.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbbackups.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbclusters.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbrestores.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/templates/NOTES.txt create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/templates/_helpers.tpl create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/templates/manager/deployment.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role_binding.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/serviceaccount.yaml create mode 100644 packages/system/foundationdb-operator/charts/fdb-operator/values.yaml create mode 100644 packages/system/foundationdb-operator/values.yaml diff --git a/hack/e2e-apps/foundationdb.bats b/hack/e2e-apps/foundationdb.bats new file mode 100644 index 00000000..e9e43cad --- /dev/null +++ b/hack/e2e-apps/foundationdb.bats @@ -0,0 +1,80 @@ +#!/usr/bin/env bats + +@test "Create DB FoundationDB" { + name='test' + kubectl apply -f - </dev/null; do sleep 5; done" +} \ No newline at end of file diff --git a/packages/apps/foundationdb/.helmignore b/packages/apps/foundationdb/.helmignore new file mode 100644 index 00000000..33ceb8f0 --- /dev/null +++ b/packages/apps/foundationdb/.helmignore @@ -0,0 +1 @@ +Makefile \ No newline at end of file diff --git a/packages/apps/foundationdb/Chart.yaml b/packages/apps/foundationdb/Chart.yaml new file mode 100644 index 00000000..d0463fdf --- /dev/null +++ b/packages/apps/foundationdb/Chart.yaml @@ -0,0 +1,25 @@ +apiVersion: v2 +name: foundationdb +description: Managed FoundationDB service +icon: /logos/foundationdb.svg + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "7.4.1" \ No newline at end of file diff --git a/packages/apps/foundationdb/Makefile b/packages/apps/foundationdb/Makefile new file mode 100644 index 00000000..b885e4b1 --- /dev/null +++ b/packages/apps/foundationdb/Makefile @@ -0,0 +1,4 @@ +include ../../../scripts/package.mk + +generate: + cozyvalues-gen -v values.yaml -s values.schema.json -r README.md \ No newline at end of file diff --git a/packages/apps/foundationdb/README.md b/packages/apps/foundationdb/README.md new file mode 100644 index 00000000..b5245013 --- /dev/null +++ b/packages/apps/foundationdb/README.md @@ -0,0 +1,136 @@ +# FoundationDB + +A managed FoundationDB service for Cozystack. + +## Overview + +FoundationDB is a distributed database designed to handle large volumes of structured data across clusters of commodity servers. It organizes data as an ordered key-value store and employs ACID transactions for all operations. + +This package provides a managed FoundationDB cluster deployment using the FoundationDB Kubernetes Operator. + +## Features + +- **High Availability**: Multi-instance deployment with automatic failover +- **ACID Transactions**: Full ACID transaction support across the cluster +- **Scalable**: Easily scale storage and compute resources +- **Backup Integration**: Optional S3-compatible backup storage +- **Monitoring**: Built-in monitoring and alerting through WorkloadMonitor +- **Flexible Configuration**: Support for custom FoundationDB parameters + +## Configuration + +### Basic Configuration + +```yaml +# Number of total instances +replicas: 3 + +# Cluster process configuration +cluster: + version: "7.4.1" + processCounts: + storage: 3 # Storage processes + stateless: -1 # Automatically calculated + cluster_controller: 1 +``` + +### Storage + +```yaml +storage: + size: "16Gi" # Storage size per instance + storageClass: "" # Storage class (optional) +``` + +### Resources + +```yaml +resources: + preset: "medium" # small, medium, large, xlarge + # Custom overrides + limits: + cpu: "2000m" + memory: "4Gi" + requests: + cpu: "1000m" + memory: "2Gi" +``` + +### Backup (Optional) + +```yaml +backup: + enabled: true + s3: + bucket: "my-fdb-backups" + endpoint: "https://s3.amazonaws.com" + region: "us-east-1" + credentials: + accessKeyId: "AKIA..." + secretAccessKey: "..." + retentionPolicy: "7d" +``` + +### Advanced Configuration + +```yaml +advanced: + # Custom FoundationDB parameters + customParameters: + - "knob_disable_posix_kernel_aio=1" + + # Image type (split recommended for production) + imageType: "split" + + # Enable automatic pod replacements + automaticReplacements: true +``` + +## Prerequisites + +- FoundationDB Operator must be installed in the cluster +- Sufficient storage and compute resources +- For backups: S3-compatible storage credentials + +## Deployment + +1. Install the FoundationDB operator (system package) +2. Deploy this application package with your desired configuration +3. The cluster will be automatically provisioned and configured + +## Monitoring + +This package includes WorkloadMonitor integration for cluster health monitoring and resource tracking. Monitoring can be disabled by setting: + +```yaml +monitoring: + enabled: false +``` + +## Security + +- All containers run with restricted security contexts +- No privilege escalation allowed +- Read-only root filesystem where possible +- Custom security context configurations supported + +## Fault Tolerance + +FoundationDB is designed for high availability: +- Automatic failure detection and recovery +- Data replication across instances +- Configurable fault domains for rack/zone awareness +- Transaction log redundancy + +## Performance Considerations + +- Use SSD storage for better performance +- Consider dedicating nodes for storage processes +- Monitor cluster metrics for optimization opportunities +- Scale storage and stateless processes based on workload + +## Support + +For issues related to FoundationDB itself, refer to the [FoundationDB documentation](https://apple.github.io/foundationdb/). + +For Cozystack-specific issues, consult the Cozystack documentation or support channels. \ No newline at end of file diff --git a/packages/apps/foundationdb/charts/cozy-lib b/packages/apps/foundationdb/charts/cozy-lib new file mode 120000 index 00000000..e1813509 --- /dev/null +++ b/packages/apps/foundationdb/charts/cozy-lib @@ -0,0 +1 @@ +../../../library/cozy-lib \ No newline at end of file diff --git a/packages/apps/foundationdb/logos/foundationdb.svg b/packages/apps/foundationdb/logos/foundationdb.svg new file mode 100644 index 00000000..6ff3bd28 --- /dev/null +++ b/packages/apps/foundationdb/logos/foundationdb.svg @@ -0,0 +1,106 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/packages/apps/foundationdb/templates/_resources.tpl b/packages/apps/foundationdb/templates/_resources.tpl new file mode 100644 index 00000000..e21e34e0 --- /dev/null +++ b/packages/apps/foundationdb/templates/_resources.tpl @@ -0,0 +1,33 @@ +{{/* +Common resource definitions +*/}} +{{- define "foundationdb.resources" -}} +{{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resources.preset .Values.resources $) }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "foundationdb.labels" -}} +helm.sh/chart: {{ include "foundationdb.chart" . }} +{{ include "foundationdb.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "foundationdb.selectorLabels" -}} +app.kubernetes.io/name: foundationdb +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Chart name and version +*/}} +{{- define "foundationdb.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/backup.yaml b/packages/apps/foundationdb/templates/backup.yaml new file mode 100644 index 00000000..129a7b2c --- /dev/null +++ b/packages/apps/foundationdb/templates/backup.yaml @@ -0,0 +1,65 @@ +{{- if .Values.backup.enabled }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-s3-creds + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +type: Opaque +data: + AWS_ACCESS_KEY_ID: {{ .Values.backup.s3.credentials.accessKeyId | b64enc }} + AWS_SECRET_ACCESS_KEY: {{ .Values.backup.s3.credentials.secretAccessKey | b64enc }} + +--- +apiVersion: apps.foundationdb.org/v1beta2 +kind: FoundationDBBackup +metadata: + name: {{ .Release.Name }}-backup + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + clusterName: {{ .Release.Name }} + + backupState: Running + + backupDeploymentSpec: + podTemplateSpec: + spec: + containers: + - name: foundationdb + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 0 + + customParameters: + - backup_agent_snapshot_mode=0 + + snapshotPeriodSeconds: 3600 + + blobStoreConfiguration: + accountName: {{ .Values.backup.s3.bucket }} + bucket: {{ .Values.backup.s3.bucket }} + {{- if .Values.backup.s3.endpoint }} + endpoint: {{ .Values.backup.s3.endpoint }} + {{- end }} + credentials: + AWS_ACCESS_KEY_ID: + secretKeyRef: + name: {{ .Release.Name }}-s3-creds + key: AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: + secretKeyRef: + name: {{ .Release.Name }}-s3-creds + key: AWS_SECRET_ACCESS_KEY +{{- end }} \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/cluster.yaml b/packages/apps/foundationdb/templates/cluster.yaml new file mode 100644 index 00000000..40038a2f --- /dev/null +++ b/packages/apps/foundationdb/templates/cluster.yaml @@ -0,0 +1,86 @@ +--- +apiVersion: apps.foundationdb.org/v1beta2 +kind: FoundationDBCluster +metadata: + name: {{ .Release.Name }} + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + version: {{ .Values.cluster.version | quote }} + + processCounts: + {{- toYaml .Values.cluster.processCounts | nindent 4 }} + + automationOptions: + replacements: + enabled: {{ .Values.advanced.automaticReplacements }} + faultDomain: + key: {{ .Values.cluster.faultDomain.key }} + {{- if .Values.cluster.faultDomain.valueFrom }} + valueFrom: {{ .Values.cluster.faultDomain.valueFrom }} + {{- end }} + imageType: {{ .Values.advanced.imageType }} + labels: + filterOnOwnerReference: false + matchLabels: + foundationdb.org/fdb-cluster-name: {{ .Release.Name }} + processClassLabels: + - foundationdb.org/fdb-process-class + processGroupIDLabels: + - foundationdb.org/fdb-process-group-id + minimumUptimeSecondsForBounce: 60 + + processes: + general: + {{- if .Values.advanced.customParameters }} + customParameters: + {{- range .Values.advanced.customParameters }} + - {{ . }} + {{- end }} + {{- end }} + podTemplate: + spec: + containers: + - name: foundationdb + resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resources.preset .Values.resources $) | nindent 16 }} + securityContext: + {{- toYaml .Values.advanced.securityContext | nindent 16 }} + - name: foundationdb-kubernetes-sidecar + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + securityContext: + {{- toYaml .Values.advanced.securityContext | nindent 16 }} + initContainers: + - name: foundationdb-kubernetes-init + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + securityContext: + {{- toYaml .Values.advanced.securityContext | nindent 16 }} + + volumeClaimTemplate: + spec: + {{- if .Values.storage.storageClass }} + storageClassName: {{ .Values.storage.storageClass }} + {{- end }} + resources: + requests: + storage: {{ .Values.storage.size }} + + routing: + defineDNSLocalityFields: true + + sidecarContainer: + enableLivenessProbe: true + enableReadinessProbe: true \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/dashboard-resourcemap.yaml b/packages/apps/foundationdb/templates/dashboard-resourcemap.yaml new file mode 100644 index 00000000..ea378769 --- /dev/null +++ b/packages/apps/foundationdb/templates/dashboard-resourcemap.yaml @@ -0,0 +1,22 @@ +{{- if .Values.monitoring.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-resourcemap + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.cozystack.io/type: dashboard-resourcemap +data: + resources: | + - apiVersion: apps.foundationdb.org/v1beta2 + kind: FoundationDBCluster + name: {{ .Release.Name }} + {{- if .Values.backup.enabled }} + - apiVersion: apps.foundationdb.org/v1beta2 + kind: FoundationDBBackup + name: {{ .Release.Name }}-backup + {{- end }} +{{- end }} \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/workloadmonitor.yaml b/packages/apps/foundationdb/templates/workloadmonitor.yaml new file mode 100644 index 00000000..b06fe877 --- /dev/null +++ b/packages/apps/foundationdb/templates/workloadmonitor.yaml @@ -0,0 +1,20 @@ +{{- if .Values.monitoring.enabled }} +--- +apiVersion: cozystack.io/v1alpha1 +kind: WorkloadMonitor +metadata: + name: {{ .Release.Name }} + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicas }} + minReplicas: 1 + kind: foundationdb + type: foundationdb + selector: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: foundationdb + version: {{ .Chart.Version }} +{{- end }} \ No newline at end of file diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json new file mode 100644 index 00000000..d12a605f --- /dev/null +++ b/packages/apps/foundationdb/values.schema.json @@ -0,0 +1,203 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "type": "object", + "properties": { + "replicas": { + "type": "integer", + "minimum": 1, + "default": 3, + "title": "Number of replicas", + "description": "Total number of FoundationDB instances" + }, + "cluster": { + "type": "object", + "title": "Cluster Configuration", + "properties": { + "processCounts": { + "type": "object", + "title": "Process Counts", + "properties": { + "stateless": { + "type": "integer", + "default": -1, + "title": "Stateless processes", + "description": "Number of stateless processes (-1 for automatic)" + }, + "storage": { + "type": "integer", + "minimum": 1, + "default": 3, + "title": "Storage processes", + "description": "Number of storage processes" + }, + "cluster_controller": { + "type": "integer", + "minimum": 1, + "default": 1, + "title": "Cluster controllers", + "description": "Number of cluster controller processes" + } + } + }, + "version": { + "type": "string", + "default": "7.4.1", + "title": "FoundationDB Version", + "description": "Version of FoundationDB to deploy" + }, + "faultDomain": { + "type": "object", + "title": "Fault Domain", + "properties": { + "key": { + "type": "string", + "default": "foundationdb.org/none", + "title": "Fault domain key" + }, + "valueFrom": { + "type": "string", + "default": "$FDB_ZONE_ID", + "title": "Fault domain value source" + } + } + } + } + }, + "storage": { + "type": "object", + "title": "Storage Configuration", + "properties": { + "size": { + "type": "string", + "default": "16Gi", + "title": "Storage size", + "description": "Size of persistent volumes for each instance" + }, + "storageClass": { + "type": "string", + "title": "Storage class", + "description": "Kubernetes storage class to use (optional)" + } + } + }, + "resources": { + "type": "object", + "title": "Resource Configuration", + "properties": { + "preset": { + "type": "string", + "enum": ["small", "medium", "large", "xlarge"], + "default": "medium", + "title": "Resource preset", + "description": "Predefined resource configuration" + }, + "limits": { + "type": "object", + "title": "Resource limits", + "properties": { + "cpu": {"type": "string"}, + "memory": {"type": "string"} + } + }, + "requests": { + "type": "object", + "title": "Resource requests", + "properties": { + "cpu": {"type": "string"}, + "memory": {"type": "string"} + } + } + } + }, + "backup": { + "type": "object", + "title": "Backup Configuration", + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "Enable backups", + "description": "Enable automatic backups to S3" + }, + "s3": { + "type": "object", + "title": "S3 Configuration", + "properties": { + "bucket": { + "type": "string", + "title": "S3 bucket name" + }, + "endpoint": { + "type": "string", + "title": "S3 endpoint URL" + }, + "region": { + "type": "string", + "default": "us-east-1", + "title": "S3 region" + }, + "credentials": { + "type": "object", + "title": "S3 credentials", + "properties": { + "accessKeyId": { + "type": "string", + "title": "Access key ID" + }, + "secretAccessKey": { + "type": "string", + "title": "Secret access key" + } + } + } + } + }, + "retentionPolicy": { + "type": "string", + "default": "7d", + "title": "Retention policy", + "description": "How long to keep backups" + } + } + }, + "monitoring": { + "type": "object", + "title": "Monitoring", + "properties": { + "enabled": { + "type": "boolean", + "default": true, + "title": "Enable monitoring", + "description": "Enable WorkloadMonitor integration" + } + } + }, + "advanced": { + "type": "object", + "title": "Advanced Configuration", + "properties": { + "customParameters": { + "type": "array", + "title": "Custom parameters", + "description": "Custom FoundationDB parameters", + "items": { + "type": "string" + } + }, + "imageType": { + "type": "string", + "enum": ["unified", "split"], + "default": "split", + "title": "Image type", + "description": "Container image deployment type" + }, + "automaticReplacements": { + "type": "boolean", + "default": true, + "title": "Automatic replacements", + "description": "Enable automatic pod replacements" + } + } + } + } +} \ No newline at end of file diff --git a/packages/apps/foundationdb/values.yaml b/packages/apps/foundationdb/values.yaml new file mode 100644 index 00000000..1db095fd --- /dev/null +++ b/packages/apps/foundationdb/values.yaml @@ -0,0 +1,73 @@ +# Default values for foundationdb. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# Number of replicas (total instances) +replicas: 3 + +# Cluster configuration +cluster: + # Process counts for different roles + processCounts: + stateless: -1 # Automatically calculated + storage: 3 # Storage processes + cluster_controller: 1 + + # Version of FoundationDB to use + version: "7.4.1" + + # Fault domain configuration + faultDomain: + key: "foundationdb.org/none" + valueFrom: "$FDB_ZONE_ID" + +# Storage configuration +storage: + # Size of persistent volumes + size: "16Gi" + # Storage class (if not set, uses cluster default) + storageClass: "" + +# Resource configuration +resources: + # Resource preset (will be used by cozy-lib) + preset: "medium" + # Custom resource overrides + limits: {} + requests: {} + +# Backup configuration +backup: + enabled: false + # S3 configuration for backups + s3: + bucket: "" + endpoint: "" + region: "us-east-1" + credentials: + accessKeyId: "" + secretAccessKey: "" + # Retention policy for backups + retentionPolicy: "7d" + +# Monitoring +monitoring: + enabled: true + +# Advanced configuration +advanced: + # Custom parameters to pass to FoundationDB + customParameters: [] + # Example: + # - knob_disable_posix_kernel_aio=1 + + # Image type (split recommended for production) + imageType: "split" + + # Security context for containers + securityContext: + runAsUser: 0 + runAsGroup: 0 + + # Enable automatic replacements + automaticReplacements: true \ No newline at end of file diff --git a/packages/apps/versions_map b/packages/apps/versions_map index 5473c355..81f467d7 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -33,6 +33,7 @@ ferretdb 0.7.1 4369b031 ferretdb 0.8.0 08cb7c0f ferretdb 1.0.0 c02a3818 ferretdb 1.1.0 HEAD +foundationdb 0.1.0 HEAD http-cache 0.1.0 263e47be http-cache 0.2.0 53f2365e http-cache 0.3.0 6c5cf5bf diff --git a/packages/system/foundationdb-operator/.helmignore b/packages/system/foundationdb-operator/.helmignore new file mode 100644 index 00000000..33ceb8f0 --- /dev/null +++ b/packages/system/foundationdb-operator/.helmignore @@ -0,0 +1 @@ +Makefile \ No newline at end of file diff --git a/packages/system/foundationdb-operator/Chart.yaml b/packages/system/foundationdb-operator/Chart.yaml new file mode 100644 index 00000000..7685387c --- /dev/null +++ b/packages/system/foundationdb-operator/Chart.yaml @@ -0,0 +1,3 @@ +apiVersion: v2 +name: cozy-foundationdb-operator +version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process \ No newline at end of file diff --git a/packages/system/foundationdb-operator/Makefile b/packages/system/foundationdb-operator/Makefile new file mode 100644 index 00000000..f735e7c5 --- /dev/null +++ b/packages/system/foundationdb-operator/Makefile @@ -0,0 +1,19 @@ +export NAME=foundationdb-operator +export NAMESPACE=cozy-$(NAME) + +include ../../../scripts/package.mk + +update: + rm -rf charts + git clone --depth 1 --branch v2.13.0 https://github.com/FoundationDB/fdb-kubernetes-operator.git tmp-repo + mkdir -p charts + cp -r tmp-repo/charts/fdb-operator charts/ + # Remove symlinked CRDs and replace with actual files + rm -f charts/fdb-operator/crds/apps.foundationdb.org_foundationdbbackups.yaml + rm -f charts/fdb-operator/crds/apps.foundationdb.org_foundationdbclusters.yaml + rm -f charts/fdb-operator/crds/apps.foundationdb.org_foundationdbrestores.yaml + cp tmp-repo/config/crd/bases/apps.foundationdb.org_foundationdbbackups.yaml charts/fdb-operator/crds/ + cp tmp-repo/config/crd/bases/apps.foundationdb.org_foundationdbclusters.yaml charts/fdb-operator/crds/ + cp tmp-repo/config/crd/bases/apps.foundationdb.org_foundationdbrestores.yaml charts/fdb-operator/crds/ + rm -rf tmp-repo + rm -rf charts/fdb-operator/charts \ No newline at end of file diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/Chart.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/Chart.yaml new file mode 100644 index 00000000..e9824f59 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: fdb-operator +description: A Helm chart for foundationDB operator +home: https://www.foundationdb.org/ +sources: + - https://github.com/FoundationDB/fdb-kubernetes-operator/tree/main/charts/fdb-operator +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.2.0 +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: v2.13.0 +maintainers: + - name: "foundationdb-ci" diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbbackups.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbbackups.yaml new file mode 100644 index 00000000..ee1f50d6 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbbackups.yaml @@ -0,0 +1,3899 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + foundationdb.org/release: v2.13.0 + name: foundationdbbackups.apps.foundationdb.org +spec: + group: apps.foundationdb.org + names: + kind: FoundationDBBackup + listKind: FoundationDBBackupList + plural: foundationdbbackups + shortNames: + - fdbbackup + singular: foundationdbbackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Latest generation of the spec + jsonPath: .metadata.generation + name: Generation + type: integer + - description: Last reconciled generation of the spec + jsonPath: .status.generations.reconciled + name: Reconciled + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + agentCount: + type: integer + allowTagOverride: + default: false + type: boolean + backupDeploymentMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + backupState: + enum: + - Running + - Stopped + - Paused + type: string + backupType: + default: backup_agent + enum: + - backup_agent + - partitioned_log + maxLength: 64 + type: string + blobStoreConfiguration: + properties: + accountName: + maxLength: 100 + type: string + backupName: + maxLength: 1024 + type: string + bucket: + maxLength: 63 + minLength: 3 + type: string + urlParameters: + items: + maxLength: 1024 + type: string + maxItems: 100 + type: array + required: + - accountName + type: object + clusterName: + type: string + customParameters: + items: + maxLength: 100 + type: string + maxItems: 100 + type: array + encryptionKeyPath: + maxLength: 4096 + type: string + imageType: + default: split + enum: + - split + - unified + maxLength: 1024 + type: string + mainContainer: + properties: + enableLivenessProbe: + type: boolean + enableReadinessProbe: + type: boolean + enableTls: + type: boolean + imageConfigs: + items: + properties: + baseImage: + maxLength: 200 + type: string + tag: + maxLength: 100 + type: string + tagSuffix: + maxLength: 50 + type: string + version: + maxLength: 20 + type: string + type: object + maxItems: 100 + type: array + peerVerificationRules: + maxLength: 10000 + type: string + type: object + podTemplateSpec: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + x-kubernetes-list-type: atomic + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + x-kubernetes-list-type: atomic + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + stopSignal: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + recursiveReadOnly: + type: string + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + workingDir: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + x-kubernetes-list-type: atomic + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + x-kubernetes-list-type: atomic + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + stopSignal: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + recursiveReadOnly: + type: string + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + workingDir: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + type: string + required: + - ip + type: object + type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostUsers: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + initContainers: + items: + properties: + args: + items: + type: string + type: array + x-kubernetes-list-type: atomic + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + x-kubernetes-list-type: atomic + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + stopSignal: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + recursiveReadOnly: + type: string + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + workingDir: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + x-kubernetes-list-type: atomic + resourceClaims: + items: + properties: + name: + type: string + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + securityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + default: ext4 + type: string + kind: + type: string + readOnly: + default: false + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + x-kubernetes-list-type: atomic + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + x-kubernetes-list-type: atomic + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + x-kubernetes-list-type: atomic + wwids: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + default: default + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + x-kubernetes-list-type: atomic + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + x-kubernetes-list-type: atomic + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + x-kubernetes-list-type: atomic + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + default: /etc/ceph/keyring + type: string + monitors: + items: + type: string + type: array + x-kubernetes-list-type: atomic + pool: + default: rbd + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + user: + default: admin + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + default: xfs + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + default: ThinProvisioned + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - containers + type: object + type: object + sidecarContainer: + properties: + enableLivenessProbe: + type: boolean + enableReadinessProbe: + type: boolean + enableTls: + type: boolean + imageConfigs: + items: + properties: + baseImage: + maxLength: 200 + type: string + tag: + maxLength: 100 + type: string + tagSuffix: + maxLength: 50 + type: string + version: + maxLength: 20 + type: string + type: object + maxItems: 100 + type: array + peerVerificationRules: + maxLength: 10000 + type: string + type: object + snapshotPeriodSeconds: + type: integer + version: + type: string + required: + - clusterName + - version + type: object + status: + properties: + agentCount: + type: integer + backupDetails: + properties: + paused: + type: boolean + running: + type: boolean + snapshotTime: + type: integer + url: + type: string + type: object + deploymentConfigured: + type: boolean + generations: + properties: + needsBackupAgentUpdate: + format: int64 + type: integer + needsBackupModification: + format: int64 + type: integer + needsBackupPauseToggle: + format: int64 + type: integer + needsBackupStart: + format: int64 + type: integer + needsBackupStop: + format: int64 + type: integer + reconciled: + format: int64 + type: integer + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbclusters.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbclusters.yaml new file mode 100644 index 00000000..d65a97b1 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbclusters.yaml @@ -0,0 +1,4784 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + foundationdb.org/release: v2.13.0 + name: foundationdbclusters.apps.foundationdb.org +spec: + group: apps.foundationdb.org + names: + kind: FoundationDBCluster + listKind: FoundationDBClusterList + plural: foundationdbclusters + shortNames: + - fdb + singular: foundationdbcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Latest generation of the spec + jsonPath: .metadata.generation + name: Generation + type: integer + - description: Last reconciled generation of the spec + jsonPath: .status.generations.reconciled + name: Reconciled + type: integer + - description: Database available + jsonPath: .status.health.available + name: Available + type: boolean + - description: Database fully replicated + jsonPath: .status.health.fullReplication + name: FullReplication + type: boolean + - description: Number of reconciled process groups + jsonPath: .status.reconciledProcessGroups + name: ReconciledProcessGroups + priority: 1 + type: integer + - description: Desired number of process groups + jsonPath: .status.desiredProcessGroups + name: DesiredProcessGroups + priority: 1 + type: integer + - description: Running version + jsonPath: .status.runningVersion + name: Version + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + automationOptions: + properties: + cacheDatabaseStatusForReconciliation: + type: boolean + configureDatabase: + type: boolean + databaseInteractionMode: + maxLength: 256 + type: string + deletionMode: + default: Zone + enum: + - All + - Zone + - ProcessGroup + - None + type: string + failedPodDurationSeconds: + type: integer + ignoreLogGroupsForUpgrade: + items: + maxLength: 256 + type: string + maxItems: 10 + type: array + ignoreMissingProcessesSeconds: + type: integer + ignorePendingPodsDuration: + format: int64 + type: integer + ignoreTerminatingPodsSeconds: + type: integer + killProcesses: + type: boolean + maintenanceModeOptions: + properties: + UseMaintenanceModeChecker: + type: boolean + maintenanceModeTimeSeconds: + type: integer + resetMaintenanceMode: + type: boolean + type: object + maxConcurrentReplacements: + minimum: 0 + type: integer + podUpdateStrategy: + default: ReplaceTransactionSystem + enum: + - Replace + - ReplaceTransactionSystem + - Delete + type: string + removalMode: + default: Zone + enum: + - All + - Zone + - ProcessGroup + - None + type: string + replacements: + properties: + enabled: + type: boolean + failureDetectionTimeSeconds: + type: integer + faultDomainBasedReplacements: + type: boolean + maxConcurrentReplacements: + default: 1 + minimum: 0 + type: integer + maxFaultDomainsWithTaintedProcessGroups: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + taintReplacementOptions: + items: + properties: + durationInSeconds: + format: int64 + minimum: 0 + type: integer + key: + maxLength: 256 + pattern: ^([\-._\/a-z0-9A-Z\*])*$ + type: string + required: + - durationInSeconds + - key + type: object + maxItems: 32 + type: array + taintReplacementTimeSeconds: + type: integer + type: object + synchronizationMode: + default: local + enum: + - local + - global + type: string + useLocalitiesForExclusion: + type: boolean + useManagementAPI: + type: boolean + useNonBlockingExcludes: + type: boolean + waitBetweenRemovalsSeconds: + type: integer + type: object + buggify: + properties: + blockRemoval: + items: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + maxItems: 1000 + type: array + crashLoop: + items: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + type: array + crashLoopContainers: + items: + properties: + containerName: + maxLength: 253 + minLength: 1 + type: string + targets: + items: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + maxItems: 10000 + minItems: 0 + type: array + type: object + maxItems: 8 + minItems: 0 + type: array + emptyMonitorConf: + type: boolean + ignoreDuringRestart: + items: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + maxItems: 1000 + type: array + noSchedule: + items: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + type: array + type: object + configMap: + properties: + apiVersion: + type: string + binaryData: + additionalProperties: + format: byte + type: string + type: object + data: + additionalProperties: + type: string + type: object + immutable: + type: boolean + kind: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + type: object + coordinatorSelection: + items: + properties: + priority: + type: integer + processClass: + type: string + type: object + type: array + dataCenter: + type: string + dataHall: + type: string + databaseConfiguration: + properties: + commit_proxies: + type: integer + excluded_servers: + items: + properties: + address: + maxLength: 48 + type: string + locality: + maxLength: 200 + type: string + type: object + maxItems: 1024 + type: array + grv_proxies: + type: integer + log_routers: + type: integer + log_spill: + type: integer + log_version: + type: integer + logs: + type: integer + perpetual_storage_wiggle: + type: integer + perpetual_storage_wiggle_engine: + enum: + - "" + - ssd + - ssd-1 + - ssd-2 + - memory + - memory-1 + - memory-2 + - ssd-redwood-1-experimental + - ssd-redwood-1 + - ssd-rocksdb-experimental + - ssd-rocksdb-v1 + - ssd-sharded-rocksdb + - memory-radixtree-beta + - custom + - none + maxLength: 100 + type: string + perpetual_storage_wiggle_locality: + type: string + proxies: + type: integer + redundancy_mode: + enum: + - single + - double + - triple + - three_data_hall + maxLength: 100 + type: string + regions: + items: + properties: + datacenters: + items: + properties: + id: + type: string + priority: + type: integer + satellite: + maximum: 1 + minimum: 0 + type: integer + type: object + type: array + satellite_logs: + type: integer + satellite_redundancy_mode: + maxLength: 100 + type: string + type: object + type: array + remote_logs: + type: integer + resolvers: + type: integer + storage: + type: integer + storage_engine: + default: ssd-2 + enum: + - ssd + - ssd-1 + - ssd-2 + - memory + - memory-1 + - memory-2 + - ssd-redwood-1-experimental + - ssd-redwood-1 + - ssd-rocksdb-experimental + - ssd-rocksdb-v1 + - ssd-sharded-rocksdb + - memory-radixtree-beta + - custom + maxLength: 100 + type: string + storage_migration_type: + enum: + - "" + - disabled + - aggressive + - gradual + maxLength: 100 + type: string + usable_regions: + type: integer + type: object + faultDomain: + properties: + key: + type: string + value: + type: string + valueFrom: + type: string + zoneCount: + type: integer + zoneIndex: + type: integer + type: object + ignoreUpgradabilityChecks: + type: boolean + imageType: + default: unified + enum: + - split + - unified + maxLength: 1024 + type: string + labels: + properties: + filterOnOwnerReference: + type: boolean + matchLabels: + additionalProperties: + type: string + type: object + processClassLabels: + items: + type: string + maxItems: 100 + type: array + processGroupIDLabels: + items: + type: string + maxItems: 100 + type: array + resourceLabels: + additionalProperties: + type: string + type: object + type: object + lockOptions: + properties: + denyList: + items: + properties: + allow: + type: boolean + id: + type: string + type: object + type: array + disableLocks: + type: boolean + lockDurationMinutes: + type: integer + lockKeyPrefix: + type: string + type: object + logGroup: + type: string + logServersPerPod: + type: integer + mainContainer: + properties: + enableLivenessProbe: + type: boolean + enableReadinessProbe: + type: boolean + enableTls: + type: boolean + imageConfigs: + items: + properties: + baseImage: + maxLength: 200 + type: string + tag: + maxLength: 100 + type: string + tagSuffix: + maxLength: 50 + type: string + version: + maxLength: 20 + type: string + type: object + maxItems: 100 + type: array + peerVerificationRules: + maxLength: 10000 + type: string + type: object + maxZonesWithUnavailablePods: + type: integer + minimumUptimeSecondsForBounce: + default: 600 + minimum: 1 + type: integer + partialConnectionString: + properties: + coordinators: + items: + type: string + type: array + databaseName: + type: string + generationID: + type: string + type: object + processCounts: + properties: + backup: + type: integer + cluster_controller: + type: integer + commit_proxy: + type: integer + coordinator: + type: integer + data_distributor: + type: integer + fast_restore: + type: integer + grv_proxy: + type: integer + log: + type: integer + master: + type: integer + proxy: + type: integer + ratekeeper: + type: integer + resolution: + type: integer + router: + type: integer + stateless: + type: integer + storage: + type: integer + storage_cache: + type: integer + test: + type: integer + tester: + type: integer + transaction: + type: integer + unset: + type: integer + type: object + processGroupIDPrefix: + maxLength: 43 + pattern: ^[a-z0-9A-Z]([\-._a-z0-9A-Z])*[a-z0-9A-Z]$ + type: string + processGroupsToRemove: + items: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + maxItems: 500 + minItems: 0 + type: array + processGroupsToRemoveWithoutExclusion: + items: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + maxItems: 500 + minItems: 0 + type: array + processes: + additionalProperties: + properties: + customParameters: + items: + maxLength: 100 + type: string + maxItems: 100 + type: array + podTemplate: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + x-kubernetes-list-type: atomic + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + x-kubernetes-list-type: atomic + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + stopSignal: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + recursiveReadOnly: + type: string + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + workingDir: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + x-kubernetes-list-type: atomic + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + x-kubernetes-list-type: atomic + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + stopSignal: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + recursiveReadOnly: + type: string + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + workingDir: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + type: string + required: + - ip + type: object + type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostUsers: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + initContainers: + items: + properties: + args: + items: + type: string + type: array + x-kubernetes-list-type: atomic + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + x-kubernetes-list-type: atomic + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + stopSignal: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + recursiveReadOnly: + type: string + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + workingDir: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + x-kubernetes-list-type: atomic + resourceClaims: + items: + properties: + name: + type: string + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + securityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + default: ext4 + type: string + kind: + type: string + readOnly: + default: false + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + x-kubernetes-list-type: atomic + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + x-kubernetes-list-type: atomic + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + x-kubernetes-list-type: atomic + wwids: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + default: default + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + x-kubernetes-list-type: atomic + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + x-kubernetes-list-type: atomic + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + x-kubernetes-list-type: atomic + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + default: /etc/ceph/keyring + type: string + monitors: + items: + type: string + type: array + x-kubernetes-list-type: atomic + pool: + default: rbd + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + user: + default: admin + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + default: xfs + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + default: ThinProvisioned + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - containers + type: object + type: object + volumeClaimTemplate: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + status: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + type: string + modifyVolumeStatus: + properties: + status: + type: string + targetVolumeAttributesClassName: + type: string + required: + - status + type: object + phase: + type: string + type: object + type: object + type: object + type: object + replaceInstancesWhenResourcesChange: + default: false + type: boolean + routing: + properties: + defineDNSLocalityFields: + type: boolean + dnsDomain: + maxLength: 253 + minLength: 1 + type: string + headlessService: + type: boolean + podIPFamily: + type: integer + publicIPSource: + type: string + useDNSInClusterFile: + type: boolean + type: object + seedConnectionString: + type: string + sidecarContainer: + properties: + enableLivenessProbe: + type: boolean + enableReadinessProbe: + type: boolean + enableTls: + type: boolean + imageConfigs: + items: + properties: + baseImage: + maxLength: 200 + type: string + tag: + maxLength: 100 + type: string + tagSuffix: + maxLength: 50 + type: string + version: + maxLength: 20 + type: string + type: object + maxItems: 100 + type: array + peerVerificationRules: + maxLength: 10000 + type: string + type: object + sidecarVariables: + items: + type: string + type: array + skip: + default: false + type: boolean + storageServersPerPod: + type: integer + trustedCAs: + items: + type: string + type: array + useExplicitListenAddress: + type: boolean + version: + pattern: (\d+)\.(\d+)\.(\d+) + type: string + required: + - version + type: object + status: + properties: + configured: + type: boolean + connectionString: + type: string + databaseConfiguration: + properties: + commit_proxies: + type: integer + excluded_servers: + items: + properties: + address: + maxLength: 48 + type: string + locality: + maxLength: 200 + type: string + type: object + maxItems: 1024 + type: array + grv_proxies: + type: integer + log_routers: + type: integer + log_spill: + type: integer + log_version: + type: integer + logs: + type: integer + perpetual_storage_wiggle: + type: integer + perpetual_storage_wiggle_engine: + enum: + - "" + - ssd + - ssd-1 + - ssd-2 + - memory + - memory-1 + - memory-2 + - ssd-redwood-1-experimental + - ssd-redwood-1 + - ssd-rocksdb-experimental + - ssd-rocksdb-v1 + - ssd-sharded-rocksdb + - memory-radixtree-beta + - custom + - none + maxLength: 100 + type: string + perpetual_storage_wiggle_locality: + type: string + proxies: + type: integer + redundancy_mode: + enum: + - single + - double + - triple + - three_data_hall + maxLength: 100 + type: string + regions: + items: + properties: + datacenters: + items: + properties: + id: + type: string + priority: + type: integer + satellite: + maximum: 1 + minimum: 0 + type: integer + type: object + type: array + satellite_logs: + type: integer + satellite_redundancy_mode: + maxLength: 100 + type: string + type: object + type: array + remote_logs: + type: integer + resolvers: + type: integer + storage: + type: integer + storage_engine: + default: ssd-2 + enum: + - ssd + - ssd-1 + - ssd-2 + - memory + - memory-1 + - memory-2 + - ssd-redwood-1-experimental + - ssd-redwood-1 + - ssd-rocksdb-experimental + - ssd-rocksdb-v1 + - ssd-sharded-rocksdb + - memory-radixtree-beta + - custom + maxLength: 100 + type: string + storage_migration_type: + enum: + - "" + - disabled + - aggressive + - gradual + maxLength: 100 + type: string + usable_regions: + type: integer + type: object + desiredProcessGroups: + type: integer + generations: + properties: + hasExtraListeners: + format: int64 + type: integer + hasPendingRemoval: + format: int64 + type: integer + hasUnhealthyProcess: + format: int64 + type: integer + missingDatabaseStatus: + format: int64 + type: integer + needsBounce: + format: int64 + type: integer + needsConfigurationChange: + format: int64 + type: integer + needsCoordinatorChange: + format: int64 + type: integer + needsGrow: + format: int64 + type: integer + needsLockConfigurationChanges: + format: int64 + type: integer + needsMonitorConfUpdate: + format: int64 + type: integer + needsPodDeletion: + format: int64 + type: integer + needsServiceUpdate: + format: int64 + type: integer + needsShrink: + format: int64 + type: integer + reconciled: + format: int64 + type: integer + type: object + hasIncorrectConfigMap: + type: boolean + hasIncorrectServiceConfig: + type: boolean + hasListenIPsForAllPods: + type: boolean + health: + properties: + available: + type: boolean + dataMovementPriority: + type: integer + fullReplication: + type: boolean + healthy: + type: boolean + type: object + imageTypes: + items: + maxLength: 1024 + type: string + maxItems: 10 + type: array + locks: + properties: + lockDenyList: + items: + type: string + type: array + type: object + logServersPerDisk: + items: + type: integer + maxItems: 5 + type: array + maintenanceModeInfo: + properties: + processGroups: + items: + type: string + maxItems: 200 + type: array + startTimestamp: + format: date-time + type: string + zoneID: + maxLength: 512 + type: string + type: object + needsNewCoordinators: + type: boolean + processGroups: + items: + properties: + addresses: + items: + type: string + type: array + exclusionSkipped: + type: boolean + exclusionTimestamp: + format: date-time + type: string + faultDomain: + maxLength: 512 + type: string + processClass: + type: string + processGroupConditions: + items: + properties: + timestamp: + format: int64 + type: integer + type: + type: string + type: object + type: array + processGroupID: + maxLength: 63 + pattern: ^(([\w-]+)-(\d+)|\*)$ + type: string + removalTimestamp: + format: date-time + type: string + type: object + type: array + reconciledProcessGroups: + type: integer + requiredAddresses: + properties: + nonTLS: + type: boolean + tls: + type: boolean + type: object + runningVersion: + type: string + storageServersPerDisk: + items: + type: integer + maxItems: 5 + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbrestores.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbrestores.yaml new file mode 100644 index 00000000..2f02fb0f --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/crds/apps.foundationdb.org_foundationdbrestores.yaml @@ -0,0 +1,100 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + foundationdb.org/release: v2.13.0 + name: foundationdbrestores.apps.foundationdb.org +spec: + group: apps.foundationdb.org + names: + kind: FoundationDBRestore + listKind: FoundationDBRestoreList + plural: foundationdbrestores + shortNames: + - fdbrestore + singular: foundationdbrestore + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.state + name: State + type: string + name: v1beta2 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + blobStoreConfiguration: + properties: + accountName: + maxLength: 100 + type: string + backupName: + maxLength: 1024 + type: string + bucket: + maxLength: 63 + minLength: 3 + type: string + urlParameters: + items: + maxLength: 1024 + type: string + maxItems: 100 + type: array + required: + - accountName + type: object + customParameters: + items: + maxLength: 100 + type: string + maxItems: 100 + type: array + destinationClusterName: + type: string + encryptionKeyPath: + maxLength: 4096 + type: string + keyRanges: + items: + properties: + end: + pattern: ^[A-Za-z0-9\/\\-]+$ + type: string + start: + pattern: ^[A-Za-z0-9\/\\-]+$ + type: string + required: + - end + - start + type: object + type: array + required: + - destinationClusterName + type: object + status: + properties: + running: + type: boolean + state: + maxLength: 50 + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/templates/NOTES.txt b/packages/system/foundationdb-operator/charts/fdb-operator/templates/NOTES.txt new file mode 100644 index 00000000..ae0e2e2c --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/templates/NOTES.txt @@ -0,0 +1,6 @@ +FoundationDB operator has been installed successfully. + +To see the logs of the operator you can use below command +kubectl logs deployment/{{ include "fdb-operator.fullname" . }} -n {{ .Release.Namespace }} -f + +Thanks for trying out FoundationDB helm chart. diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/templates/_helpers.tpl b/packages/system/foundationdb-operator/charts/fdb-operator/templates/_helpers.tpl new file mode 100644 index 00000000..5d9d5e12 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/templates/_helpers.tpl @@ -0,0 +1,60 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "fdb-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "fdb-operator.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "fdb-operator.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "fdb-operator.labels" -}} +helm.sh/chart: {{ include "fdb-operator.chart" . }} +{{ include "fdb-operator.selectorLabels" . }} +app.kubernetes.io/version: {{ .Values.image.tag | trimPrefix "v" | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "fdb-operator.selectorLabels" -}} +app.kubernetes.io/name: {{ include "fdb-operator.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account +*/}} +{{- define "fdb-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "fdb-operator.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/templates/manager/deployment.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/templates/manager/deployment.yaml new file mode 100644 index 00000000..e4ef5699 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/templates/manager/deployment.yaml @@ -0,0 +1,117 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "fdb-operator.fullname" . }} + labels: + {{- include "fdb-operator.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.replicas }} + replicas: {{ . }} + {{- end }} + selector: + matchLabels: + {{- include "fdb-operator.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "fdb-operator.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "fdb-operator.serviceAccountName" . }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + securityContext: + {{- toYaml .Values.securityContext | nindent 8 }} + terminationGracePeriodSeconds: 10 + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + initContainers: + {{- range $version, $params := .Values.initContainers }} + - name: foundationdb-kubernetes-init-{{ $version | replace "." "-" }} + image: {{ $params.image.repository }}:{{ $params.image.tag }} + imagePullPolicy: {{ $params.image.pullPolicy }} + args: + - "--copy-library" + - "{{ $version }}" + - "--copy-binary" + - "fdbcli" + - "--copy-binary" + - "fdbbackup" + - "--copy-binary" + - "fdbrestore" + - "--output-dir" + - "/var/output-files" + - "--mode" + - "init" + volumeMounts: + - name: fdb-binaries + mountPath: /var/output-files + resources: + {{- toYaml $.Values.initContainersResources | nindent 10 }} + securityContext: + {{- toYaml $.Values.initContainerSecurityContext | nindent 10 }} + {{- end }} + containers: + - name: manager + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /manager + {{- if not .Values.globalMode.enabled }} + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- end }} + ports: + - containerPort: 8080 + name: metrics + volumeMounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /var/log/fdb + - name: fdb-binaries + mountPath: /usr/bin/fdb + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 10 }} + livenessProbe: + httpGet: + path: /metrics + port: metrics + resources: + {{- toYaml .Values.resources | nindent 10 }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: tmp + emptyDir: {} + - name: logs + emptyDir: {} + - name: fdb-binaries + emptyDir: {} diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role.yaml new file mode 100644 index 00000000..7772774f --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role.yaml @@ -0,0 +1,131 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +{{- if .Values.globalMode.enabled }} +kind: ClusterRole +{{- else }} +kind: Role +{{- end }} +metadata: + name: {{ include "fdb-operator.fullname" . }} + labels: + {{- include "fdb-operator.labels" . | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - pods + - configmaps + - persistentvolumeclaims + - events + verbs: + - get + - watch + - list + - create + - update + - patch + - delete +- apiGroups: + - apps.foundationdb.org + resources: + - foundationdbclusters + - foundationdbbackups + - foundationdbrestores + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - apps.foundationdb.org + resources: + - foundationdbclusters/status + - foundationdbbackups/status + - foundationdbrestores/status + verbs: + - get + - update + - patch +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +{{- if .Values.nodeReadClusterRole }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "fdb-operator.fullname" . }}-clusterrole + labels: + {{- include "fdb-operator.labels" . | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - watch + - list +{{- end }} + diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role_binding.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role_binding.yaml new file mode 100644 index 00000000..2335c3c1 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/rbac_role_binding.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +{{- if .Values.globalMode.enabled }} +kind: ClusterRoleBinding +{{- else }} +kind: RoleBinding +{{- end }} +metadata: + name: {{ include "fdb-operator.fullname" . }} + labels: + {{- include "fdb-operator.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + {{- if .Values.globalMode.enabled }} + kind: ClusterRole + {{- else }} + kind: Role + {{- end }} + name: {{ include "fdb-operator.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "fdb-operator.serviceAccountName" . }} + {{- if .Values.globalMode.enabled }} + namespace: {{ .Release.Namespace }} + {{- end }} +{{- if .Values.nodeReadClusterRole }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "fdb-operator.fullname" . }}-clusterrolebinding + labels: + {{- include "fdb-operator.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "fdb-operator.fullname" . }}-clusterrole +subjects: +- kind: ServiceAccount + name: {{ include "fdb-operator.serviceAccountName" . }} + {{- if .Values.globalMode.enabled }} + namespace: {{ .Release.Namespace }} + {{- end }} +{{- end }} diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/serviceaccount.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/serviceaccount.yaml new file mode 100644 index 00000000..de763cb8 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/templates/rbac/serviceaccount.yaml @@ -0,0 +1,17 @@ +--- +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "fdb-operator.serviceAccountName" . }} + labels: + {{- include "fdb-operator.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- with .Values.serviceAccount.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} diff --git a/packages/system/foundationdb-operator/charts/fdb-operator/values.yaml b/packages/system/foundationdb-operator/charts/fdb-operator/values.yaml new file mode 100644 index 00000000..139af022 --- /dev/null +++ b/packages/system/foundationdb-operator/charts/fdb-operator/values.yaml @@ -0,0 +1,70 @@ +--- +image: + repository: foundationdb/fdb-kubernetes-operator + tag: v2.13.0 + pullPolicy: IfNotPresent +initContainers: + 7.1: + image: + repository: foundationdb/fdb-kubernetes-monitor + tag: 7.1.67 + pullPolicy: IfNotPresent + 7.3: + image: + repository: foundationdb/fdb-kubernetes-monitor + tag: 7.3.63 + pullPolicy: IfNotPresent + 7.4: + image: + repository: foundationdb/fdb-kubernetes-monitor + tag: 7.4.1 + pullPolicy: IfNotPresent +globalMode: + enabled: false +replicas: null +imagePullSecrets: [] +annotations: {} +podAnnotations: {} +podLabels: {} +serviceAccount: + create: true + name: null + imagePullSecrets: [] + annotations: {} +priorityClassName: null +securityContext: + runAsUser: 4059 + runAsGroup: 4059 + fsGroup: 4059 +containerSecurityContext: + allowPrivilegeEscalation: false + privileged: false + capabilities: + drop: + - all + readOnlyRootFilesystem: true +nodeSelector: {} +affinity: {} +tolerations: {} +resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 500m + memory: 256Mi +initContainersResources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi +initContainerSecurityContext: + allowPrivilegeEscalation: false + privileged: false + capabilities: + drop: + - all + readOnlyRootFilesystem: true +nodeReadClusterRole: true diff --git a/packages/system/foundationdb-operator/values.yaml b/packages/system/foundationdb-operator/values.yaml new file mode 100644 index 00000000..044e81c7 --- /dev/null +++ b/packages/system/foundationdb-operator/values.yaml @@ -0,0 +1,4 @@ +fdb-operator: + globalMode: + enabled: true + nodeReadClusterRole: true \ No newline at end of file From 076d69a10be3d018d41a09660fe393c3a61519b4 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Sat, 13 Sep 2025 16:21:06 -0500 Subject: [PATCH 02/12] Add OpenAPI schema and resource definitions for FoundationDB Signed-off-by: Isaiah Olson --- .../openapi-schemas/foundationdb.json | 1 + .../cozystack-resource-definitions.yaml | 22 +++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 120000 packages/system/cozystack-api/openapi-schemas/foundationdb.json diff --git a/packages/system/cozystack-api/openapi-schemas/foundationdb.json b/packages/system/cozystack-api/openapi-schemas/foundationdb.json new file mode 120000 index 00000000..12c61ac3 --- /dev/null +++ b/packages/system/cozystack-api/openapi-schemas/foundationdb.json @@ -0,0 +1 @@ +../../../apps/foundationdb/values.schema.json \ No newline at end of file diff --git a/packages/system/cozystack-api/templates/cozystack-resource-definitions.yaml b/packages/system/cozystack-api/templates/cozystack-resource-definitions.yaml index 90d3f629..8044584f 100644 --- a/packages/system/cozystack-api/templates/cozystack-resource-definitions.yaml +++ b/packages/system/cozystack-api/templates/cozystack-resource-definitions.yaml @@ -308,6 +308,28 @@ spec: --- apiVersion: cozystack.io/v1alpha1 kind: CozystackResourceDefinition +metadata: + name: foundationdb +spec: + application: + kind: FoundationDB + singular: foundationdb + plural: foundationdbs + openAPISchema: | + {{- .Files.Get "openapi-schemas/foundationdb.json" | fromJson | toJson | nindent 6 }} + release: + prefix: foundationdb- + labels: + cozystack.io/ui: "true" + chart: + name: foundationdb + sourceRef: + kind: HelmRepository + name: cozystack-apps + namespace: cozy-public +--- +apiVersion: cozystack.io/v1alpha1 +kind: CozystackResourceDefinition metadata: name: kafka spec: From 147519643786cc38ad71483247d8367c13d71a02 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Sat, 13 Sep 2025 20:38:31 -0500 Subject: [PATCH 03/12] Update values schema for FoundationDB app chart Signed-off-by: Isaiah Olson --- packages/apps/foundationdb/values.schema.json | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json index d12a605f..039ed241 100644 --- a/packages/apps/foundationdb/values.schema.json +++ b/packages/apps/foundationdb/values.schema.json @@ -196,6 +196,23 @@ "default": true, "title": "Automatic replacements", "description": "Enable automatic pod replacements" + }, + "securityContext": { + "type": "object", + "title": "Security context", + "description": "Security context for containers", + "properties": { + "runAsUser": { + "type": "integer", + "title": "Run as user", + "description": "User ID to run the container" + }, + "runAsGroup": { + "type": "integer", + "title": "Run as group", + "description": "Group ID to run the container" + } + } } } } From bf38316163bb9d35cec4753397631534cc55eb00 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Sat, 13 Sep 2025 21:00:48 -0500 Subject: [PATCH 04/12] Restructure FoundationDB values and flatten them Signed-off-by: Isaiah Olson --- packages/apps/foundationdb/README.md | 51 +- .../apps/foundationdb/templates/cluster.yaml | 16 +- packages/apps/foundationdb/values.schema.json | 474 +++++++++++------- packages/apps/foundationdb/values.yaml | 95 ++-- 4 files changed, 404 insertions(+), 232 deletions(-) diff --git a/packages/apps/foundationdb/README.md b/packages/apps/foundationdb/README.md index b5245013..a6c4c688 100644 --- a/packages/apps/foundationdb/README.md +++ b/packages/apps/foundationdb/README.md @@ -133,4 +133,53 @@ FoundationDB is designed for high availability: For issues related to FoundationDB itself, refer to the [FoundationDB documentation](https://apple.github.io/foundationdb/). -For Cozystack-specific issues, consult the Cozystack documentation or support channels. \ No newline at end of file +For Cozystack-specific issues, consult the Cozystack documentation or support channels. + +## Parameters + +### Common parameters + +| Name | Description | Type | Value | +| ------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | ----------- | ----------------------- | +| `replicas` | Number of FoundationDB replicas (total instances) | `int` | `3` | +| `cluster` | Cluster configuration | `object` | `{}` | +| `cluster.processCounts` | Process counts for different roles | `object` | `{}` | +| `cluster.processCounts.stateless` | Number of stateless processes (-1 for automatic) | `int` | `-1` | +| `cluster.processCounts.storage` | Number of storage processes | `int` | `3` | +| `cluster.processCounts.cluster_controller` | Number of cluster controller processes | `int` | `1` | +| `cluster.version` | Version of FoundationDB to use | `string` | `7.4.1` | +| `cluster.faultDomain` | Fault domain configuration | `object` | `{}` | +| `cluster.faultDomain.key` | Fault domain key | `string` | `foundationdb.org/none` | +| `cluster.faultDomain.valueFrom` | Fault domain value source | `string` | `$FDB_ZONE_ID` | +| `storage` | Storage configuration | `object` | `{}` | +| `storage.size` | Size of persistent volumes for each instance | `quantity` | `16Gi` | +| `storage.storageClass` | Storage class (if not set, uses cluster default) | `string` | `""` | +| `resources` | Explicit CPU and memory configuration for each FoundationDB instance. When left empty, the preset defined in `resourcesPreset` is applied. | `*object` | `{}` | +| `resources.cpu` | CPU available to each instance | `*quantity` | `null` | +| `resources.memory` | Memory (RAM) available to each instance | `*quantity` | `null` | +| `resourcesPreset` | Default sizing preset used when `resources` is omitted. Allowed values: `small`, `medium`, `large`, `xlarge`, `2xlarge`. | `string` | `medium` | +| `backup` | Backup configuration | `object` | `{}` | +| `backup.enabled` | Enable backups | `bool` | `false` | +| `backup.s3` | S3 configuration for backups | `object` | `{}` | +| `backup.s3.bucket` | S3 bucket name | `string` | `""` | +| `backup.s3.endpoint` | S3 endpoint URL | `string` | `""` | +| `backup.s3.region` | S3 region | `string` | `us-east-1` | +| `backup.s3.credentials` | S3 credentials | `object` | `{}` | +| `backup.s3.credentials.accessKeyId` | S3 access key ID | `string` | `""` | +| `backup.s3.credentials.secretAccessKey` | S3 secret access key | `string` | `""` | +| `backup.retentionPolicy` | Retention policy for backups | `string` | `7d` | +| `monitoring` | Monitoring configuration | `object` | `{}` | +| `monitoring.enabled` | Enable WorkloadMonitor integration | `bool` | `true` | + + +### FoundationDB configuration + +| Name | Description | Type | Value | +| ---------------------------- | ------------------------------------------------------------------ | ---------- | ------- | +| `customParameters` | Custom parameters to pass to FoundationDB | `[]string` | `[]` | +| `imageType` | Container image deployment type (split recommended for production) | `string` | `split` | +| `securityContext` | Security context for containers | `object` | `{}` | +| `securityContext.runAsUser` | User ID to run the container | `int` | `0` | +| `securityContext.runAsGroup` | Group ID to run the container | `int` | `0` | +| `automaticReplacements` | Enable automatic pod replacements | `bool` | `true` | + diff --git a/packages/apps/foundationdb/templates/cluster.yaml b/packages/apps/foundationdb/templates/cluster.yaml index 40038a2f..f342054d 100644 --- a/packages/apps/foundationdb/templates/cluster.yaml +++ b/packages/apps/foundationdb/templates/cluster.yaml @@ -15,13 +15,13 @@ spec: automationOptions: replacements: - enabled: {{ .Values.advanced.automaticReplacements }} + enabled: {{ .Values.automaticReplacements }} faultDomain: key: {{ .Values.cluster.faultDomain.key }} {{- if .Values.cluster.faultDomain.valueFrom }} valueFrom: {{ .Values.cluster.faultDomain.valueFrom }} {{- end }} - imageType: {{ .Values.advanced.imageType }} + imageType: {{ .Values.imageType }} labels: filterOnOwnerReference: false matchLabels: @@ -34,9 +34,9 @@ spec: processes: general: - {{- if .Values.advanced.customParameters }} + {{- if .Values.customParameters }} customParameters: - {{- range .Values.advanced.customParameters }} + {{- range .Values.customParameters }} - {{ . }} {{- end }} {{- end }} @@ -44,9 +44,9 @@ spec: spec: containers: - name: foundationdb - resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resources.preset .Values.resources $) | nindent 16 }} + resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 16 }} securityContext: - {{- toYaml .Values.advanced.securityContext | nindent 16 }} + {{- toYaml .Values.securityContext | nindent 16 }} - name: foundationdb-kubernetes-sidecar resources: limits: @@ -56,7 +56,7 @@ spec: cpu: 100m memory: 128Mi securityContext: - {{- toYaml .Values.advanced.securityContext | nindent 16 }} + {{- toYaml .Values.securityContext | nindent 16 }} initContainers: - name: foundationdb-kubernetes-init resources: @@ -67,7 +67,7 @@ spec: cpu: 100m memory: 128Mi securityContext: - {{- toYaml .Values.advanced.securityContext | nindent 16 }} + {{- toYaml .Values.securityContext | nindent 16 }} volumeClaimTemplate: spec: diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json index 039ed241..c1a3805f 100644 --- a/packages/apps/foundationdb/values.schema.json +++ b/packages/apps/foundationdb/values.schema.json @@ -1,218 +1,322 @@ { - "$schema": "http://json-schema.org/draft-07/schema#", + "title": "Chart Values", "type": "object", "properties": { - "replicas": { - "type": "integer", - "minimum": 1, - "default": 3, - "title": "Number of replicas", - "description": "Total number of FoundationDB instances" + "automaticReplacements": { + "description": "Enable automatic pod replacements", + "type": "boolean", + "default": true + }, + "backup": { + "description": "Backup configuration", + "type": "object", + "default": { + "enabled": false, + "retentionPolicy": "7d", + "s3": { + "bucket": "", + "credentials": { + "accessKeyId": "", + "secretAccessKey": "" + }, + "endpoint": "", + "region": "us-east-1" + } + }, + "required": [ + "enabled", + "retentionPolicy", + "s3" + ], + "properties": { + "enabled": { + "description": "Enable backups", + "type": "boolean", + "default": false + }, + "retentionPolicy": { + "description": "Retention policy for backups", + "type": "string", + "default": "7d" + }, + "s3": { + "description": "S3 configuration for backups", + "type": "object", + "default": { + "bucket": "", + "credentials": { + "accessKeyId": "", + "secretAccessKey": "" + }, + "endpoint": "", + "region": "us-east-1" + }, + "required": [ + "bucket", + "credentials", + "endpoint", + "region" + ], + "properties": { + "bucket": { + "description": "S3 bucket name", + "type": "string" + }, + "credentials": { + "description": "S3 credentials", + "type": "object", + "default": { + "accessKeyId": "", + "secretAccessKey": "" + }, + "required": [ + "accessKeyId", + "secretAccessKey" + ], + "properties": { + "accessKeyId": { + "description": "S3 access key ID", + "type": "string" + }, + "secretAccessKey": { + "description": "S3 secret access key", + "type": "string" + } + } + }, + "endpoint": { + "description": "S3 endpoint URL", + "type": "string" + }, + "region": { + "description": "S3 region", + "type": "string", + "default": "us-east-1" + } + } + } + } }, "cluster": { + "description": "Cluster configuration", "type": "object", - "title": "Cluster Configuration", - "properties": { + "default": { + "faultDomain": { + "key": "foundationdb.org/none", + "valueFrom": "$FDB_ZONE_ID" + }, "processCounts": { + "cluster_controller": 1, + "stateless": -1, + "storage": 3 + }, + "version": "7.4.1" + }, + "required": [ + "faultDomain", + "processCounts", + "version" + ], + "properties": { + "faultDomain": { + "description": "Fault domain configuration", "type": "object", - "title": "Process Counts", + "default": { + "key": "foundationdb.org/none", + "valueFrom": "$FDB_ZONE_ID" + }, + "required": [ + "key", + "valueFrom" + ], "properties": { - "stateless": { + "key": { + "description": "Fault domain key", + "type": "string", + "default": "foundationdb.org/none" + }, + "valueFrom": { + "description": "Fault domain value source", + "type": "string", + "default": "$FDB_ZONE_ID" + } + } + }, + "processCounts": { + "description": "Process counts for different roles", + "type": "object", + "default": { + "cluster_controller": 1, + "stateless": -1, + "storage": 3 + }, + "required": [ + "cluster_controller", + "stateless", + "storage" + ], + "properties": { + "cluster_controller": { + "description": "Number of cluster controller processes", "type": "integer", - "default": -1, - "title": "Stateless processes", - "description": "Number of stateless processes (-1 for automatic)" + "default": 1 + }, + "stateless": { + "description": "Number of stateless processes (-1 for automatic)", + "type": "integer", + "default": -1 }, "storage": { + "description": "Number of storage processes", "type": "integer", - "minimum": 1, - "default": 3, - "title": "Storage processes", - "description": "Number of storage processes" - }, - "cluster_controller": { - "type": "integer", - "minimum": 1, - "default": 1, - "title": "Cluster controllers", - "description": "Number of cluster controller processes" + "default": 3 } } }, "version": { + "description": "Version of FoundationDB to use", "type": "string", - "default": "7.4.1", - "title": "FoundationDB Version", - "description": "Version of FoundationDB to deploy" - }, - "faultDomain": { - "type": "object", - "title": "Fault Domain", - "properties": { - "key": { - "type": "string", - "default": "foundationdb.org/none", - "title": "Fault domain key" + "default": "7.4.1" + } + } + }, + "customParameters": { + "description": "Custom parameters to pass to FoundationDB", + "type": "array", + "default": [], + "items": { + "type": "string" + } + }, + "imageType": { + "description": "Container image deployment type (split recommended for production)", + "type": "string", + "default": "split", + "enum": [ + "unified", + "split" + ] + }, + "monitoring": { + "description": "Monitoring configuration", + "type": "object", + "default": { + "enabled": true + }, + "required": [ + "enabled" + ], + "properties": { + "enabled": { + "description": "Enable WorkloadMonitor integration", + "type": "boolean", + "default": true + } + } + }, + "replicas": { + "description": "Number of FoundationDB replicas (total instances)", + "type": "integer", + "default": 3 + }, + "resources": { + "description": "Explicit CPU and memory configuration for each FoundationDB instance. When left empty, the preset defined in `resourcesPreset` is applied.", + "type": "object", + "default": {}, + "properties": { + "cpu": { + "description": "CPU available to each instance", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "anyOf": [ + { + "type": "integer" }, - "valueFrom": { - "type": "string", - "default": "$FDB_ZONE_ID", - "title": "Fault domain value source" + { + "type": "string" } - } + ], + "x-kubernetes-int-or-string": true + }, + "memory": { + "description": "Memory (RAM) available to each instance", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + } + }, + "resourcesPreset": { + "description": "Default sizing preset used when `resources` is omitted. Allowed values: `small`, `medium`, `large`, `xlarge`, `2xlarge`.", + "type": "string", + "default": "medium", + "enum": [ + "small", + "medium", + "large", + "xlarge", + "2xlarge" + ] + }, + "securityContext": { + "description": "Security context for containers", + "type": "object", + "default": { + "runAsGroup": 0, + "runAsUser": 0 + }, + "required": [ + "runAsGroup", + "runAsUser" + ], + "properties": { + "runAsGroup": { + "description": "Group ID to run the container", + "type": "integer", + "default": 0 + }, + "runAsUser": { + "description": "User ID to run the container", + "type": "integer", + "default": 0 } } }, "storage": { + "description": "Storage configuration", "type": "object", - "title": "Storage Configuration", + "default": { + "size": "16Gi", + "storageClass": "" + }, + "required": [ + "size", + "storageClass" + ], "properties": { "size": { - "type": "string", + "description": "Size of persistent volumes for each instance", "default": "16Gi", - "title": "Storage size", - "description": "Size of persistent volumes for each instance" + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true }, "storageClass": { - "type": "string", - "title": "Storage class", - "description": "Kubernetes storage class to use (optional)" - } - } - }, - "resources": { - "type": "object", - "title": "Resource Configuration", - "properties": { - "preset": { - "type": "string", - "enum": ["small", "medium", "large", "xlarge"], - "default": "medium", - "title": "Resource preset", - "description": "Predefined resource configuration" - }, - "limits": { - "type": "object", - "title": "Resource limits", - "properties": { - "cpu": {"type": "string"}, - "memory": {"type": "string"} - } - }, - "requests": { - "type": "object", - "title": "Resource requests", - "properties": { - "cpu": {"type": "string"}, - "memory": {"type": "string"} - } - } - } - }, - "backup": { - "type": "object", - "title": "Backup Configuration", - "properties": { - "enabled": { - "type": "boolean", - "default": false, - "title": "Enable backups", - "description": "Enable automatic backups to S3" - }, - "s3": { - "type": "object", - "title": "S3 Configuration", - "properties": { - "bucket": { - "type": "string", - "title": "S3 bucket name" - }, - "endpoint": { - "type": "string", - "title": "S3 endpoint URL" - }, - "region": { - "type": "string", - "default": "us-east-1", - "title": "S3 region" - }, - "credentials": { - "type": "object", - "title": "S3 credentials", - "properties": { - "accessKeyId": { - "type": "string", - "title": "Access key ID" - }, - "secretAccessKey": { - "type": "string", - "title": "Secret access key" - } - } - } - } - }, - "retentionPolicy": { - "type": "string", - "default": "7d", - "title": "Retention policy", - "description": "How long to keep backups" - } - } - }, - "monitoring": { - "type": "object", - "title": "Monitoring", - "properties": { - "enabled": { - "type": "boolean", - "default": true, - "title": "Enable monitoring", - "description": "Enable WorkloadMonitor integration" - } - } - }, - "advanced": { - "type": "object", - "title": "Advanced Configuration", - "properties": { - "customParameters": { - "type": "array", - "title": "Custom parameters", - "description": "Custom FoundationDB parameters", - "items": { - "type": "string" - } - }, - "imageType": { - "type": "string", - "enum": ["unified", "split"], - "default": "split", - "title": "Image type", - "description": "Container image deployment type" - }, - "automaticReplacements": { - "type": "boolean", - "default": true, - "title": "Automatic replacements", - "description": "Enable automatic pod replacements" - }, - "securityContext": { - "type": "object", - "title": "Security context", - "description": "Security context for containers", - "properties": { - "runAsUser": { - "type": "integer", - "title": "Run as user", - "description": "User ID to run the container" - }, - "runAsGroup": { - "type": "integer", - "title": "Run as group", - "description": "Group ID to run the container" - } - } + "description": "Storage class (if not set, uses cluster default)", + "type": "string" } } } diff --git a/packages/apps/foundationdb/values.yaml b/packages/apps/foundationdb/values.yaml index 1db095fd..194c69e5 100644 --- a/packages/apps/foundationdb/values.yaml +++ b/packages/apps/foundationdb/values.yaml @@ -2,44 +2,61 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -# Number of replicas (total instances) +## @section Common parameters +## +## @param replicas {int} Number of FoundationDB replicas (total instances) replicas: 3 -# Cluster configuration +## @param cluster {cluster} Cluster configuration +## @field cluster.processCounts {clusterProcessCounts} Process counts for different roles +## @field clusterProcessCounts.stateless {int} Number of stateless processes (-1 for automatic) +## @field clusterProcessCounts.storage {int} Number of storage processes +## @field clusterProcessCounts.cluster_controller {int} Number of cluster controller processes +## @field cluster.version {string} Version of FoundationDB to use +## @field cluster.faultDomain {clusterFaultDomain} Fault domain configuration +## @field clusterFaultDomain.key {string} Fault domain key +## @field clusterFaultDomain.valueFrom {string} Fault domain value source cluster: - # Process counts for different roles processCounts: stateless: -1 # Automatically calculated storage: 3 # Storage processes cluster_controller: 1 - - # Version of FoundationDB to use + version: "7.4.1" - - # Fault domain configuration + faultDomain: key: "foundationdb.org/none" valueFrom: "$FDB_ZONE_ID" -# Storage configuration +## @param storage {storage} Storage configuration +## @field storage.size {quantity} Size of persistent volumes for each instance +## @field storage.storageClass {string} Storage class (if not set, uses cluster default) storage: - # Size of persistent volumes size: "16Gi" - # Storage class (if not set, uses cluster default) storageClass: "" -# Resource configuration -resources: - # Resource preset (will be used by cozy-lib) - preset: "medium" - # Custom resource overrides - limits: {} - requests: {} +## @param resources {*resources} Explicit CPU and memory configuration for each FoundationDB instance. When left empty, the preset defined in `resourcesPreset` is applied. +## @field resources.cpu {*quantity} CPU available to each instance +## @field resources.memory {*quantity} Memory (RAM) available to each instance +resources: {} + # resources: + # cpu: 2000m + # memory: 4Gi +## @param resourcesPreset {string enum:"small,medium,large,xlarge,2xlarge"} Default sizing preset used when `resources` is omitted. Allowed values: `small`, `medium`, `large`, `xlarge`, `2xlarge`. +resourcesPreset: "medium" -# Backup configuration +## @param backup {backup} Backup configuration +## @field backup.enabled {bool} Enable backups +## @field backup.s3 {backupS3} S3 configuration for backups +## @field backupS3.bucket {string} S3 bucket name +## @field backupS3.endpoint {string} S3 endpoint URL +## @field backupS3.region {string} S3 region +## @field backupS3.credentials {backupS3Credentials} S3 credentials +## @field backupS3Credentials.accessKeyId {string} S3 access key ID +## @field backupS3Credentials.secretAccessKey {string} S3 secret access key +## @field backup.retentionPolicy {string} Retention policy for backups backup: enabled: false - # S3 configuration for backups s3: bucket: "" endpoint: "" @@ -47,27 +64,29 @@ backup: credentials: accessKeyId: "" secretAccessKey: "" - # Retention policy for backups retentionPolicy: "7d" -# Monitoring +## @param monitoring {monitoring} Monitoring configuration +## @field monitoring.enabled {bool} Enable WorkloadMonitor integration monitoring: enabled: true -# Advanced configuration -advanced: - # Custom parameters to pass to FoundationDB - customParameters: [] - # Example: - # - knob_disable_posix_kernel_aio=1 - - # Image type (split recommended for production) - imageType: "split" - - # Security context for containers - securityContext: - runAsUser: 0 - runAsGroup: 0 - - # Enable automatic replacements - automaticReplacements: true \ No newline at end of file +## @section FoundationDB configuration +## +## @param customParameters {[]string} Custom parameters to pass to FoundationDB +customParameters: [] +# Example: +# - knob_disable_posix_kernel_aio=1 + +## @param imageType {string enum:"unified,split"} Container image deployment type (split recommended for production) +imageType: "split" + +## @param securityContext {securityContext} Security context for containers +## @field securityContext.runAsUser {int} User ID to run the container +## @field securityContext.runAsGroup {int} Group ID to run the container +securityContext: + runAsUser: 0 + runAsGroup: 0 + +## @param automaticReplacements {bool} Enable automatic pod replacements +automaticReplacements: true \ No newline at end of file From 7e622181ed6dcb2cf9ac8956b66873d7d37b02ea Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Sun, 14 Sep 2025 03:05:03 -0500 Subject: [PATCH 05/12] Add FoundationDB operator to the bundles Signed-off-by: Isaiah Olson --- packages/core/platform/bundles/distro-full.yaml | 7 +++++++ packages/core/platform/bundles/distro-hosted.yaml | 7 +++++++ packages/core/platform/bundles/paas-full.yaml | 6 ++++++ packages/core/platform/bundles/paas-hosted.yaml | 6 ++++++ 4 files changed, 26 insertions(+) diff --git a/packages/core/platform/bundles/distro-full.yaml b/packages/core/platform/bundles/distro-full.yaml index fbcf2ba9..1b7366be 100644 --- a/packages/core/platform/bundles/distro-full.yaml +++ b/packages/core/platform/bundles/distro-full.yaml @@ -155,6 +155,13 @@ releases: optional: true dependsOn: [cilium,victoria-metrics-operator] +- name: foundationdb-operator + releaseName: foundationdb-operator + chart: cozy-foundationdb-operator + namespace: cozy-foundationdb-operator + optional: true + dependsOn: [cilium,cert-manager] + - name: rabbitmq-operator releaseName: rabbitmq-operator chart: cozy-rabbitmq-operator diff --git a/packages/core/platform/bundles/distro-hosted.yaml b/packages/core/platform/bundles/distro-hosted.yaml index c24232c6..55a8688e 100644 --- a/packages/core/platform/bundles/distro-hosted.yaml +++ b/packages/core/platform/bundles/distro-hosted.yaml @@ -116,6 +116,13 @@ releases: optional: true dependsOn: [victoria-metrics-operator] +- name: foundationdb-operator + releaseName: foundationdb-operator + chart: cozy-foundationdb-operator + namespace: cozy-foundationdb-operator + optional: true + dependsOn: [cert-manager] + - name: rabbitmq-operator releaseName: rabbitmq-operator chart: cozy-rabbitmq-operator diff --git a/packages/core/platform/bundles/paas-full.yaml b/packages/core/platform/bundles/paas-full.yaml index 6947a3a8..c2130eb5 100644 --- a/packages/core/platform/bundles/paas-full.yaml +++ b/packages/core/platform/bundles/paas-full.yaml @@ -230,6 +230,12 @@ releases: namespace: cozy-clickhouse-operator dependsOn: [cilium,kubeovn,victoria-metrics-operator] +- name: foundationdb-operator + releaseName: foundationdb-operator + chart: cozy-foundationdb-operator + namespace: cozy-foundationdb-operator + dependsOn: [cilium,kubeovn,cert-manager] + - name: rabbitmq-operator releaseName: rabbitmq-operator chart: cozy-rabbitmq-operator diff --git a/packages/core/platform/bundles/paas-hosted.yaml b/packages/core/platform/bundles/paas-hosted.yaml index 8ec250de..87a027ef 100644 --- a/packages/core/platform/bundles/paas-hosted.yaml +++ b/packages/core/platform/bundles/paas-hosted.yaml @@ -123,6 +123,12 @@ releases: namespace: cozy-clickhouse-operator dependsOn: [victoria-metrics-operator] +- name: foundationdb-operator + releaseName: foundationdb-operator + chart: cozy-foundationdb-operator + namespace: cozy-foundationdb-operator + dependsOn: [cert-manager] + - name: rabbitmq-operator releaseName: rabbitmq-operator chart: cozy-rabbitmq-operator From 5b58ec5cdd1babb182de2f489661b13ea13e207d Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Sun, 14 Sep 2025 03:15:59 -0500 Subject: [PATCH 06/12] Update FoundationDB to use latest stable version supported by the operator by default Signed-off-by: Isaiah Olson --- hack/e2e-apps/foundationdb.bats | 2 +- packages/apps/foundationdb/Chart.yaml | 2 +- packages/apps/foundationdb/README.md | 4 ++-- packages/apps/foundationdb/values.schema.json | 4 ++-- packages/apps/foundationdb/values.yaml | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/hack/e2e-apps/foundationdb.bats b/hack/e2e-apps/foundationdb.bats index e9e43cad..e39561c8 100644 --- a/hack/e2e-apps/foundationdb.bats +++ b/hack/e2e-apps/foundationdb.bats @@ -11,7 +11,7 @@ metadata: spec: replicas: 3 cluster: - version: "7.4.1" + version: "7.3.63" processCounts: storage: 3 stateless: -1 diff --git a/packages/apps/foundationdb/Chart.yaml b/packages/apps/foundationdb/Chart.yaml index d0463fdf..52fdfa11 100644 --- a/packages/apps/foundationdb/Chart.yaml +++ b/packages/apps/foundationdb/Chart.yaml @@ -22,4 +22,4 @@ version: 0.1.0 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "7.4.1" \ No newline at end of file +appVersion: "7.3.63" \ No newline at end of file diff --git a/packages/apps/foundationdb/README.md b/packages/apps/foundationdb/README.md index a6c4c688..2825fa8e 100644 --- a/packages/apps/foundationdb/README.md +++ b/packages/apps/foundationdb/README.md @@ -27,7 +27,7 @@ replicas: 3 # Cluster process configuration cluster: - version: "7.4.1" + version: "7.3.63" processCounts: storage: 3 # Storage processes stateless: -1 # Automatically calculated @@ -147,7 +147,7 @@ For Cozystack-specific issues, consult the Cozystack documentation or support ch | `cluster.processCounts.stateless` | Number of stateless processes (-1 for automatic) | `int` | `-1` | | `cluster.processCounts.storage` | Number of storage processes | `int` | `3` | | `cluster.processCounts.cluster_controller` | Number of cluster controller processes | `int` | `1` | -| `cluster.version` | Version of FoundationDB to use | `string` | `7.4.1` | +| `cluster.version` | Version of FoundationDB to use | `string` | `7.3.63` | | `cluster.faultDomain` | Fault domain configuration | `object` | `{}` | | `cluster.faultDomain.key` | Fault domain key | `string` | `foundationdb.org/none` | | `cluster.faultDomain.valueFrom` | Fault domain value source | `string` | `$FDB_ZONE_ID` | diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json index c1a3805f..b29aa2e2 100644 --- a/packages/apps/foundationdb/values.schema.json +++ b/packages/apps/foundationdb/values.schema.json @@ -110,7 +110,7 @@ "stateless": -1, "storage": 3 }, - "version": "7.4.1" + "version": "7.3.63" }, "required": [ "faultDomain", @@ -176,7 +176,7 @@ "version": { "description": "Version of FoundationDB to use", "type": "string", - "default": "7.4.1" + "default": "7.3.63" } } }, diff --git a/packages/apps/foundationdb/values.yaml b/packages/apps/foundationdb/values.yaml index 194c69e5..d68f4932 100644 --- a/packages/apps/foundationdb/values.yaml +++ b/packages/apps/foundationdb/values.yaml @@ -22,7 +22,7 @@ cluster: storage: 3 # Storage processes cluster_controller: 1 - version: "7.4.1" + version: "7.3.63" faultDomain: key: "foundationdb.org/none" From c6ec3168f7f6554555227c250b617269374f5293 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Sun, 14 Sep 2025 05:28:25 -0500 Subject: [PATCH 07/12] Fix default UID of root in FoundationDB app chart Signed-off-by: Isaiah Olson --- packages/apps/foundationdb/README.md | 66 +++++++++---------- packages/apps/foundationdb/values.schema.json | 29 ++++---- packages/apps/foundationdb/values.yaml | 9 ++- 3 files changed, 50 insertions(+), 54 deletions(-) diff --git a/packages/apps/foundationdb/README.md b/packages/apps/foundationdb/README.md index 2825fa8e..f93c8e06 100644 --- a/packages/apps/foundationdb/README.md +++ b/packages/apps/foundationdb/README.md @@ -139,37 +139,37 @@ For Cozystack-specific issues, consult the Cozystack documentation or support ch ### Common parameters -| Name | Description | Type | Value | -| ------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | ----------- | ----------------------- | -| `replicas` | Number of FoundationDB replicas (total instances) | `int` | `3` | -| `cluster` | Cluster configuration | `object` | `{}` | -| `cluster.processCounts` | Process counts for different roles | `object` | `{}` | -| `cluster.processCounts.stateless` | Number of stateless processes (-1 for automatic) | `int` | `-1` | -| `cluster.processCounts.storage` | Number of storage processes | `int` | `3` | -| `cluster.processCounts.cluster_controller` | Number of cluster controller processes | `int` | `1` | -| `cluster.version` | Version of FoundationDB to use | `string` | `7.3.63` | -| `cluster.faultDomain` | Fault domain configuration | `object` | `{}` | -| `cluster.faultDomain.key` | Fault domain key | `string` | `foundationdb.org/none` | -| `cluster.faultDomain.valueFrom` | Fault domain value source | `string` | `$FDB_ZONE_ID` | -| `storage` | Storage configuration | `object` | `{}` | -| `storage.size` | Size of persistent volumes for each instance | `quantity` | `16Gi` | -| `storage.storageClass` | Storage class (if not set, uses cluster default) | `string` | `""` | -| `resources` | Explicit CPU and memory configuration for each FoundationDB instance. When left empty, the preset defined in `resourcesPreset` is applied. | `*object` | `{}` | -| `resources.cpu` | CPU available to each instance | `*quantity` | `null` | -| `resources.memory` | Memory (RAM) available to each instance | `*quantity` | `null` | -| `resourcesPreset` | Default sizing preset used when `resources` is omitted. Allowed values: `small`, `medium`, `large`, `xlarge`, `2xlarge`. | `string` | `medium` | -| `backup` | Backup configuration | `object` | `{}` | -| `backup.enabled` | Enable backups | `bool` | `false` | -| `backup.s3` | S3 configuration for backups | `object` | `{}` | -| `backup.s3.bucket` | S3 bucket name | `string` | `""` | -| `backup.s3.endpoint` | S3 endpoint URL | `string` | `""` | -| `backup.s3.region` | S3 region | `string` | `us-east-1` | -| `backup.s3.credentials` | S3 credentials | `object` | `{}` | -| `backup.s3.credentials.accessKeyId` | S3 access key ID | `string` | `""` | -| `backup.s3.credentials.secretAccessKey` | S3 secret access key | `string` | `""` | -| `backup.retentionPolicy` | Retention policy for backups | `string` | `7d` | -| `monitoring` | Monitoring configuration | `object` | `{}` | -| `monitoring.enabled` | Enable WorkloadMonitor integration | `bool` | `true` | +| Name | Description | Type | Value | +| ------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | ----------- | ------------------------ | +| `replicas` | Number of FoundationDB replicas (total instances) | `int` | `3` | +| `cluster` | Cluster configuration | `object` | `{}` | +| `cluster.processCounts` | Process counts for different roles | `object` | `{}` | +| `cluster.processCounts.stateless` | Number of stateless processes (-1 for automatic) | `int` | `-1` | +| `cluster.processCounts.storage` | Number of storage processes | `int` | `0` | +| `cluster.processCounts.cluster_controller` | Number of cluster controller processes | `int` | `1` | +| `cluster.version` | Version of FoundationDB to use | `string` | `7.3.63` | +| `cluster.faultDomain` | Fault domain configuration | `object` | `{}` | +| `cluster.faultDomain.key` | Fault domain key | `string` | `kubernetes.io/hostname` | +| `cluster.faultDomain.valueFrom` | Fault domain value source | `string` | `spec.nodeName` | +| `storage` | Storage configuration | `object` | `{}` | +| `storage.size` | Size of persistent volumes for each instance | `quantity` | `16Gi` | +| `storage.storageClass` | Storage class (if not set, uses cluster default) | `string` | `""` | +| `resources` | Explicit CPU and memory configuration for each FoundationDB instance. When left empty, the preset defined in `resourcesPreset` is applied. | `*object` | `{}` | +| `resources.cpu` | CPU available to each instance | `*quantity` | `null` | +| `resources.memory` | Memory (RAM) available to each instance | `*quantity` | `null` | +| `resourcesPreset` | Default sizing preset used when `resources` is omitted. Allowed values: `small`, `medium`, `large`, `xlarge`, `2xlarge`. | `string` | `medium` | +| `backup` | Backup configuration | `object` | `{}` | +| `backup.enabled` | Enable backups | `bool` | `false` | +| `backup.s3` | S3 configuration for backups | `object` | `{}` | +| `backup.s3.bucket` | S3 bucket name | `string` | `""` | +| `backup.s3.endpoint` | S3 endpoint URL | `string` | `""` | +| `backup.s3.region` | S3 region | `string` | `us-east-1` | +| `backup.s3.credentials` | S3 credentials | `object` | `{}` | +| `backup.s3.credentials.accessKeyId` | S3 access key ID | `string` | `""` | +| `backup.s3.credentials.secretAccessKey` | S3 secret access key | `string` | `""` | +| `backup.retentionPolicy` | Retention policy for backups | `string` | `7d` | +| `monitoring` | Monitoring configuration | `object` | `{}` | +| `monitoring.enabled` | Enable WorkloadMonitor integration | `bool` | `true` | ### FoundationDB configuration @@ -179,7 +179,7 @@ For Cozystack-specific issues, consult the Cozystack documentation or support ch | `customParameters` | Custom parameters to pass to FoundationDB | `[]string` | `[]` | | `imageType` | Container image deployment type (split recommended for production) | `string` | `split` | | `securityContext` | Security context for containers | `object` | `{}` | -| `securityContext.runAsUser` | User ID to run the container | `int` | `0` | -| `securityContext.runAsGroup` | Group ID to run the container | `int` | `0` | +| `securityContext.runAsUser` | User ID to run the container | `int` | `4059` | +| `securityContext.runAsGroup` | Group ID to run the container | `int` | `4059` | | `automaticReplacements` | Enable automatic pod replacements | `bool` | `true` | diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json index b29aa2e2..4b4b9d58 100644 --- a/packages/apps/foundationdb/values.schema.json +++ b/packages/apps/foundationdb/values.schema.json @@ -102,13 +102,12 @@ "type": "object", "default": { "faultDomain": { - "key": "foundationdb.org/none", - "valueFrom": "$FDB_ZONE_ID" + "key": "kubernetes.io/hostname", + "valueFrom": "spec.nodeName" }, "processCounts": { "cluster_controller": 1, - "stateless": -1, - "storage": 3 + "stateless": -1 }, "version": "7.3.63" }, @@ -122,8 +121,8 @@ "description": "Fault domain configuration", "type": "object", "default": { - "key": "foundationdb.org/none", - "valueFrom": "$FDB_ZONE_ID" + "key": "kubernetes.io/hostname", + "valueFrom": "spec.nodeName" }, "required": [ "key", @@ -133,12 +132,12 @@ "key": { "description": "Fault domain key", "type": "string", - "default": "foundationdb.org/none" + "default": "kubernetes.io/hostname" }, "valueFrom": { "description": "Fault domain value source", "type": "string", - "default": "$FDB_ZONE_ID" + "default": "spec.nodeName" } } }, @@ -147,8 +146,7 @@ "type": "object", "default": { "cluster_controller": 1, - "stateless": -1, - "storage": 3 + "stateless": -1 }, "required": [ "cluster_controller", @@ -168,8 +166,7 @@ }, "storage": { "description": "Number of storage processes", - "type": "integer", - "default": 3 + "type": "integer" } } }, @@ -268,8 +265,8 @@ "description": "Security context for containers", "type": "object", "default": { - "runAsGroup": 0, - "runAsUser": 0 + "runAsGroup": 4059, + "runAsUser": 4059 }, "required": [ "runAsGroup", @@ -279,12 +276,12 @@ "runAsGroup": { "description": "Group ID to run the container", "type": "integer", - "default": 0 + "default": 4059 }, "runAsUser": { "description": "User ID to run the container", "type": "integer", - "default": 0 + "default": 4059 } } }, diff --git a/packages/apps/foundationdb/values.yaml b/packages/apps/foundationdb/values.yaml index d68f4932..55c29752 100644 --- a/packages/apps/foundationdb/values.yaml +++ b/packages/apps/foundationdb/values.yaml @@ -19,14 +19,13 @@ replicas: 3 cluster: processCounts: stateless: -1 # Automatically calculated - storage: 3 # Storage processes cluster_controller: 1 version: "7.3.63" faultDomain: - key: "foundationdb.org/none" - valueFrom: "$FDB_ZONE_ID" + key: "kubernetes.io/hostname" + valueFrom: "spec.nodeName" ## @param storage {storage} Storage configuration ## @field storage.size {quantity} Size of persistent volumes for each instance @@ -85,8 +84,8 @@ imageType: "split" ## @field securityContext.runAsUser {int} User ID to run the container ## @field securityContext.runAsGroup {int} Group ID to run the container securityContext: - runAsUser: 0 - runAsGroup: 0 + runAsUser: 4059 + runAsGroup: 4059 ## @param automaticReplacements {bool} Enable automatic pod replacements automaticReplacements: true \ No newline at end of file From a3be02132d4976ae975202b98f3bfab805921b48 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Mon, 15 Sep 2025 01:10:38 -0500 Subject: [PATCH 08/12] Update Foundation DB tests and update chart to make sure they pass Signed-off-by: Isaiah Olson --- hack/e2e-apps/foundationdb.bats | 102 +++++++++++------- .../apps/foundationdb/templates/cluster.yaml | 9 ++ .../apps/foundationdb/templates/role.yaml | 22 ++++ .../foundationdb/templates/rolebinding.yaml | 17 +++ .../templates/serviceaccount.yaml | 9 ++ 5 files changed, 123 insertions(+), 36 deletions(-) create mode 100644 packages/apps/foundationdb/templates/role.yaml create mode 100644 packages/apps/foundationdb/templates/rolebinding.yaml create mode 100644 packages/apps/foundationdb/templates/serviceaccount.yaml diff --git a/hack/e2e-apps/foundationdb.bats b/hack/e2e-apps/foundationdb.bats index e39561c8..99937a42 100644 --- a/hack/e2e-apps/foundationdb.bats +++ b/hack/e2e-apps/foundationdb.bats @@ -20,10 +20,9 @@ spec: key: "foundationdb.org/none" valueFrom: "\$FDB_ZONE_ID" storage: - size: "8Gi" + size: "1Gi" storageClass: "" - resources: - preset: "nano" + resourcesPreset: "small" backup: enabled: false s3: @@ -36,45 +35,76 @@ spec: retentionPolicy: "7d" monitoring: enabled: true - advanced: - customParameters: - - "knob_disable_posix_kernel_aio=1" - imageType: "split" - automaticReplacements: true + customParameters: + - "knob_disable_posix_kernel_aio=1" + imageType: "split" + automaticReplacements: true EOF - sleep 10 - + sleep 15 + # Wait for HelmRelease to be ready - kubectl -n tenant-test wait hr foundationdb-\$name --timeout=180s --for=condition=ready - - # Wait for FoundationDBCluster to be created - timeout 120 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org \$name; do sleep 10; done" - - # Wait for cluster to become available (this may take some time) - timeout 300 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org \$name -o jsonpath='{.status.databaseConfiguration.usable_regions}' | grep -q '1'; do sleep 15; done" - + kubectl -n tenant-test wait hr foundationdb-$name --timeout=300s --for=condition=ready + + # Wait for FoundationDBCluster to be created (name has foundationdb- prefix) + timeout 300 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name; do sleep 15; done" + + # Wait for cluster to become available (initial reconciliation takes time - allow 5 minutes) + timeout 300 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.databaseConfiguration.usable_regions}' | grep -q '1'; do sleep 30; done" + # Check that storage processes are running - timeout 180 sh -ec "until [ \$(kubectl -n tenant-test get pods -l app=\$name,foundationdb.org/fdb-process-class=storage --field-selector=status.phase=Running --no-headers | wc -l) -eq 3 ]; do sleep 10; done" - - # Check that stateless processes are running - timeout 180 sh -ec "until [ \$(kubectl -n tenant-test get pods -l app=\$name,foundationdb.org/fdb-process-class=stateless --field-selector=status.phase=Running --no-headers | wc -l) -ge 1 ]; do sleep 10; done" - + timeout 300 sh -ec "until [ \$(kubectl -n tenant-test get pods -l foundationdb.org/fdb-cluster-name=foundationdb-$name,foundationdb.org/fdb-process-class=storage --field-selector=status.phase=Running --no-headers | wc -l) -eq 3 ]; do sleep 15; done" + + # Check that log processes are running (these are the stateless processes) + timeout 300 sh -ec "until [ \$(kubectl -n tenant-test get pods -l foundationdb.org/fdb-cluster-name=foundationdb-$name,foundationdb.org/fdb-process-class=log --field-selector=status.phase=Running --no-headers | wc -l) -ge 1 ]; do sleep 15; done" + # Check that cluster controller is running - timeout 180 sh -ec "until [ \$(kubectl -n tenant-test get pods -l app=\$name,foundationdb.org/fdb-process-class=cluster_controller --field-selector=status.phase=Running --no-headers | wc -l) -eq 1 ]; do sleep 10; done" - + timeout 300 sh -ec "until [ \$(kubectl -n tenant-test get pods -l foundationdb.org/fdb-cluster-name=foundationdb-$name,foundationdb.org/fdb-process-class=cluster_controller --field-selector=status.phase=Running --no-headers | wc -l) -eq 1 ]; do sleep 15; done" + # Check WorkloadMonitor is created and configured - kubectl -n tenant-test get workloadmonitor \$name - timeout 60 sh -ec "until kubectl -n tenant-test get workloadmonitor \$name -o jsonpath='{.spec.replicas}' | grep -q '3'; do sleep 5; done" - + timeout 120 sh -ec "until kubectl -n tenant-test get workloadmonitor foundationdb-$name; do sleep 10; done" + timeout 60 sh -ec "until kubectl -n tenant-test get workloadmonitor foundationdb-$name -o jsonpath='{.spec.replicas}' | grep -q '3'; do sleep 5; done" + # Check dashboard resource map is created - kubectl -n tenant-test get configmap \$name-resourcemap - - # Verify cluster is healthy (check cluster status) - timeout 120 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org \$name -o jsonpath='{.status.health.available}' | grep -q 'true'; do sleep 10; done" - + kubectl -n tenant-test get configmap foundationdb-$name-resourcemap + + # Verify cluster is healthy (check cluster status) - allow extra time for initial setup + timeout 300 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.health.available}' | grep -q 'true'; do sleep 20; done" + + # Validate status.configured field + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.configured}' | grep -q 'true'; do sleep 10; done" + + # Validate status.connectionString field exists and contains expected format + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.connectionString}' | grep -q '@.*\.svc\.cozy\.local'; do sleep 10; done" + + # Validate comprehensive status.databaseConfiguration fields + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.databaseConfiguration.logs}' | grep -q '3'; do sleep 10; done" + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.databaseConfiguration.proxies}' | grep -q '3'; do sleep 10; done" + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.databaseConfiguration.redundancy_mode}' | grep -q 'double'; do sleep 10; done" + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.databaseConfiguration.resolvers}' | grep -q '1'; do sleep 10; done" + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.databaseConfiguration.storage_engine}' | grep -q 'ssd-2'; do sleep 10; done" + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.databaseConfiguration.usable_regions}' | grep -q '1'; do sleep 10; done" + + # Validate status.desiredProcessGroups field + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.desiredProcessGroups}' | grep -q '^[0-9][0-9]*$'; do sleep 10; done" + + # Validate status.generations.reconciled field + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.generations.reconciled}' | grep -q '^[0-9][0-9]*$'; do sleep 10; done" + + # Validate status.hasListenIPsForAllPods field + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.hasListenIPsForAllPods}' | grep -q 'true'; do sleep 10; done" + + # Validate comprehensive status.health fields + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.health.fullReplication}' | grep -q 'true'; do sleep 10; done" + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.status.health.healthy}' | grep -q 'true'; do sleep 10; done" + + # Verify security context is applied correctly (non-root user) + storage_pod=$(kubectl -n tenant-test get pods -l foundationdb.org/fdb-cluster-name=foundationdb-$name,foundationdb.org/fdb-process-class=storage --no-headers | head -n1 | awk '{print $1}') + kubectl -n tenant-test get pod "$storage_pod" -o jsonpath='{.spec.containers[0].securityContext.runAsUser}' | grep -q '4059' + kubectl -n tenant-test get pod "$storage_pod" -o jsonpath='{.spec.containers[0].securityContext.runAsGroup}' | grep -q '4059' + # Clean up - kubectl -n tenant-test delete foundationdb \$name - + kubectl -n tenant-test delete foundationdb $name + # Wait for cleanup to complete - timeout 60 sh -ec "while kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org \$name 2>/dev/null; do sleep 5; done" + timeout 120 sh -ec "while kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name 2>/dev/null; do sleep 10; done" } \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/cluster.yaml b/packages/apps/foundationdb/templates/cluster.yaml index f342054d..209a78f9 100644 --- a/packages/apps/foundationdb/templates/cluster.yaml +++ b/packages/apps/foundationdb/templates/cluster.yaml @@ -1,3 +1,5 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" | default (dict "data" (dict)) }} +{{- $clusterDomain := index $cozyConfig.data "cluster-domain" | default "cozy.local" }} --- apiVersion: apps.foundationdb.org/v1beta2 kind: FoundationDBCluster @@ -41,7 +43,13 @@ spec: {{- end }} {{- end }} podTemplate: + metadata: + labels: + policy.cozystack.io/allow-to-apiserver: "true" spec: + serviceAccountName: {{ .Release.Name }}-foundationdb + securityContext: + fsGroup: {{ .Values.securityContext.runAsGroup }} containers: - name: foundationdb resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 16 }} @@ -79,6 +87,7 @@ spec: storage: {{ .Values.storage.size }} routing: + dnsDomain: {{ $clusterDomain }} defineDNSLocalityFields: true sidecarContainer: diff --git a/packages/apps/foundationdb/templates/role.yaml b/packages/apps/foundationdb/templates/role.yaml new file mode 100644 index 00000000..a391a084 --- /dev/null +++ b/packages/apps/foundationdb/templates/role.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ .Release.Name }}-foundationdb + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - create + - update + - patch + - delete \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/rolebinding.yaml b/packages/apps/foundationdb/templates/rolebinding.yaml new file mode 100644 index 00000000..45b3e123 --- /dev/null +++ b/packages/apps/foundationdb/templates/rolebinding.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ .Release.Name }}-foundationdb + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ .Release.Name }}-foundationdb +subjects: +- kind: ServiceAccount + name: {{ .Release.Name }}-foundationdb + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/serviceaccount.yaml b/packages/apps/foundationdb/templates/serviceaccount.yaml new file mode 100644 index 00000000..b53143de --- /dev/null +++ b/packages/apps/foundationdb/templates/serviceaccount.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Release.Name }}-foundationdb + labels: + app.kubernetes.io/name: foundationdb + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} \ No newline at end of file From 1a4e979e63dab87a62f18ff18f68627b43863796 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Mon, 15 Sep 2025 01:16:11 -0500 Subject: [PATCH 09/12] Fix value for image type to reflect the deprecated status of the split images and use unified by default Signed-off-by: Isaiah Olson --- packages/apps/foundationdb/README.md | 16 ++++++++-------- packages/apps/foundationdb/values.schema.json | 4 ++-- packages/apps/foundationdb/values.yaml | 4 ++-- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/packages/apps/foundationdb/README.md b/packages/apps/foundationdb/README.md index f93c8e06..4790e054 100644 --- a/packages/apps/foundationdb/README.md +++ b/packages/apps/foundationdb/README.md @@ -174,12 +174,12 @@ For Cozystack-specific issues, consult the Cozystack documentation or support ch ### FoundationDB configuration -| Name | Description | Type | Value | -| ---------------------------- | ------------------------------------------------------------------ | ---------- | ------- | -| `customParameters` | Custom parameters to pass to FoundationDB | `[]string` | `[]` | -| `imageType` | Container image deployment type (split recommended for production) | `string` | `split` | -| `securityContext` | Security context for containers | `object` | `{}` | -| `securityContext.runAsUser` | User ID to run the container | `int` | `4059` | -| `securityContext.runAsGroup` | Group ID to run the container | `int` | `4059` | -| `automaticReplacements` | Enable automatic pod replacements | `bool` | `true` | +| Name | Description | Type | Value | +| ---------------------------- | ----------------------------------------- | ---------- | --------- | +| `customParameters` | Custom parameters to pass to FoundationDB | `[]string` | `[]` | +| `imageType` | Container image deployment type | `string` | `unified` | +| `securityContext` | Security context for containers | `object` | `{}` | +| `securityContext.runAsUser` | User ID to run the container | `int` | `4059` | +| `securityContext.runAsGroup` | Group ID to run the container | `int` | `4059` | +| `automaticReplacements` | Enable automatic pod replacements | `bool` | `true` | diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json index 4b4b9d58..c2734b69 100644 --- a/packages/apps/foundationdb/values.schema.json +++ b/packages/apps/foundationdb/values.schema.json @@ -186,9 +186,9 @@ } }, "imageType": { - "description": "Container image deployment type (split recommended for production)", + "description": "Container image deployment type", "type": "string", - "default": "split", + "default": "unified", "enum": [ "unified", "split" diff --git a/packages/apps/foundationdb/values.yaml b/packages/apps/foundationdb/values.yaml index 55c29752..4c061409 100644 --- a/packages/apps/foundationdb/values.yaml +++ b/packages/apps/foundationdb/values.yaml @@ -77,8 +77,8 @@ customParameters: [] # Example: # - knob_disable_posix_kernel_aio=1 -## @param imageType {string enum:"unified,split"} Container image deployment type (split recommended for production) -imageType: "split" +## @param imageType {string enum:"unified,split"} Container image deployment type +imageType: "unified" ## @param securityContext {securityContext} Security context for containers ## @field securityContext.runAsUser {int} User ID to run the container From 3f6888a47074ee225edd5ea7838cd8a75b76ecf1 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Mon, 15 Sep 2025 01:23:19 -0500 Subject: [PATCH 10/12] Add FoundationDB instances to dashboard Signed-off-by: Isaiah Olson --- packages/system/dashboard/values.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/packages/system/dashboard/values.yaml b/packages/system/dashboard/values.yaml index 51e29985..30398203 100644 --- a/packages/system/dashboard/values.yaml +++ b/packages/system/dashboard/values.yaml @@ -237,6 +237,20 @@ kubeapps: kind: HelmRepository name: cozystack-apps namespace: cozy-public + - application: + kind: FoundationDB + singular: foundationdb + plural: foundationdbs + release: + prefix: foundationdb- + labels: + cozystack.io/ui: "true" + chart: + name: foundationdb + sourceRef: + kind: HelmRepository + name: cozystack-apps + namespace: cozy-public - application: kind: FerretDB singular: ferretdb From 27b06f4fbdecf97863bb34637800fd984bde5090 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Mon, 15 Sep 2025 01:36:55 -0500 Subject: [PATCH 11/12] Update FoundationDB values to properly set cluster size Signed-off-by: Isaiah Olson --- packages/apps/foundationdb/README.md | 49 ++++++++++--------- packages/apps/foundationdb/values.schema.json | 16 +++--- packages/apps/foundationdb/values.yaml | 6 +-- 3 files changed, 34 insertions(+), 37 deletions(-) diff --git a/packages/apps/foundationdb/README.md b/packages/apps/foundationdb/README.md index 4790e054..6b0cb2bc 100644 --- a/packages/apps/foundationdb/README.md +++ b/packages/apps/foundationdb/README.md @@ -22,16 +22,16 @@ This package provides a managed FoundationDB cluster deployment using the Founda ### Basic Configuration ```yaml -# Number of total instances -replicas: 3 - # Cluster process configuration cluster: version: "7.3.63" processCounts: - storage: 3 # Storage processes + storage: 3 # Number of storage processes (determines cluster size) stateless: -1 # Automatically calculated cluster_controller: 1 + faultDomain: + key: "kubernetes.io/hostname" + valueFrom: "spec.nodeName" ``` ### Storage @@ -45,15 +45,13 @@ storage: ### Resources ```yaml +# Use preset sizing +resourcesPreset: "medium" # small, medium, large, xlarge, 2xlarge + +# Or custom resource configuration resources: - preset: "medium" # small, medium, large, xlarge - # Custom overrides - limits: - cpu: "2000m" - memory: "4Gi" - requests: - cpu: "1000m" - memory: "2Gi" + cpu: "2000m" + memory: "4Gi" ``` ### Backup (Optional) @@ -74,16 +72,20 @@ backup: ### Advanced Configuration ```yaml -advanced: - # Custom FoundationDB parameters - customParameters: - - "knob_disable_posix_kernel_aio=1" - - # Image type (split recommended for production) - imageType: "split" - - # Enable automatic pod replacements - automaticReplacements: true +# Custom FoundationDB parameters +customParameters: + - "knob_disable_posix_kernel_aio=1" + +# Image type (unified is default and recommended for new deployments) +imageType: "unified" + +# Enable automatic pod replacements +automaticReplacements: true + +# Security context configuration +securityContext: + runAsUser: 4059 + runAsGroup: 4059 ``` ## Prerequisites @@ -141,11 +143,10 @@ For Cozystack-specific issues, consult the Cozystack documentation or support ch | Name | Description | Type | Value | | ------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | ----------- | ------------------------ | -| `replicas` | Number of FoundationDB replicas (total instances) | `int` | `3` | | `cluster` | Cluster configuration | `object` | `{}` | | `cluster.processCounts` | Process counts for different roles | `object` | `{}` | | `cluster.processCounts.stateless` | Number of stateless processes (-1 for automatic) | `int` | `-1` | -| `cluster.processCounts.storage` | Number of storage processes | `int` | `0` | +| `cluster.processCounts.storage` | Number of storage processes (determines cluster size) | `int` | `3` | | `cluster.processCounts.cluster_controller` | Number of cluster controller processes | `int` | `1` | | `cluster.version` | Version of FoundationDB to use | `string` | `7.3.63` | | `cluster.faultDomain` | Fault domain configuration | `object` | `{}` | diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json index c2734b69..c1395a6a 100644 --- a/packages/apps/foundationdb/values.schema.json +++ b/packages/apps/foundationdb/values.schema.json @@ -107,7 +107,8 @@ }, "processCounts": { "cluster_controller": 1, - "stateless": -1 + "stateless": -1, + "storage": 3 }, "version": "7.3.63" }, @@ -146,7 +147,8 @@ "type": "object", "default": { "cluster_controller": 1, - "stateless": -1 + "stateless": -1, + "storage": 3 }, "required": [ "cluster_controller", @@ -165,8 +167,9 @@ "default": -1 }, "storage": { - "description": "Number of storage processes", - "type": "integer" + "description": "Number of storage processes (determines cluster size)", + "type": "integer", + "default": 3 } } }, @@ -211,11 +214,6 @@ } } }, - "replicas": { - "description": "Number of FoundationDB replicas (total instances)", - "type": "integer", - "default": 3 - }, "resources": { "description": "Explicit CPU and memory configuration for each FoundationDB instance. When left empty, the preset defined in `resourcesPreset` is applied.", "type": "object", diff --git a/packages/apps/foundationdb/values.yaml b/packages/apps/foundationdb/values.yaml index 4c061409..4c5ccfbd 100644 --- a/packages/apps/foundationdb/values.yaml +++ b/packages/apps/foundationdb/values.yaml @@ -4,13 +4,10 @@ ## @section Common parameters ## -## @param replicas {int} Number of FoundationDB replicas (total instances) -replicas: 3 - ## @param cluster {cluster} Cluster configuration ## @field cluster.processCounts {clusterProcessCounts} Process counts for different roles ## @field clusterProcessCounts.stateless {int} Number of stateless processes (-1 for automatic) -## @field clusterProcessCounts.storage {int} Number of storage processes +## @field clusterProcessCounts.storage {int} Number of storage processes (determines cluster size) ## @field clusterProcessCounts.cluster_controller {int} Number of cluster controller processes ## @field cluster.version {string} Version of FoundationDB to use ## @field cluster.faultDomain {clusterFaultDomain} Fault domain configuration @@ -19,6 +16,7 @@ replicas: 3 cluster: processCounts: stateless: -1 # Automatically calculated + storage: 3 # Number of storage processes (determines cluster size) cluster_controller: 1 version: "7.3.63" From edc12e3f7e816d0483787761f1cb5f3b5e325a24 Mon Sep 17 00:00:00 2001 From: Isaiah Olson Date: Mon, 15 Sep 2025 02:27:56 -0500 Subject: [PATCH 12/12] Add FoundationDB configuration values for storage engine and redundancy mode, update tests, and fix workload monitor Signed-off-by: Isaiah Olson --- hack/e2e-apps/foundationdb.bats | 23 ++++++++++++++----- packages/apps/foundationdb/README.md | 9 ++++++++ .../foundationdb/templates/_resources.tpl | 16 ++++++++++++- .../apps/foundationdb/templates/cluster.yaml | 23 +++++++++++-------- .../templates/workloadmonitor.yaml | 8 +++---- packages/apps/foundationdb/values.schema.json | 14 +++++++++++ packages/apps/foundationdb/values.yaml | 4 ++++ 7 files changed, 76 insertions(+), 21 deletions(-) diff --git a/hack/e2e-apps/foundationdb.bats b/hack/e2e-apps/foundationdb.bats index 99937a42..4c8d1b53 100644 --- a/hack/e2e-apps/foundationdb.bats +++ b/hack/e2e-apps/foundationdb.bats @@ -9,13 +9,14 @@ metadata: name: $name namespace: tenant-test spec: - replicas: 3 cluster: version: "7.3.63" processCounts: storage: 3 stateless: -1 cluster_controller: 1 + redundancyMode: "double" + storageEngine: "ssd-2" faultDomain: key: "foundationdb.org/none" valueFrom: "\$FDB_ZONE_ID" @@ -26,18 +27,18 @@ spec: backup: enabled: false s3: - bucket: "s3.example.org/fdb-backups" + bucket: "" endpoint: "" - region: "us-east-1" + region: "" credentials: - accessKeyId: "oobaiRus9pah8PhohL1ThaeTa4UVa7gu" - secretAccessKey: "ju3eum4dekeich9ahM1te8waeGai0oog" + accessKeyId: "" + secretAccessKey: "" retentionPolicy: "7d" monitoring: enabled: true customParameters: - "knob_disable_posix_kernel_aio=1" - imageType: "split" + imageType: "unified" automaticReplacements: true EOF sleep 15 @@ -102,6 +103,16 @@ EOF kubectl -n tenant-test get pod "$storage_pod" -o jsonpath='{.spec.containers[0].securityContext.runAsUser}' | grep -q '4059' kubectl -n tenant-test get pod "$storage_pod" -o jsonpath='{.spec.containers[0].securityContext.runAsGroup}' | grep -q '4059' + # Verify volumeClaimTemplate is properly configured in FoundationDBCluster CRD + timeout 60 sh -ec "until kubectl -n tenant-test get foundationdbclusters.apps.foundationdb.org foundationdb-$name -o jsonpath='{.spec.processes.general.volumeClaimTemplate.spec.resources.requests.storage}' | grep -q '1Gi'; do sleep 10; done" + + # Verify PVCs are created with correct storage size (1Gi as specified in test) + timeout 120 sh -ec "until [ \$(kubectl -n tenant-test get pvc -l foundationdb.org/fdb-cluster-name=foundationdb-$name --no-headers | wc -l) -ge 3 ]; do sleep 10; done" + kubectl -n tenant-test get pvc -l foundationdb.org/fdb-cluster-name=foundationdb-$name -o jsonpath='{.items[*].spec.resources.requests.storage}' | grep -q '1Gi' + + # Verify actual PVC storage capacity matches requested size + kubectl -n tenant-test get pvc -l foundationdb.org/fdb-cluster-name=foundationdb-$name -o jsonpath='{.items[*].status.capacity.storage}' | grep -q '1Gi' + # Clean up kubectl -n tenant-test delete foundationdb $name diff --git a/packages/apps/foundationdb/README.md b/packages/apps/foundationdb/README.md index 6b0cb2bc..fed4acde 100644 --- a/packages/apps/foundationdb/README.md +++ b/packages/apps/foundationdb/README.md @@ -124,6 +124,13 @@ FoundationDB is designed for high availability: - Configurable fault domains for rack/zone awareness - Transaction log redundancy +The included `WorkloadMonitor` is automatically configured based on the `cluster.redundancyMode` value. It sets the `minReplicas` property on the `WorkloadMonitor` resource to ensure the cluster's health status accurately reflects its fault tolerance level. The number of tolerated failures is as follows: +- `single`: 0 failures +- `double`: 1 failure +- `triple` and datacenter-aware modes: 2 failures + +For example, with the default configuration (`redundancyMode: double` and 3 storage pods), `minReplicas` will be set to 2. + ## Performance Considerations - Use SSD storage for better performance @@ -149,6 +156,8 @@ For Cozystack-specific issues, consult the Cozystack documentation or support ch | `cluster.processCounts.storage` | Number of storage processes (determines cluster size) | `int` | `3` | | `cluster.processCounts.cluster_controller` | Number of cluster controller processes | `int` | `1` | | `cluster.version` | Version of FoundationDB to use | `string` | `7.3.63` | +| `cluster.redundancyMode` | Database redundancy mode (single, double, triple, three_datacenter, three_datacenter_fallback) | `string` | `double` | +| `cluster.storageEngine` | Storage engine (ssd-2, ssd-redwood-v1, ssd-rocksdb-v1, memory) | `string` | `ssd-2` | | `cluster.faultDomain` | Fault domain configuration | `object` | `{}` | | `cluster.faultDomain.key` | Fault domain key | `string` | `kubernetes.io/hostname` | | `cluster.faultDomain.valueFrom` | Fault domain value source | `string` | `spec.nodeName` | diff --git a/packages/apps/foundationdb/templates/_resources.tpl b/packages/apps/foundationdb/templates/_resources.tpl index e21e34e0..c1b4915e 100644 --- a/packages/apps/foundationdb/templates/_resources.tpl +++ b/packages/apps/foundationdb/templates/_resources.tpl @@ -30,4 +30,18 @@ Chart name and version */}} {{- define "foundationdb.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} \ No newline at end of file +{{- end }} + +{{/* +Calculate minReplicas for WorkloadMonitor based on redundancyMode +*/}} +{{- define "foundationdb.minReplicas" -}} +{{- $replicas := .Values.cluster.processCounts.storage -}} +{{- if or (eq .Values.cluster.redundancyMode "triple") (eq .Values.cluster.redundancyMode "three_data_hall") (eq .Values.cluster.redundancyMode "three_datacenter") (eq .Values.cluster.redundancyMode "three_datacenter_fallback") (eq .Values.cluster.redundancyMode "three_data_hall_fallback") }} +{{- print (max 1 (sub $replicas 2)) -}} +{{- else if eq .Values.cluster.redundancyMode "double" }} +{{- print (max 1 (sub $replicas 1)) -}} +{{- else }} +{{- print $replicas -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/packages/apps/foundationdb/templates/cluster.yaml b/packages/apps/foundationdb/templates/cluster.yaml index 209a78f9..06992cb5 100644 --- a/packages/apps/foundationdb/templates/cluster.yaml +++ b/packages/apps/foundationdb/templates/cluster.yaml @@ -11,7 +11,11 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} spec: version: {{ .Values.cluster.version | quote }} - + + databaseConfiguration: + redundancy_mode: {{ .Values.cluster.redundancyMode }} + storage_engine: {{ .Values.cluster.storageEngine }} + processCounts: {{- toYaml .Values.cluster.processCounts | nindent 4 }} @@ -76,15 +80,14 @@ spec: memory: 128Mi securityContext: {{- toYaml .Values.securityContext | nindent 16 }} - - volumeClaimTemplate: - spec: - {{- if .Values.storage.storageClass }} - storageClassName: {{ .Values.storage.storageClass }} - {{- end }} - resources: - requests: - storage: {{ .Values.storage.size }} + volumeClaimTemplate: + spec: + {{- if .Values.storage.storageClass }} + storageClassName: {{ .Values.storage.storageClass }} + {{- end }} + resources: + requests: + storage: {{ .Values.storage.size }} routing: dnsDomain: {{ $clusterDomain }} diff --git a/packages/apps/foundationdb/templates/workloadmonitor.yaml b/packages/apps/foundationdb/templates/workloadmonitor.yaml index b06fe877..306797f3 100644 --- a/packages/apps/foundationdb/templates/workloadmonitor.yaml +++ b/packages/apps/foundationdb/templates/workloadmonitor.yaml @@ -9,12 +9,12 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} spec: - replicas: {{ .Values.replicas }} - minReplicas: 1 + replicas: {{ .Values.cluster.processCounts.storage }} + minReplicas: {{ include "foundationdb.minReplicas" . }} kind: foundationdb type: foundationdb selector: - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/name: foundationdb + foundationdb.org/fdb-cluster-name: {{ .Release.Name }} + foundationdb.org/fdb-process-class: storage version: {{ .Chart.Version }} {{- end }} \ No newline at end of file diff --git a/packages/apps/foundationdb/values.schema.json b/packages/apps/foundationdb/values.schema.json index c1395a6a..1b0c6577 100644 --- a/packages/apps/foundationdb/values.schema.json +++ b/packages/apps/foundationdb/values.schema.json @@ -110,11 +110,15 @@ "stateless": -1, "storage": 3 }, + "redundancyMode": "double", + "storageEngine": "ssd-2", "version": "7.3.63" }, "required": [ "faultDomain", "processCounts", + "redundancyMode", + "storageEngine", "version" ], "properties": { @@ -173,6 +177,16 @@ } } }, + "redundancyMode": { + "description": "Database redundancy mode (single, double, triple, three_datacenter, three_datacenter_fallback)", + "type": "string", + "default": "double" + }, + "storageEngine": { + "description": "Storage engine (ssd-2, ssd-redwood-v1, ssd-rocksdb-v1, memory)", + "type": "string", + "default": "ssd-2" + }, "version": { "description": "Version of FoundationDB to use", "type": "string", diff --git a/packages/apps/foundationdb/values.yaml b/packages/apps/foundationdb/values.yaml index 4c5ccfbd..902f986a 100644 --- a/packages/apps/foundationdb/values.yaml +++ b/packages/apps/foundationdb/values.yaml @@ -10,6 +10,8 @@ ## @field clusterProcessCounts.storage {int} Number of storage processes (determines cluster size) ## @field clusterProcessCounts.cluster_controller {int} Number of cluster controller processes ## @field cluster.version {string} Version of FoundationDB to use +## @field cluster.redundancyMode {string} Database redundancy mode (single, double, triple, three_datacenter, three_datacenter_fallback) +## @field cluster.storageEngine {string} Storage engine (ssd-2, ssd-redwood-v1, ssd-rocksdb-v1, memory) ## @field cluster.faultDomain {clusterFaultDomain} Fault domain configuration ## @field clusterFaultDomain.key {string} Fault domain key ## @field clusterFaultDomain.valueFrom {string} Fault domain value source @@ -20,6 +22,8 @@ cluster: cluster_controller: 1 version: "7.3.63" + redundancyMode: "double" # Database redundancy mode + storageEngine: "ssd-2" # Storage engine faultDomain: key: "kubernetes.io/hostname"